Today, we are going to see top 10 Linux system admin tools that we think are essential and that any system administrator working under Linux environment should at least find them useful. As we all know Linux is a distribution where we find sequential orders for absolutely everything. Here, we will see controls that allow us to debug, configure and monitor the system and serve us at the usual necessary interferences.
Quick control and easy direct monitoring present by default on Unix/Linux systems. This command quickly displays the main ongoing processes in condensed form, the state of consumption of the SWAP, RAM, CPU and average load of the load of the machine during 5, 10 and 15 minutes. This is very useful command when trying to quickly establish the charge of a machine, all dynamically.
This is a handy command that allows viewing of the current process. PS captures at Time T when to launch the command. This means that it doesn’t display information dynamically. This tool is to use and can still take many parameters which can refine the research and the information displayed. For example:
To see the current process:
* “E” displays the list of all processes
* “F” allows us to have all the necessary information when viewing
To search for a process and the process through their PID / PPID:
ps -f --ppid [PID_NUM]
To search all processes launched by a specific user:
ps -f -u user_name
Supervision is essential for the proper functioning of an entire system. When it’s necessary to supervise a host only, it’s the tool “Monit” that allow to perform verification tasks and fairly precise alerts. It’s a monitoring tool service on premises but it remains in a local context and fails to perform operation on remote hosts.
Does the server/s have survived the last night? A question that sometimes is legitimate to ask and can be answered very easily via the command “uptime” that return time from which the server is started. The command also displays the average server load of 1, 5 and 15 minutes.
Along with WireShark this is a network sniffer that allows inspecting in detail to analyze what goes in and what goes out of the network cards or form server. It’s often extremely useful during maintenance and troubleshooting of what passes from the server, because it often helps to better understand the causes of a malfunction. This tool is not available by default and can be installed using the following command.
yum install tcpdump
apt-get install tcpdump
Cron whose name is derived from the god of time “Chronos”, is a tool that gives the ability to run scripts automatically, commands or software at a data and time specified in advance, or on a cycle defined in advance. These schedules can be point (a specific day) or regular (for example, every Monday at 7.30 am). This is a very useful tool because it helps regular maintenance procedures that are often tedious or they used to do the work for you when you cannot stand before the machine at a specific date.
This command returns information about processes, memory, input output (I/O) and activity of the CPU in clear and simple form. It’s also very useful when trying to quickly see the state of our machine and its overall load.
This is one of the most used command in Linux, it make it possible to see the manual for each tool on the present system and thus helps to know how to use them. We often find the answers to the features in question which are explained very well in the Man tool. In this tool, we find the explanation of each option and each use of the command. For example, to find installed features on the FTP, type the following command:
man -k ftp
Auditd is a tool that allows implementing some security on the system. It also allows file monitoring establishment to issue an alert if a file is consulted and so find the facts on the different access or monitored files. It’s a pretty interesting tool and rather easy to use for the help it can provide.
Lsof or “list open files” is a command that allow us, as does “Top” with the process to list all open files at the moment of launching the command. This is great help when trying to find the actions of a program. For example, by whom a file is busy when it cannot be accessed.
Earlier, we have seen 7 Best Tools for Network Administration and now we covered top 10 tools for Linux System Admins. If you are using some other tools regularly or frequently along with these tools, then let us know so we can discuss about them here or in the next article.
After installing cpanel & WHM, the installer detects for your server on a NAT-configured network. If it is a NAT-configured network, your server will configure itself for NAT mode and attempt to automatically map local IP addresses to public IP addresses’
Enable NAT in cpanel server.
File acting as a NAT mode are /var/cpanel/cpnat. In case installer misguidedly detects a NAT-configured network, /var/cpanel/cpnat file can be deleted to disable NAT mode. Cpnat can be rebuilt if needed, to enable it, you can run the following command:
cPanel tries to attempt to map all non-loopback IP addresses bound to any network interface on the server to a public IP address.
cPanel server then sends an outgoing connection from each local IP address to the http://myip.cpanel.net/v1.0/ server.
The build_cpnat script uses http://myip.cpanel.net/v1.0/ to map local IP addresses to public IP addresses.
Following options can be managed for local and remote IP addresses in WHM:
Refer with cpanel documentation https://documentation.cpanel.net/display/ALD/1%3A1+NAT Manage IP Addresses and Check CPNAT main page for further information.
Image credit: cpanel.net.
Putty has loads of features; it’s a famous client to establish SSH connections from Windows machines to Linux servers. However, it’s not limited with this only; you also use it for Telnet, Rlogin, Serial, etc… Putty is certainly one of the best tools used by many of our system admins!
But then, there are many tools to centralize terminals and configurations such as MTPuTTY, however, it’s also helpful to have a list of shortcuts available quickly (for example, on the desktop or in a folder) and that open a terminal to a specific server with prerequisite parameters. This is what we will see in this tutorial.
To create Windows shortcuts, there is nothing that beats a good batch script, surely you can use PowerShell, but why complicate life?
Here, we will create .bat scripts that will get to open our Putty commands with the parameters of interest. First, we will see some basic parameter that can be used in the most cases.
The most basic case is one in which one can search to initiate an SSH connection to a server with an IP address or a prefilled with the name and user name also.
Some say store the password as well, but I would say avoid it! Why? If this file happens to be played or executed by a person other than you, then it will have free access to your server. Indeed, it’s not advisable to store passwords in such shortcuts, as in the connection configuration in mRemoteNG or MTPuTTY for example!
So we will go to our Windows desktop or any folder, right click, then “New Text File” and then “Text Document”. We will then rename this file, for example, “Server1.bat”.
Note: For additional security, I advise you to be careful with the scripts we are creating here, they may contain sensitive information. Several steps can be taken to ensure better protection of such information.
Here is what we can put in our batch file to launch Putty directly with an SSH connection to a specific server with a specific user name.
start /D "C:\Program Files\MTPutty\" putty.exe -ssh xxx.xx.xx.xx -l ESDS
Here, Putty is to be launched directly to initiate SSH connection on the IP xxx.xx.xx.xx with the user “ESDS”. Wonderful isn’t it?
For safety, it’s a common practice to put the SSH server on different port rather than standard port, i.e. 22. In this case, here is the option to add to our order: -P port_number.
start /D "C:\Program Files\MTPutty\" putty.exe -ssh xxx.xx.xx.xx -l ESDS -P 5248
Of course, if you wish to launch telnet instead of SSH, it’s also possible:
start /D "C:\Program Files\MTPutty\" putty.exe -Telnet xxx.xx.xx.xx
The outlook of above option can also be used as the protocol comprises the opposite.
Note: Always prefer an SSH connection (it’s always encrypted). On the other side, telnet, which is a vulnerable protocol, including sniffing, because everything passes clear on the network.
Another little trick that we may need is profile management. Indeed, in Putty, we can manage profiles that record preferences such as font, different but specific configuration, appearance, etc… In our shortcuts, it’s possible to specify the profile to use via option “-load”:
start /D "C:\Program Files\MTPutty\" putty.exe -load super_profile -ssh xxx.xx.xx.xx -l ESDS
We recommend the latter option to place before all others.
Looks lengthy tutorial? Come one, one more for the road, it can be very useful, I am sure. This is the opportunity to play with a file that contains commands (this time bash) once the SSH connection was initiated. So we will have our batch script that will launch Putty, and once the connection is started and we will be identified on the remote server, the commands contained in our second file will be executed.
So we created a file “order.txt” in which we placed “ls -al” and we position it in the same directory as Putty (careful, this should not be the directory where our .bat script is placed). We then added the option “-m order.txt” to our order in .bat file!
start /D "C:\Program Files\MTPutty\" putty.exe -load super_profile -ssh xxx.xx.xx.xx -l ESDS -m command.txt
So when we execute our batch file script, one can log in and once that is done, the command or commands will run.
This will be useful for many system admins and they can even store password in the .bat script via option “-pw”. However, I repeat again that you must be extremely careful when adding this option in your script, because your password will be totally viewable in a text file (or batch, almost same).
Presumably this allows to run a script directly, but this is not done to get this far, it can indeed cause some problems and be hard to debug. If your goal is to run a script, I advise you to build and place this script in the Linux server and then run it through .bat script. This will be much more convenient.
Note: at the end of execution of these orders in our file, the Putty connection will close automatically.
We toured the main features which are possible to enjoy. Now you can have shortcuts to make connections to your favorite servers! And do not forget to secure and protect the data they contain shortcuts!