System Administration tips for Ubuntu
Use dropbear to remotely unlock a fully encrypted disk via ssh
If you've enabled full disk encryption, you will need to enter a password to unlock the disk at reboot time. If you want to be able to unlock the disk remotely via ssh, here are the steps
- http://blog.netpacket.co.uk/2016/12/05/unlocking-ubuntu-server-16-encrypted-luks-using-dropbear-ssh/
- After following the above steps, I create an entry called "unlock" in my ~/.ssh/config file on my Mac laptop. So after I boot my Ubuntu 16.04 LTS Desktop VM (using the VirtualBox CLI), then I type 'ssh unlock', and type 'unlock' when presented with the busybox prompt. I am prompted to enter a password to unlock the encrypted disk. After that, the system will boot up, then I can ssh in remotely.
Host unlock
Hostname 192.168.56.101
User root
IdentityFile /Users/ksa/.ssh/id_rsa_ubuntu_unlock
StrictHostKeyChecking no
List all software repositories
You can look at the /etc/apt/sources.list file, and in the /etc/apt/sources.list.d/ directory, but here is a single command line which can list all the sources
- apt-cache policy
Use Landscape or Cockpit to centrally manage and monitor Ubuntu machines
If you have a group of 10 or fewer Ubuntu hosts you administer, you can install Landscape (on premises version) in a VM to manage those hosts for free.
In addition to Landscape (or an alternative) is Cockpit which you can use to centrally manage CentOS, RedHat, Fedora, and Ubuntu hosts:
Software update / management
Command | Path | Package Name | Purpose / Notes |
---|---|---|---|
apt update | update repository metadata | ||
apt upgrade | install all pending updates | ||
apt-cache policy | list repository sources | ||
/var/log/apt/ | log directory containing 'history.log' and 'term.log' log files | ||
dpkg-query --list | list all installed packages | ||
dpkg-query --listfiles <package-name> | list all files owned by <package-name> | ||
dpkg-query --search <filename-pattern> | find out which installed package owns a filename | ||
apt-file search <filename-pattern> | apt-file | find out which package would install <filename-pattern>. package does not need to be installed already | |
aptitude install <package-name> | aptitude | install <package-name{ tip: use tab completion for actions and package names | |
apt show <package-name> | show details about <package-name>, including repository | ||
debconf-show <package-name> | show configuration options and current values of <package-name> | ||
dpkg-reconfigure <package-name> | reconfigures packages after they have already been installed. | ||
aptitude changelog <package-name> | displays the changelog for <package-name> | ||
aptitude search <package-name-pattern> | search for packages which match <package-name-pattern> | ||
aptitude download <package-name> | downloads the .deb file for the given package to the current directory | ||
aptitude --simulate <action> | print the actions that would normally be performed, but don't actually perform them. | ||
man deb | man page describing deb package format | ||
dpkg-deb --raw-extract <package.deb> <directory> | extracts contents of <package-deb> to <directory>, including the control information files into a DEBIAN subdirectory |
Related articles
There is no content with the specified labels