Author: root

Introduction

Let’s Encrypt is a Certificate Authority (CA) that facilitates obtaining and installing free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. It streamlines the process by providing a software client, Certbot, that attempts to automate most (if not all) of the required steps. Currently, the entire process of obtaining and installing a certificate is fully automated on both Apache and Nginx.

In this guide, you’ll use Certbot to obtain a free SSL certificate for Apache on Ubuntu 22.04, and make sure this certificate is set up to renew automatically.

This tutorial uses a separate virtual host file instead of Apache’s default configuration file for setting up the website that will be secured by Let’s Encrypt. We recommend creating new Apache virtual host files for each domain hosted in a server because it helps to avoid common mistakes and maintains the default configuration files as a fallback setup.

Prerequisites

To follow this tutorial, you will need:

• One Ubuntu 22.04 server set up with a non-root user with sudo administrative privileges and firewall enabled. You can set this up by following our initial server setup for Ubuntu 22.04 tutorial.
• A fully registered domain name. This tutorial will use your_domain as an example throughout. You can purchase a domain name on Namecheap, get one for free on Freenom, or use the domain registrar of your choice.
• Both of the following DNS records set up for your server. You can follow this introduction to DigitalOcean DNS for details on how to add them.
  • An A record with your_domain pointing to your server’s public IP address.
  • An A record with www.your_domain pointing to your server’s public IP address.
• Apache installed by following How To Install Apache on Ubuntu 22.04. Be sure that you have a virtual host file for your domain. This tutorial will use /etc/apache2/sites-available/your_domain.conf as an example.

Step 1 — Installing Certbot

To obtain an SSL certificate with Let’s Encrypt, you need to install the Certbot software on your server. You’ll use the default Ubuntu package repositories for that.

First, update the local package index:

sudo apt update

You need two packages: certbot, and python3-certbot-apache. The latter is a plugin that integrates Certbot with Apache, making it possible to automate obtaining a certificate and configuring HTTPS within your web server with a single command:

sudo apt install certbot python3-certbot-apache

You will be prompted to confirm the installation by pressing Y, then ENTER.

Certbot is now installed on your server. In the next step, you’ll verify Apache’s configuration to make sure your virtual host is set appropriately. This will ensure that the certbot client script will be able to detect your domains and reconfigure your web server to use your newly generated SSL certificate automatically.

Step 2 — Checking your Apache Virtual Host Configuration

To automatically obtain and configure SSL for your web server, Certbot needs to find the correct virtual host within your Apache configuration files. Your server domain name(s) will be retrieved from the ServerName and ServerAlias directives defined within your VirtualHost configuration block.

If you followed the virtual host setup step in the Apache installation tutorial, you should have a VirtualHost block set up for your domain at /etc/apache2/sites-available/your_domain.conf with the ServerName and also the ServerAlias directives already set appropriately.

To confirm this is set up, open the virtual host file for your domain using nano or your preferred text editor:

sudo nano /etc/apache2/sites-available/your_domain.conf

Find the existing ServerName and ServerAlias lines. They should be listed as follows:

/etc/apache2/sites-available/your_domain.conf

...
ServerName your_domain
ServerAlias www.your_domain
...

If you already have your ServerName and ServerAlias set up like this, you can exit your text editor and move on to the next step. If your current virtual host configuration doesn’t match the example, update it accordingly. If you’re using nano, you can exit by pressing CTRL+X, then Y and ENTER to confirm your changes, if any. Then, run the following command to validate your changes:

sudo apache2ctl configtest

You should receive Syntax OK as a response. If you get an error, reopen the virtual host file and check for any typos or missing characters. Once your configuration file’s syntax is correct, reload Apache so that the changes take effect:

sudo systemctl reload apache2

With these changes, Certbot will be able to find the correct VirtualHost block and update it.

Next, you’ll update the firewall to allow HTTPS traffic.

Step 3 — Allowing HTTPS Through the Firewall

If you have the UFW firewall enabled, as recommended by the prerequisite guides, you’ll need to adjust the settings to allow HTTPS traffic. Upon installation, Apache registers a few different UFW application profiles. You can leverage the Apache Full profile to allow both HTTP and HTTPS traffic on your server.

To verify what kind of traffic is currently allowed on your server, check the status:

sudo ufw status

If you followed one of our Apache installation guides, you will have output similar to the following, meaning that only HTTP traffic on port 80 is currently allowed:

OutputStatus: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere                  
Apache                     ALLOW       Anywhere             
OpenSSH (v6)               ALLOW       Anywhere (v6)             
Apache (v6)                ALLOW       Anywhere (v6)

To allow for HTTPS traffic, allow the “Apache Full” profile:

sudo ufw allow 'Apache Full'

Then delete the redundant “Apache” profile:

sudo ufw delete allow 'Apache'

Your status will display as the following:

sudo ufw status

OutputStatus: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere                  
Apache Full                ALLOW       Anywhere                  
OpenSSH (v6)               ALLOW       Anywhere (v6)             
Apache Full (v6)           ALLOW       Anywhere (v6)        

You are now ready to run Certbot and obtain your certificates.

Step 4 — Obtaining an SSL Certificate

Certbot provides a variety of ways to obtain SSL certificates through plugins. The Apache plugin will take care of reconfiguring Apache and reloading the configuration whenever necessary. To use this plugin, run the following:

sudo certbot --apache

This script will prompt you to answer a series of questions in order to configure your SSL certificate. First, it will ask you for a valid email address. This email will be used for renewal notifications and security notices:

OutputSaving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices)
 (Enter 'c' to cancel): you@your_domain

After providing a valid email address, press ENTER to proceed to the next step. You will then be prompted to confirm if you agree to Let’s Encrypt terms of service. You can confirm by pressing Y and then ENTER:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y

Next, you’ll be asked if you would like to share your email with the Electronic Frontier Foundation to receive news and other information. If you do not want to subscribe to their content, write N. Otherwise, write Y then press ENTER to proceed to the next step:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: N

The next step will prompt you to inform Certbot of which domains you’d like to activate HTTPS for. The listed domain names are automatically obtained from your Apache virtual host configuration, so it’s important to make sure you have the correct ServerName and ServerAlias settings configured in your virtual host. If you’d like to enable HTTPS for all listed domain names (recommended), you can leave the prompt blank and press ENTER to proceed. Otherwise, select the domains you want to enable HTTPS for by listing each appropriate number, separated by commas and/ or spaces, then press ENTER:

Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: your_domain
2: www.your_domain
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 

After this step, Certbot’s configuration is finished, and you will be presented with the final remarks about your new certificate and where to locate the generated files:

OutputSuccessfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/your_domain/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/your_domain/privkey.pem
This certificate expires on 2022-07-10.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.

Deploying certificate
Successfully deployed certificate for your_domain to /etc/apache2/sites-available/your_domain-le-ssl.conf
Successfully deployed certificate for www.your_domain.com to /etc/apache2/sites-available/your_domain-le-ssl.conf
Congratulations! You have successfully enabled HTTPS on https:/your_domain and https://www.your_domain.com

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
 * Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
 * Donating to EFF:                    https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Your certificate is now installed and loaded into Apache’s configuration. Try reloading your website using https:// and notice your browser’s security indicator. It should indicate that your site is properly secured, typically by a lock icon in the address bar.

You can use the SSL Labs Server Test to verify your certificate’s grade and obtain detailed information about it, from the perspective of an external service.

In the next and final step, you’ll test the auto-renewal feature of Certbot, which guarantees that your certificate will be renewed automatically before the expiration date.

Step 5 — Verifying Certbot Auto-Renewal

Let’s Encrypt’s certificates are only valid for ninety days. This is to encourage users to automate their certificate renewal process, as well as to ensure that misused certificates or stolen keys will expire sooner rather than later.

The certbot package you installed takes care of renewals by including a renew script to /etc/cron.d, which is managed by a systemctl service called certbot.timer. This script runs twice a day and will automatically renew any certificate that’s within thirty days of expiration.

To check the status of this service and make sure it’s active, run the following:

sudo systemctl status certbot.timer

Your output will be similar to the following:

Output● certbot.timer - Run certbot twice daily
     Loaded: loaded (/lib/systemd/system/certbot.timer; enabled; vendor preset:>
     Active: active (waiting) since Mon 2022-04-11 20:52:46 UTC; 4min 3s ago
    Trigger: Tue 2022-04-12 00:56:55 UTC; 4h 0min left
   Triggers: ● certbot.service

Apr 11 20:52:46 jammy-encrypt systemd[1]: Started Run certbot twice daily.

To test the renewal process, you can do a dry run with certbot:

sudo certbot renew --dry-run

OutputSaving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/your_domain.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Account registered.
Simulating renewal of an existing certificate for your_domain and www.your_domain.com

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations, all simulated renewals succeeded:
  /etc/letsencrypt/live/your_domain/fullchain.pem (success)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

If you don’t receive any errors, you’re all set. When necessary, Certbot will renew your certificates and reload Apache to pick up the changes. If the automated renewal process ever fails, Let’s Encrypt will send a message to the email you specified, warning you when your certificate is about to expire.

Conclusion

In this tutorial, you installed the Let’s Encrypt client certbot, configured and installed an SSL certificate for your domain, and confirmed that Certbot’s automatic renewal service is active within systemctl. If you have further questions about using Certbot, their documentation is a good place to start.

Source

Introduction

A “LAMP” stack is a group of open source software that is typically installed together in order to enable a server to host dynamic websites and web apps written in PHP. This term is an acronym which represents the Linux operating system with the Apache web server. The site data is stored in a MySQL database, and dynamic content is processed by PHP.

In this guide, you’ll set up a LAMP stack on an Ubuntu 22.04 server.

Prerequisites

In order to complete this tutorial, you will need to have an Ubuntu 22.04 server with a non-root sudo-enabled user account and a basic firewall. This can be configured using our initial server setup guide for Ubuntu 22.04.

Step 1 — Installing Apache and Updating the Firewall

The Apache web server is among the most popular web servers in the world. It’s well documented, has an active community of users, and has been in wide use for much of the history of the web, which makes it a great choice for hosting a website.

Start by updating the package manager cache. If this is the first time you’re using sudo within this session, you’ll be prompted to provide your user’s password to confirm you have the right privileges to manage system packages with apt:

sudo apt update

Then, install Apache with:

sudo apt install apache2

You’ll be prompted to confirm Apache’s installation. Confirm by pressing Y, then ENTER.

Once the installation is finished, you’ll need to adjust your firewall settings to allow HTTP traffic. Ubuntu’s default firewall configuration tool is called Uncomplicated Firewall (UFW). It has different application profiles that you can leverage. To list all currently available UFW application profiles, execute this command:

sudo ufw app list

OutputAvailable applications:
  Apache
  Apache Full
  Apache Secure
  OpenSSH

Here’s what each of these profiles mean:

• Apache: This profile opens only port 80 (normal, unencrypted web traffic).
• Apache Full: This profile opens both port 80 (normal, unencrypted web traffic) and port 443 (TLS/SSL encrypted traffic).
• Apache Secure: This profile opens only port 443 (TLS/SSL encrypted traffic).

For now, it’s best to allow only connections on port 80, since this is a fresh Apache installation and you don’t yet have a TLS/SSL certificate configured to allow for HTTPS traffic on your server.

To only allow traffic on port 80, use the Apache profile:

sudo ufw allow in "Apache"

Verify the change with:

sudo ufw status

OutputStatus: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere                                
Apache                     ALLOW       Anywhere                  
OpenSSH (v6)               ALLOW       Anywhere (v6)                    
Apache (v6)                ALLOW       Anywhere (v6)     

Traffic on port 80 is now allowed through the firewall.

You can do a spot check right away to verify that everything went as planned by visiting your server’s public IP address in your web browser (view the note under the next heading to find out what your public IP address is if you do not have this information already):

http://your_server_ip

The default Ubuntu 22.04 Apache web page is there for informational and testing purposes. Below is an example of the Apache default web page:

If you can view this page, your web server is correctly installed and accessible through your firewall.

How To Find your Server’s Public IP Address

If you do not know what your server’s public IP address is, there are a number of ways to find it. Usually, this is the address you use to connect to your server through SSH.

There are a few different ways to do this from the command line. First, you could use the iproute2 tools to get your IP address by typing this:

ip addr show ens3 | grep inet | awk '{ print $2; }' | sed 's/\/.*$//'

This will give you two or three lines back. They are all correct addresses, but your computer may only be able to use one of them, so feel free to try each one.

An alternative method is to use the curl utility to contact an outside party to tell you how it sees your server. This is done by asking a specific server what your IP address is:

curl http://icanhazip.com

Whichever method you choose, type in your IP address into your web browser to verify that your server is running.

Step 2 — Installing MySQL

Now that you have a web server up and running, you need to install the database system to be able to store and manage data for your site. MySQL is a popular database management system used within PHP environments.

Again, use apt to acquire and install this software:

sudo apt install mysql-server

When prompted, confirm installation by typing Y, and then ENTER.

When the installation is finished, it’s recommended that you run a security script that comes pre-installed with MySQL. This script will remove some insecure default settings and lock down access to your database system.

Warning: As of July 2022, an error will occur when you run the mysql_secure_installation script without some further configuration. The reason is that this script will attempt to set a password for the installation’s root MySQL account but, by default on Ubuntu installations, this account is not configured to connect using a password.

Prior to July 2022, this script would silently fail after attempting to set the root account password and continue on with the rest of the prompts. However, as of this writing the script will return the following error after you enter and confirm a password:

Output ... Failed! Error: SET PASSWORD has no significance for user 'root'@'localhost' as the authentication method used doesn't store authentication data in the MySQL server. Please consider using ALTER USER instead if you want to change authentication parameters.

New password:

This will lead the script into a recursive loop which you can only get out of by closing your terminal window.

Because the mysql_secure_installation script performs a number of other actions that are useful for keeping your MySQL installation secure, it’s still recommended that you run it before you begin using MySQL to manage your data. To avoid entering this recursive loop, though, you’ll need to first adjust how your root MySQL user authenticates.

First, open up the MySQL prompt:

sudo mysql

Then run the following ALTER USER command to change the root user’s authentication method to one that uses a password. The following example changes the authentication method to mysql_native_password:

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';

After making this change, exit the MySQL prompt:

exit

Following that, you can run the mysql_secure_installation script without issue.

Start the interactive script by running:

sudo mysql_secure_installation

This will ask if you want to configure the VALIDATE PASSWORD PLUGIN.

Note: Enabling this feature is something of a judgment call. If enabled, passwords which don’t match the specified criteria will be rejected by MySQL with an error. It is safe to leave validation disabled, but you should always use strong, unique passwords for database credentials.

Answer Y for yes, or anything else to continue without enabling.

VALIDATE PASSWORD PLUGIN can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD plugin?

Press y|Y for Yes, any other key for No:

If you answer “yes”, you’ll be asked to select a level of password validation. Keep in mind that if you enter 2 for the strongest level, you will receive errors when attempting to set any password which does not contain numbers, upper and lowercase letters, and special characters:

There are three levels of password validation policy:

LOW    Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary              file

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 1

Regardless of whether you chose to set up the VALIDATE PASSWORD PLUGIN, your server will next ask you to select and confirm a password for the MySQL root user. This is not to be confused with the system root. The database root user is an administrative user with full privileges over the database system. Even though the default authentication method for the MySQL root user doesn’t involve using a password, even when one is set, you should define a strong password here as an additional safety measure.

If you enabled password validation, you’ll be shown the password strength for the root password you just entered and your server will ask if you want to continue with that password. If you are happy with your current password, enter Y for “yes” at the prompt:

Estimated strength of the password: 100 
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y

For the rest of the questions, press Y and hit the ENTER key at each prompt. This will remove some anonymous users and the test database, disable remote root logins, and load these new rules so that MySQL immediately respects the changes you have made.

When you’re finished, test whether you’re able to log in to the MySQL console by typing:

sudo mysql

This will connect to the MySQL server as the administrative database user root, which is inferred by the use of sudo when running this command. Below is an example output:

OutputWelcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 10
Server version: 8.0.28-0ubuntu4 (Ubuntu)

Copyright (c) 2000, 2022, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> 

To exit the MySQL console, type:

exit

Notice that you didn’t need to provide a password to connect as the root user, even though you have defined one when running the mysql_secure_installation script. That is because the default authentication method for the administrative MySQL user is unix_socket instead of password. Even though this might seem like a security concern, it makes the database server more secure because the only users allowed to log in as the root MySQL user are the system users with sudo privileges connecting from the console or through an application running with the same privileges. In practical terms, that means you won’t be able to use the administrative database root user to connect from your PHP application. Setting a password for the root MySQL account works as a safeguard, in case the default authentication method is changed from unix_socket to password.

For increased security, it’s best to have dedicated user accounts with less expansive privileges set up for every database, especially if you plan on having multiple databases hosted on your server.

Note: There are some older versions of PHP that doesn’t support caching_sha2_password, the default authentication method for MySQL 8. For that reason, when creating database users for PHP applications on MySQL 8, you may need to configure your application to use the mysql_native_password plug-in instead. This tutorial will demonstrate how to do that in Step 6.

Your MySQL server is now installed and secured. Next, you’ll install PHP, the final component in the LAMP stack.

Step 3 — Installing PHP

You have Apache installed to serve your content and MySQL installed to store and manage your data. PHP is the component of our setup that will process code to display dynamic content to the final user. In addition to the php package, you’ll need php-mysql, a PHP module that allows PHP to communicate with MySQL-based databases. You’ll also need libapache2-mod-php to enable Apache to handle PHP files. Core PHP packages will automatically be installed as dependencies.

To install these packages, run the following command:

sudo apt install php libapache2-mod-php php-mysql

Once the installation is finished, run the following command to confirm your PHP version:

php -v

OutputPHP 8.1.2 (cli) (built: Mar  4 2022 18:13:46) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.2, Copyright (c) Zend Technologies
    with Zend OPcache v8.1.2, Copyright (c), by Zend Technologies

At this point, your LAMP stack is fully operational, but before testing your setup with a PHP script, it’s best to set up a proper Apache Virtual Host to hold your website’s files and folders.

Step 4 — Creating a Virtual Host for your Website

When using the Apache web server, you can create virtual hosts (similar to server blocks in Nginx) to encapsulate configuration details and host more than one domain from a single server. In this guide, we’ll set up a domain called your_domain, but you should replace this with your own domain name.

Note: In case you are using DigitalOcean as DNS hosting provider, check out our product documentation for detailed instructions on how to set up a new domain name and point it to your server.

Apache on Ubuntu 22.04 has one virtual host enabled by default that is configured to serve documents from the /var/www/html directory. While this works well for a single site, it can become unwieldy if you are hosting multiple sites. Instead of modifying /var/www/html, we’ll create a directory structure within /var/www for the your_domain site, leaving /var/www/html in place as the default directory to be served if a client request doesn’t match any other sites.

Create the directory for your_domain as follows:

sudo mkdir /var/www/your_domain

Next, assign ownership of the directory with the $USER environment variable, which will reference your current system user:

sudo chown -R $USER:$USER /var/www/your_domain

Then, open a new configuration file in Apache’s sites-available directory using your preferred command-line editor. Here, we’ll use nano:

sudo nano /etc/apache2/sites-available/your_domain.conf

This will create a new blank file. Add in the following bare-bones configuration with your own domain name:

/etc/apache2/sites-available/your_domain.conf

<VirtualHost *:80>
    ServerName your_domain
    ServerAlias www.your_domain 
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/your_domain
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Save and close the file when you’re done. If you’re using nano, do that by pressing CTRL+X, then Y and ENTER.

With this VirtualHost configuration, we’re telling Apache to serve your_domain using /var/www/your_domain as the web root directory. If you’d like to test Apache without a domain name, you can remove or comment out the options ServerName and ServerAlias by adding a pound sign (#) the beginning of each option’s lines.

Now, use a2ensite to enable the new virtual host:

sudo a2ensite your_domain

You might want to disable the default website that comes installed with Apache. This is required if you’re not using a custom domain name, because in this case Apache’s default configuration would override your virtual host. To disable Apache’s default website, type:

sudo a2dissite 000-default

To make sure your configuration file doesn’t contain syntax errors, run the following command:

sudo apache2ctl configtest

Finally, reload Apache so these changes take effect:

sudo systemctl reload apache2

Your new website is now active, but the web root /var/www/your_domain is still empty. Create an index.html file in that location to test that the virtual host works as expected:

nano /var/www/your_domain/index.html

Include the following content in this file:

/var/www/your_domain/index.html

<html>
  <head>
    <title>your_domain website</title>
  </head>
  <body>
    <h1>Hello World!</h1>

    <p>This is the landing page of <strong>your_domain</strong>.</p>
  </body>
</html>

Save and close the file, then go to your browser and access your server’s domain name or IP address:

http://server_domain_or_IP

Your web page should reflect the contents in the file you just edited:

You can leave this file in place as a temporary landing page for your application until you set up an index.php file to replace it. Once you do that, remember to remove or rename the index.html file from your document root, as it would take precedence over an index.php file by default.

A Note About DirectoryIndex on Apache

With the default DirectoryIndex settings on Apache, a file named index.html will always take precedence over an index.php file. This is useful for setting up maintenance pages in PHP applications, by creating a temporary index.html file containing an informative message to visitors. Because this page will take precedence over the index.php page, it will then become the landing page for the application. Once maintenance is over, the index.html is renamed or removed from the document root, bringing back the regular application page.

In case you want to change this behavior, you’ll need to edit the /etc/apache2/mods-enabled/dir.conf file and modify the order in which the index.php file is listed within the DirectoryIndex directive:

sudo nano /etc/apache2/mods-enabled/dir.conf

/etc/apache2/mods-enabled/dir.conf

<IfModule mod_dir.c>
        DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm
</IfModule>

After saving and closing the file, you’ll need to reload Apache so the changes take effect:

sudo systemctl reload apache2

In the next step, we’ll create a PHP script to test that PHP is correctly installed and configured on your server.

Step 5 — Testing PHP Processing on your Web Server

Now that you have a custom location to host your website’s files and folders, create a PHP test script to confirm that Apache is able to handle and process requests for PHP files.

Create a new file named info.php inside your custom web root folder:

nano /var/www/your_domain/info.php

This will open a blank file. Add the following text, which is valid PHP code, inside the file:

/var/www/your_domain/info.php

<?php
phpinfo();

When you are finished, save and close the file.

To test this script, go to your web browser and access your server’s domain name or IP address, followed by the script name, which in this case is info.php:

http://server_domain_or_IP/info.php

Here is an example of the default PHP web page:

This page provides information about your server from the perspective of PHP. It is useful for debugging and to ensure that your settings are being applied correctly.

If you see this page in your browser, then your PHP installation is working as expected.

After checking the relevant information about your PHP server through that page, it’s best to remove the file you created as it contains sensitive information about your PHP environment and your Ubuntu server. Use rm to do so:

sudo rm /var/www/your_domain/info.php

You can always recreate this page if you need to access the information again later.

Step 6 — Testing Database Connection from PHP (Optional)

If you want to test whether PHP is able to connect to MySQL and execute database queries, you can create a test table with test data and query for its contents from a PHP script. Before you do that, you need to create a test database and a new MySQL user properly configured to access it.

Create a database named example_database and a user named example_user. You can replace these names with different values.

First, connect to the MySQL console using the root account:

sudo mysql

To create a new database, run the following command from your MySQL console:

CREATE DATABASE example_database;

Now create a new user and grant them full privileges on the custom database you’ve just created.

The following command creates a new user named example_user that authenticates with the caching_sha2_password method. We’re defining this user’s password as password, but you should replace this value with a secure password of your own choosing.

CREATE USER 'example_user'@'%' IDENTIFIED BY 'password';

Note: The previous ALTER USER statement sets the root MySQL user to authenticate with the caching_sha2_password plugin. Per the official MySQL documentation, caching_sha2_password is MySQL’s preferred authentication plugin, as it provides more secure password encryption than the older, but still widely used, mysql_native_password.

However, some versions of PHP don’t work reliably with caching_sha2_password. PHP has reported that this issue was fixed as of PHP 7.4, but if you encounter an error when trying to log in to phpMyAdmin later on, you may want to set root to authenticate with mysql_native_password instead:

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';

Now give this user permission over the example_database database:

GRANT ALL ON example_database.* TO 'example_user'@'%';

This will give the example_user user full privileges over the example_database database, while preventing this user from creating or modifying other databases on your server.

Now exit the MySQL shell with:

exit

Test if the new user has the proper permissions by logging in to the MySQL console again, this time using the custom user credentials:

mysql -u example_user -p

Notice the -p flag in this command, which will prompt you for the password used when creating the example_user user. After logging in to the MySQL console, confirm that you have access to the example_database database:

SHOW DATABASES;

This will give you the following output:

Output+--------------------+
| Database           |
+--------------------+
| example_database   |
| information_schema |
+--------------------+
2 rows in set (0.000 sec)

Next, create a test table named todo_list. From the MySQL console, run the following statement:

CREATE TABLE example_database.todo_list (
	item_id INT AUTO_INCREMENT,
	content VARCHAR(255),
	PRIMARY KEY(item_id)
);

Insert a few rows of content in the test table. Repeat the next command a few times, using different values, to populate your test table:

INSERT INTO example_database.todo_list (content) VALUES ("My first important item");

To confirm that the data was successfully saved to your table, run:

SELECT * FROM example_database.todo_list;

The following is the output:

Output+---------+--------------------------+
| item_id | content                  |
+---------+--------------------------+
|       1 | My first important item  |
|       2 | My second important item |
|       3 | My third important item  |
|       4 | and this one more thing  |
+---------+--------------------------+
4 rows in set (0.000 sec)

After confirming that you have valid data in your test table, exit the MySQL console:

exit

Now you can create the PHP script that will connect to MySQL and query for your content. Create a new PHP file in your custom web root directory using your preferred editor:

nano /var/www/your_domain/todo_list.php

The following PHP script connects to the MySQL database and queries for the content of the todo_list table, exhibiting the results in a list. If there’s a problem with the database connection, it will throw an exception.

Add this content into your todo_list.php script, remembering to replace the example_user and password with your own:

/var/www/your_domain/todo_list.php

<?php
$user = "example_user";
$password = "password";
$database = "example_database";
$table = "todo_list";

try {
  $db = new PDO("mysql:host=localhost;dbname=$database", $user, $password);
  echo "<h2>TODO</h2><ol>"; 
  foreach($db->query("SELECT content FROM $table") as $row) {
    echo "<li>" . $row['content'] . "</li>";
  }
  echo "</ol>";
} catch (PDOException $e) {
    print "Error!: " . $e->getMessage() . "<br/>";
    die();
}

Save and close the file when you’re done editing.

You can now access this page in your web browser by visiting the domain name or public IP address configured for your website, followed by /todo_list.php:

http://your_domain_or_IP/todo_list.php

This web page should reveal the content you’ve inserted in your test table to your visitor:

That means your PHP environment is ready to connect and interact with your MySQL server.

Conclusion

In this guide, you’ve built a flexible foundation for serving PHP websites and applications to your visitors, using Apache as a web server and MySQL as a database system.

As an immediate next step, you should ensure that connections to your web server are secured, by serving them via HTTPS. In order to accomplish that, you can use Let’s Encrypt to secure your site with a free TLS/SSL certificate.

Source

As a Linux system administrator, you will be configuring and tweaking a lot of Linux servers frequently. So, you have to SSH into all these servers, in order to SSH into these servers, you will also need the login passwords for each of the servers, which is very unlikely to be the same. So, things will get difficult as the number of servers you have to administer grows.

Luckily, there is a better solution. You can tell all the servers that you administer to trust the computer or laptop that you’re using to connect and configure them. This way, you can log into these servers without any password or with the same password. In this method, you only need to know the login password of these servers only once. Then, you can forget about it as long as you’re using the same computer or laptop to connect to these servers.

In this article, I am going to show you how to setup passwordless login to servers via SSH. So, let’s get started.

Here, I have 3 servers on my local network linuxhint-server1, linuxhint-server2, linuxhint-server3. I as a Linux system administrator, am using a laptop linuxhint-client which is also on the same network. So, I want to configure all the servers in a way that I can access to all these servers from my laptop linuxhint-client without any password. So, let’s see how this will be configured in next sections.

Generating SSH Keys on the Client:

The key idea here is that you generate an SSH key on your computer or laptop from which you want to access all the servers. Then, upload the SSH key to the servers from your computer or laptop.

To generate an SSH key on the computer or laptop from which you want to connect to the servers, run the following command:

Now, press <Enter> to continue.

Now, you can set a password for your SSH key. It is optional. Whether you set up a password for your SSH key or not depends on how you want to configure access to the servers. If you don’t set a password for the SSH key here, you won’t need any password to SSH into the servers. If you do set a password here, you will need to enter the same password every time you connect to any of the servers. So, It’s up to you. I will not set a password for the SSH key in this article.

If you do want to set up a password, just type in the password and press <Enter>. Otherwise, leave it blank and press <Enter>.

If you’ve set a password earlier, just type in the same password again and press <Enter>. Otherwise, just press <Enter> without typing in anything.

The SSH key should be generated.

By default, the ssh-keygen generates a RSA key of length 2048 bits. But, if you want to change the key type and length, you can use the -t and -b options of ssh-keygen as follows:

$ ssh-keygen -t key_type -b bit_length

Currently, the supported key_type is rsa, dsa, ecdsa, and ed25519 and the bit_length can be 2048, 4096 and so on.

Uploading SSH Key to the Servers:

Now, you have to upload the SSH key you just generated on your computer or laptop to the servers. For that, you have to have SSH server software (openssh-server) installed on each of the servers and must be able to login to the servers via SSH.

To login to linuxhint-server1 via SSH, you need the IP address of the linuxhint-server1 server. To do that, run the following command on the linuxhint-server1 server.

As you can see, the IP address of linuxhint-server1 is 192.168.21.203.

Now, from the linuxhint-client, upload the SSH key to the linuxhint-server1 as follows:

$ ssh-copy-id shovon@192.168.21.203

Now, type in yes and press <Enter>.

Now, type in the login password of the linuxhint-server1 server and press <Enter>.

The SSH key should be uploaded to the server linuxhint-server1.

The same way, upload the SSH key to the linuxhint-server2 as well.

$ ssh-copy-id shovon@192.168.21.133

Upload the SSH key to the linuxhint-server3 as well.

$ ssh-copy-id shovon@192.168.21.201

SSH into Servers without Password:

Now, you should be able to access all the servers via SSH without any password.

Let’s try to access the server linuxhint-server1:

$ ssh shovon@192.168.21.203

As you can see, it didn’t prompt me for a password. Instead, I was logged in directly to the console of linuxhint-server1.

I can also log in to the linuxhint-server2 server without any password as you can see in the screenshot below.

$ ssh shovon@192.168.21.133

As you can see, I can also SSH into the linuxhint-server3 server as well. Great!

So, that’s how you configure passwordless login to Linux servers via SSH. Thanks for reading this article.

Source

KDE is a global community that develops free, open-source, software. They have created more than 200 nifty little apps that run on any Linux desktop and other platforms as well. KDE desktop environments such as Plasma are renowned for their adaptability and ability to be customized to the tastes of the user.

Here, we’ve outsourced a complete list of the most practical KDE applications that will make great additions to your software library. You can be sure that this list has something for everyone because it includes everything from simple paint software to a robust movie editor.

Contents:

1. Dolphin (File Manager)

2. Kdenlive (Video Editor)

3. Okular (Document Viewer)

4. KDE Connect (Device Integration)

5. Konsole (Terminal Emulator)

6. Kate (Text Editor)

7. Spectacle (Screenshot Tool)

8. Gwenview (Image Viewer)

9. Ark (Archive Manager)

10. KCalc (Calculator)

11. KFind (File Search Tool)

12. Discover (Software Center)

13. Filelight (Disk Space Visualizer)

14. Krita (Digital Painting)

15. KHelpCenter (Documentation and Help)

16. KColorChooser (Color Picker)

17. KGpg (PGP Key Manager)

18. Kasts (Podcast Client)

19. Alligator (RSS Feed Reader)

20. Krfb (Remote Desktop Sharing)

21. Pikasso (Image Viewer and Organizer)

22. PlasmaTube (YouTube Client)

23. Khipu (Diagram Drawing Tool)

24. Kirogi (Drone Remote Control)

25. Vakzination (Health Tool)

26. Nota (Text Editor)

27. KDE Partition Manager

28. KSystemLog (System Log Viewer)

29. Yakuake (Drop-Down Terminal Emulator)

30. Skanlite (Scanning Application)

31. KolourPaint (Painting Application)

32. KMouseTool (Mouse Automation Tool)

33. Kompare (Text File Comparison)

34. KTorrent (BitTorrent Client)

35. KTimer (Timer Application)

Conclusion

1. Dolphin (File Manager)

You can view and traverse the contents of your hard disks, USB sticks, SD cards, and other storage devices using Dolphin, which is KDE’s file manager. Creating, sharing, and deleting files and folders with Dolphin is simple and quick.

Its right-click menu offers a variety of rapid operations, including the ability to replicate, share, and compress files. Besides that, this file manager shows documents and folders from a variety of Internet cloud services and other distant computers as though they were on your desktop.

With strong plugins, you can enhance Dolphin’s functionality even further and customize it to fit your workflow. The git integration plugin can be used to interact with git repositories. In addition, you can use the NextCloud plugin to synchronize your files online.

Additionally, Dolphin accumulates low storage on your KDE desktop and comes with an integrated terminal that lets you execute commands on the currently open folder.

2. Kdenlive (Video Editor)

Want a free, high-quality video editor that works with all Linux distributions? Check out Kdenlive, a non-linear video editor software that accepts a variety of audio and video formats, enables the addition of effects and transitions, and renders the finished product in the format of your choice.

This app comes preinstalled on KDE, and it is the ideal video editing solution for your upcoming project thanks to features like multitrack video editing, audio and video effects and transitions, and a customizable UI.

There are a couple of online tutorials available if you’re interested in learning how to get the most out of Kdenlive. A list of textual and video lessons covering everything from fundamental editing to intricate methods can be found on the official Kdenlive website.

3. Okular (Document Viewer)

Okular, which bills itself as “The Universal Document Viewer” steps up to the plate by providing a quick, cross-platform document viewer for Windows, Linux, macOS, and other platforms.

Besides that, Okular incorporates built-in support for a variety of document formats, including PDF, EPUB, DjVu, MD, JPEG, PNG, GIF, TIFF, and WebP. You can rest assured that it can open any document type you encounter.

4. KDE Connect (Device Integration)

For connecting your computer and smartphone, KDE Connect comes with a number of functions. First, it lets you pair the KDE Linux distro with your smartphone, and with that connection, you can use it to check notifications, send remote input, control media playing, share files, and do many other things with it.

All supported operating systems include Linux (for mobile), Android, FreeBSD, Windows, and macOS.

5. Konsole (Terminal Emulator)

Konsole is a terminal used to run a command shell that offers cutting-edge features like split views, tabs, multiple profiles, bookmark support, activity monitoring, and more.

Konsole is more accessible and practical because it is incorporated into so many other KDE programs. For instance, applications such as Dolphin, KDevelop, and Kate all use Konsole as an integrated terminal emulator.

6. Kate (Text Editor)

Kate is a free, open-source, multi-view text editor and multi-document renowned for its advanced capabilities and user-friendly interface. You can browse and modify all of your text files more easily with Kate thanks to its rich features.

Kate packs the following features out of the box: customizable shortcuts, shell integration, code and text folding, spell checking, scriptable using JavaScript, encoding conversion, and more.

Additionally, Kate supported over 300 languages, making it simpler to comprehend code in practically all programming languages.

7. Spectacle (Screenshot Tool)

For taking screenshots of your desktop, Spectacle comes in handy. With this app, you can take screenshots in the following areas: a desktop, one monitor, the active window, the window controlled by the mouse, or a rectangle area of the screen.

The images can then be printed, shared with other programs for editing, or instantly stored without modification.

8. Gwenview (Image Viewer)

KDE’s Gwenview is a quick and simple image viewer that is great for exploring and showcasing an assortment of pictures. It supports a variety of image formats and is excellent for browsing and presenting collections of photographs.

Basic image editing tools like rotate, crop, resize, mirror, flip, minimize red eye, and change brightness, contrast, or gamma are also available in Gwenview. Besides that, it does dual duty as an embedded viewer and standalone program in the Konqueror web browser.

9. Ark (Archive Manager)

The KDE community developed Ark, which is a free open-source file compression and decompression program that supports a variety of file types, including rar, tar, gzip, bzip2, and more.

With Ark, users can browse, extract, make, and modify archives, and even without extracting files, read the contents of the file.

10. KCalc (Calculator)

KCalc is a scientific calculator that has all the features you would anticipate from a scientific calculator, KCalc includes trigonometric functions, logic operations, and statistical computations.

The recall of past calculation results is made simple via a results stack. User-defined precision is available, and numbers can be cut and pasted on the display.

The display’s typeface and colors can be changed, which improves usability. It is simple to use KCalc without a pointing device because of key bindings.

11. KFind (File Search Tool)

KFind is an open-source file search tool that can be opened from your menu section, KRunner, or as a separate search engine.

Additionally, it has been incorporated into Dolphin and Konqueror as a Find File in the Tools menu. Files can be found using the KFind search engine by name, type, or content.

12. Discover (Software Center)

You can install applications such as games and tools with the aid of Discover. You can search apps, browse by category, view screenshots, and read reviews using Discover.

The software repository for your operating system, Flatpak repos, the Snap store, or even AppImages from shop.kde.org may all be managed with Discover.

Discover also gives you the ability to find, install, and manage add-ons for Plasma and all of your favorite KDE applications.

13. Filelight (Disk Space Visualizer)

Filelight is a disk-use visualization tool that shows files and folders on your computer from an intuitive perspective of concentric circles.

To examine extensive information about files and directories, Filelight can scan local, remote, or removable disks. You can also eliminate files or folders that are eating up too much space.

Dolphin, Konqueror, and Krusader file managers are integrated with Filelight, which includes customizable color schemes.

14. Krita (Digital Painting)

Krita is a free and open-source program that is used for sketching and painting. It gives a complete method for masters to create digital painting files from scratch.

Krita is a fantastic option for producing matte paintings, comics, rendering textures, and concept art. Numerous color palettes, including RGB and CMYK, are all supported by Krita at 8 and 16 bits for integer channels. 16 and 32 bits for floating point channels.

Enjoy painting with Krita’s cutting-edge brush engines, incredible filters, and a plethora of useful tools.

15. KHelpCenter (Documentation and Help)

As the name implies, KHelpCenter is an app that offers a single point of access to all of your KDE applications’ and system utilities’ documentation.

It can be launched from the command line, the program launcher, or the help menu of an application. KHelpCenter shows documentation from a variety of sources, such as man pages, KDE community apps, and more.

16. KColorChooser (Color Picker)

KColorChooser is an amazing tool for creating custom color palettes and color blending schemes. It can obtain the color of any pixel on the screen using the dropper function.

There are several popular color schemes present, including the oxygen color scheme and the typical Web colors. KColorChooser can be downloaded on KDE using Discover and other AppStream application stores.

17. KGpg (PGP Key Manager)

GnuPG keys can be managed using the free and open-source encryption program KGpg. KGpg offers a graphical interface to create, manage, import, and export GnuPG keys. You can also use it to encrypt, decode, sign, and validate communications and files.

The steps below describe how to use KGpg to produce a new GnuPG keypair:

• From the main menu, open KGpg by choosing Applications > Utilities > KGpg.
• The application will walk you through the process of generating your own GnuPG keypair if you have never used KGpg before.
• When prompted to create a new key pair, the dialog box that displays asks for your name, email address, and an optional comment.
• Select your key’s algorithms, key strength (number of bits), and expiration time.
• In the following dialog box, enter your passphrase.
• Within the main KGpg window, your key will show up. Look in the ID column next to the freshly produced key to find your GnuPG key ID.

18. Kasts (Podcast Client)

If you’re looking for a podcast application for your KDE Plasma desktop, Kasts comes in handy. Kasts provides an intuitive user interface (UI) and has a number of features, including variable playback speed, full system integration, episode management through play queue, and search for podcasts.

You can subscribe to podcasts using its subscription feature. Additionally, Kasts offers you the chance to make a playlist for continuous playback of your preferred podcasts.

19. Alligator (RSS Feed Reader)

For Linux desktops, there are various feed reader applications that are mostly GTK-based. Introducing Alligator, a Qt-based feed reader for desktops running KDE Plasma.

It has the simplest user interface and offers capabilities like browsing and subscribing to feeds, as well as several ways to view them.

20. Krfb (Remote Desktop Sharing)

The KDE desktop application Krfb acts as a Virtual Network Computing (VNC) server, enabling other users to log in and view your screen via VNC clients.

This app has a wide range of settings, including an IP address and a connection to the system that requires a password. You may also set up the VNC service to broadcast to the LAN. For simple remote training connections and system assistance, Krfb is the ideal client.

21. Pikasso (Image Viewer and Organizer)

Pikasso is an open-source simple drawing program that Is written using Rust and Lyon programming languages. This tool provides you with a blank canvas on which to sketch using mouse or touch motion.

Additionally, the fundamental colors and forms (circles, rectangles, and lines) are included. It’s a great program for kids and is ideal for learning the basics of drawing.

22. PlasmaTube (YouTube Client)

PlasmaTube is a desktop client for YouTube built with QtMultimedia and youtube-dl. With this application, you can watch videos and explore YouTube on your desktop.

It has extra features, including text searching and playlist subscriptions. When utilizing PlasmaTube, you can access the standard YouTube features like the view count, description, and playback control.

23. Khipu (Diagram Drawing Tool)

A graph plotter on your desktop is an essential app if you’re a student or a teacher. Khipu is a sophisticated mathematical function plotter application that supports the following functionalities, 2D and 3D planes, dictionaries, and other features.

Additionally, Khipu’s backend uses the Analitza library to perform its functions.

24. Kirogi (Drone Remote Control)

Kirogi is an open-source program that facilitates touch-based navigation and drone flight controls.

Additionally, you can control drones utilizing Kirogi’s functions, such as flips and turns. It also supports joysticks and gamepads, live video feeds, customizing speed and altitude, and other features.

25. Vakzination (Health Tool)

Vakzination is an app that lets you manage all of your health certifications. With Vakzination, you can import any certificates that are based on PDF or QR codes. The certificates are then organized for you.

However, even though this application is designed for mobile phones, you can still install it on your KDE desktop using Flatpak.

26. Nota (Text Editor)

Nota is a simple text editor with many features that you can use. The Nota text editor’s key benefit is its responsive layout, which also works with Plasma Mobile.

Additionally, it has several tabs, a built-in dark mode, and syntax highlighting. Besides that, you can see a thumbnail view of the working text files during your session on its special overview page.

27. KDE Partition Manager

You can manage the drives, partitions, and file systems on your computer with the use of the KDE Partition Manager. You can also, quickly and without data loss, create, copy, transfer, remove, backup, restore, and resize files.

Numerous file systems, such as XFS, ext2/3/4, btrfs, reiserfs, NTFS, FAT16/32, and JFS, are all supported by KDE Partition Manager.

28. KSystemLog (System Log Viewer)

You can view and examine system logs on your computer using KSystemLog, a system log reader. To view log files, including kernel logs, system logs, daemon logs, and general journal logs, a graphical interface is provided.

KSystemLog has the ability to sift and filter log lines, as well as provide the admin with real-time alarm messages by email, text, and Slack. KSystemLog can be launched from the main menu. It attempts to open the /var/log/syslog file, which is the most practical log, by default.

You can choose other log files from the File menu or use the Open Log File button on the toolbar if you want to view other log files.

29. Yakuake (Drop-Down Terminal Emulator)

Yakuake is an open-source terminal emulator based on KDE Konsole technology that offers a tabbed interface, adjustable dimensions, animation speed, and a powerful D-Bus interface.

By navigating to Applications > System > Yakuake from the main menu, you can launch the app.

30. Skanlite (Scanning Application)

Skanlite is an image-scanning application included in the KDE Applications collection. It is designed to scan with flatbed scanners and, when used with supported scanners, can capture not only images and documents but also clear slides and film strips.

For the final scan, Skanlite offers a preview with a selection feature, and it can store photographs right away in a designated folder with automatically generated names and formats.

31. KolourPaint (Painting Application)

KolourPaint is a free, open-source painting program. It is similar to Microsoft Paint but with several extra capabilities, including rotation, color harmony, and support for transparency.

For sketching different forms, such as lines, rectangles, rounded rectangles, ovals, and polygons, KolourPaint offers a number of tools to choose from. Additionally, it allows text, lines, curves, selects, rotation, monochromatic, and other sophisticated effects.

32. KMouseTool (Mouse Automation Tool)

KMouseTool is an open-source app that belongs to the KDE application suite. The app helps people who suffer from repetitive strain injuries and find it painful to touch buttons.

Every time the mouse cursor pauses for a split second, KMouseTool clicks the mouse. The amount of time that KMouseTool waits before clicking or dragging can be changed.

It’s recommended to get familiar with KMouseTool’s default settings before clicking. Particularly at first, you might want to keep Smart Drag deactivated. Once you feel confident clicking, practice using Smart Drag.

33. Kompare (Text File Comparison)

Kompare is a GUI front-end tool that makes it possible to view and merge discrepancies between source files. It can be used to compare changes to files or folder contents, and it supports a variety of diff formats and offers a wide range of settings to personalize the information level shown.

34. KTorrent (BitTorrent Client)

KDE’s KTorrent is a BitTorrent program that enables you to download files by means of the BitTorrent protocol. It has extensive capabilities, including connection through a proxy, system tray integration, queuing of torrents, and global and per-torrent speed limits.

Besides that, this app has built-in functionalities such as support for webseeds, support for torrents and private trackers, support for µTorrent’s peer exchange, and more.

35. KTimer (Timer Application)

The KDE Applications collection includes the timer program KTimer. With this app, you can customize the text, color, and sound settings. In addition, you can enter multiple tasks and set a timer for each of them. It is possible to start, stop, modify, or loop the timers for each activity.

Conclusion

That said, there is an app for everyone and anything, thanks to the KDE community. Need a program to create digital graphics? You have Krita. Install Kast if you need a podcast program.

The availability of such a sizable selection of free software makes the switch to KDE for newcomers much simpler.

Source

USB creator tools are essential when it comes to experiencing varying distributions in a live system without the stress of burning an image onto a compact disc.

There are a number of different tools that can be used to create a bootable USB drive with multiple operating systems. In this article, we will discuss four of the most popular tools:

Contents:

1. YUMI – Multiboot USB Creator

2. SARDU MultiBoot Creator

3. Ventoy – Bootable USB Solution

4. Popsicle – Multiple USB File Flasher

5. Rufus – Create Bootable USB Drives

Conclusion

1. YUMI – Multiboot USB Creator

YUMI (Your Universal Multiboot Installer) is a versatile tool designed to craft multiboot USB drives. It efficiently combines multiple ISO files into a single bootable flash drive.

With YUMI, users can effortlessly launch a variety of live Linux OS, Windows installers, antivirus tools, backup solutions, penetration testing utilities, diagnostics, and more.

YUMI is that tool that will enable to write more than a few Linux images onto a single USB drive and it’s especially useful for folks looking to try out multiple Linux distros without having them installed on an actual PC – the only limit to the use of the tool is the size of your thumb drive.

Features:

• Supports a wide range of distributions, including Windows, Linux, and various utilities.
• User-friendly interface that guides users through the process.
• Uses syslinux for booting Linux distributions and NTFS for Windows.

2. SARDU MultiBoot Creator

SARDU MultiBoot Creator is a free and open-source software application that can be used to create bootable USB drives and DVDs with multiple operating systems, antivirus tools, utility programs, and other ISO images.

It is a powerful and versatile tool that can be used for a variety of purposes, including:

• Installing multiple operating systems on a single computer.
• Troubleshooting computer problems.
• Creating a recovery disk.
• Testing different operating systems.
• Demonstrating new software to clients.

It is easy to use and supports a wide range of operating systems, including Windows, Linux, macOS, and FreeBSD. It also supports a variety of bootable file formats, including ISO, IMG, BIN, and VHD.

3. Ventoy – Bootable USB Solution

Ventoy is an open-source tool that revolutionizes the creation of multiboot USB drives. Unlike traditional methods that require formatting and partitioning for each ISO file, Ventoy allows users to directly copy multiple ISO files onto a USB drive.

Once the drive is set up, adding or removing an OS is as simple as dragging and dropping the ISO file. Its user-friendly approach eliminates complex steps, making it a favorite for tech enthusiasts and professionals alike.

Supporting both legacy BIOS and UEFI boot modes, that ensures compatibility across a wide range of systems, making multiboot tasks more efficient and straightforward.

4. Popsicle – Multiple USB File Flasher

Popsicle is an open-source dynamic Linux utility designed for writing image files to multiple USB devices simultaneously by ensuring consistency and efficiency.

Whether you’re setting up a batch of bootable drives or distributing software across several devices, Popsicle makes the task seamless with its intuitive interface that provides clear progress indicators for each device, reducing the margin for error.

As a testament to its adaptability, it supports a variety of image formats, including ISO and IMG. For users seeking a reliable and efficient multi-device flashing solution, Popsicle stands out as a top choice.

5. Rufus – Create Bootable USB Drives

Rufus is a renowned utility that facilitates the creation of bootable USB drives, especially for Windows environments. While primarily known for single-boot drive creation, advanced users have leveraged Rufus to craft multiboot USBs, housing multiple operating systems and tools.

Its lightweight nature, combined with a user-friendly interface, makes Rufus a preferred choice for many when it comes to preparing USBs for OS installations, system rescues, or diagnostic tools.

The software’s efficiency in handling various image formats, including ISO and IMG, and its compatibility with both UEFI and BIOS systems, underscores its versatility and prowess in the realm of bootable media creation.

Conclusion

Creating a bootable USB with multiple operating systems is an invaluable resource for troubleshooting, testing, and even regular use. Whether you’re trying out different Linux distributions, setting up a recovery toolset, or installing various Windows versions, these tools make the process hassle-free.

Choose the one that fits your needs and expertise, and equip yourself with a powerful multiboot USB toolkit.

Source

USB writer tools are essential softwares that enable you to write Linux ISO images onto USB drives, so you may run a live system or install an operating system onto a PC or multiple systems.

These tools are usually minimalistic and there are more than a few of them out there; however, I’ve chosen those which I feel are the best in both user experience and functionality for this list.

1. Gnome Multi-Writer

The Gnome Multi-Writer USB tool from the GNOME project is quite the multitasker as it can write a single image (ISO or IMG) to multiple drives subsequently.

The little program functions best with desktop environments using GNOME as its base and these include Unity, Cinnamon, and Mate – just to name a few.

The supported USB sizes range from 1GB to 32GB and you can always find the program in the standard Linux repository should you develop a liking for it.

$ sudo apt install gnome-multi-writer [On Debian, Ubuntu and Mint]

$ sudo yum install gnome-multi-writer [On RHEL/CentOS/Fedora and Rocky/AlmaLinux]

$ sudo emerge -a sys-apps/gnome-multi-writer [On Gentoo Linux]

$ sudo apk add gnome-multi-writer [On Alpine Linux]

$ sudo pacman -S gnome-multi-writer [On Arch Linux]

$ sudo zypper install gnome-multi-writer [On OpenSUSE]

2. Etcher – USB and SD Card Writer

Etcher is a relatively new cross-platform and open-source image-burning tool by Balena that was developed using JS, HTML, node.js, and GitHub’s Electron framework. It supports writing both IMG and ISO images to SD and USB cards.

The application is primarily used for creating bootable USB drives or SD cards with its user-friendly interface that simplifies the process, making it accessible even for those with limited technical expertise.

You can head on to Etcher’s website to make a download, for Linux or other platforms. You can run the application from the terminal in Linux by going to the directory in which you downloaded it and executing the command below from the terminal.

$ sudo chmod +x Etcher-linux-x64.AppImage

$ sudo ./Etcher-linux-x64.AppImage

3. Unetbootin – Create Bootable Live USB Image

Unetbootin has been around longer than GNOME Multiwriter and Etcher; it’s a widely used and acclaimed bootable live USB creator on Linux that is also cross-platform with support for a wide variety of ISO images including Windows and macOS.

The application is open source and also has the ability to download images directly from their source to write directly on your USB drive.

To install UNetbootin from the Ubuntu PPA, run the commands:

$ sudo add-apt-repository ppa:gezakovacs/ppa

$ sudo apt-get update

$ sudo apt-get install unetbootin

Unetbootin is also available as a binary package for other Linux distributions that you need to download and run it from the desktop or terminal.

4. ISO Image Writer

ISO Image Writer is a KDE-based tool that is specifically designed for writing ISO files to USB drives. As part of the KDE suite of applications, it integrates seamlessly with the KDE Plasma desktop environment.

The software aims to provide a straightforward and user-friendly interface, making the process of creating bootable USB drives hassle-free.

To install ISO Image Writer, just download the AppImage file, set the executable permission, and run it as shown.

$ chmod +x KDE-ISO-Image-Writer-1.0.0-x86_64.AppImage

$ ./KDE-ISO-Image-Writer-1.0.0-x86_64.AppImage

Alternatively, it is also available to install from flatpak and snap as shown.

$ flatpak install flathub org.kde.isoimagewriter

$ flatpak run org.kde.isoimagewriter

OR

$ sudo snap install isoimagewriter

5. Popsicle

Popsicle is a versatile tool designed for Linux systems that allows users to flash multiple USB devices simultaneously. Ideal for situations where mass duplication of data across several USB drives is required, Popsicle streamlines the process, ensuring efficiency and consistency.

With its user-friendly interface, users can easily select an image file, such as .iso or .img, and then choose the target USB drives. Once initiated, Popsicle takes care of the flashing process, providing real-time progress updates for each device. Whether you’re setting up multiple bootable drives for a workshop, class, or event, Popsicle offers a reliable solution to get the job done swiftly.

Conclusion

I haven’t had the chance to try a whole lot of USB tools in the past. However, I’d love to hear your thoughts on those I’ve selected on this list or any others you may have in mind in the comments below.

Source

RAR files, a common compressed file format, are widely used to store and share large amounts of data efficiently. While Linux natively supports various compression formats like ZIP and TAR.

RAR is the most popular tool for creating and extracting compressed archive (.rar) files. When we download an archive file from the web, we require a rar tool to extract them.

RAR is available freely under Windows operating systems to handle compressed files, but unfortunately, the rar tool isn’t pre-installed under Linux systems.

In this article, we’ll guide you through the process of installing unrar and rar command-line tools to open, extract, uncompress, or unrar and create an archive file on a Linux system.

Table of Contents

• Install Unrar on Linux
• How to Extract RAR Files in Linux
• How to List RAR Files in Linux
• How to Check Integrity of RAR File in Linux
• How to Install Rar in Linux
• How to Create RAR File in Linux
• How to Delete Files in RAR Archive
• How to Repair RAR Files in Linux
• How to Add Files to RAR Archive
• How to Set Password to RAR File
• How to Lock RAR File
• Conclusion

Install Unrar on Linux

To work with RAR files on Linux, you’ll need the unrar tool, which allows you to extract content from RAR archives. To install unrar, open a terminal and use the default package manager specific to your Linux distribution.

For example, on Debian and Ubuntu-based distributions, you can easily install the unrar package using the apt-get or apt program as shown.

$ sudo apt-get install unrar

Or

$ sudo apt install unrar

If you are using RHEL-based distributions, you can use the dnf command or yum command to install it.

———— On Fedora Linux ————

$ sudo dnf install unrar

———— On RHEL-based Linux ————

$ sudo yum install epel-release

$ sudo yum install unrar

On other popular Linux distributions, you can install it using your default package manager as shown.$ sudo emerge -a app-arch/unrar [On Gentoo Linux] $ sudo apk add unrar [On Alpine Linux] $ sudo pacman -S unrar [On Arch Linux] $ sudo zypper install unrar [On OpenSUSE]

If your distribution does not offer an unrar package, you need to download the latest unrar/rar file and install it using the following commands.

————— On 64-bit —————

# cd /tmp # wget https://www.rarlab.com/rar/rarlinux-x64-623.tar.gz

# tar -zxvf rarlinux-x64-623.tar.gz

# cd rar

# sudo cp -v rar unrar /usr/local/bin/

————— On 32-bit —————

# cd /tmp

# wget https://www.rarlab.com/rar/rarlinux-x32-623.tar.gz

# tar -zxvf rarlinux-x32-623.tar.gz

# cd rar

# sudo cp -v rar unrar /usr/local/bin/

How to Extract RAR Files in Linux

Once you have unrar installed, you can easily open or extract the contents of a RAR file in the current working directory by using the following command with the e option.

$ unrar e tecmint.rar

To open/extract a RAR file in a specific path or destination directory, just use the e option, it will extract all the files in the specified destination directory.

$ unrar e tecmint.rar /home/tecmint/rarfiles

To open/extract an RAR file with its original directory structure, just issue the below command with the x option, which will extract according to their folder structure see below the output of the command.

$ unrar x tecmint.rar

How to List RAR Files in Linux

To list the contents of an RAR file in Linux, you can use the unrar l command, which will display the list of files with their sizes, dates, time, and permissions.

$ unrar l tecmint.rar

How to Check Integrity of RAR File in Linux

To check the integrity of an RAR archive file, you can use the unrar t command, which will perform a complete integrity check for each file for errors and displays the status of the file.

$ unrar t tecmint.rar

The unrar command is used to extract, list, or test archive files only. It has no option for creating RAR files under Linux. So, here we need to install the RAR command-line utility to create archive files.

How to Install Rar in Linux

The rar command-line utility is used to create RAR archives, you can install rar using a package manager appropriate for your Linux distribution,

$ sudo apt install rar [On Debian, Ubuntu and Mint]

$ sudo yum install rar [On RHEL/CentOS/Fedora and Rocky/AlmaLinux]

$ sudo emerge -a app-arch/rar [On Gentoo Linux]

$ sudo apk add rar [On Alpine Linux]

$ sudo pacman -S rar [On Arch Linux]

$ sudo zypper install rar [On OpenSUSE]

How to Create RAR File in Linux

To create an archive (RAR) file in Linux, run the following command with a option, which will create an archive file for a tecmint directory.

$ rar a tecmint.rar tecmint

How to Delete Files in RAR Archive

The rar d command is used to delete files from an existing RAR archive in Linux. The d option directly modifies the existing RAR archive by removing the specified files.

$ rar d tecmint.rar randfile001 randfile002

In the above command, the randfile001 and randfile002 files will be deleted from the tecmint.rar RAR archive.

How to Repair RAR Files in Linux

The rar r command is used to repair and recover data from damaged or corrupted RAR archives in Linux.

$ rar r tecmint.rar

How to Add Files to RAR Archive

To update or add files to the existing archive file, use the rar u command, which allows you to add files to an existing RAR archive or update files within the archive.

$ rar u tecmint.rar hello.py

Now, verify that the file tecmint.sql is added to the archive file.

$ rar l tecmint.rar

How to Set Password to RAR File

This is a very interesting feature of the rar tool, which allows us to set a password to the RAR archive file using the following command.

$ rar a -p tecmint.rar

Now verify it by extracting the archive file and see whether it will prompt us to enter the password that we have set above.

$ rar x tecmint.rar

How to Lock RAR File

The rar k command is used to lock an existing RAR archive file, which is useful if you want to prevent further modifications to the archive.

$ rar k tecmint.rar

Conclusion

For more RAR and Unrar options and usage, run the following command it will display a list of options with their description.

$ man unrar

$ man rar

We have presented almost all of the options above for rar and unrar commands with their examples. If you feel that we’ve missed anything in this list and you would like us to add, please update us using the comment form below.

Source

Are you trying to locate files with specific file permissions for different purposes, such as security auditing? Fortunately, the find command provides a handy “-perm” flag which enables users to list all the files that match the provided file permissions.

However, this blog post assumes you are already familiar with file permissions and how to check or grant them. If that’s not the case, refer to our beginner’s guide on changing file permissions.

Now that you’re prepared and have an understanding of file permissions, this guide will help you search for your desired files based on their permissions, using the well-known “find” and “ls” commands.

Find Files Based on Permissions in Linux

The syntax of the find command for locating files based on their permission is stated below:$ find [path] -type f -perm [permissions]

Here’s what each part of the syntax means:

• [path] – It states the directory or path from where you want to begin your search. For instance, to look for the file in the root directory use “/”.
• -type f – This option filters the search results to only include regular files, excluding other types of files.
• -perm [permissions] – This option specifies the permission mode you intend to find. You can add Minus (-) or Slash (/) prefixes before the permission mode, or no prefix at all.

Let’s quickly review permission prefixes before delving into examples for further clarity.

• No prefix – exact permissions.
• Minus (-) prefix – At least specified permissions, with extras allowed.
• Slash (/) prefix – At least any category (owner/group/others) must have specified permission bit(s).

1. Find Files That Have Specific Permissions

In this example, we will look for files in the “UbuntuMint” directory that have exactly read and write permissions for the owner only “600” by executing the command stated below.

Before executing the following command, you can run “ls -l ~/UbuntuMint” to review the permissions of files within this directory:

$ ls -l ~/UbuntuMint $ find ~/UbuntuMint -type f -perm 600

You can notice that the above command has returned the “file4.txt” which exactly meets the specified criteria.

2. Find Files That Have Executable Permissions

If you want to search files with executable permissions for their owner, group, and other users, simply execute.$ find ~/UbuntuMint -type f -perm 111

Upon executing this command, you’ll notice files that precisely match the specified executable permissions.

3. Find Files That Have Read/Write Permissions

Before delving into this example, let’s use the “ls” command within the directory to inspect current file permissions. Here, you’ll observe two files with read and write (6) permissions for the file owner, and read permissions (4) for the group and other users.

In this scenario, the find command will enumerate multiple files with “644” permission:

$ ls -l ~/UbuntuMint

$ find ~/UbuntuMint -type f -perm 644

4. Find Files That Have Owner’s Read/Write Permissions

Let’s use the “-” minus prefix before the file permissions to list all the files that possess at least read and write permissions for the file owner.

So basically the command mentioned below will return files with permissions like “600”, 601, 602, 610, 620, 630, and so on:

$ find ~/UbuntuMint -type f -perm -600

5. Find Files with Any Category Meeting Specified Permissions

Next, let’s explore the working of the slash (/) prefix before file permissions by executing the provided command. This will retrieve files within the “UbuntuMint” directory where at least one of the categories (owner, group, or others) meets the specified permission bits.

$ find ~/UbuntuMint -type f -perm /600

6. Find Files That Have Symbolic Permissions

Users can opt for symbolic permissions instead of the numerical mode to specify file permissions. Execute the command below to find files with read and write permissions for the owner and read permissions for the group and others within the “UbuntuMint” directory:

$ find ~/UbuntuMint -type f -perm u=rw,g=r,o=r

This command is equivalent to the above command:

$ find ~/UbuntuMint -type f -perm u+rw,g+r,o+r

Note: Prefixes can be utilized with symbolic permissions as well.

Now that you have learned the usage of the find command with the “-perm” flag, let’s explore another command that combines both the “ls” and “grep” commands.

Find Files Based on Permissions Using the ‘ls’ and ‘grep’ Commands

You can even utilize the powerful combination of the ls command piped with the grep command to display all files in the current directory and subsequently filter out files that match the specified permission.

Note: The “-l” flag in the “ls” command helps in displaying detailed information about files including file permissions, ownership, size, modification time, and more.

Let’s run the command mentioned below to look for files that have read and write permissions for the file owner. Here in this command, the “^” symbol specifies that the grep command will only filter files not directories:

$ ls -l | grep “^-rw——-“

However, if you want to focus on only permissions for a specific user like file owner and don’t care about permission of other user classes, you can define the permissions for that particular user bits and employ a wildcard character for the rest, as shown below:

$ ls -l ~/UbuntuMint/ | grep “^-rw-*”

This command effectively identifies all files within the “~/UbuntuMint/” directory that possess read and write permissions for the file owner.

Conclusion

If you’re seeking to identify files within a directory based on specific file permissions for security audits or other purposes, this guide is your essential resource. It offered two distinct commands, accompanied by numerous examples, to assist you in pinpointing files according to their permissions.

Source

File compression is a common practice in Linux, where its users shrink files and directories using tools like Gzip to free up storage space and increase their system’s performance.

This compression technique also smooths out the process of sending files across networks – fast and efficient. But here’s the twist: when you need to use or change these compressed files, you wish they could return to their original, uncompressed state.

This is where the powerful command “Gunzip” steps in. It acts like a digital magician, letting you effortlessly restore files and directories with extensions like “.gz” or “.z” to their primary state with the previous file size and format.

Quick Note: Gzip is a widely used utility employed to compress files, directories, tar archives, and even websites effectively. Think of it as a clever way to neatly pack your clothes in a suitcase before a trip – it’s all about saving space in the most efficient way possible.

Let’s dive into this article, where we’ll delve into the usage of the “gunzip” command with examples in Linux.

1. Use of the “gunzip” Command in Linux

Gunzip is a command-line utility designed for decompressing files that have been compressed using the GNU Zip (gzip) compression algorithm. It efficiently restores files with suffixes, such as, “-gz”, “.gz”, “.z”, “.taz”, “.tgz”, “_z”, “-z”, or “.Z” back to their initial/actual forms.

During this process, the compressed file is seamlessly replaced with its uncompressed version. While Gunzip can even compress a file or directory, it is primarily renowned for its proficiency in decompression tasks.

Let’s discuss the syntax of gunzip command.

$ gunzip [OPTION]… [FILE]…

The syntax of the “gunzip” command has two parts: Option and File.

The Option/Flag is used to change the conduct of the command whereas File is the representation of the input files that need to be decompressed. The flag or option comes with a hyphen after the “gunzip” command.

Run the 'gunzip -h' command in your terminal to view the available options of the ‘gunzip‘ command along with their explanations:

$ gunzip -h

These flags make it easy for a Linux user to perform compression and decompression in different cases.

2. Why Do We Use Gunzip?

Let’s discuss a few of the reasons why Linux users prefer the “gunzip” command for decompressing files and directories:

• The Gzip compression is a widely used and standardized compression format, making it compatible across different systems and platforms.
• The “gunzip” is used to decompress files that have been compressed using the gzip compression algorithm, which reduces the file size, making it more efficient for storage and data transfer.
• The compressed files are smaller in size, which means they can be transferred over networks more quickly.
• The compression not only saves space but also helps identify data corruption during transfer.
• The “gunzip” command proves to be very flexible due to the variety of flags that it offers.
• It can be integrated with many other Linux tools like tar etc, hence making it more convenient to use.
• The “gunzip” simplicity and consistent behavior make it ideal for scripting and automation purposes. Linux users often employ it within scripts and automated workflows to efficiently manage decompression tasks.

Moving ahead, now we will discuss some examples of the gunzip command to understand its usage.

3. How to Unzip (Open) Gz File

At times when you need to unzip a single file, just execute the command provided below:

$ gunzip singleFile.gz

This will decompress the “singleFile.gz” file and restore the original file named “singleFile”. To verify if your file is decompressed, simply execute the “ls” command.

4. How to Extract Multiple Gzip Files

At times, you may need to decompress multiple files all at once by specifying the names of the .gz files you intend to decompress.

$ gunzip multiFile1.gz multiFile2.gz multiFile3.gz

This will decompress all three files (“multiFile1.gz”, “multiFile2.gz”, “multiFile3.gz”) and bring them to their previous corresponding decompressed states (“multiFile1”, “multiFile2”, “multiFile3”).

5. Force Decompress a Gz File

Sometimes, you may need to decompress a file while a decompressed file of the same name already exists in the directory. In such cases, a warning about file overwriting can arise.

To address this situation, the “gunzip” command provides the "-f" or "--force" flag, which empowers you to forcefully decompress the file with a ".gz" extension.

Note: The default behavior of the “gunzip” command is to replace the actual file. If you require to preserve/retain the actual file intact, you can combine the "-f" and "-k" flags.

For instance, to forcefully decompress the file “forceFile.gz” within a directory containing a file named “forceFile“, you can execute the mentioned command:

$ gunzip -f forceFile.gz

This command will effectively decompress the file “forceFile.gz” to “forceFile“, even if an existing “forceFile” file is present on your system.

6. How to Unzip a Gz File to a Directory

Until now you must have noticed that all the decompressed files resided in the same directory where their corresponding compressed files were located. This might have sparked the question:

“Can we decompress files directly into another directory or location?” The answer is yes, we can simply use the “-d” flag to decompress a file in another directory.

To do so, simply specify the path of the directory where you want to decompress the desired file, followed by the file’s name after the “-d” flag, as demonstrated below:

$ gunzip -d ~/to/Ubuntu/Mint/directory/file.gz

This will decompress the file “file.gz” in the “~/to/Ubuntu/Mint/directory” directory.

7. How to Unzip Gzip File While Keeping Original File

Consider a scenario where you want to send a compressed file to your friend and keep the decompressed file for yourself or vice versa. In either case, the objective is to retain both versions of the file in your system. For this purpose, the “gunzip” command offers the "-k" option.

To implement this approach, run the command stated below, which will decompress the files “originalFile1.gz” and “originalFile2.gz“, simultaneously redirecting the decompressed output to new files named “originalFile1” and “originalFile2“, all while retaining the compressed versions of the files:

$ gunzip -k originalFile1.gz originalFile2.gz

Executing this command will effectively decompress the specified files, creating new decompressed versions while retaining the original compressed files intact. To confirm the change, display all the files in the current directory.

8. How to Unzip Gzip File to Standard Output

Want to see the content of a compressed file but don’t want to decompress it? Well, no worries you can simply use the “-c” flag to view the text of the compressed file:

$ gunzip -c ubuntuMintFile.gz

This command will display the textual content of the file “ubuntuMintFile.gz”.

In the output below you can see that you get the same output by using the “-c” flag and by unzipping the file first and then using the cat command to read data from a file and display it on the console as output.

9. How to Check the Information of Gzip File

Being a Linux user, you might face a situation where you’ve compressed a file and you want to know the details about it. Ideally, you should be decompressing it before and then you might be able to get its details.

The “gunzip” command provides a “-l” flag which displays the information about the compressed file without necessitating its decompression. This information might be the size of the original file, the size of a compressed file, the name of the actual file, and the ratio of compression.

Let’s try it out by using a compressed file “ubuntuMintFile.gz”:

$ gunzip -l ubuntuMintFile.gz

This will display comprehensive information about the “ubuntuMintFile” file.

10. How to Decompress a Gzip File with Max Compression

There are instances when you’ll encounter a situation where the quality of the decompressed file takes precedence over the time consumed by the decompression process. In such instances, you can use the “-9” flag of the “gunzip” to achieve a higher-quality decompression, as demonstrated below:

$ gunzip -9 betterFile.gz

This command decompresses the file “betterFile.gz” in better quality but obviously will consume more time in the decompression process.

11. How to Decompress a Gzip File Faster

Likewise, you can even prefer speed over quality while uncompressing a file or directory. In this case, use the “-1” option followed by the filename that is to be decompressed.

$ gunzip -1 fasterFile.gz

This command extracts the file “fasterFile.gz” in a lesser time with a considerable speed.

12. How to View Gzip Decompress Process

To decompress a file while receiving detailed feedback, the “gunzip” command provides the useful “-v” flag that displays the progress and details of the decompression process.

$ gunzip -v verboseFile.gz

Conclusion

The “gunzip” command is one of the best algorithms used by Linux enthusiasts for file decompression. This guide covered various commands for decompressing files and directories using the “gunzip” utility that are compressed by the “gzip” command.

Source

An Internet of Things OS is any Operating System specifically designed to work within the constraints that are particular to IoT devices which are typically limited in memory size, processing power, capacity, and built to enable swift data transfer over the Internet.

There are several (mostly Linux-based) Operating Systems that you can use for IoT but they wouldn’t allow you to get the best out of your setup and that’s the reason why IoT-focused distros exist.

Here are the list of top Operating Systems you can use for your Internet of Things projects.

Contents:

1. Zephyr (Operating System)

2. Ubuntu Core

3. RIOT OS

4. FreeRTOS

5. Mbed OS

6. Fuchsia OS

7. Contiki-NG

8. TinyOS

9. BalenaOS

10. MicroPython

11. Windows for IoT

12. OpenWrt

13. Embedded Linux

14. Fedora IoT

Conclusion

1. Zephyr (Operating System)

Zephyr is a small, scalable, open-source, and real-time operating system (RTOS) for connected devices, that provides modularity which allows developers to optimize the system for a specific use. It supports multiple architectures and offers features like Bluetooth, LoRa, and NFC.

Zephyr is designed to be easy to use and efficient, with a small memory footprint and low power consumption. It also includes a number of features that make it well-suited for IoT devices, such as support for networking, security, and power management.

Some of the key features of Zephyr include:

• Small memory footprint and low power consumption.
• Support for multiple hardware architectures.
• Connectivity support for Wi-Fi, Bluetooth, and Ethernet.
• Security features, such as encryption and authentication.
• Power management features, such as dynamic voltage and frequency scaling.
• A modular design that makes it easy to add new features and drivers.

Zephyr is used in a wide variety of IoT devices, including sensors, actuators, gateways, and wearables. It is also used in some industrial and automotive applications.

2. Ubuntu Core

Ubuntu Core is a robust version of Linux’s most popular distro, Ubuntu, made particularly for large container deployments and Internet of Things devices. It was built by Canonical to use the same kernel, system software, and libraries as Ubuntu but on a much smaller scale, and it is used to power robots, gateways, digital signs, etc.

Ubuntu Core is designed to provide users with a secure embedded Linux for IoT devices. All of its aspects are verified in order to maintain immutable packages and persistent digital signatures. It is also minimal and enterprise-ready.

3. RIOT OS

RIOT is a free, friendly, and open source Operating System designed for working with IoT devices with the aim of implementing all relevant open standards that support secure, durable, and privacy-friendly IoT connections.

RIOT‘s features include a minimum RAM and ROM size of ~1.5kB and ~5kB, full support for C and C++, multi-threading, modularity, and MCU without MMU.

Here are some of the features of RIOT OS:

• Supports a wide range of hardware platforms, including 8-bit, 16-bit, and 32-bit microcontrollers.
• Provides a real-time kernel with guaranteed response times.
• It boasts a minimal memory footprint, ideal for devices with limited resources.
• Is modular, making it easy to add or remove features.
• Provides a uniform API for accessing hardware and services.
• It is open source, allowing for free modification and redistribution.

RIOT OS is a popular choice for developing IoT applications by a wide range of companies and organizations, including Bosch, Siemens, and the European Space Agency.

If you are looking for an OS for your IoT project, RIOT OS is a good option to consider, It is a powerful, versatile, and open-source OS that can be used to develop a wide variety of applications.

4. FreeRTOS

FreeRTOS is an open-source, real-time operating system (RTOS) for microcontrollers, which is a lightweight kernel that offers basic functionality for task management, scheduling, and synchronization.

FreeRTOS is free to use and distribute, and it is supported by a large active community and used by a wide variety of embedded systems, including industrial automation, medical devices, consumer electronics, automotive, networking, smart home devices, and Internet of Things (IoT).

Here are some of the key features of FreeRTOS:

• It is a small and efficient kernel that takes up minimal memory and processing resources.
• It supports multiple tasks that can run concurrently.
• It provides a variety of scheduling algorithms to choose from.
• It provides a variety of synchronization mechanisms to ensure that tasks do not interfere with each other.
• It provides a variety of memory management options, including static and dynamic allocation.
• It has been ported to over 35 microcontroller platforms.
• It provides a variety of security features, such as secure boot and over-the-air updates.

If you are developing an embedded system, FreeRTOS is a good choice for an RTOS. It is reliable, efficient, and easy to use.

5. Mbed OS

Mbed OS is an open-source, real-time operating system (RTOS) designed for embedded systems, specifically targeting Internet of Things (IoT) devices.

Developed by Arm, one of the industry leaders in microprocessor technology, Mbed OS offers a range of features and tools that make it easier for developers to produce efficient, secure, and scalable products.

Here are some of the key features of Mbed OS:

• A lightweight operating system that takes up minimal memory and processing resources. This makes it ideal for resource-constrained IoT devices.
• It is designed to be efficient in terms of power consumption and performance. This is important for IoT devices that need to operate on batteries or other limited power sources.
• Provides a variety of security features to protect IoT devices from attack. This includes secure boot, over-the-air updates, and cryptography.
• Portable to a wide range of Arm Cortex-M microcontrollers. This makes it easy to develop IoT devices that can run on a variety of hardware platforms.
• Has a large and active community of developers and users. This means that there is a lot of support available, and you are more likely to find solutions to problems that you encounter.

If you are developing an IoT device, Mbed OS is a good choice for an operating system, as it is lightweight, efficient, secure, and portable, and it has a large and active community of support.

6. Fuchsia OS

Fuchsia is an open-source capability, real-time operating system created for the Internet of Things devices by Google. Unlike two of Google’s much-loved products, Chrome and Android, which are based on the Linux kernel, Fuchsia OS is based on the Zircon kernel.

It ships with Node.js which enables support for JavaScript and it is expected to be able to run on AMD devices as well as on phones and tablets with the ability to run Android apps.

Want to see Fuschia in action? Check out this demo link.

7. Contiki-NG

Contiki-NG (short for Contiki Next Generation) is an open-source operating system for resource-constrained, networked, Internet of Things (IoT) devices. It serves as the successor to the older Contiki OS and offers enhanced features, stability, and performance.

Designed with tiny devices in mind, Contiki-NG provides multitasking capabilities and a built-in Internet Protocol (IP) suite, making it suitable for a wide range of IoT applications.

Here are some of the key features of Contiki-NG:

• Supports a variety of low-power communication protocols, including 6LoWPAN, IPv6, 6TiSCH, RPL, and CoAP.
• It provides a variety of security features, including secure boot, over-the-air updates, and cryptography.
• Portable to a wide range of hardware platforms, including 8-bit, 16-bit, and 32-bit microcontrollers.
• Designed in a modular way, which makes it easy to add new features and adapt it to different applications.
• Has a large and active community of developers and users, which means that there is a lot of support available.

8. TinyOS

Tiny OS is a free and open-source BSD-based Operating System aimed at low-power wireless devices e.g. devices used in sensor networks, Personal Area Networks, universal computing, smart meters, and smart buildings.

It initially started as a project hosted on Google Code where it was writeable by only selected core developers but it has since 2013, transitioned to GitHub where it is more open to the open-source community and is averaging at least 35,000 downloads per year.

Here are some of the key features of TinyOS:

• It is designed to be lightweight and efficient, taking up minimal memory and processing resources.
• It is based on a component-based architecture, which makes it easy to develop and maintain applications.
• It uses an event-driven programming model, which means that applications are event-driven and do not have to worry about managing the underlying hardware.
• It is designed to be network-aware, making it easy to develop applications that communicate with each other over a network.
• An open-source operating system, which means that it is free to use and modify.

9. BalenaOS

BalenaOS is a Linux-based operating system optimized for running Docker containers on embedded devices. It is based on the Yocto Project, and it uses Docker as its container runtime, which is designed to be lightweight, secure, and easy to use.

Here are some of the key features of BalenaOS:

• Designed to be lightweight and efficient, taking up minimal memory and processing resources.
• It uses Docker as its container runtime, which makes it easy to deploy and manage applications.
• Includes a variety of security features, such as secure boot and over-the-air updates.
• Provides a variety of tools and documentation to help developers get started.

BalenaOS is used by a variety of companies, including Bosch, Intel, and Samsung. It is also used by a number of open-source projects, such as Home Assistant and OpenHAB.

10. MicroPython

MicroPython is a streamlined and optimized version of the Python 3 programming language, incorporating a minimal portion of the Python standard library and designed specifically for microcontrollers and resource-restricted settings.

It is a smaller and more lightweight version of Python that is designed to run on microcontrollers and other embedded systems with limited resources. It is based on the Python programming language, but it has been stripped down to the essentials to make it more efficient and portable.

MicroPython is a good choice for developing applications for embedded systems, such as IoT devices, robotics, educational projects and prototypes..

11. Windows for IoT

Windows for IoT represents Microsoft’s endeavor to carve out a place in the burgeoning Internet of Things (IoT) landscape. Specifically tailored for IoT devices, this platform offers developers and businesses a means to create smart, interconnected solutions with a familiar Windows framework.

The platform is split mainly into two primary editions Windows 10 IoT Core and Windows 10 IoT Enterprise and can be integrated seamlessly with Azure IoT Suite, Microsoft’s cloud solution for IoT, providing an end-to-end solution for businesses.

With the massive growth of IoT, Microsoft’s Windows for IoT is positioning itself as a reliable, scalable, and efficient platform, bridging the gap between everyday devices and the power of smart, interconnected technology.

12. OpenWrt

OpenWrt is an open-source firmware project aimed at embedded devices, particularly routers. Unlike many factory-default firmware that offer limited customization and functionality.

Originating from a firmware created for the Linksys WRT54G series in 2004, OpenWrt has evolved to support a vast array of hardware from various manufacturers. Its modular design enables users to personalize their device’s functionalities by choosing from a vast collection of available packages tailored for different needs.

One standout feature of OpenWrt is its package management system that allows for easy installation of software and extensions, providing enhanced functionalities beyond the capabilities of standard firmware.

13. Embedded Linux

Embedded Linux is a term used to describe the latest generation of embedded Linux operating systems, which is based on the Ubuntu Core distribution and features a number of improvements over previous versions, including:

• It is designed to be more lightweight and efficient, making it ideal for resource-constrained devices.
• Built on a modular architecture, which makes it easier to customize and update the operating system.
• Built on a secure foundation, with features such as AppArmor and Seccomp to protect devices from cyberattacks.
• Designed to be cloud-native, making it easy to develop, deploy, and manage applications on embedded devices.

14. Fedora IoT

Fedora IoT is a variant of the Fedora operating system, tailored for IoT devices that provides a robust, secure, and open-source platform for edge computing, ensuring consistent updates and strong community support.

With its modular design, Fedora IoT simplifies device management, making it an ideal choice for developers and enterprises venturing into the Internet of Things ecosystem.

Conclusion

Choosing the right IoT operating system is crucial in ensuring the functionality, efficiency, and security of connected devices. Factors like memory constraints, required connectivity protocols, and scalability need to be considered.

Do you already use any of the above-mentioned Operating Systems for your IoT projects? Or are you familiar with recommendable ones not on the list? Drop your comments in the discussion section.

Source