download latest version of putty
onces you connected to ssh try open php admin with the below URL
http://127.0.0.1:8888/phpmyadmin.
To check default sql password
User name :- root
#sudo cat bitnami_application_password
Thanks
Error :
Failed to connect to mysql at server ip with user root access denied for user ‘root’@’localhost'(using password:YES)
Solution
1. Open and edit /etc/my.cnf or /etc/mysql/my.cnf, depending on your distribution.
2. Add skip-grant-tables under [mysqld]
3. Restart MySQL
4. You should be able to log in to MySQL now using the below command mysql -u root -p
5. Run mysql> flush privileges;
6. Set new password by ALTER USER ‘root’@’localhost’ IDENTIFIED BY ‘NewPassword’; (here don’t log from the same screen open another ssh session for the same server and remove the key skip-grant-tables and stop and start the mysql but don’t exiting for another where you are already in the mql)
7. Go back to /etc/my.cnf and remove/comment skip-grant-tables
8. Restart MySQL
9. Now you will be able to login with the new password mysql -u root -p
Here might still you face error , if yes follows
Run the from the sql screen where you already in
SELECT user,authentication_string,plugin,host FROM mysql.user;
Output
+——————+——————————————-+———————–+———–+|user|authentication_string |plugin |host |+——————+——————————————-+———————–+———–+|root ||auth_socket |localhost ||mysql.session |*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |mysql_native_password |localhost ||mysql.sys |*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |mysql_native_password |localhost ||debian-sys-maint |*CC744277A401A7D25BE1CA89AFF17BF607F876FF |mysql_native_password |localhost |+——————+——————————————-+———————–+———–+4rowsinset(0.00sec)
In this example, you can see that the root user does in fact authenticate using the auth_socket plugin. To configure the root account to authenticate with a password, run the following ALTER USER command. Be sure to change password to a strong password of your choosing, and note that this command will change the root password you set in Step 2:
ALTER USER ‘root’@’localhost’ IDENTIFIED WITH mysql_native_password BY ‘password’;
Then, run FLUSH PRIVILEGES which tells the server to reload the grant tables and put your new changes into effect:
FLUSH PRIVILEGES;
Check the authentication methods employed by each of your users again to confirm that root no longer authenticates using the auth_socket plugin:
SELECT user,authentication_string,plugin,host FROM mysql.user;
Output
+——————+——————————————-+———————–+———–+|user|authentication_string |plugin |host |+——————+——————————————-+———————–+———–+|root |*3636DACC8616D997782ADD0839F92C1571D6D78F |mysql_native_password |localhost ||mysql.session |*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |mysql_native_password |localhost ||mysql.sys |*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |mysql_native_password |localhost ||debian-sys-maint |*CC744277A401A7D25BE1CA89AFF17BF607F876FF |mysql_native_password |localhost |+——————+——————————————-+———————–+———–+4rowsinset(0.00sec)
You can see in this example output that the root MySQL user now authenticates using a password. Once you confirm this on your own server, you can exit the MySQL shell:
exit
NOW open another screen and test your solution
mysql>CREATEUSER’root’@’%’IDENTIFIED BY’PASSWORD’;
mysql>GRANTALLPRIVILEGES ON*.*TO’root’@’%’WITHGRANTOPTION;
mysql>FLUSH PRIVILEGES;
From <https://stackoverflow.com/questions/50177216/how-to-grant-all-privileges-to-root-user-in-mysql-8-0>
Source :-
https://stackoverflow.com/questions/41645309/mysql-error-access-denied-for-user-rootlocalhost
Install an RPM repository package by running the commands below:
sudo yum install https://dev.mysql.com/get/mysql80-community-release-el7-5.noarch.rpm
A new repository file has been created inside the /etc/yum.repos.d directory.
$ ls /etc/yum.repos.d
amzn2-core.repo amzn2-extras.repo mysql-community.repo mysql-community-source.repo
You can also view list of configured repositories with yum command.
$ sudo yum repolist
Once the repository has been added, install MySQL 8 server packages on Amazon Linux 2.
sudo amazon-linux-extras install epel -y
sudo yum -y install mysql-community-server
The next step is to start MySQL server services.
sudo systemctl enable –now mysqld
A superuser account ‘root’@’localhost is created with initial password set and stored in the error log file. To reveal it, use the following command:
use the following command:
$ sudo grep ‘temporary password’ /var/log/mysqld.log
Use this initial password to harden the server.
$ sudo mysql_secure_installation -p
Enter password: <INPUT-PRINTED-PASSWORD>
Set new password and set other settings to better secure access to MySQL server.
Securing the MySQL server deployment.
The existing password for the user account root has expired. Please set a new password.
New password: <SET-NEW-PASSWORD>
Re-enter new password: <CONFIRM-NEW-PASSWORD>
The ‘validate_password’ component is installed on the server.
The subsequent steps will run with the existing configuration
of the component.
Using existing password for root.
Estimated strength of the password: 100
Change the password for root ? ((Press y|Y for Yes, any other key for No) :
… skipping.
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.
Normally, root should only be allowed to connect from
‘localhost’. This ensures that someone cannot guess at
the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y
Success.
By default, MySQL comes with a database named ‘test’ that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
– Dropping test database…
Success.
– Removing privileges on test database…
Success.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.
All done!
You can update root password anytime from MySQL shell.
$ mysql -uroot -p
mysql> ALTER USER ‘root’@’localhost’ IDENTIFIED BY ‘MyNewStrongP@ssw0d!’;
The Password Policy is requires:
You have installed MySQL 8 server successfully on Amazon Linux 2 and ready to roll..
Below are other guides on Amazon Linux available in our website.
#Git clone https://URL
#Cd your directory
#Code . (to open visual studio)
#git checkout -b “Branchname” (create his branch , now you switch to the your branch)
Now its time to modfily the code After the changes run
# git add .
#git commit -m “testthebranch” (these way you commit your changes and write description)
#git push -u origin Nishantbranc (commit the changes to the main)
#git checkout main (come back to main branch)
Thanks 🙂
This article is to describe the quick steps to configure the static website on the nginx stack running on AWS EC2.
to know about nginx please visit , https://serverguy.com/comparison/apache-vs-nginx/
Select amzong linux AMI for the image
i aI am using t2.micro for testing purpose
to save my money i have selected the spot instance
you can create EC2 without the key and continue with default user id and password
you need wait for a while till your instance is full initialed
once the EC2 is ready connect using browser based ssh , you can also use tool like putty
Run the following command to install the nginx on the server
#sudo amazon-linux-extras install nginx1
to check status nginx
# systemctl status nginx.service
to enable nginx service
#systemctl enable nginx.service
to start the service
#systemctl Start nginx.service
make sure the status is running
browe the public ip address and make sure nginx welcome screen is visable
now its time to pull your code
usally default webpage is running from the following location, in these test i will use same location to replace with my sample source code (default location /usr/share/nginx/html)
first i will remove the default webpage with help of
to confirm you can try to access with the same public ip adderss and you will see that default page is not there
for testing purpose i am using Microsoft demo html page
https://github.com/microsoft/project-html-website.git
install package to run the git command on the linux
# sudo yum install git
naviate to /usr/share/nginx/html and clone the code from the git
# sudo git clone https://github.com/microsoft/project-html-website.git
after the clone, you can check # ls to make sure code is pulled well ,
# sudo mv project-html-website/* .
run above command to mv the files on the correct location
onces copy is done you can try to access new website from the public ip address
now you can point your A record to public address
THANKS
The issue is only with the software-based installation (RHEL) and the cause of the issue is multiple NIC were assigned to QRadar VMs . as part of a solution/workaround I deleted multiple NIC assigned to VMs and run the setup with the single network interface.
As per IBM support, it is okay to run QRadar with a single Network interface
Check the available package
[root@lab ~]# rpm -qa openssh*
openssh-8.0p1-3.el8.x86_64
openssh-ldap-8.0p1-3.el8.x86_64
openssh-server-8.0p1-3.el8.x86_64
openssh-clients-8.0p1-3.el8.x86_64
openssh-keycat-8.0p1-3.el8.x86_64
openssh-askpass-8.0p1-3.el8.x86_64
openssh-cavs-8.0p1-3.el8.x86_64Check the SSH Service Status
root@lab ~]# systemctl status sshd.service
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2020-10-25 10:12:37 +03; 1h 19min ago
Docs: man:sshd(8)
man:sshd_config(5)
Main PID: 7204 (sshd)
Tasks: 1 (limit: 11337)
Memory: 7.1M
CGroup: /system.slice/sshd.servnote down the port number which is currently in use , in my case its 22
root@lab ~]# netstat -lnptu | grep "ssh"
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 7204/sshd
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 6895/sshd: root@pts
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN 7216/sshd: root@pts
tcp6 0 0 :::22 :::* LISTEN 7204/sshd
tcp6 0 0 ::1:6010 :::* LISTEN 6895/sshd: root@pts
tcp6 0 0 ::1:6011 :::* LISTEN 7216/sshd: root@pts
[root@lab ~]#Check related configuration files of ssh server
[root@lab ~]# rpm -qc openssh-server-8.0p1-3.el8.x86_64
/etc/pam.d/sshd
/etc/ssh/sshd_config
/etc/sysconfig/sshd
[root@lab ~]#open the sshd file and edit the ports with requried number
[root@lab ~]# vim /etc/ssh/sshd_config
This is the sshd server system-wide configuration file. See
sshd_config(5) for more information.
This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin
The strategy used for options in the default sshd_config shipped with
OpenSSH is to specify options with their default value where
possible, but leave them commented. Uncommented options override the
default value.
If you want to change the port on a SELinux system, you have to tell
SELinux about this change.
semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
Port 22000
AddressFamily any
ListenAddress 0.0.0.0
ListenAddress ::
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
Ciphers and keying
RekeyLimit default none
System-wide Crypto policy:
This system is following system-wide crypto policy. The changes to
Ciphers, MACs, KexAlgoritms and GSSAPIKexAlgorithsm will not have any
effect here. They will be overridden by command-line options passed on
the server start up.
To opt out, uncomment a line with redefinition of CRYPTO_POLICY=
variable in /etc/sysconfig/sshd to overwrite the policy.
For more information, see manual page for update-crypto-policies(8).add ports to firewall policy and allow & reload firewall
[root@lab ~]# firewall-cmd --permanent --add-port=22000/tcp
Warning: ALREADY_ENABLED: 22000:tcp
success
[root@lab ~]# firewall-cmd --reload
success
[root@lab ~]#add new port number to selinux
[root@lab ~]# semanage port -a -t ssh_port_t -p tcp 22000
[root@lab ~]#check available port for ssh
[root@lab ~]# semanage port -l | grep "ssh"
ssh_port_t tcp 22000, 22Restart the SSHD service and check status
[root@lab ~]# systemctl restart sshd.service
[root@lab ~]# systemctl status sshd.service
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2020-10-25 11:49:16 +03; 9s ago
Docs: man:sshd(8)
man:sshd_config(5)
Main PID: 8214 (sshd)
Tasks: 1 (limit: 11337)
Memory: 1.1M
CGroup: /system.slice/sshd.servicecheck the listening port
[root@lab ~]# netstat -lnptu | grep "ssh"
tcp 0 0 0.0.0.0:22000 0.0.0.0:* LISTEN 8214/sshd
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 6895/sshd: root@pts
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN 7216/sshd: root@pts
tcp6 0 0 :::22000 :::* LISTEN 8214/sshd
tcp6 0 0 ::1:6010 :::* LISTEN 6895/sshd: root@pts
tcp6 0 0 ::1:6011 :::* LISTEN 7216/sshd: root@pts
[root@lab ~]#now open any client ssh tool and try to access server with the new ports.
thanks to visit by blogs
Linux Cockpit is UI based interface from we can easily manage the entire server such as System controls, logs, Storage, Networking, Podmon Containers, Accounts, Services, Applications, Diagnostic Reports, Kernal Dumps, SELinux, Software Updates, Subscriptions, Direct Access to Terminal window
# yum list cockpit
# yum install cockpit -y
# systemctl enable cockpit.socket
# systemctl start cockpit.socket
# systemctl status cockpit.socket
# systemctl restart cockpit.socket # if service was running
# firewall-cmd –permanent –add-service=cockpit
# firewall-cmd –reload
# firewall-cmd –list-all
cat /usr/lib/firewalld/services/cockpit.xml (to check port number )
Open Browser
Server ip address:9090
server user name and password
Docker Engine Supports CentOS 8.1 to run the container on it . Docker is available in two version which is Community (CE) and Enterprise Edition
Installtion Steps :-
Enable Docker CE Repository
Docker Package are not avilable on CentOS package Respositories , run the dnf command to enable docker CE package repository
[root@localhost admin]# dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
Install Docker CE using dnf Command
[root@localhost admin]# dnf list docker-ce
CentOS-8 – AppStream 1.1 MB/s | 6.8 MB 00:06
CentOS-8 – Base 1.2 MB/s | 6.0 MB 00:04
CentOS-8 – Extras 3.4 kB/s | 5.5 kB 00:01
Docker CE Stable – x86_64 13 kB/s | 22 kB 00:01
Available Packages
docker-ce.x86_64 3:19.03.8-3.el7 docker-ce-stable
Remove podman Manpage to avoid conflicts with file from Docker Package
[root@localhost admin]# sudo yum remove -y podman-manpages
Run DNF command to install latest version of docker
[root@localhost admin]# dnf install docker-ce --nobest -y
once the installtion is completed start and enable service
[root@localhost admin]#systemctl start docker [root@localhost admin]#systemctl enable docker
verfily and test docker CE Engine
[root@docker-ce ~]# docker run hello-world
Command Output
Unable to find image ‘hello-world:latest’ locally
latest: Pulling from library/hello-world
0e03bdcc26d7: Pull complete
Digest: sha256:8e3114318a995a1ee497790535e7b88365222a21771ae7e53687ad76563e8e76
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the “hello-world” image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
visit also
https://www.linuxtechi.com/install-docker-ce-centos-8-rhel-8/
Many Thanks for your support !
Docker installation on the Centos is very simple and quick , As part of docker installation steps on the centos you might face following error after running dnf command to install latest version of docker,
# “dnf install docker-ce –nobest -y”
Errror: Transaction check error:
file /usr/share/man/man1/docker-attach.1.gz from install of docker-ce-cli-1:19.03.8-3.el7.x86_64 conflicts with file from package podman-manpages-1.4.2-5.module_el8.1.0+237+63e26edc.noarch
file /usr/share/man/man1/docker-build.1.gz from install of docker-ce-cli-1:19.03.8-3.el7.x86_64 conflicts with file from package podman-manpages-1.4.2-5.module_el8.1.0+237+63e26edc.noarch
file /usr/share/man/man1/docker-commit.1.gz from install of docker-ce-cli-1:19.03.8-3.el7.x86_64 conflicts with file from package podman-manpages-1.4.2-5.module_el8.1.0+237+63e26edc.noarch
file /usr/share/man/man1/docker-container-prune.1.gz from install of docker-ce-cli-1:19.03.8-3.el7.x86_64 conflicts with file from package podman-manpages-1.4.2-5.module_el8.1.0+237+63e26edc.noarch
file /usr/share/man/man1/docker-container.1.gz from install of docker-ce-cli-1:19.03.8-3.el7.x86_64 conflicts with file from package podman-manpages-1.4.2-5.module_el8.1.0+237+63e26edc.noarch
So in these case podman mainpages are conflicts with the Docker ,so to fix these i just remove the manpage from podman, but keep podman. Run following command to remove podman-manpages
# sudo yum remove -y podman-manpages
Thanks
Tech Experience By NISHANT 