Securely delete files/folders in Ubuntu

In brief, you should NEVER trust your HDD before handing it over to someone else!

The solution to this would be either wipe the whole HDD or at least wipe the files/folders that you need to keep out of reach.

There are two quick ways to do this on Ubuntu; shred and wipe. I prefer wipe because it can accept folders as well.

The point is to fill the place of your data with random bits multiple times, as follows:

  1. sudo apt install wipe
  2. wipe -rq folder_name

r: for recursive

q: for quick mode, with only 4 iterations of random data.

Enjoy!

Note: This process is very time-consuming, even in quick mode, depending on how large your data is, and how fast the HDD you are wiping is.

Source: https://askubuntu.com/questions/57572/how-to-delete-files-in-secure-manner

Posted in Linux, Uncategorized | Tagged , , , , , , , | Leave a comment

Add an additional physical volume to your encrypted LVM volume group

With a default Linux Mint installation, do the following after connecting the new hard disk to your computer, we will assume the new HDD is /dev/sda:

  1. sudo pvcreate /dev/sda
  2. sudo vgextend mint-vg /dev/sda
  3. sudo lvextend -l +100%FREE /dev/mint-vg/root
  4. sudo cryptsetup resize /dev/mapper/mint–vg-root
  5. Enjoy!

Source: https://blog.jamiebaldanza.org/2014/01/23/extend-encrypted-lvm-by-adding-new-physical-disk/

Posted in Linux, Uncategorized | Tagged , , , | Leave a comment

Connect to your Skype for Business Office 365 Account using Pidgin

  1. Add the following PPA: https://launchpad.net/~sipe-collab/+archive/ubuntu/ppa
  2. Install/Update pidgin and pidgin-sipe packages
  3. Create a new account with type “Office Communicator”
  4. User name should be user@domain.org
  5. Leave the “login” empty
  6. In the Advanced Tab, under server, enter sipdir.online.lync.com:443
  7. Connection Type and Authentication Scheme should be set to Auto
  8. Use the following as the User Agent: UCCAPI/15.0.4420.1017 OC/15.0.4420.1017
  9. Enjoy!!
Posted in Uncategorized, Linux | Tagged , , , | Leave a comment

How to convert your SSL certificates to be used by Tomcat instead of Apache

I have a wildcard certificate that needs to be used on multiple websites that my employer owns.

To be able to use that SSL certificate on Tomcat, it has to be used in a totally different format, that’s Java-specific.

That article has everything that you may need:

1. Get x509 certificates from Apache/Nginx

You will need three certificates Private Key certificate used for generating CSR, Signed Certificate  provided by signing authority and Intermediate or Root certificate of signing authority.

For Apache:

Check your site’s configuration for below settings:

SSLCertificateFile /etc/apache2/ssl/star_livfame_com.crt
SSLCertificateKeyFile /etc/apache2/ssl/star_livfame_com.key
SSLCertificateChainFile /etc/apache2/ssl/intermediate.crt

For Nginx:

Check your site’s configuration for below settings:

ssl_certificate /etc/nginx/ssl/star_livfame_com.crt;
ssl_trusted_certificate /etc/nginx/ssl/intermediate.crt;
ssl_certificate_key /etc/nginx/ssl/star_livfame_com.key;

2. Copy the three files which can be found in the above to one location
(Ex. /opt/tomcat/ssl).

3. Using below OpenSSL command generate pkcs12 file:

cd /opt/tomcate/ssl
openssl pkcs12 -export -in star_livfame_com.crt -inkey star_livfame_com.key -certfile intermediate.crt -out star_livfame_com.p12

Note: You will be prompted for a password to secure the certificate, please enter the password and remember the password.

4. Convert pkcs12 certificate to keystore:

You will now convert our star_livfame_com.p12 file to a keystore by performing the following command line in Tomcat using keytool:

keytool -importkeystore -srckeystore star_livfame_com.p12 -srcstoretype PKCS12 -destkeystore star_livfame_com.jks

Note: It will ask for password of the pkscs12 that we generated earlier and a new password for the keystore, remember the password that you have given for keystore you will need it in configuration.

That’s it !! Your keystore is generated and ready to be used at: /opt/tomcat/ssl/star_livfame_com.jks.

5. Test the Keystore

You can test your keystore if its generated properly with below command:

$keytool -list -v -keystore star_livfame_com.jks

Enter keystore password:

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

Alias name: 1
Creation date: 29 Apr, 2016
Entry type: PrivateKeyEntry
Certificate chain length: 2
Certificate[1]:
Owner: CN=*.livfame.com, OU=Media - Technology, O=Fame Digital Pvt. Ltd., L=Mumbai, ST=Maharashtra, C=IN
Issuer: CN=thawte SSL CA - G2, O="thawte, Inc.", C=US
.....

Source: http://www.tothenew.com/blog/convert-apache-x509-cert-ssl-certificate-to-tomcat-keystore

Posted in Linux, Uncategorized | Tagged , , , , | Leave a comment

How to share files with Samba (SMB) from Ubuntu and mount on Windows

I am using a Windows 7 VM under KVM/QEMU, and there is no direct way – as far as I know – to make a shared drive between the host and guest, like the vboxsf that exists on VirtualBox hypervisor.

The best solution I found in order to share files between the host and the guest is to use Windows Sharing, or in other words: Samba (SMB).

We will do that with Nautilus.

You should follow these steps on the host (samba server) side:

  • Install samba: “sudo apt install samba nautilus-share”
  • Right-click on the folder you want to share and choose “Local Network Share”
  • Enable, give it a name, and allow read/write if you wish to
  • Click Create Share
  • Run “sudo smbpasswd -a any_username“, you could just use the same account in linux, but take care that the SMB password set is not the same password used in your system

On the guest (Windows VM), you need to apply the following (make sure that the samba ports are open in your firewall):

  • Right-click on “Network” and choose “Map network drive”
  • Choose a drive letter
  • Add the folder in this way: \\SERVER_IP\shared_folder_name
  • It should prompt you for a username and password
  • Type as the username “COMPUTER_NAME\user_name“, where user_name is the any_username used when you ran the command smbpasswd above
  • Type the password and there you go!
  • Enjoy!

Sources:

  1. https://help.ubuntu.com/community/How%20to%20Create%20a%20Network%20Share%20Via%20Samba%20Via%20CLI%20%28Command-line%20interface/Linux%20Terminal%29%20-%20Uncomplicated%2C%20Simple%20and%20Brief%20Way%21
  2. https://help.ubuntu.com/community/Samba/SambaClientGuide
Posted in Linux, Uncategorized | Tagged , , , | Leave a comment

How to reset lost password on Ubuntu

From the official Ubuntu LostPassword documentation (with minor changes to work on more recent versions of Ubuntu)

  • Reboot your computer.
  • Hold Shift during boot to start GRUB menu.
  • Press e to edit.
  • Find the line starting with “linux” and change “ro” to  “rw” then append “init=/bin/bash” at the end of that line.
  • Press Ctrl + X to boot.
  • Type in passwd username.
  • Type the new password
  • Restart and login with the new password
  • Enjoy!

Tested on Ubuntu 16.04 Desktop, 64-bit

Posted in Linux, Uncategorized | Tagged , , | Leave a comment

How to delete all files in a folder EXCEPT certain ones in BASH

Imagine you have a folder that has about 20 files that you need and like 100 files that you don’t. In this case, there is a very simple bash script that allows you to do that in a jiffy!

Here it is:

ls | grep -v "hobba.txt\|tito.sh\|mambo.sh\|.xlsx" | xargs rm

This command does the following (in order):

  1. lists all files in the folder with “ls”
  2. grep -v means grep everything except the following
  3. The list of files – or globs – that it’s going to ignore, you have to separate each by pipe preceded with a backslash. It ignores 3 files and 1 glob:
    1. hobba.txt
    2. tito.sh
    3. mambo.sh
    4. .xlsx (means anything with extension .xlsx)
  4. Finally it deletes them one by one through the xargs rm

Enjoy!

Sources: Many which I unfortunately forgot to take note of, but they are mostly from Stackoverflow

Posted in Linux, Uncategorized | Tagged , , , | Leave a comment