Year: 2019

Tomb is a free open source, small, powerful and simple tool for encrypting files on GNU/Linux. At the time of this writing, it comprises of a shell script (zsh) using generic filesystem GNU tools and the Linux kernel crypto API (cryptsetup and LUKS).

It also employs various GNU/Linux tools such as steghide, lsof, mlocate, resizefs, dcfld and many more, to extend its functionality.

Tomb is used to create secure backups of secret or personal files in encrypted, password-protected directories called tombs. These directories can only be opened using their associated keyfiles and passwords.

After creating a tomb, you can store its key files separately, for example your tomb file can exist on a remote server while the key file is on your laptop or desktop at home or in office. If the tomb file is on your laptop or desktop, you can hide it within the filesystem or as a more secure option, store the key in a USB drive.

In addition, you can hide a tomb in the filesystem or move it safely over a network or in external storage media; share it with other friends or colleagues. You can also hide a key in an image as we will see later on.

Requirements

Tomb needs a few programs such as zsh, gnupg, cryptsetup and pinentry-curses to be installed on a system in order to work.

How to Installing Tomb in Linux Systems

First start by installing the following required tools using your distribution default package manager and also we will install steghide to add functionality for hiding of keys in images.

$ sudo apt install gnupg zsh cryptsetup pinentry-curses steghide	#Debian/Ubuntu
$ sudo yum install gnupg zsh cryptsetup pinentry-curses steghide	#CentOS/RHEL
$ sudo dnf install gnupg zsh cryptsetup pinentry-curses steghide	#Fedora 22+

After installing required packages, download the stable tomb source code for your distribution or use the following wget command to download directly in terminal as shown.

$ cd Downloads/
$ wget -c https://files.dyne.org/tomb/Tomb-2.5.tar.gz 

Next, extract the tar archive file you just downloaded and move into the decompressed folder.

$ tar -xzvf Tomb-2.5.tar.gz
$ cd Tomb-2.5

Finally, run the following command, as root or use sudo command to gain root privileges, to install the binary under /usr/local/bin/.

$ sudo make install

How to Create Tombs in Linux Systems

After installing tomb, you can generate a tomb by creating a new key for it and set its password as explained below.

To create a tomb, use the dig sub-command and the -s flag to set its size in MB (this size can be increased when a tomb gets full to capacity after adding files).

$ sudo tomb dig -s 30 tecmint.tomb      

Then create a new key for tecmint.tomb with the forge sub-command and set its password when asked. This operation will take some time to complete, just sit back and relax or go prepare yourself a cup of coffee.

$ sudo tomb forge tecmint.tomb.key

While creating the key, tomb will complain if swap space exists on disk, and it will terminate if that swap memory is turned on as shown in the following screenshot. This is due to a security risk associated with swap memory on disk (refer to documentation or man page for more information).

You can either use the -f flag to force the operation or turn of swap memory with the following command.

$ sudo swapoff -a

Then try to create the tomb key once more.

Next, format tecmint.tomb to lock it with the above key. The -k flag specifies the location of the key file to use.

$ sudo tomb lock tecmint.tomb -k tecmint.tomb.key

How to Open a New Tomb

To open a tomb, use the open sub-command, you will be prompted to enter the password you set while creating the tomb.

$ sudo tomb open -k tecmint.tomb.key tecmint.tomb  

From the output of the previous command, the tomb has been opened and mounted on /media/tecmint/ – this is where you can add your secret files.

If you have numerous tombs, you can list all open tombs plus get some information about them as shown.

$ sudo tomb list 

How to Copy Files to Open Tomb

Now you can add your secret or important files to the tomb as follows. Every time you need to add more files, open the tomb first, as shown above.

$ sudo cp -v passwds.txt accounts.txt keys.txt -t /media/tecmint/

After opening a tomb, once you are done using it or adding files to it, use the close sub-command to close the tomb file. But if a process is working with an open tomb, if may fail to close.

$ sudo tomb close

You can close all tombs by running.

$ sudo tomb close all

To force an open tomb to close, even when a process is interacting with it, use the slam sub-command.

$ sudo tomb slam 
OR
$ sudo tomb slam all 

How to Hiding Tomb Key in an Image

It is also possible to hide/encode the tomb key in an image using the bury sub-command, as follows

$ sudo tomb bury -k tecmint.tomb.key zizu.jpg 

Then use the newly created jpeg image to open the tomb, as shown.

$ sudo tomb open -k zizu.jpg tecmint.tomb

You can also recover a key encoded in a jpeg image with the exhume sub-command.

$ sudo tomb  exhume zizu.jpg -k tecmint.tomb.key
OR
$ sudo tomb -f exhume zizu.jpg -k tecmint.tomb.key   #force operation if key exists in current directory

Attention: Remember to hide the tomb key, do not keep it in the same directory with the tomb. For example, we will move the key for tecmint.tomb into a secret location (you can use your own location) or keep it on an external media or move it to remote server over SSH.

$ sudo mv tecmint.tomb.key /var/opt/keys/  

Unfortunately, we can not exploit all the tomb usage commands and options in this guide, you can consult its man page for more information. There, you will find instruction on how to change a tomb’s key and password, resize it and much more.

$ man tomb 

Tomb Github repository: https://github.com/dyne/Tomb

Summary

Tomb is a simple yet powerful and easy-to-use encryption tool for handling files as delicate as secrets, on GNU/Linux systems. Share your thoughts about it via the comment form below.

Source

We have taken initiative to produce Linux tips and tricks series. If you’ve missed the last article of this series, you may like to visit the link below.

1. 5 Interesting Command Line Tips and Tricks in Linux

In this article, we will share some interesting Linux tips and tricks to generate random passwords and also how to encrypt and decrypt passwords with or without slat method.

Security is one of the major concern of digital age. We put on password to computers, email, cloud, phone, documents and what not. We all know the basic to choose the password that is easy to remember and hard to guess. What about some sort of machine based password generation automatically? Believe me Linux is very good at this.

1. Generate a random unique password of length equal to 10 characters using command ‘pwgen‘. If you have not installed pwgen yet, use Apt or YUM to get.

$ pwgen 10 1

Generate several random unique passwords of character length 50 in one go!

$ pwgen 50

2. You may use ‘makepasswd‘ to generate random, unique password of given length as per choice. Before you can fire makepasswd command, make sure you have installed it. If not! Try installing the package ‘makepasswd’ using Apt or YUM.

Generate a random password of character length 10. Default Value is 10.

$ makepasswd 

Generate a random password of character length 50.

$ makepasswd  --char 50

Generate 7 random password of 20 characters.

$ makepasswd --char 20 --count 7

3. Encrypt a password using crypt along with salt. Provide salt manually as well as automatically.

For those who may not be aware of salt,

Salt is a random data which servers as an additional input to one way function in order to protect password against dictionary attack.

Make sure you have installed mkpasswd installed before proceeding.

The below command will encrypt the password with salt. The salt value is taken randomly and automatically. Hence every time you run the below command it will generate different output because it is accepting random value for salt every-time.

$ mkpasswd tecmint

Now lets define the salt. It will output the same result every-time. Note you can input anything of your choice as salt.

$ mkpasswd tecmint -s tt

Moreover, mkpasswd is interactive and if you don’t provide password along with the command, it will ask password interactively.

4. Encrypt a string say “Tecmint-is-a-Linux-Community” using aes-256-cbc encryption using password say “tecmint” and salt.

# echo Tecmint-is-a-Linux-Community | openssl enc -aes-256-cbc -a -salt -pass pass:tecmint

Here in the above example the output of echo command is pipelined with openssl command that pass the input to be encrypted using Encoding with Cipher (enc) that uses aes-256-cbc encryption algorithm and finally with salt it is encrypted using password (tecmint).

5. Decrypt the above string using openssl command using the -aes-256-cbc decryption.

# echo U2FsdGVkX18Zgoc+dfAdpIK58JbcEYFdJBPMINU91DKPeVVrU2k9oXWsgpvpdO/Z | openssl enc -aes-256-cbc -a -d -salt -pass pass:tecmint

That’s all for now. If you know any such tips and tricks you may send us your tips at admin@tecmint.com, your tip will be published under your name and also we will include it in our future article.

Keep connected. Keep Connecting. Stay Tuned.

Source

Encryption is the process of encoding files in such a way that only those who are authorized can access it. Mankind is using encryption from ages even when computers were not in existence. During war they would pass some kind of message that only their tribe or those who are concerned were able to understand.

Linux distribution provides a few standard encryption/decryption tools that can prove to be handy at times. Here in this article we have covered 7 such tools with proper standard examples, which will help you to encrypt, decrypt and password protect your files.

If you are interested in knowing how to generate Random password in Linux as well as creating random password you may like to visit the below link:

Generate/Encrypt/Decrypt Random Passwords in Linux

1. GnuPG

GnuPG stands for GNU Privacy Guard and is often called as GPG which is a collection of cryptographic software. Written by GNU Project in C programming Language. Latest stable release is 2.0.27.

In most of the today’s Linux distributions, the gnupg package comes by default, if in-case it’s not installed you may apt or yum it from repository.

$ sudo apt-get install gnupg
# yum install gnupg

We have a text file (tecmint.txt) located at ~/Desktop/Tecmint/, which will be used in the examples that follows this article.

Before moving further, check the content of the text file.

$ cat ~/Desktop/Tecmint/tecmint.txt

Now encrypt tecmint.txt file using gpg. As soon as you run the gpc command with option -c (encryption only with symmetric cipher) it will create a file texmint.txt.gpg. You may list the content of the directory to verify.

$ gpg -c ~/Desktop/Tecmint/tecmint.txt
$ ls -l ~/Desktop/Tecmint

Note: Enter Paraphrase twice to encrypt the given file. The above encryption was done with CAST5 encryption algorithm automatically. You may specify a different algorithm optionally.

To see all the encryption algorithm present you may fire.

$ gpg --version

Now, if you want to decrypt the above encrypted file, you may use the following command, but before we start decrypting we will first remove the original file i.e., tecmint.txt and leave the encrypted file tecmint.txt.gpguntouched.

$ rm ~/Desktop/Tecmint/tecmint.txt
$ gpg ~/Desktop/Tecmint/tecmint.txt.gpg

Note: You need to provide the same password you gave at encryption to decrypt when prompted.

2. bcrypt

bcrypt is a key derivation function which is based upon Blowfish cipher. Blowfish cipher is not recommended since the time it was figured that the cipher algorithm can be attacked.

If you have not installed bcrypt, you may apt or yum the required package.

$ sudo apt-get install bcrypt
# yum install bcrypt

Encrypt the file using bcrypt.

$ bcrypt ~/Desktop/Tecmint/tecmint.txt

As soon as you fire the above command, a new file name texmint.txt.bfe is created and original file tecmint.txtgets replaced.

Decrypt the file using bcrypt.

$ bcrypt tecmint.txt.bfe

Note: bcrypt do not has a secure form of encryption and hence it’s support has been disabled at least on Debian Jessie.

3. ccrypt

Designed as a replacement of UNIX crypt, ccrypt is an utility for files and streams encryption and decryption. It uses Rijndael cypher.

If you have not installed ccrypt you may apt or yum it.

$ sudo apt-get install ccrypt
# yum install ccrypt

Encrypt a file using ccrypt. It uses ccencrypt to encrypt and ccdecrypt to decrypt. It is important to notice that at encryption, the original file (tecmint.txt) is replaced by (tecmint.txt.cpt) and at decryption the encrypted file (tecmint.txt.cpt) is replaced by original file (tecmint.txt). You may like to use ls command to check this.

Encrypt a file.

$ ccencrypt ~/Desktop/Tecmint/tecmint.txt

Decrypt a file.

$ ccdecrypt ~/Desktop/Tecmint/tecmint.txt.cpt

Provide the same password you gave during encryption to decrypt.

4. Zip

It is one of the most famous archive format and it is so much famous that we generally call archive files as zip files in day-to-day communication. It uses pkzip stream cipher algorithm.

If you have not installed zip you may like to apt or yum it.

$ sudo apt-get install zip
# yum install zip

Create a encrypted zip file (several files grouped together) using zip.

$ zip --password mypassword tecmint.zip tecmint.txt tecmint1.1txt tecmint2.txt

Here mypassword is the password used to encrypt it. A archive is created with the name tecmint.zip with zipped files tecmint.txt, tecmint1.txt and tecmint2.txt.

Decrypt the password protected zipped file using unzip.

$ unzip tecmint.zip

You need to provide the same password you provided at encryption.

5. Openssl

Openssl is a command line cryptographic toolkit which can be used to encrypt message as well as files.

You may like to install openssl, if it is not already installed.

$ sudo apt-get install openssl
# yum install openssl

Encrypt a file using openssl encryption.

$ openssl enc -aes-256-cbc -in ~/Desktop/Tecmint/tecmint.txt -out ~/Desktop/Tecmint/tecmint.dat

Explanation of each option used in the above command.

1. enc : encryption
2. -aes-256-cbc : the algorithm to be used.
3. -in : full path of file to be encrypted.
4. -out : full path where it will be decrypted.

Decrypt a file using openssl.

$ openssl enc -aes-256-cbc -d -in ~/Desktop/Tecmint/tecmint.dat > ~/Desktop/Tecmint/tecmint1.txt

6. 7-zip

The very famous open source 7-zip archiver written in C++ and able to compress and uncompress most of the known archive file format.

If you have not installed 7-zip you may like to apt or yum it.

$ sudo apt-get install p7zip-full
# yum install p7zip-full

Compress files into zip using 7-zip and encrypt it.

$ 7za a -tzip -p -mem=AES256 tecmint.zip tecmint.txt tecmint1.txt

Decompress encrypted zip file using 7-zip.

$ 7za e tecmint.zip

Note: Provide same password throughout in encryption and decryption process when prompted.

All the tools we have used till now are command based. There is a GUI based encryption tool provided by nautilus, which will help you to encrypt/decrypt files using Graphical interface.

7. Nautilus Encryption Utility

Steps to encrypt files in GUI using Nautilus encryption utility.

Encryption of file in GUI

1. Right click the file you want to encrypt.

2. Select format to zip and provide location to save. Provide password to encrypt as well.

3. Notice the message – encrypted zip created successfully.

Decryption of file in GUI

1. Try opening the zip in GUI. Notice the LOCK-ICON next to file. It will prompt for password, Enter it.

2. When successful, it will open the file for you.

That’s all for now. I’ll be here again with another interesting topic. Till then stay tuned and connected to Tecmint. Don’t forget to provide us with your valuable feedback in the comments below. Like and share us and help us get spread.

Source

When you have important sensitive data, then its crucial to have an extra layer of security to your files and directories, specially when you need to transmit the data with others over a network.

That’s the reason, I am looking for a utility to encrypt and decrypt certain files and directories in Linux, luckily I found a solution that tar with OpenSSL can do the trick, yes with the help of these two tools you can easily create and encrypt tar archive file without any hassle.

Don’t Miss: 7 Tools to Encrypt and Decrypt Files in Linux

In this article, we will see how to create and encrypt a tar or gz (gzip) archive file with OpenSSL:

Remember that the conventional form of using OpenSSL is:

# openssl command command-options arguments

Encrypt Files in Linux

To encrypt the contents of the current working directory (depending on the size of the files, this may take a while):

# tar -czf - * | openssl enc -e -aes256 -out secured.tar.gz

Explanation of the above command:

1. enc – openssl command to encode with ciphers
2. -e – a enc command option to encrypt the input file, which in this case is the output of the tar command
3. -aes256 – the encryption cipher
4. -out – enc option used to specify the name of the out filename, secured.tar.gz

Decrypt Files in Linux

To decrypt a tar archive contents, use the following command.

# openssl enc -d -aes256 -in secured.tar.gz | tar xz -C test

Explanation of the above command:

1. -d – used to decrypt the files
2. -C – extract in subdirectory named test

The following image shows the encryption process and what happens when you try to:

1. extract the contents of the tarball the traditional way
2. use the wrong password, and
3. when you enter the right password

When you are working on a local network or the Internet, you can always secure your vital documents or files that you share with others by encrypting them, this can help reduce the risk of exposing them to malicious attackers.

We looked at a simple technique of encrypting tarballs using OpenSSL, a openssl command line tool. You can refer to its man page for more information and useful commands.

As usual, for any additional thoughts or simple tips that you wish to share with us, use the feedback form below and in the upcoming tip, we shall look at a way of translating rwx permissions into octal form.

Source

mStream is a free, open source and cross-platform personal music streaming server that lets you sync and stream music between all your devices. It consists of a lightweight music streaming server written with NodeJS; you can use it to stream your music from your home computer to any device, anywhere.

Server Features

• Works on Linux, Windows, OSX and Raspbian
• Dependency Free Installation
• Light on memory and CPU usage
• Tested on multi-terabyte libraries

WebApp Features

• Gapless Playback
• Milkdrop Visualizer
• Playlist Sharing
• Upload Files through the file explorer
• AutoDJ – Queues up random songs

Importantly, mStream Express is a special version of the server that comes with all the dependencies pre-packaged and in this article, we will explain how to install and use mStream to stream your home music to anywhere from the Linux.

Before you install mStream, check out the demo: https://demo.mstream.io/

How to Install mStream Express in Linux

The easiest way to install mStream, without facing any dependencies issues is to download the latest version of mStream Express from the release page and run it.

The package comes with an additional set of UI tools and features for adding tray icon for easy server management, auto boots server on startup and GUI tools for server configuration.

You can use the wget command to download it directly from the command line, unzip the archive file, move into the extracted folder and run the mstreamExpress file as follows.

$ wget -c https://github.com/IrosTheBeggar/mStream/releases/download/3.9.1/mstreamExpress-linux-x64.zip
$ unzip mstreamExpress-linux-x64.zip 
$ cd mstreamExpress-linux-x64/
$ ./mstreamExpress

After starting mstreamExpress, the server configuration interface will show up as shown in the following screenshot. Enter the config options and click on Boot Server.

Once the server has booted, you will see the following messages.

To access the webapp, go to the address: http://localhost:3000 or http://server_ip:3000.

You can easily manage the server via the Tray Icon; it has options to disable auto-boot, restart and reconfigure, advanced options, manage DDNS and SSL, among others.

mStream Github repository: https://github.com/IrosTheBeggar/mStream.

That’s all! mStream is an easy to install and personal music streaming software. In this article, we showed how to easily install and use mStream Express in Linux. If you have any queries, reach us via the feedback form below.

Source

These days Atom text editor is making a lots of news. Atom is a free and open-source text and source code editor, available for cross platform Operating Systems – Windows, Linux and Mac OS X. It is released under MIT License, written in C++, HTML, CSS, JavaScript, Node.js and Coffee Script, Atom is based on Chromium.

A Quick Time Travel

Atom project was started by the founder of GitHub, Chris Wanstrath in the mid of year 2008. Nearly 6 years later, the first public beta was released on February 26, 2014. Nearly 15 months later the release of first public beta (and 7 years since the idea was conceived), on June 25, 2015 Atom got a stable release.

Features of Atom text/source code Editor.

1. Cross Platform support (Linux/OS X/Windows)
2. Polished edges
3. Modern and approachable editor that can be customized to core.
4. Built in Package Manager – Search and install from within. You may develop your own package.
5. Smart Approach – Ensures you write code with speed, flexibility and auto-completion.
6. Embedded File System Browser – Browse and open file/project/group of projects with ease in one window.
7. Split Panel – Multi-panel feature to compare and edit code from single window. No more switching between windows.
8. Find and replace text in one file or all your projects.
9. There are some 2,137 Free and open-source Packages, that you can use.
10. As of Now it supports some 685 themes to pick from.
11. Plug-ins supported
12. Can be used as IDE (Integrated Development Environment)

Prerequisite

1. C++
2. Git
3. node.js version 0.10.x or node.js Version 0.12.x or io.js (1.x) [Any one of three]
4. npm Version 1.4.x
5. Gnome Keyring (libgnome-keyring-dev or libgnome-keyring-devel)

How to Install Atom Editor in Linux

There are binary package available for DEB and RPM based distributions for 64 bit architecture only, hence no need to compile it from source.

However if you want to compile it from source for any system including DEB and RPM based distribution, follow the below instructions.

Installing from Binary Packages

To install Atom on Linux, you can download DEB or RPM binary package for Debian and RedHat based systems from the main Atom website or use following wget command to directly download the packages into your terminal.

$ wget https://atom.io/download/deb		[On Debain based systems]
$ wget https://atom.io/download/rpm		[On RedHat based systems]

On Debian based systems, use dpkg -i command to install the binary package.

$ sudo dpkg -i deb
[sudo] password for tecmint: 
Selecting previously unselected package atom.
(Reading database ... 204982 files and directories currently installed.)
Preparing to unpack deb ...
Unpacking atom (1.0.0) ...
Setting up atom (1.0.0) ...
Processing triggers for desktop-file-utils (0.22-1ubuntu1) ...
Processing triggers for mime-support (3.54ubuntu1) ...

On RedHat based systems, use rpm -ivh command to install the binary package.

# rpm -ivh rpm
Preparing...                          ################################# [100%]
Updating / installing...
   1:atom-1.0.0-0.1.fc21              ################################# [100%]

Installing from Source

If you just want to build Atom from source, you can do by following up-to-date detailed build instructions on Linux systems.

To build Atom from source, you need to have following required packages to be install on the system, before building the Atom from source.

On Debian / Ubuntu

$ sudo apt-get install build-essential git libgnome-keyring-dev fakeroot
$ curl --silent --location https://deb.nodesource.com/setup_0.12 | sudo bash -
$ sudo apt-get install --yes nodejs
$ sudo apt-get install npm
$ sudo npm config set python /usr/bin/python2 -g

On RHEL, CentOS or Fedora

# yum --assumeyes install make gcc gcc-c++ glibc-devel git-core libgnome-keyring-devel rpmdevtools
# curl --silent --location https://rpm.nodesource.com/setup | bash -
# yum install --yes nodejs
# yum install npm
# npm config set python /usr/bin/python2 -g

Once the required packages has been installed, now clone the Atom repository from git.

$ git clone https://github.com/atom/atom
$ cd atom

Checkout the latest Atom release and build it.

$ git fetch -p
$ git checkout $(git describe --tags `git rev-list --tags --max-count=1`)
$ script/build

Note: If Atom build process failed with below error message:

npm v1.4+ is required to build Atom. Version 1.3.10 was detected.

That means you must have latest version npm (i.e v1.4) installed on the system, to get the latest version of npm you need to add node.js PPA to your system to get the latest version of Nodejs and NPM.

$ sudo apt-get install python-software-properties
$ sudo apt-add-repository ppa:chris-lea/node.js
$ sudo apt-get update
$ sudo apt-get install nodejs

Next, install the atom and apm commands to /usr/local/bin directory by executing following command:

$ sudo script/grunt install

Atom Testing and Usage

1. Fire Atom from Application Menu, or by typing command ‘atom, in the command prompt.

$ atom

When you launch Atom for the first time, you should see a Welcome screen of atom something like below.

This welcome screen gives you a brief idea about on how to get started with Atom editor.

You may Download your favorite flavor theme and native packages from the links below and install it using Settings Menu.

1. https://atom.io/themes
2. https://atom.io/packages

Just for Information

1. Atom send usages data to Google Analytics. It does so to collect information about those features that are mostly used. These information will be used to enhance the user experience in further release.
2. GitHub Reports Atom has been downloaded 1.3 million times and is used by more than 350,000 users per month.

Conclusion

Atom is a wonderful source code (and Text) editor. It functions like IDE. Supports of nearly 700 themes, ensures we have a lot to choose from. 2K+ packages makes it possible to customize Atom, as per user’s need. It has been developed by GitHub Founder and other developers/contributors, so we can expect it to be more than just a normal editor.

Though it be a nightmare for a lots of people since HTML, JavaScript, node.js and CSS have been used in the project. The fact is all these Programming/scripting languages are not appreciated by advanced users. At times the above languages have shown flaws, attack and even compromised.

Source

This tutorial guides you how firewall works in Linux Operating system and what is IPTables in Linux? Firewall decides fate of packets incoming and outgoing in system. IPTables is a rule based firewall and it is pre-installed on most of Linux operating system. By default it runs without any rules. IPTables was included in Kernel 2.4, prior it was called ipchains or ipfwadm. IPTables is a front-end tool to talk to the kernel and decides the packets to filter. This guide may help you to rough idea and basic commands of IPTables where we are going to describe practical iptables rules which you may refer and customized as per your need.

Different services is used for different protocols as:

1. iptables applies to IPv4.
2. ip6tables applies to IPv6.
3. arptables applies to ARP.
4. ebtables applies to Ethernet frames..

IPTables main files are:

1. /etc/init.d/iptables – init script to start|stop|restart and save rulesets.
2. /etc/sysconfig/iptables – where Rulesets are saved.
3. /sbin/iptables – binary.

There are at present three tables.

• Filter
• NAT
• Mangle

At present, there are total four chains:

1. INPUT : Default chain originating to system.
2. OUTPUT : Default chain generating from system.
3. FORWARD : Default chain packets are send through another interface.
4. RH-Firewall-1-INPUT : The user-defined custom chain.

Note: Above main files may slightly differ in Ubuntu Linux.

How to start, stop and restart Iptabe Firewall.

# /etc/init.d/iptables start 
# /etc/init.d/iptables stop
# /etc/init.d/iptables restart

To start IPTables on system boot, use the following command.

#chkconfig --level 345 iptables on

Saving IPTables rulesets with below command. Whenever system rebooted and restarted the IPTables service, the exsiting rules flushed out or reset. Below command save TPTables rulesets in /etc/sysconfig/iptables file by default and rules are applied or restored in case of IPTables flushes out.

#service iptables save

Checking the status of IPTables / Firewall. Options “-L” (List ruleset), “-v” (Verbose) and “-n” (Displays in numeric format).

[root@tecmint ~]# iptables -L -n -v

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    6   396 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT 5 packets, 588 bytes)
 pkts bytes target     prot opt in     out     source               destination

[root@tecmint ~]# iptables -n -L -v --line-numbers

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination
1       51  4080 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
2        0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0
3        0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0
4        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
5        0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination
1        0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT 45 packets, 5384 bytes)
num   pkts bytes target     prot opt in     out     source               destination

[root@tecmint ~]# iptables -F

[root@tecmint ~]# iptables -L INPUT -n --line-numbers

Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
2    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0
3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
4    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
5    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

[root@tecmint ~]# iptables -L OUTPUT -n --line-numbers
Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

[root@tecmint ~]# iptables -D INPUT 5

[root@tecmint ~]# iptables -I INPUT 5 -s ipaddress -j DROP

Cloud Commander (cloudcmd) is a simple open source, traditional yet useful cross-platform web file manager with console and editor support.

It is written in JavaScript/Node.js and enables you manage a server and work with files, directories and programs in a browser from any computer, mobile or tablet.

Features

It offer some cool features:

• Client works in web browser.
• It’s server can be installed in Linux, Windows, Mac OS and Android (with help of Termux).
• Enables you to view images, text files, playing audio and videos from within a browser.
• Can be used local or remotely.
• Supports adapting to screen size.
• Offers Console with support of default OS command line.
• Ships in with 3 built-in editors with support of syntax highlighting, which include: Dword, Edward and Deepword.
• It also supports optional authorization.
• Offers hot/shortcut keys.

How to Install Cloud Commander in Linux

First, install the latest version of node.js with the instructions below.

On Debian/Ubuntu/Linux Mint

$ curl -sL https://deb.nodesource.com/setup_6.x | sudo -E bash -

-------- For Node.js v7 Version -------- 
$ curl -sL https://deb.nodesource.com/setup_7.x | sudo -E bash -
$ sudo apt-get install -y nodejs 

On RHEL/CentOS/Fedora

$ curl - -silent - -location https://rpm.nodesource.com/setup_6.x | bash -

-------- For Node.js v7 Version -------- 
$ curl - -silent - -location https://rpm.nodesource.com/setup_7.x | bash -
$ yum -y install nodejs
$ dnf -y install nodejs [Fedora 22+]

On Gentoo and Arch Linux

$ emerge nodejs         [On Gentoo]
$ pacman -S nodejs npm  [On Arch Linux]

Once you have installed nodejs and npm packages, next, install cloud commander file manager with the following command with root permissions:

$ npm i cloudcmd -g
OR
$ npm i cloudcmd -g --force

How to Use Cloud Commander in Linux

To start it, simply run:

$ cloudcmd

By default, Cloud Commander reads configurations in ~/.cloudcmd.json if no command options are set. It uses port 8000, in case the port variables PORT or VCAP_APP_PORT don’t exist.

You can start using it by opening the URL in your browser:

http://SERVER_IP:8000

View File Menu

To view menu; file operation options, simply select the file and right click on it, you’ll view the options shown in the screen shot below.

View Files and Directories

To open it with a single panel, use the --one-panel-mode flag or simply resize the browser interface:

$ cloudcmd --one-panel-mode

The screenshot below shows viewing of an image file.

Edit Files in Browser

The following screenshot shows opening a script file for editing.

Access Linux Terminal from Browser

Press ~ button to open the Linux terminal or console.

Terminal Interface

By default, the terminal is disabled and not installed, to use it you should install gritty as follows with root user privileges:

$ npm i gritty -g

Then set the path of a terminal and save configuration like so:

$ cloudcmd --terminal --terminal-path "gritty --path here" --save

Update Cloud Commander

To update Cloud Commander use this command:

$ npm install cloudcmd -g

Use Hot/Shortcut Keys.

• F1 – View help
• F2 – Rename a file
• F3 – View a file
• F4 – Edit a file
• F5 – Copy a file
• F6 – Move a file
• F7 – Create a new directory
• F8 – Delete a file
• F9 – Open menu
• F10 – View file configurations/permissions plus many more.

You can run this for help:

$ cloudcmd --help

You can find a comprehensive usage guide and configuration information at https://cloudcmd.io/.

In this article, we reviewed Cloud Commander, a simple traditional yet useful web file manager with console and editor support for Linux. To share your thoughts with us, make us of the comment form below. Have you come across any similar tools out there? Tell us as well.

Source

Wikit is a free and open source command line program for easily viewing Wikipedia summaries of search queries; it is built using Nodejs. The verb Wikit (derived from “wikipedia it“) means looking up something on wikipedia.org, the popular and remarkable open source encyclopedia on the Internet.

Read Also: Googler: A Command Line Tool to Do ‘Google Search’ from Linux Terminal

To install Wikit on Linux systems, you must have nodejs and npm installed, if not install it using your default package manager as shown.

$ sudo apt install nodejs	#Debian/Ubuntu
$ sudo yum install nodejs npm	#RHEL/CentOS
$ sudo dnf install nodejs npm	#Fedora 22+

Installing nodejs and npm from the default repositories, will give you the little older version. Therefore, read our article to get more recent version of nodejs and npm in Linux.

After installing the necessary dependencies, run the following command to install wikit in Linux (the -g flag tells npm to install wikit globally).

$ sudo npm install wikit -g

Once Wikit installed on your system, you can run it using following syntax.

$ wikit Linux

The output shown is the paragraphs of the wikipedia article before the table of contents and the line length is neatly wrapped based on your terminal’s window size, with a max of about 80 characters.

If you are running wikit on a desktop computer with a web browser installed, you can open the full Wikipedia article in a browser using the -b flag as below.

$ wikit linux -b

To define the line wrap length to number (minimum 15), use the -l option as shown.

$ wikit linux -l 90

For more information, go to the Wikit Github repository.

Lastly, do check out these fancy command line based tools for various tasks.

1. 5 Linux Command Line Based Tools for Downloading Files and Browsing Websites
2. Install YouTube-DL – A Command Line Video Download Tool for Linux
3. 8 Command Line Tools for Browsing Websites and Downloading Files in Linux
4. Trash-cli – A Trashcan Tool to Manage ‘Trash’ from Linux Command Line
5. Fasd – A Commandline Tool That Offers Quick Access to Files and Directories
6. Inxi – A Powerful Feature-Rich Commandline System Information Tool for Linux

You can use the comment form below to ask any questions or share any useful thoughts with us.

Source

Today, Google search is a well known and the most-used search engine on the World Wide Web (WWW), if you want to gather information from millions of servers on the Internet, then it is the number one and most reliable tool for that purpose plus much more.

Many people around the world mainly use Google search via a graphical web browser interface. However, command line geeks who are always glued to the terminal for their day-to-day system related tasks, face difficulties in accessing Google search from command-line, this is where Googler comes in handy.

Read Also: Wikit – A Command Line Tool to Search Wikipedia in Linux

Googler is a powerful, feature-rich and Python-based command line tool for accessing Google (Web & News) and Google Site Search within the Linux terminal.

Note: Googler is not in any way associated to Google.

How Does Googler Works?

It provides an interface from the command line to Google search and displays results inform of title, URL and abstract information in pages, with page navigation similar to that on a GUI web browser.

Watch the quick demo of Googler.

Users can integrate it with a text-based web browser and open the result directly in the web browser.

It supports sequential searches in a single instance and importantly, users do not need to master any usage options as the shell completion scripts automatically invokes them.

Features of Googler

1. Offers access to Google Search, Google Site Search, Google News.
2. It is fast and clean with custom colors and no ads, stray URLs or clutter included.

1. Allows navigation of search result pages from omniprompt.
2. Supports fetching of number of results in a go, users can start at the nth result.
3. Users can disable automatic spelling correction and search exact keywords.
4. Supports limiting of search by attributes such as duration, country/domain specific search (default: .com), language preference.
5. Supports Google search keywords in the form filetype:mime, site:somesite.com and many others.
6. Permits non-stop searches: start new searches at omniprompt without exiting.
7. Supports HTTPS proxy services.
8. Ships in with a man page which includes examples, shell completion scripts for Bash, Zsh and Fish.
9. Users can optionally open first search result in a web browser.

How To Install Googler in Linux

Users of Ubuntu Linux and its derivatives such as Linux Mint, Xubuntu can install it via this PPA by executing the commands below:

$ sudo add-apt-repository ppa:twodopeshaggy/jarun
$ sudo apt-get update
$ sudo apt-get install googler

Important: If in case above installation instructions fails to install Googler, then you need to install it from source using latest version as shown.

Other distributions can install Googler from source using following instructions.

First download the latest version of Googler (at the time writing the latest version is v2.9).

$ cd Downloads
$ wget -c https://github.com/jarun/googler/archive/v2.9.tar.gz
$ tar -xvf  v2.9.tar.gz
$ cd  googler-2.9
$ sudo make install 
$ cd auto-completion/bash/
$ sudo cp googler-completion.bash  /etc/bash_completion.d/

How to Use Googler in Linux Terminal

The following are some examples showing how Googler works in Linux, the basic command below will show information about tecmint.com:

$ googler tecmint.com

At the end of the search result page, you can view the omniprompt help page by entering the “?” character and pressing Enter. Each key has a detailed functionality description alongside it.

In the example, we will search for the quoted words (Linux command line tricks) on tecmint.com.

$ googler -n 8 -w tecmint.com \"Linux command line tricks\"

where the options:

1. -n num – tells googler to display at most 8 results per a page (default is 10).
2. -w – enables Google site(tecmint.com) search.

You can as well display results of latest news concerning Linux from the Google search news section by using the -N switch as follows:

$ googler -N Linux 

Set an alias to get four results showing the meaning of a word (tecmint in this case) like so:

$ alias tecmint='oogler -n 4 tecmint'
$ tecmint 

Visit the Googler Github repository for more information and usage or view the Googler man page.

$ man googler 

Googler is a handy tool, it works perfectly and reliably for Linux users who spend most of their time on the terminal and want to search the web from a text-based interface. Remember to share your thoughts about Googler in the comments.

Source