You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 12 Next »

System Administration tips for Ubuntu

Use dropbear to remotely unlock a fully encrypted disk via ssh

If you've enabled full disk encryption, you will need to enter a password to unlock the disk at reboot time.  If you want to be able to unlock the disk remotely via ssh, here are the steps

  1. http://blog.netpacket.co.uk/2016/12/05/unlocking-ubuntu-server-16-encrypted-luks-using-dropbear-ssh/
  2. After following the above steps, I create an entry called "unlock" in my ~/.ssh/config file on my Mac laptop.  So after I boot my Ubuntu 16.04 LTS Desktop VM (using the VirtualBox CLI), then I type 'ssh unlock', and type 'unlock' when presented with the busybox prompt.  I am prompted to enter a password to unlock the encrypted disk.  After that, the system will boot up, then I can ssh in remotely.
    Host unlock
      Hostname 192.168.56.101
      User root
      IdentityFile /Users/ksa/.ssh/id_rsa_ubuntu_unlock
      StrictHostKeyChecking no

List all software repositories

You can look at the /etc/apt/sources.list file, and in the /etc/apt/sources.list.d/ directory, but here is a single command line which can list all the sources

  1. apt-cache policy

Use Landscape or Cockpit to centrally manage and monitor Ubuntu machines

If you have a group of 10 or fewer Ubuntu hosts you administer, you can install Landscape (on premises version) in a VM to manage those hosts for free.

  1. https://landscape.canonical.com/set-up-on-prem

In addition to Landscape (or an alternative) is Cockpit which you can use to centrally manage CentOS, RedHat, Fedora, and Ubuntu hosts:

  1. http://www.configserverfirewall.com/ubuntu-linux/install-cockpit-ubuntu-16-04/

Software update / management

CommandPathPackage NamePurpose / Notes
apt update
  update repository metadata
apt upgrade
  install all pending updates
apt-cache policy
  list repository sources
 
/var/log/apt/ log directory containing 'history.log' and 'term.log' log files
dpkg-query --list
  list all installed packages
dpkg-query --listfiles <package-name>
  list all files owned by <package-name>
dpkg-query --search <filename-pattern>
  find out which installed package owns a filename
apt-file search <filename-pattern>
 apt-filefind out which package would install <filename-pattern>.
package does not need to be installed already
aptitude install <package-name>
apt install <package-name>
apt-get install <package-name>
  aptitudeinstall <package-name{ 
tip: use tab completion for actions and package names
apt show <package-name>
aptitude show <package-name>
  show details about <package-name>, including repository
debconf-show <package-name>
  show configuration options and current values of <package-name>
dpkg-reconfigure <package-name>
  

reconfigures packages after they have already been installed.
it will ask configuration questions, much like when the package was first installed.

aptitude changelog <package-name>
  displays the changelog for <package-name> 
aptitude search <package-name-pattern>
  search for packages which match <package-name-pattern>
aptitude download <package-name>
  downloads the .deb file for the given package to the current directory
aptitude --simulate <action>
  

print the actions that would normally be performed, but don't actually perform them.
this does not require root privileges.

man deb
  man page describing deb package format
dpkg-deb --raw-extract <package.deb> <directory>
  extracts contents of <package-deb> to <directory>, including the control information files into a DEBIAN subdirectory



Content by label

There is no content with the specified labels

  • No labels