How to convert a PFX to a seperate .key/.crt file

In this article I’m going to show you the commands you need to convert your .PFX Certificate file to a seperate certificate and keyfile. This article can come in handy when you need to import your certificates on devices like Cisco routers/loadbalancers etc. where you probably need to import the certificates and keyfiles in plain text (unencrypted). My tool of choice (but there might be others) is OpenSSL for Windows, which can be downloaded here

So after you installed OpenSSL you can start it from it’s Bin folder. I’d like to put OpenSSL\Bin in my path so I can start it from any folder. Fire up a command prompt and cd to the folder that contains your .pfx file. First type the first command to extract the private key:

openssl pkcs12 -in [yourfile.pfx] -nocerts -out [keyfile-encrypted.key]

What this command does is extract the private key from the .pfx file. Once entered you need to type in the importpassword of the .pfx file.  This is the password that you used to protect your keypair when you created your .pfx file.  If you cannot remember it anymore you can just throw your .pfx file away, cause you won’t be able to import it again, anywhere!.  Once you entered the import password OpenSSL requests you to type in another password, twice!. This new password will protect your .key file.

Now let’s extract the certificate:

openssl pkcs12 -in [yourfile.pfx] -clcerts -nokeys -out [certificate.crt]

Just press enter and your certificate appears.

Now as I mentioned in the intro of this article you sometimes need to have an unencrypted .key file to import on some devices.  I probably don’t need to mention that you should be carefully. If you store your unencrypted keypair somewhere on an unsafe location anyone can have a go with it and impersonate for instance a website or a person of your company.  So always be extra careful when it comes to private keys! Just throw the unencrypted keyfile away when you’re done with it, saving just the encrypted one.

The command:

openssl rsa -in [keyfile-encrypted.key] -out [keyfile-decrypted.key]

Again you need to enter an import password. This time you need to enter the new password that you created in step 1.  After that you’re done. You decrypted your private key. In the folder you ran OpenSSL from you’ll find the certifcate (.crt) and the two private keys (encrypted and unencrypted).

Update 07-07-2014:

In some cases you might be forced to convert your private key to PEM format. You can do so with the following command:

openssl rsa -in [keyfile-encrypted.key] -outform PEM -out [keyfile-encrypted-pem.key]

via: https://www.markbrilman.nl/2011/08/howto-convert-a-pfx-to-a-seperate-key-crt-file/

 

How to Find The Largest Top 10 Files and Directories On a Linux

via How Do I Find The Largest Top 10 Files and Directories On a Linux / UNIX / BSD? – nixCraft

https://www.tecmint.com/find-top-large-directories-and-files-sizes-in-linux/

Sometimes it is necessary to know what file(s) or directories are eating up all your disk space. Further, it may be required to find out it at the particular directory location on filesystem such as /tmp/ or /var/ or /home/. This guide will help you to use Unix and Linux command for finding the largest or biggest the files or directories on filesystem.

There is no simple command available to find out the largest files/directories on a Linux/UNIX/BSD filesystem. However, combination of following three commands (using pipes) you can easily find out list of largest files:

• du command : Estimate file space usage.
• sort command : Sort lines of text files or given input data.
• head command : Output the first part of files i.e. to display first 10 largest file.
• find command : Search file.

Type the following command at the shell prompt to find out top 10 largest file/directories:

# du -a /var | sort -n -r | head -n 10

Sample outputs:

1008372 /var
313236 /var/www
253964 /var/log
192544 /var/lib
152628 /var/spool
152508 /var/spool/squid
136524 /var/spool/squid/00
95736 /var/log/mrtg.log
74688 /var/log/squid
62544 /var/cache

If you want more human readable output try (GNU user only):

$ cd /path/to/some/where
$ du -hsx * | sort -rh | head -10

Where,

• du command -h option : display sizes in human readable format (e.g., 1K, 234M, 2G).
• du command -s option : show only a total for each argument (summary).
• du command -x option : skip directories on different file systems.
• sort command -r option : reverse the result of comparisons.
• sort command -h option : compare human readable numbers. This is GNU sort specific option only.
• head command -10 OR -n 10 option : show the first 10 lines.

The above command will only work of GNU/sort is installed. Other Unix like operating system should use the following version (see comments below):

for i in G M K; do du -ah | grep [0-9]$i | sort -nr -k 1; done | head -n 11

Sample outputs:

179M .
84M ./uploads
57M ./images
51M ./images/faq
49M ./images/faq/2013
48M ./uploads/cms
37M ./videos/faq/2013/12
37M ./videos/faq/2013
37M ./videos/faq
37M ./videos
36M ./uploads/faq

Find the largest file in a directory and its subdirectories using the find command

Type the following GNU/find command:

#Warning: only works with GNU find #
find /path/to/dir/ -printf ‘%s %p\n’| sort -nr | head -10
find . -printf ‘%s %p\n’| sort -nr | head -10

Sample outputs:

5700875 ./images/faq/2013/11/iftop-outputs.gif
5459671 ./videos/faq/2013/12/glances/glances.webm
5091119 ./videos/faq/2013/12/glances/glances.ogv
4706278 ./images/faq/2013/09/cyberciti.biz.linux.wallpapers_r0x1.tar.gz
3911341 ./videos/faq/2013/12/vim-exit/vim-exit.ogv
3640181 ./videos/faq/2013/12/python-subprocess/python-subprocess.webm
3571712 ./images/faq/2013/12/glances-demo-large.gif
3222684 ./videos/faq/2013/12/vim-exit/vim-exit.mp4
3198164 ./videos/faq/2013/12/python-subprocess/python-subprocess.ogv
3056537 ./images/faq/2013/08/debian-as-parent-distribution.png.bak

You can skip directories and only display files, type:

find /path/to/search/ -type f -printf ‘%s %p\n’| sort -nr | head -10

OR

find /path/to/search/ -type f -iname “*.mp4” -printf ‘%s %p\n’| sort -nr | head -10

Hunt down disk space hogs with ducks

Use the following bash shell alias:

alias ducks=’du -cks * | sort -rn | head’
Run it as follows to get top 10 files/dirs eating your disk space:
$ ducks

 

 

Extend a logical volume in a virtual machine running Red Hat or Cent OS

Source: Extending a logical volume in a virtual machine running Red Hat or Cent OS (1006371) | VMware KB

By default installation, Linux virtual machine (Fedora, RHEL or CentOS) has two partitions, one for swapping, and the other one is a lv (Logic Volume) partition.

The LVM (Logic Volume Manager) partition mount as /, and cannot be resized by partition tools such as partition magic or gparted.

To extend the logical volume:

Note: These steps only apply to EXT3 file systems.

 

Caution: VMware recommends to take a complete backup of the virtual machine prior to making these changes.

1. Power off the virtual machine.
2. Edit the virtual machine settings and extend the virtual disk size. For more information, see Increasing the size of a virtual disk (1004047).
3. Power on the virtual machine.
4. Identify the device name, which is by default /dev/sda, and confirm the new size by running the command:

   # fdisk -l

5. Create a new primary partition:
   1. Run the command:

      # fdisk /dev/sda (depending the results of the step 4)

   2. Press p to print the partition table to identify the number of partitions. By default, there are 2: sda1 and sda2.
   3. Press n to create a new primary partition.
   4. Press p for primary.
   5. Press 3 for the partition number, depending on the output of the partition table print.
   6. Press Enter two times.
   7. Press t to change the system’s partition ID.
   8. Press 3 to select the newly creation partition.
   9. Type 8e to change the Hex Code of the partition for Linux LVM.
   10. Press w to write the changes to the partition table.
6. Restart the virtual machine.
7. Run this command to verify that the changes were saved to the partition table and that the new partition has an 8e type:

   # fdisk -l

8. Run this command to convert the new partition to a physical volume:

   Note: The number for the sda can change depending on system setup. Use the sda number that was created in step 5.

   # pvcreate /dev/sda3

9. Run this command to extend the physical volume:

   # vgextend VolGroup00 /dev/sda3

   Note: To determine which volume group to extend, use the command vgdisplay.

10. Run this command to verify how many physical extents are available to the Volume Group:

    # vgdisplay VolGroup00 | grep “Free”

11. Run the following command to extend the Logical Volume:

    # lvextend -L+#G /dev/VolGroup00/LogVol00

    Where # is the number of Free space in GB available as per the previous command. Use the full number output from Step 10 including any decimals.

    Note: To determine which logical volume to extend, use the command lvdisplay.

12. Run the following command to expand the ext3 filesystem online, inside of the Logical Volume:

    # ext2online /dev/VolGroup00/LogVol00

    Notes:

1. • Use resize2fs instead of ext2online if it is not a Red Hat virtual machine.
   • By default, Red Hat and CentOS 7 use the XFS file system you can grow the file system by running the xfs_growfs command.
2. Run the following command to verify that the / filesystem has the new space available:

   # df -h /

SSH Passwordless Login Using SSH Keygen

via SSH Passwordless Login Using SSH Keygen in 5 Easy Steps

How to Find or Create an RSS Feed for Any Website

If you’re still a dedicated RSS user, you’ve no doubt noticed some sites no longer go out of their way to cater to you. Where once an RSS logo would be prominently displayed, now it’s nowhere to be found. How are you supposed to find RSS feeds?

Before you try one of the below options, try contacting the people behind your favorite sites: often they’ll get back to your with a URL. But when that fails, you need to take matters into your own hands. Here’s how to find, or even create, an RSS feed for any site, even when one isn’t prominently offered.

Finding Hidden RSS Feeds on Most Sites

Most sites are built using a Content Management System, or CMS. Every major CMS offers an RSS feed by default, meaning an RSS exists for such sites whether the site’s creators realize that or not. In these cases, you can use a simple URL hack to find the RSS feed.

Around 25 percent of sites are built using WordPress, for example. Many others are built on platforms like Google’s Blogger, Yahoo’s Tumblr, or Medium. Here’s how to find RSS feeds for all of those.

• If a site is built using WordPress, simply add /feed to the end of the URL, for example https://example.wordpress.com/feed. You can also do this for category and pages, to get specific RSS feeds. Read more here.
• If a site is hosted on Blogger, simply add feeds/posts/default to the end of the URL, for example http://blogname.blogspot.com/feeds/posts/default. Read more here.
• If a blog is hosted on Medium.com, simply insert /feed/ before the publication’s name in the URL. For example medium.com/example-site becomes medium.com/feed/example-site. You can do the same thing for individual author pages, if you want. Read more here.
• If a blog is hosted on Tumblr, simply add /rss to the end of the homegpage’s URL. For example, http://example.tumblr.com/rss.

Create a Custom RSS Feed With Five Filters’ Create Feed Tool

The good folks at FiveFilters.org offer Feed Creator, a tool that scans any web page regularly and users any new links added to create an RSS feed. All you need is a URL and a few parameters.

The first field, “Enter Page URL,” is the simplest: copy the URL for the site you wish had an RSS feed and paste it here. The second, “Look for links inside HTML elements whose id or class attribute contains” is a bit more complex, but don’t panic: it’s actually pretty straightforward.

Head back to the site you’d like to create an RSS feed, then right-click an example of the sort of link you’d like to see in that RSS feed. Google Chrome will give you the option to “Inspect” the link; other browser should offer similar wording.

Do this and the Inspector will pop up, showing you the website’s code alongside the site itself.

The link you right-click should be highlighted, as shown, and the class of the URL should be visible in a pop-up for the link and in the left panel, though this may take some exploration depending on the site. The exact wording will vary, but in our example here “allmode-title” is what we’re looking for. Copy this and paste it back on the Feed Creator page.

The third and final field, “Only keep links if link URL contains,” gives you a touch more control. If you notice that only particular links to a particular page interest you, add some wording from that URL. This can help filter out ads and other annoyances.

Once all that is entered you should be able to click the big green “Preview” button.

If everything worked, you’ll see a collection of headlines.

Congratulations! You can now subscribe to an RSS feed for a site that previously didn’t have one. If not, don’t panic: just head back to Feed Creator and try some now criteria. This can take a while, but once you get the hang of it you’ll be able to create feeds for any site.

via How to Find or Create an RSS Feed for Any Website

how to Search-Keywords in files – PowerShell function

function Search-File{
PARAM(
[STRING[]]$Path = $pwd,
[STRING[]]$Include = “*.ps1”,
[STRING[]]$KeyWord = (Read-Host “Keyword?”),
[SWITCH]$ListView
)

<#
Descrition: This function allows you to search a folder and it’s sub directories for files containing a keyword.

Exampls: Search-File -Path C:\temp -Include “*.pdf” -KeyWord “nagios”

Date: Sunday, April 3, 2016 10:03:16 AM

The function uses three parameters and one switch.

Parameters

-Path
By default, the path will use your present working directory ($pwd). The search path is always recursive.

-Include
By default the include is set to “*.ps1”. The value for this parameter filters by file name.
Examples : -Include “*.log” or “Servers*.log”

-Keyword
If no value is provided you will be prompted with “Keyword?:”.
This parameter invokes “Search-String -Simplematch $Keyword”; I sometimes search for regular expressions, but a switch could be added to the function to utilize “Search-String -Pattern” allowing use of regular expressions in the keyword search.
Uses a simple match rather than a regular expression match. In a simple match, Select-String searches the input for the text in the Pattern parameter. It does not interpret the value of the Pattern parameter as a regular expression statement.

Switches

-ListView
While the default formatting neatly groups matched lines under the filename, the line is truncated. If you want to see the full line containing the match, use this switch.

#>

Get-ChildItem -path $Path -Include $Include -Recurse | `
sort Directory,CreationTime | `
Select-String -simplematch $KeyWord -OutVariable Result | `
Out-Null

IF ($ListView) {
$Result | Format-List -Property Path,LineNumber,Line
}
ELSE {
$Result | Format-Table -GroupBy Path -Property LineNumber,Line -AutoSize
}

}

Source: Search-Scripts – PowerShell.com – PowerShell Scripts, Tips, Forums, and Resources

How to Monitor haproxy with Cacti

How to Monitor haproxy with Cacti

Install package

yum install net-snmp net-snmp-utils –y

Verify installation

rpm -qa | grep net-snmp*

net-snmp-agent-libs-5.7.2-24.el7.x86_64

net-snmp-5.7.2-24.el7.x86_64

net-snmp-libs-5.7.2-24.el7.x86_64

net-snmp-utils-5.7.2-24.el7.x86_64

Edit SNMP configuration file

vi /etc/snmp/snmpd.conf

rocommunity   ec1980

syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)

view    systemview    included   .1.3.6.1.2.1.1

view    systemview    included   .1.3.6.1.2.1.25.1.1

access  notConfigGroup “”      any       noauth    exact  systemview none none

disablePerl false

perl do ‘/etc/snmp/haproxy.pl’;

Open firewall UDP port 161

firewall-cmd –permanent –add-port=161/udp

firewall-cmd –reload

firewall-cmd –list-all

systemctl stop firewalld

systemctl disable firewalld

Start SNMP service

systemctl start snmpd

systemctl enable snmpd

Edit haproxy configuration file # Global settings

vi /etc/haproxy/haproxy.cfg

#———————————————————————

# Global settings

#———————————————————————

global

 

    # to have these messages end up in /var/log/haproxy.log you will

    # need to:

.

.

.

.

 

#    stats socket /var/lib/haproxy/stats

stats socket /var/run/haproxy.stat mode 666

Download haproxy installation files from haproxy website to /tmp folder

cd /tmp/

wget http://www.haproxy.org/download/1.5/src/haproxy-1.5.16.tar.gz

tar zxvf haproxy-1.5.16.tar.gz

cd haproxy-1.5.16

cd contrib

cd netsnmp-perl

Copy haproxy.pl to snmp folder

 cp haproxy.pl /etc/snmp/

Install perl-Net-SNMP package

yum provides ‘*/Net/SNMP.pm’

yum install epel-release

yum install perl-Net-SNMP

Verify Installation

rpm -qa | grep net-snmp*

net-snmp-agent-libs-5.7.2-24.el7.x86_64

net-snmp-5.7.2-24.el7.x86_64

net-snmp-perl-5.7.2-24.el7.x86_64

net-snmp-libs-5.7.2-24.el7.x86_64

net-snmp-utils-5.7.2-24.el7.x86_64

Restart snmp service

systemctl restart snmp

Restart haproxy service

service haproxy restart

Validate haproxy perl script

perl /etc/snmp/haproxy.pl # even if this doesn’t work check that the query works.

Validate internal SNMP query works

snmpwalk -v 1 -c ec1980 -O e 127.0.0.1

snmpbulkwalk -c ec1980 -v2c 127.0.0.1 1.3.6.1.4.1.29385.106.2.0

Copy cacti XML files from haproxy installation files to cacti resource folders

C:\inetpub\wwwroot\cacti\resource\snmp_queries

cacti_data_query_haproxy_backends.xml

cacti_data_query_haproxy_frontends.xml

haproxy_backend.xml

haproxy_frontend.xml

haproxy_socket.xml

C:\inetpub\wwwroot\cacti\resource\script_queries

haproxy_backend.xml

haproxy_frontend.xml

haproxy_socket.xml

C:\inetpub\wwwroot\cacti\resource\script_server

haproxy_backend.xml

haproxy_frontend.xml

haproxy_socket.xml

Add data query and graphs

Finish!

How to Install SNMP service on CentOS 7

Install SNMP service on CentOS 7

Check if the package is already installed

rpm -qa | grep net-snmp*

install the package

yum install net-snmp net-snmp-utils –y

verify installation

rpm -qa | grep net-snmp*

display SNMP configuration file without comments

grep -v “^$” /etc/snmp/snmpd.conf | grep -v ‘^ *#’

Firewall Configuration – Open UDP Port

firewall-cmd –permanent –add-port=161/udp

Firewall Configuration – Reload

firewall-cmd –reload

Firewall Configuration – List

firewall-cmd –list-all

starts SNMP service

systemctl start snmpd

snmpwalk – localhost Query

snmpwalk -v 1 -c public -O e 127.0.0.1

snmpwalk – Remote Query

snmpwalk -v 1 -c public -O e 192.168.1.7

Enable the service to start at boot and start automatically

systemctl enable snmpd

fix cacti can’t get information from SNMP

The problem resides in the permissions for SNMP version 1 users in the /etc/snmp/snmpd.conf file

You need to change the following limits:
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1

to:
view systemview included .1.3.6.1.2.1
view systemview included .1.3.6.1.2.1.25.1.1 

Add PowerShell to Windows Explorer Context Menu in Windows 10

Here’s a quick tutorial on how to add PowerShell to the Windows Explorer context menu in Windows 10.

Source: Add PowerShell to Windows Explorer Context Menu in Windows 10 – Petri

1. Open the Registry Editor. You can do this by clicking on Start and typing regedit.

2. Navigate to the following path:

HKEY_CLASSES_ROOT\Directory\Shell

Create a new key by clicking Edit > New > Key.

Call the new key “PowerShell.”

3. Modify the default string in the “PowerShell” key by right-clicking it and selecting “Modify…”

Call the new value “Open PowerShell Here.” Click “OK.”

4. In the PowerShell key, create a new key by clicking Edit > New > Key.

5. Call the new key “command.”

6. Modify the default string in the command key by using the following text:

C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -NoExit -Command Set-Location -LiteralPath ‘%L’

Click “OK.”

7. Add a new string by clicking Edit > New > String value.

Let’s call it “Icon.”

8. Modify the value by using the following text:

“C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe”,0

Click “OK.”

9. After completing these steps, close the registry, and open Windows Explorer. Go to any folder of your choice and right-click the folder

 

 

 

 

Process Monitoring with PowerShell

PowerShell MVP Jeff Hicks shares his script for watching processes using a WMI event subscription using the CIM cmdlets.

Source: Process Monitoring with PowerShell – Petri

$Poll = 120 #check the computer every two minutes

<#
I want to select all properties from the WMI class called CIM_InstModification.
This is a special system class that’s triggered when an object is modified.
I don’t want to find every object, as it is changed every second. So I tell WMI to check within a time frame of seconds.
When this event fires, WMI will have a new object called the TargetInstance.
This will be the changed object, and I only care about those that are Win32_Process objects.
The ISA operator accomplishes that.
The last part of the query is to limit results to those process objects, which is what the TargetInstance is, with a WorkingSetSize property of greater or equal to 500 MB.
#>

$query = “Select * from CIM_InstModification within $Poll where TargetInstance ISA ‘Win32_Process’ AND TargetInstance.WorkingSetSize>=$(1000MB)” #WMI query

<#
When you create the event subscriber, you can choose to simply record the events in your PowerShell session as matching events are detected.
Or you can take action.
In my case, I want to do a few things everytime a matching process is found.
I want to create a log file, and I want to display a popup message.
#>

$action={
#create a log file
$logPath= “C:\Work\HighMemLog.txt”
“[$(Get-Date)] Computername = $($Event.SourceEventArgs.NewEvent.SourceInstance.CSName)” | Out-File -FilePath $logPath -Append -Encoding ascii
“[$(Get-Date)] Process = $($Event.SourceEventArgs.NewEvent.SourceInstance.Name)” | Out-File -FilePath $logPath -Append -Encoding ascii
“[$(Get-Date)] Command = $($Event.SourceEventArgs.NewEvent.SourceInstance.Commandline)” | Out-File -FilePath $logPath -Append -Encoding ascii
“[$(Get-Date)] PID = $($Event.SourceEventArgs.NewEvent.SourceInstance.ProcessID)” | Out-File -FilePath $logPath -Append -Encoding ascii
“[$(Get-Date)] WS(MB) = $([math]::Round($Event.SourceEventArgs.NewEvent.SourceInstance.WorkingSetSize/1MB,2))” | Out-File -FilePath $logPath -Append -Encoding ascii
“[$(Get-Date)] $(‘*’ * 60)” | Out-File -FilePath $logPath -Append -Encoding ascii

#create a popup
$wsh = New-Object -ComObject Wscript.shell
$Title = “$(Get-Date) High Memory Alert”
$msg = @”
Process = $($Event.SourceEventArgs.NewEvent.SourceInstance.Name)
PID = $($Event.SourceEventArgs.NewEvent.SourceInstance.ProcessID)
WS(MB) = $([math]::Round($Event.SourceEventArgs.NewEvent.SourceInstance.WorkingSetSize/1MB,2))
“@

#timeout in seconds. Use -1 to require a user to click OK.
$Timeout = 10
$wsh.Popup($msg,$TimeOut,$Title,16+32)

}

#Now that I have the action scriptblock all that remains is to register the subscription with the Register-CimIndicationEvent.#
Register-CimIndicationEvent -Query $query -SourceIdentifier “HighProcessMemory” -Action $action

#You can see the registration with the Get-EventSubscriber cmdlet.
#This subscription will run for as long as my PowerShell session is running.
#The corollary is that I will need to recreate it every time I want to start monitoring.
#If this is a daily task, I could put it in my PowerShell profile script.

#If you want to get rid of the subscriber, simply unregister it.
#Get-EventSubscriber -SourceIdentifier “HighProcessMemory” | Unregister-Event