UnixSupport.com

Sometimes you gotta grant Mysql permissions for usernames… so here’s how I do it.

$ mysql -u root -p

Enter password: [password] [ENTER]
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 14806 to server version: 4.1.11

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.

mysql> use mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
mysql> insert into db values (’IP or Hostname‘, ‘DB Name‘, ‘Username‘, ‘Y’, ‘Y’, ‘Y’, ‘Y’, ‘Y’, ‘Y’, ‘N’, ‘Y’, ‘Y’, ‘Y’);

mysql> insert into user values (’IP or hostname‘, ‘Username‘, ‘xxx’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’);

the XXX is where the password will exist.

mysql> update user set Password=password(’Password‘) where user=’Username‘;

SSH Keys are an awsome tool.. and they’ll save your fingers from typing your password 10,000 times a day. They’re also really easy to setup:

login to your main server, or home machine as the user you normally are logged in as.

username@yourserver.com [16:00:51]
[~/.ssh]: /usr/bin/ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/username/.ssh/id_dsa): [ENTER]
Enter passphrase (empty for no passphrase): [ENTER]
Enter same passphrase again: [ENTER]
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:1e:00:fb:d5:57:45:20:c3 username@yourserver.com

username@yourserver.com [16:00:59]
[~/.ssh]: cat id_dsa.pub

ssh-dss [EDITED OUT HUGE TEXT HASH ] username@yourserver.com

Copy the entire output from your server to your clipboard.

Now login to the remote server you want to be able to access without a password and:

$ vi ~/.ssh/authorized_hosts

go to the bottom of the file and insert and paste the line, then [ESC] [ESC] :wq!

and give it a test

$ ssh username@remoteserver.com

I’ve been caught too many times without good backups, so I’ve started to be a bit smarter about things… I try and automate and cron all the backups early on in a servers existance and just have one big backup drive on a server somewhere that keeps everything.

Here’s an example of this is a simple site backup script that I run.

/root/scripts/syncserver

This runs rsync updating any new files on the filesystem to our backup server. Now I just create an ssh key for root to the other machine’s username and copy the entire box over… this isn’t a PRETTY restore if I had to use it, but at least all data, config files, new files, users, etc are saved on the other machine.

Modify paths as necessary.

I run a bunch of virtual hosted sites for friends and they’re always asking me for statistics on how many people are hitting their page.

One of the simplest programs I’ve setup is awstats..

Once you’ve downloaded the program I simply run it from the crontab every 15 minutes and let it clunk away on their stats.

I’ll post a full config howto shortly.

I work in an environment with clustered computers, so one thing that we run into all the time is dealing with configuration changes across multiple webservers. One of our customers requres redirects to be configured all the time, and it was becomming mind numbing entering them onto every server.

So I did something simple, since the main web root was attached using NFS to each server (for keeping files in sync) I created a /apache directory outside of the webroot and created a file called redirects.conf in that directory.

Now for each VirtualHost I setup, I add the line

Include /path-to-website/apache

and it includes all files in that directory to the apache configuration.

You can have mod_rewrite rules, etc. And the best part is when i need to edit it, I simply change one file, and restart the servers.

Change once, restart many, thats the way to do it.

I’ve been in environments that will block ports necessary for my VPN access, so I have found this to be invaluable for accessing machines if you have a “passthru” thats on the public network… This can be modified to bypass AIM restrictions in the office place, or even just making good old localhost do something useful for you. You need a unix based machine (mac, linux, etc) in order to do so.

ssh -L LocalPort:RemoteHostname/IP:RemotePort username@PublicHostname/IP

For example:

ssh -L 5900:windowsbox.com:5900 user@passthru.com

will setup a passthru for your localhost:5900 to point to 5900 on windowsbox.com, or to the VNC port for the machine.

It’s quite useful, you can do things like port 25 to bypass mail firewall restrictions, etc.