:::: MENU ::::

Posts Categorized / Linux

  • Oct 18 / 2017
  • 0

Update CA trusted root certificates on Linux server

If you’re getting many “unstrusted issuer” alerts in your app logs, it might be due to some CA trusted certificates outdated.
To fix that, just perform an update:

For Ubuntu/Debian

For CentOS/RedHat

  • Oct 04 / 2017
  • 0

Write multiple lines to file in bash (script)

If you need to push multiple lines to one file through a bash script, you can simply use that syntax:

Tip: Be aware that if you’re using indentation, last line should not be indented (this would lead you to some errors).

If you want to add line instead of overwriting file (like we did in the previous example), just replace the “>” with “>>” after cat command.

  • Sep 09 / 2017
  • 0

Find IPs connecting to a postfix server through logs

There’s no easy way to list all the IPs connecting to your postfix server for sending mail. But you can easily extract them from all your postfix logs.

For our example, we will consider the logs from postfix to be as default and located in /var/log/maillog

Here is what a postfix log look like when a connection is received:

For extracting exclusively the IPs, we will use a combination of commands:

  • grep ” connect from ” /var/log/maillog will extract every lines containing a connection attempt
  • cut -d ‘[‘ -f3 |cut -d ‘]’ -f1 will extract the IP from the line (which is contained between [] )
  • sort -u will sort the output by unique values

Here is what we will get as a result once the command is executed (nothing will appear until it finished):

You can obviously re-use this command for any log file that you want to filter out by updating the filtering.

  • Aug 02 / 2017
  • 0

Connect to serial/console terminal with MacOS using screen

It’s possible to connect to serial console with MacOS without using a specific app but only screen.

First, you need to find the correct device you will use to connect to the serial console. Depending on your installation and your adapter, you’ll can find it under different names with one these commands:

Here, we can see that our device is available on /dev/tty.usbserial

If you have any doubt with the screen command, you can check the documentation, with the specific part regarding the console connection:

For example, if you want to connect to serial port with those parameters:

  • 9600 bps
  • 8 data bits
  • flow control

You can just use this command:

Hint: Note that if you’re using a specific adapter (like an adapter DB9/RS232 to USB), you will probably need to install the driver first to get the device available.

  • Jul 22 / 2017
  • 0

Get CPU/RAM usage per process on Linux

When you’re facing performance issues, it’s always useful to check CPU/MEM usage per process to see if you have an issue with a specific process. For that, you can use ps and some sorting commands.

Tip: You can shrink the results to the first lines by using head

Memory analysis

We’re using the –sort -rss attributes to get the results sorted by RSS in the desc order (use –sort rss for the asc order)

CPU analysis

We’re using the –sort -%cpu attributes to get the results sorted by CPU in the desc order (use –sort %cpu for the asc order)


Once you got the results, it’s time for you to investigate further and analyze what’s happening with those processes! Good luck!

  • Jul 05 / 2017
  • 0

Generate self-generated SSL certificate (cert/key pair)

Here is a simple script with configuration file to generate a self-generated SSL certificate (cert/key pair).

First define a config file openssl.cnf containing the certificate informations:

Then, create the bash script makessl.sh and configure your own parameters (directories, cert filename and validity duration):

Now, execute the bash script:

Let’s check your freshly created certificate and double check the information:

Question ? Contact