Unban ip Failban

Step 1: Find IP Address to Unblock

Log in to your server via SSH and type in the following command:

iptables -L -n

Look for the IP address you want to unblock / unban.

Step 2: Get Jail Name of fail2ban Blocked IP Address

Now we must find the jail name this IP address is in. To do so, type the following to find the jail list settings:

fail2ban-client status

Step 3: Unban IP Address from fail2ban

For this example, we will remove an IP address jailed within ssh. To do so, type in the following:

fail2ban-client set <jail-name> unbanip

The IP address should now be unbanned from fail2ban.

Bach color Linux

# Reset
Color_Off='\033[0m'       # Text Reset

# Regular Colors
Black='\033[0;30m'        # Black
Red='\033[0;31m'          # Red
Green='\033[0;32m'        # Green
Yellow='\033[0;33m'       # Yellow
Blue='\033[0;34m'         # Blue
Purple='\033[0;35m'       # Purple
Cyan='\033[0;36m'         # Cyan
White='\033[0;37m'        # White

# Bold
BBlack='\033[1;30m'       # Black
BRed='\033[1;31m'         # Red
BGreen='\033[1;32m'       # Green
BYellow='\033[1;33m'      # Yellow
BBlue='\033[1;34m'        # Blue
BPurple='\033[1;35m'      # Purple
BCyan='\033[1;36m'        # Cyan
BWhite='\033[1;37m'       # White

# Underline
UBlack='\033[4;30m'       # Black
URed='\033[4;31m'         # Red
UGreen='\033[4;32m'       # Green
UYellow='\033[4;33m'      # Yellow
UBlue='\033[4;34m'        # Blue
UPurple='\033[4;35m'      # Purple
UCyan='\033[4;36m'        # Cyan
UWhite='\033[4;37m'       # White

# Background
On_Black='\033[40m'       # Black
On_Red='\033[41m'         # Red
On_Green='\033[42m'       # Green
On_Yellow='\033[43m'      # Yellow
On_Blue='\033[44m'        # Blue
On_Purple='\033[45m'      # Purple
On_Cyan='\033[46m'        # Cyan
On_White='\033[47m'       # White

# High Intensity
IBlack='\033[0;90m'       # Black
IRed='\033[0;91m'         # Red
IGreen='\033[0;92m'       # Green
IYellow='\033[0;93m'      # Yellow
IBlue='\033[0;94m'        # Blue
IPurple='\033[0;95m'      # Purple
ICyan='\033[0;96m'        # Cyan
IWhite='\033[0;97m'       # White

# Bold High Intensity
BIBlack='\033[1;90m'      # Black
BIRed='\033[1;91m'        # Red
BIGreen='\033[1;92m'      # Green
BIYellow='\033[1;93m'     # Yellow
BIBlue='\033[1;94m'       # Blue
BIPurple='\033[1;95m'     # Purple
BICyan='\033[1;96m'       # Cyan
BIWhite='\033[1;97m'      # White

# High Intensity backgrounds
On_IBlack='\033[0;100m'   # Black
On_IRed='\033[0;101m'     # Red
On_IGreen='\033[0;102m'   # Green
On_IYellow='\033[0;103m'  # Yellow
On_IBlue='\033[0;104m'    # Blue
On_IPurple='\033[0;105m'  # Purple
On_ICyan='\033[0;106m'    # Cyan
On_IWhite='\033[0;107m'   # White

the escape character in bashhex and octal respectively:

|       | bash  | hex    | octal   | NOTE                         |
| start | \e    | \x1b   | \033    |                              |
| start | \E    | \x1B   | -       | x cannot be capital          |
| end   | \e[0m | \x1m0m | \033[0m |                              |
| end   | \e[m  | \x1b[m | \033[m  | 0 is appended if you omit it |
|       |       |        |         |                              |

short example:

| color       | bash         | hex            | octal          | NOTE                                  |
| start green | \e[32m<text> | \x1b[32m<text> | \033[32m<text> | m is NOT optional                     |
| reset       | <text>\e[0m  | <text>\1xb[0m  | <text>\033[om  | o is optional (do it as best practice |
|             |              |                |                |                                       |

bash exception:

If you are going to use these codes in your special bash variables

  • PS0
  • PS1
  • PS2 (= this is for prompting)
  • PS4

you should add extra escape characters so that  can interpret them correctly. Without this adding extra escape characters it works but you will face problems when you use Ctrl + r for search in your history.

exception rule for bash

You should add \[ before any starting ANSI code and add \] after any ending ones.
in regular usage: \033[32mThis is in green\033[0m
for PS0/1/2/4: \[\033[32m\]This is in green\[\033[m\]

\[ is for start of a sequence of non-printable characters
\] is for end of a sequence of non-printable characters

Tip: for memorize it you can first add \[\] and then put your ANSI code between them:
– \[start-ANSI-code\]
– \[end-ANSI-code\]

type of color sequence:

  1. 3/4 bit
  2. 8 bit
  3. 24 bit

Before diving into these colors, you should know about 4 modes with these codes:

1. color-mode

It modifies the style of color NOT text. For example make the color bright or darker.

  • 0 reset
  • 1; lighter than normal
  • 2; darker than normal

This mode is not supported widely. It is fully support on Gnome-Terminal.

2. text-mode

This mode is for modifying the style of text NOT color.

  • 3; italic
  • 4; underline
  • 5; blinking (slow)
  • 6; blinking (fast)
  • 7; reverse
  • 8; hide
  • 9; cross-out

and are almost supported.
For example KDE-Konsole supports 5; but Gnome-Terminal does not and Gnome supports 8;but KDE does not.

3. foreground mode

This mode is for colorizing the foreground.

4. background mode

This mode is for colorizing the background.

The below table shows a summary of 3/4 bit version of ANSI-color

| color-mode | octal    | hex     | bash  | description      | example (= in octal)         | NOTE                                 |
|          0 | \033[0m  | \x1b[0m | \e[0m | reset any affect | echo -e "\033[0m"            | 0m equals to m                       |
|          1 | \033[1m  |         |       | light (= bright) | echo -e "\033[1m####\033[m"  | -                                    |
|          2 | \033[2m  |         |       | dark (= fade)    | echo -e "\033[2m####\033[m"  | -                                    |
|  text-mode | ~        |         |       | ~                | ~                            | ~                                    |
|          3 | \033[3m  |         |       | italic           | echo -e "\033[3m####\033[m"  |                                      |
|          4 | \033[4m  |         |       | underline        | echo -e "\033[4m####\033[m"  |                                      |
|          5 | \033[5m  |         |       | blink (slow)     | echo -e "\033[3m####\033[m"  |                                      |
|          6 | \033[6m  |         |       | blink (fast)     | ?                            | not wildly support                   |
|          7 | \003[7m  |         |       | reverse          | echo -e "\033[7m####\033[m"  | it affects the background/foreground |
|          8 | \033[8m  |         |       | hide             | echo -e "\033[8m####\033[m"  | it affects the background/foreground |
|          9 | \033[9m  |         |       | cross            | echo -e "\033[9m####\033[m"  |                                      |
| foreground | ~        |         |       | ~                | ~                            | ~                                    |
|         30 | \033[30m |         |       | black            | echo -e "\033[30m####\033[m" |                                      |
|         31 | \033[31m |         |       | red              | echo -e "\033[31m####\033[m" |                                      |
|         32 | \033[32m |         |       | green            | echo -e "\033[32m####\033[m" |                                      |
|         33 | \033[32m |         |       | yellow           | echo -e "\033[33m####\033[m" |                                      |
|         34 | \033[32m |         |       | blue             | echo -e "\033[34m####\033[m" |                                      |
|         35 | \033[32m |         |       | purple           | echo -e "\033[35m####\033[m" | real name: magenta = reddish-purple  |
|         36 | \033[32m |         |       | cyan             | echo -e "\033[36m####\033[m" |                                      |
|         37 | \033[32m |         |       | white            | echo -e "\033[37m####\033[m" |                                      |
|         38 | 8/24     |                    This is for special use of 8-bit or 24-bit                                            |
| background | ~        |         |       | ~                | ~                            | ~                                    |
|         40 | \033[40m |         |       | black            | echo -e "\033[40m####\033[m" |                                      |
|         41 | \033[41m |         |       | red              | echo -e "\033[41m####\033[m" |                                      |
|         42 | \033[42m |         |       | green            | echo -e "\033[42m####\033[m" |                                      |
|         43 | \033[43m |         |       | yellow           | echo -e "\033[43m####\033[m" |                                      |
|         44 | \033[44m |         |       | blue             | echo -e "\033[44m####\033[m" |                                      |
|         45 | \033[45m |         |       | purple           | echo -e "\033[45m####\033[m" | real name: magenta = reddish-purple  |
|         46 | \033[46m |         |       | cyan             | echo -e "\033[46m####\033[m" |                                      |
|         47 | \033[47m |         |       | white            | echo -e "\033[47m####\033[m" |                                      |
|         48 | 8/24     |                    This is for special use of 8-bit or 24-bit                                            |                                                                                       |

The below table shows a summary of 8 bit version of ANSI-color

| foreground | octal     | hex       | bash    | description      | example                            | NOTE                    |
|        0-7 | \033[38;5 | \x1b[38;5 | \e[38;5 | standard. normal | echo -e '\033[38;5;1m####\033[m'   |                         |
|       8-15 |           |           |         | standard. light  | echo -e '\033[38;5;9m####\033[m'   |                         |
|     16-231 |           |           |         | more resolution  | echo -e '\033[38;5;45m####\033[m'  | has no specific pattern |
|    232-255 |           |           |         |                  | echo -e '\033[38;5;242m####\033[m' | from black to white     |
| foreground | octal     | hex       | bash    | description      | example                            | NOTE                    |
|        0-7 |           |           |         | standard. normal | echo -e '\033[48;5;1m####\033[m'   |                         |
|       8-15 |           |           |         | standard. light  | echo -e '\033[48;5;9m####\033[m'   |                         |
|     16-231 |           |           |         | more resolution  | echo -e '\033[48;5;45m####\033[m'  |                         |
|    232-255 |           |           |         |                  | echo -e '\033[48;5;242m####\033[m' | from black to white     |

The 8-bit fast test:
for code in {0..255}; do echo -e "\e[38;05;${code}m $code: Test"; done

The below table shows a summary of 24 bit version of ANSI-color

| foreground | octal     | hex       | bash    | description | example                                  | NOTE            |
|      0-255 | \033[38;2 | \x1b[38;2 | \e[38;2 | R = red     | echo -e '\033[38;2;255;0;02m####\033[m'  | R=255, G=0, B=0 |
|      0-255 | \033[38;2 | \x1b[38;2 | \e[38;2 | G = green   | echo -e '\033[38;2;;0;255;02m####\033[m' | R=0, G=255, B=0 |
|      0-255 | \033[38;2 | \x1b[38;2 | \e[38;2 | B = blue    | echo -e '\033[38;2;0;0;2552m####\033[m'  | R=0, G=0, B=255 |
| background | octal     | hex       | bash    | description | example                                  | NOTE            |
|      0-255 | \033[48;2 | \x1b[48;2 | \e[48;2 | R = red     | echo -e '\033[48;2;255;0;02m####\033[m'  | R=255, G=0, B=0 |
|      0-255 | \033[48;2 | \x1b[48;2 | \e[48;2 | G = green   | echo -e '\033[48;2;;0;255;02m####\033[m' | R=0, G=255, B=0 |
|      0-255 | \033[48;2 | \x1b[48;2 | \e[48;2 | B = blue    | echo -e '\033[48;2;0;0;2552m####\033[m'  | R=0, G=0, B=255 |

some screen-shots

foreground 8-bit summary in a .gif


background 8-bit summary in a .gif


color summary with their values

enter image description here enter image description here enter image description here enter image description here

blinking on KDE-Terminal


 a simple C code that shows you more


 a more advanced tool that I developed to deal with these colors:

color-mode shot


text mode shot


combining is OK


more shots

Tips and Tricks for Advanced Users and Programmers:

Can we use these codes in a programming language?

Yes, you can. I experienced in  

Are they slow down the speed of a program?

I think, NO.

Can we use these on Windows?

3/4-bit Yes, if you compile the code with gcc
some screen-shots on Win-7

How to calculate the length of code?

\033[ = 2, other parts 1

Where can we use these codes?

Anywhere that has a tty interpreter
xtermgnome-terminalkde-terminalmysql-client-CLI and so on.
For example if you want to colorize your output with mysql you can use Perl

#!/usr/bin/perl -n
print "\033[1m\033[31m$1\033[36m$2\033[32m$3\033[33m$4\033[m" while /([|+-]+)|([0-9]+)|([a-zA-Z_]+)|([^\w])/g;

store this code in a file name: pcc (= Perl Colorize Character) and then put the file a in valid PATHthen use it anywhere you like.

ls | pcc
df | pcc

inside mysql first register it for pager and then try:

[user2:db2] pager pcc
PAGER set to 'pcc'
[user2:db2] select * from table-name;


It does NOT handle Unicode.

Do these codes only do colorizing?

No, they can do a lot of interesting things. Try:

echo -e '\033[2K'  # clear the screen and do not move the position


echo -e '\033[2J\033[u' # clear the screen and reset the position

There are a lot of beginners that want to clear the screen with system( "clear" ) so you can use this instead of system(3) call

Are they available in Unicode?

Yes. \u001b

Which version of these colors is preferable?

It is easy to use 3/4-bit, but it is much accurate and beautiful to use 24-bit.
If you do not have experience with  so here is a quick tutorial:
24 bits means: 00000000 and 00000000 and 00000000. Each 8-bit is for a specific color.
24..17 is for  and 16..9 for  and 8..1 for 
So in  #FF0000 means  and here it is: 255;0;0
in  #00FF00 means  which here is: 0;255;0
Does that make sense? what color you want combine it with these three 8-bit values.

ANSI escape sequences
some blogs/web-pages that I do not remember

Running Tomcat Automatically At Linux Startup

A potential drawback of installing Tomcat from a binary distribution instead of using a Linux-packaged version is that you’ll have to do some extra legwork to make Tomcat start automatically when Linux boots up.  To make this process easy and pain-free, follow this simple guide.

Step 1 – Create A Tomcat-Specific User and User Group

It’s a bad idea to run Tomcat as the root user, especially if you’re going to be starting Tomcat automatically.  It’s much more secure to create a new group and user specifically to run Tomcat.  You can do so with the following commands (in this example, we have created a user group named tomcat, and a user named tomcat with the password tomcat; you can certainly be more creative if you wish):

$ groupadd tomcat
$ useradd -s /sbin/nologin -g tomcat -d /path/to/tomcat tomcat

$ useradd -r -s /sbin/nologin tomcat

-r for system user
$ passwd tomcat

-r, –system
Create a system account.

System users will be created with no aging information in /etc/shadow, and their
numeric identifiers are chosen in the SYS_UID_MIN-SYS_UID_MAX range, defined in
/etc/login.defs, instead of UID_MIN-UID_MAX (and their GID counterparts for the
creation of groups).

Note that useradd will not create a home directory for such an user, regardless
of the default setting in /etc/login.defs (CREATE_HOME). You have to specify the
-m options if you want a home directory for a system account to be created.

-s, –shell SHELL
The name of the user’s login shell. The default is to leave this field blank,
which causes the system to select the default login shell specified by the SHELL
variable in /etc/default/useradd, or an empty string by default.


useradd -m -d /home/thenewuser -s /bin/bash -c "the new user" -U thenewuser

-c “message” : extra information about the user.

-U thenewuser : Create a group with the same name as the user, and add the user to this group.

-N : the -N argument tells the system not to create a group having the user’s name

-m, –create-home are same: Create the user’s home directory if it does not exist.

-d, –home HOME_DIR : The new user will be created using HOME_DIR as the value for the user’s login directory.
if -d is not used the default homedirectory will be /home/thenewuser

-m -d /data/thenewuser : the -m argument creates the /data/thenewuser homedirectory, specified by the -d argument.

-M : the -M argument tells the system not to create a home directory

-s /bin/bash : the -s is used for specifing the user’s default shell, /bin/bash in this case.

-s or –shell are same.

-s /sbin/nologin : The /sbin/nologin for Fedora and /usr/sbin/nologin for Debian are two shells that return you a polite message like “this account is not available” and do not allow you to log into the system. This message can be customized.

-s /bin/false : Is an old shell used to deny a user’s login. The /bin/false exits immediatly when false exists. The user accounts with /bin/false or /bin/true as their default shells are locked.

-s /sbin/nologin belongs to unix-linux while /bin/false part of GNU Coreutils. These shells must be listed in the /etc/shells file, to work.

The users with /sbin/nologin (or /usr/sbin/nologin) can connect through ssh or ftp, but the users with /bin/false are completely locked out from the system.

with useradd -D : You can also view the default parameters set for new user to be created using

# useradd -D

Step 2 – Adjust Ownership For New Users And Groups

Now that you have created a user to run Tomcat, you’ll need to give them access to the correct directories.  Use the following commands, substituting your own usernames and groups as necessary:

# chown -R tomcat.tomcat /path/to/tomcat
# chmod 775 /path/to/tomcat/webapps
The first gives ownership of the Tomcat directories to the Tomcat user, and the second gives the user write access for the webapps directory.

Step 3 – Relay Traffic For Non-Root Tomcat User

When running Tomcat as a user other than the root user, you will not be able to bind to port 80, which is where Tomcat listens for HTTP requests.  To get around this, you can use Netfilter, which is packaged with all major Linux distributions:

# iptables -t nat -I PREROUTING -p tcp –dport 80 -j REDIRECT –to-ports 8080
# iptables -t nat -I OUTPUT -p tcp –dport 80 -j REDIRECT –to-ports 8080
To preserve these rules through re-boot, save them with the “ip-tables-save” command, and then follow the procedure appropriate for your Linux distribution (for most distributions, this means editing the iptables init script; Debian users should load the configuration via a script called by if-up.d or pre-up.d).

Step 3 – Create A Custom init Script

To start Tomcat at Linux boot time, we’ll need to create an init script that calls the startup.sh and shutdown.sh scripts included with Tomcat.

The actual creation of this script is outside the scope of this article, but there are many useful resources available online.  All you need to know in order to use the basic init script format to call Tomcat is how the startup.sh and shutdown.sh scripts work.

For more information about these scripts, visit our Tomcat Start page, which includes a simple, step-by-step guide to Tomcat’s three start-up shell scripts.

like :

chmod 774 /opt/apache-tomcat-8.0.12-1/ -Rf

export JAVA_OPTS=”-agentlib:hprof=cpu=samples,file=/var/log/cpuTest.log”



/bin/su -s /bin/bash $TOMCAT_OWNER -c $CATALINA_HOME/bin/startup.sh




Create bootable USB stick from ISO in Mac OS X

Convert the ISO to UDRW format

Mac OS X provides all the tools needed to convert the ISO image to UDRW. The following command will convert the ISO image to the UDRW format.

hdiutil convert -format UDRW -o destination_file.img source_file.iso

You will notice that the destination_file.img from the command will create the file destination_file.img.dmg really. This is because the hdiutil program automatically adds the dmg file extension. This is not a problem as the file extension won’t affect the format of the image.

Prepare the USB stick

Check your USB stick and make a backup if there is any important data on it, as the next steps are going to delete everything on it.

To prepare the USb stick we are going to delete all the partitions on the stick and create an empty partition. To do this we need to know the device name of the USB stick. Open a terminal and execute the following command:

$ diskutil list

You will see a list of disks and partitions. The goal is to identify the USB stick in this output. Depending on your system configuration your output might look different from this one. This appears to show 3 physical discs but it does not. The /dev/disk1 is a virtual disk created because of the partition encryption (FileVault 2) I enabled in Mac OS X.

#:                       TYPE NAME                    SIZE       IDENTIFIER
0:      GUID_partition_scheme                        *500.1 GB   disk0
1:                        EFI                         209.7 MB   disk0s1
2:          Apple_CoreStorage                         399.5 GB   disk0s2
3:                 Apple_Boot Recovery HD             650.0 MB   disk0s3
5:                 Apple_Boot Boot OS X               134.2 MB   disk0s5
#:                       TYPE NAME                    SIZE       IDENTIFIER
0:                  Apple_HFS MacOSX                 *399.2 GB   disk1
#:                       TYPE NAME                    SIZE       IDENTIFIER
0:      GUID_partition_scheme                        *2.0 GB     disk2
1:       Microsoft Basic Data UNTITLED 1              2.0 GB     disk2s1

As shown in the output above, the connected USB stick is a small 2.0 GB drive with a FAT partition on it. We are now going to remove this partition in the next step. For the following steps we will need the name of the disk which in this case is “/dev/disk2”.

With the following command the data on the disk (your USB stick) will be deleted!

$ diskutil partitionDisk /dev/disk2 1 "Free Space" "unused" "100%"

With this command the USB stick was re-partitioned to have 1 partition without formatting and 100% of the size of the stick. If you check it again with “diskutil list” you will see the changes already, also the USB stick will no longer be shown in the Finder.

Copy the image to the USB stick

Now we can copy the disk image we created to the USB stick. This is done via the dd(1)command. This command will copy the image to the disk (substitute the appropriate disk name for your USB stick here, as with the re-partitioning command):

$ sudo dd if=destination_file.img.dmg of=/dev/disk2 bs=1m

The dd command does not show any output before it has finished the copy process, so be patient and wait for it to complete.

$ diskutil eject /dev/disk2

To eject the USB stick, use the above command. After this is done, the bootable USB stick is ready to be used.

Original link

IspConfig migration from one server to other.

Usefull link 

You need to backup /var/vmail, /var/www (or the place where you stored the websites), the ispconfig database, all mysql databases of the websites incl. the “mysql” database, the users and passwords in /etc/passwd and /etc/group. Make sure that you backup the directories with preserved permoissions.

We must backup:
c. /var/www (web content)
b. /var/vmail (mail content)
a. /etc/passwd and /etc/group (users)
d. MySQL databases (is it better to stop mysql and tar.gz the /var/lib/mysql?)
e. All /etc/
f. /var/log

MY migration script


#database root password
export username=
export password=
NOW=$(date +”%d-%m-%Y”)

ssh root@IP_OLD rm -rf /root/BACKUP_SERVER/vmail.tar.gz
ssh root@IP_OLD tar -zcvf /root/BACKUP_SERVER/vmail.tar.gz /var/vmail
scp root@IP_OLD:/root/BACKUP_SERVER/vmail.tar.gz ./BACKUP_SERVER/
tar -zxvf vmail.tar.gz
cd ..
rm -rf /var/vmail
mv ./BACKUP_SERVER/var/vmail /var/

ssh root@IP_OLD rm -rf /root/BACKUP_SERVER/www.tar.gz
ssh root@IP_OLD tar -zcvf /root/BACKUP_SERVER/www.tar.gz /var/www
scp root@IP_OLD:/root/BACKUP_SERVER/www.tar.gz ./BACKUP_SERVER/
tar -zxvf www.tar.gz
cd ..
rm -rf /var/www
mv ./BACKUP_SERVER/var/www /var/

ssh root@IP_OLD rm -rf /root/BACKUP_SERVER/log.tar.gz
ssh root@IP_OLD tar -zcvf /root/BACKUP_SERVER/log.tar.gz /var/log
scp root@IP_OLD:/root/BACKUP_SERVER/log.tar.gz ./BACKUP_SERVER/
tar -zxvf log.tar.gz
cd ..
rm -rf /var/log
mv ./BACKUP_SERVER/var/log /var/

ssh root@IP_OLD rm -rf /root/BACKUP_SERVER/opt.tar.gz
ssh root@IP_OLD tar -zcvf /root/BACKUP_SERVER/opt.tar.gz /var/opt
scp root@IP_OLD:/root/BACKUP_SERVER/opt.tar.gz ./BACKUP_SERVER/
tar -zxvf opt.tar.gz
cd ..
rm -rf /var/opt
mv ./BACKUP_SERVER/var/opt /var/

export NOW

array=(mydb1 mydb2)
for DATABASE in “${array[@]}”



echo “COPY FILE”

mysql -u $username -p”$password” -e “DROP DATABASE IF EXISTS $DATABASE”

mysql -u $username -p”$password” -e “CREATE DATABASE $DATABASE”

echo “RESTORE”
mysql -u $username -p”$password” $DATABASE < ./BACKUP_SQL/$DATABASE$NOW.sql

echo “FINE”

export password=”


array=( pgdb1 pgdb2 )

for DATABASE in “${array[@]}”



echo “COPY FILE”


dropdb –host –port 5432 –username “postgres” –no-password $DATABASE

createdb –host –port 5432 –username “postgres” –no-password $DATABASE

pg_restore –host -U postgres -d $DATABASE –verbose ./BACKUP_SQL/$DATABASE$NOW.backup

Steps to Perform SSH Login Without Password Using ssh-keygen & ssh-copy-id

ssh-keygen creates the public and private keys. ssh-copy-id copies the local-host’s public key to the remote-host’s authorized_keys file. ssh-copy-id also assigns proper permission to the remote-host’s home, ~/.ssh, and ~/.ssh/authorized_keys.

Step 1: Create public and private keys using ssh-key-gen on local-host

jsmith@local-host$ [Note: You are on local-host here]

jsmith@local-host$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/jsmith/.ssh/id_rsa):[Enter key]
Enter passphrase (empty for no passphrase): [Press enter key]
Enter same passphrase again: [Pess enter key]
Your identification has been saved in /home/jsmith/.ssh/id_rsa.
Your public key has been saved in /home/jsmith/.ssh/id_rsa.pub.
The key fingerprint is:
33:b3:fe:af:95:95:18:11:31:d5:de:96:2f:f2:35:f9 jsmith@local-host

Step 2: Copy the public key to remote-host using ssh-copy-id

jsmith@local-host$ ssh-copy-id -i ~/.ssh/id_rsa.pub remote-host
jsmith@remote-host's password:
Now try logging into the machine, with "ssh 'remote-host'", and check in:


to make sure we haven't added extra keys that you weren't expecting.

Note: ssh-copy-id appends the keys to the remote-host’s .ssh/authorized_key.

Step 3: Login to remote-host without entering the password

jsmith@local-host$ ssh remote-host
Last login: Sun Nov 16 17:22:33 2008 from
[Note: SSH did not ask for password.]

jsmith@remote-host$ [Note: You are on remote-host here]

The above 3 simple steps should get the job done in most cases.

How to create custom service for Centos 7

Create a script like :


Description = FaradCrmService

After = network.target


ExecStart = /var/opt/jdk1.8.0_91/bin/java -jar /root/software/fia/farad-1.5.4.RELEASE.jar


WantedBy = multi-user.target

Put the script into -> /usr/lib/systemd/system/farad.service

create a symbolic link like this : ln -s /usr/lib/systemd/system/farad.service /etc/systemd/system/multi-user.target.wants/farad.service

enable the service : systemctl enable farad.service

start the service : service farad start

if modify the script, reload it with : systemctl daemon-reload

check it status : systemctl status farad.service

Apache not start : device: AH01760: failed to create lock (client_lock)

This’s very likely that Apache leaving a bunch of stray semaphore sets
lying around after an attempted restart of apache.

you can use the following commands to check:
#ipcs -s | grep apache

and use the following to kill:
ipcs -s | grep apache | awk ‘ { print $2 } ‘ | xargs -n 1 ipcrm -s

use the username you starts apache (e.g., specified by “User” directive)
instead of ‘apache’ in the commands.

Device: AH01760: failed to create lock (client_lock) – all nonce-count checking, one-time nonces, and MD5-sess algorithm disabled

Now, in almost all cases, Apache should start properly. If it doesn’t, you may just be completely out of available semaphores. You may want to increase your available semaphores, and you’ll need to tickle your kernel to do so. Add this to /etc/sysctl.conf:

And then run sysctl -p to pick up the new changes.