How to check which files are taking the most space in Google Drive

I was getting almost out of quota and had to remove many files. However, I didn’t know which files are taking the most space, as there wasn’t an obvious way to to that from the Google Drive interface! I had a LOT of files!

Just head to and you will find all the files sorted by size from largest to smallest:

Workspace 1_768



Posted in General | Tagged , , | Leave a comment

Integrating SSH PKI with Active Directory using PBIS-Open on Ubuntu 16.04

Long Article Warning! You can skip all this and go directly to the script at the end.

This resolves the dilemma of managing SSH public keys on servers that are integrated with Active Directory using PBIS-Open, it allows you to do the following:

  1. Password-less remote SSH access of users to servers, without any setup on the client side
  2. Centralized Management of the users’ SSH Public Keys on Servers through Active Directory
  3. Prevent saving of ssh public keys locally on servers
  4. Prevent unauthorized access through keys if the user’s AD account is disabled/locked/expired
  5. The user can still login to the servers using his AD account credentials as a second means of authentication, in case he hasn’t registered a public key or lost his private key


  1. PBIS-Open to be installed and server joined to the Active Directory
  2. userusedtojoinAD credentials are stored encrypted inside /etc/krb5.keytab
    sudo /opt/pbis/bin/ktutil
    add_entry -password -p userusedtojoinAD -k 1 -e aes256-cts-hmac-sha1-96
    write_kt /etc/krb5.keytab
  3. Changes to SSH Server

    The following additions and changes need to be done on the SSH server configuration file found in /etc/ssh/sshd_config:

    Attributes to be modified

    AuthorizedKeysFile /dev/null #to disable looking up the keys on the local filesystem

    Attributes to be added

    AuthorizedKeysCommand / #The file that the SSH server looks up at first to see if there are any corresponding public keys returned
    AuthorizedKeysCommandUser root #The user used by the SSH server to execute the AuthorizedKeysCommand, must be root to be able to read from the keytab file.

    Note: The SSH server needs to be restarted before the new settings take effect.

Where and how to add SSH Public Keys to AD

The user’s SSH Public key is saved in the AD attribute “altSecurityIdentities” in the form of:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCstmuV8LOtWseiMO5nlSVr8Z9RQBGtKyx80PwMFmbyIrIKOY7+CoLAdABZi+ZGds9VLtnHaDunQilbyqJAOmPj1Dt4RMLn7UXhwACiWsukG2vLaend9CDakUls4d7q4jzD0sroDwXevaRgB/wPKmOiG/dEswo/eT+e1ToJQRA96sBIuVfieeqwqVyaqMLxCsl9ufH9KDRm0+9NGQMzuY/dHUjrsTJmMXGdVSrjpnHxY/xbYdqIYtFgiJDJNJzXPFskdiaAuvFD5j+iflRNr5CBEgoaifSOiSISOLCrUbblQLSx5XcDP7HVTHZOt0Q/SnIYMQujWyoA4h+6DoMAliFD

This can be performed using the powershell or any AD management tool:

As an administrative user, run the following:

set-aduser username -Add @{ altSecurityIdentities = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCstmuV8LOtWseiMO5nlSVr8Z9RQBGtKyx80PwMFmbyIrIKOY7+CoLAdABZi+ZGds9VLtnHaDunQilbyqJAOmPj1Dt4RMLn7UXhwACiWsukG2vLaend9CDakUls4d7q4jzD0sroDwXevaRgB/wPKmOiG/dEswo/eT+e1ToJQRA96sBIuVfieeqwqVyaqMLxCsl9ufH9KDRm0+9NGQMzuY/dHUjrsTJmMXGdVSrjpnHxY/xbYdqIYtFgiJDJNJzXPFskdiaAuvFD5j+iflRNr5CBEgoaifSOiSISOLCrUbblQLSx5XcDP7HVTHZOt0Q/SnIYMQujWyoA4h+6DoMAliFD" }


The script needs to be placed on a local filesystem, we will add it as /, the owner should be root, and the permissions to be 755. The purpose of the this script is to retrieve the public key – if any – of the user trying to login. It will return either the public key or an empty result, in the latter case the user will have to authenticate with his AD credentials instead. The password is saved encrypted in /etc/krb5.keytab.

# This script is used for integrating PKI with AD

/opt/pbis/bin/kinit -k userusedtojoinAD #produce a ticket for adjoiner, whose credentials are saved encrypted inside /etc/krb5.keytab

export username=$(echo $1 | sed 's@.*\\@@') #to remove the domain name and the backslash from the username entered, i.e. mydomain\
export validornot=`/opt/pbis/bin/adtool -a search-object --filter '(&(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(sAMAccountName='$username'))' -t` #If AD account has any status that prevents user from logging in, e.g. disabled, expired, locked...etc

#validornot will be empty if the user is disabled/expired/locked, i.e. userAccountControl:1.2.840.113556.1.4.803:=2 If not, it will contain the AD user account details

if [[ ! -z "${validornot// }" ]] #if the validornot contains some data, it will remove all empty spaces as well
 echo $validornot | /opt/pbis/bin/adtool -a lookup-object --dn=- --attr=altSecurityIdentities #get the corresponding public key inside the altSecurityIdentities attribute

Hope it helps!


Sources: A LOT! Almost all of the articles from stackoverflow talking about this topic and Thanks to all who helped me

Posted in Linux | Tagged , , , , , , , , | Leave a comment

How to update davmail gateway configuration with new ssl certificate

Davmail calculates the SHA-1 hash for any exchange server that it connects to and places it in its configuration file.

When the exchange server changes the SSL certificate, you have to update it in the file, or else you will face the following exception in any client trying to connect to it:

Connect exception: User rejected certificate

To resolve this, you have to calculate the SHA-1 hash of the new certificate.

There are many ways to do this, you could either use the gnutls utility:

sudo apt install -y gnutls-bin && gnutls-cli -p 443 mail.server.url | grep SHA

You should then grab the SHA-1 fingerprint value and place it in the file (will explain that in the next step, cause it needs a small tweak).

The second way is to just use a browser like chrome, visit the url and click the secure icon next to the it, then click the certificate (whether valid or invalid) and copy the SHA-1 Fingerprint value:

Workspace 1_767

Last step would be to do the following (VERY IMPORTANT):

  1. Convert all characters to capital letters
  2. Make sure a colon and a preceding backslash are put between each pair
  3. Remove all zeros

For example:


will be converted to


Now finally copy that string and paste it inside your file in davmail.server.certificate.hash, i.e.:


Restart the davmail service, and you’re done!





Posted in Linux | Tagged , , , , | Leave a comment

7za extract file to target folder

7za x compressed_file.001 -o/scratch


x: to extract

compressed_file.001: The file which is going to be extracted

-o: specify output folder

/scratch: the output folder

That’s it, Enjoy!


Posted in Linux | Leave a comment

How to quickly divide a file into smaller segments with 7zip on RedHat

I have a very large file ~ 1.7 TB that’s causing me some issues with its transfer over NFS.

I use 7z to split it into into multiple smaller files and then transfer them:

7za -v900g -mx0 a MY_BIG_FILE_SPLITTED.7z /MY_BIG_FILE


7za: is the 7zip executable

-v900g: the size of the splitted files, here it’s 900 GB, you can alternatively use g, m, k or b

-mx0: Zero compression ratio, in other words: copy mode

a: destination file

Note: To install 7zip on RedHat, just use “yum install p7zip”




Posted in Linux | Tagged , , , , | Leave a comment

How to restart the gnome-shell if it glitches or slows down

  1. Alt+F2
  2. Type r
  3. Press Enter
  4. There you go!
Posted in Linux | Tagged , | Leave a comment

Testing the new WordPress Mobile Editor

So far so good!

Posted in Uncategorized | Leave a comment