Menu Close

Category: Linux – HOWTO

Tacacs for Ubuntu 20.04

TACACS for Ubuntu 20.04

Introduction

This guide will walk you through the setup of a Linux based TACACS+ Authentication Server, using Ubuntu 20.04 that authenticates against a Windows Active Directory LDAP.

This guide assumes that you are familiar with installing and configuring Ubuntu Server and can deploy or have already deployed a Windows Active Directory infrastructure.

Attachments

How to install DIG dns tool on windows 11

This guide explains how to install the dig dns tool on windows 11 in a few steps. It is just a little bit modified version of How to install DIG dns tool on windows 10 howtos.

1. First download the latest Bind9 executable for Windows. All ISC software is available at https://www.isc.org/download/. However, there is a message, that the latest win executable is 9.6.23, which we may download from the link 9.16.23.

Parrot OS v5.0 – How to manually install VirtualBox guest additions

Environment:

Variant 1 => using official online parrot repo

sudo su -

# update packages list and upgrade packages
apt update && apt upgrade -y

# install virtualbox guest additions from the Parrot repo
apt install virtualbox-guest-utils

# install the package
apt install virtualbox-guest-x11

# reboot the system
reboot

Now the resize should work.

Variant 2 => using VBox Guest addition image

Now we will install Vbox guest addition using VBox option.

Tools for a quick SIP diagnostics – ngrep, sipgrep and sngrep

Sometimes there is a need for simple and quick analysis or the troubleshooting of a SIP server and its call functions. Of course, we should use the well-known tcpdump, mentioned in the article Using tcpdump for SIP diagnostics. However, for some occasional Linux users this may be too difficult and unclear. Actually there exist some simpler utilities,, that could work fine, as ngrep, and for me newer sipgrep and sngrep (love at first sight).

All utils are directly available and can be installed online from Debian repo using apt-get install ngrep sipgrep sngrep.

Elasticsearch cluster upgrade

Elasticsearch cluster upgrade from 5.5.1 to 6.8.1

  • Author : Miroslav Kohútik
  • Operating System : Ubuntu 16.04

In this guide we will show you how to upgrade an Elasticsearch cluster located on a single machine.
As an example we will use our Elasticsearch cluster that consists of five ES nodes.

All nodes need to be stopped before upgrading

sudo systemctl stop elasticsearch_data1
sudo systemctl stop elasticsearch_data2
sudo systemctl stop elasticsearch_data3
sudo systemctl stop elasticsearch_ingest
sudo systemctl stop elasticsearch_master

Download the installation package for Elasticsearch version 6.8.1

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.8.1.deb

Install the new version

sudo dpkg -i elasticsearch-6.8.1.deb

Elasticsearch should now be successfully updated to version 6.8.1. However, we cannot start up our cluster just yet. First, we need to update the Linux services for each node since service definition in 6.x is slightly different from version 5.x.
Our Cluster’s nodes’ services are located in /usr/lib/systemd/system/

Here is an excerpt from /usr/lib/systemd/system/elasticsearch_master.service:

[Service]
Environment=ES_HOME=/usr/share/elasticsearch
Environment=CONF_DIR=/etc/master
Environment=DATA_DIR=/var/lib/elasticsearch/master
Environment=LOG_DIR=/var/log/elasticsearch/master
Environment=PID_DIR=/var/run/elasticsearch
EnvironmentFile=-/etc/default/elasticsearch

WorkingDirectory=/usr/share/elasticsearch

User=elasticsearch
Group=elasticsearch

ExecStartPre=/usr/share/elasticsearch/bin/elasticsearch-systemd-pre-exec

ExecStart=/usr/share/elasticsearch/bin/elasticsearch 
                                                -p ${PID_DIR}/elasticsearch.pid 
                                                -Edefault.path.logs=${LOG_DIR} 
                                                -Edefault.path.data=${DATA_DIR} 
                                                -Edefault.path.conf=${CONF_DIR}

Here is the same excerpt from the same service file updated for version 6.x:

[Service]
Environment=ES_HOME=/usr/share/elasticsearch
Environment=PID_DIR=/var/run/elasticsearch
EnvironmentFile=-/etc/default/elasticsearch
LimitMEMLOCK=infinity
RuntimeDirectory=elasticsearch
PrivateTmp=true
Environment=ES_PATH_CONF=/etc/master

WorkingDirectory=/usr/share/elasticsearch

User=elasticsearch
Group=elasticsearch

ExecStart=/usr/share/elasticsearch/bin/elasticsearch -p ${PID_DIR}/elasticsearch.pid --quiet

Make sure that for every single variable you have set in your elasticsearch_.service files you have also commented out its equivalent in /etc/default/elasticsearch. Otherwise, values in the latter file will override the changes you have made in the former.

Service files of the remaining nodes (in our case the following files: elasticsearch_ingest.service, elasticsearch_data1.service, elasticsearch_data2.service and elasticsearch_data3.service) need to be updated in a similar manner.

Each node’s service also requires its own elasticsearch.yaml file. This file should be located on the path set in ES_PATH_CONF in the service file as seen above (in the case of master node it is /etc/master/).
Here is an example of elasticsearch.yaml located in /etc/master/. Note the attributes node.master, node.data, and node.ingest, these need to be set in respect to the role of the node in particular and are different for nodes of other types.

# ---------------------------------- Cluster -----------------------------------
# Use a descriptive name for your cluster:
cluster.name: elastic
# ------------------------------------ Node ------------------------------------
# Use a descriptive name for the node:
node.name: master
# Add custom attributes to the node:
node.master: true
node.data: false
node.ingest: false
node.max_local_storage_nodes: 5
# ----------------------------------- Paths ------------------------------------
# Path to directory where to store the data (separate multiple locations by comma):
path.data: /data/elasticsearch/data_master
# Path to log files:
path.logs: /var/log/elasticsearch/master
# ----------------------------------- Memory -----------------------------------
# Lock the memory on startup:
bootstrap.memory_lock: true
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.

Each node also uses a distinct pair of HTTP and TCP ports specified by attributes http.port and transport.tcp.port.

# ---------------------------------- Network -----------------------------------
# Set the bind address to a specific IP (IPv4 or IPv6):
network.host: 192.168.1.1
# Set a custom port for HTTP:
http.port: 9200
transport.tcp.port: 9300

Master node needs to bo able to discover other nodes in the cluster, therefore, attribute discovery.zen.ping.unicast.hosts contains a list of IPs and transport ports of all the other nodes. On nodes other than master it will contain only the master’s IP and transport port [“192.168.1.1:9300”]:

# --------------------------------- Discovery ----------------------------------
# Pass an initial list of hosts to perform discovery when new node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
discovery.zen.ping.unicast.hosts: ["192.168.1.1:9301","192.168.1.1:9302","192.168.1.1:9303","192.168.1.1:9304"]

You should now be able to get the Elasticsearch cluster up and running:

sudo systemctl stop elasticsearch_master
sudo systemctl stop elasticsearch_ingest
sudo systemctl stop elasticsearch_data1
sudo systemctl stop elasticsearch_data2
sudo systemctl stop elasticsearch_data3