Installing Debian Wheezy in Amazon EC2

Installing Debian Wheezy in Amazon EC2

1. Go to the website of debian and look for the official AMIs.

https://wiki.debian.org/Cloud/AmazonEC2Image/Wheezy#A7.2


2. Get the AMI that you want and use it in ec2.

Example: ami-537f1b52


3. Go to the AMI and enter the ami id above in the search field.

4. Select the AMI and click Launch.

* Configure your instance on how you want it to be.

5. Once launched. Go to your Instances tab, select the instance, right-click then click on start.

6. To Connect to your running instance, follow the instructions below.

To access your instance:

Open an SSH client. (find out how to connect using PuTTY)

Locate your private key file (yourkeypair.pem). The wizard automatically detects the key you used to launch the instance.

Your key must not be publicly viewable for SSH to work. Use this command if needed:
chmod 400 yourkeypair.pem

Connect to your instance using its Public DNS:
ec2-12-123-45-67.ap-northeast-1.compute.amazonaws.com

Example:
ssh -i yourkeypair.pem admin@ec2-12-123-45-67.ap-northeast-1.compute.amazonaws.com

Debian Wheezy Sources.list (Debian 7)

In a network installation of Debian Wheezy (Debian 7), you need to update your packages or dependencies.

To do this, I listed the following lines.


#edit sources.list file
nano /etc/apt/sources.list

#insert the following lines
deb http://ftp.us.debian.org/debian/ wheezy main
deb-src http://ftp.us.debian.org/debian/ wheezy main

deb http://security.debian.org/debian-security wheezy/updates main contrib non-free

deb http://ftp.us.debian.org/debian/ wheezy-updates main
deb-src http://ftp.us.debian.org/debian/ wheezy-updates main

#update your sources
apt-get update



-----output-------
root@debian7:~# apt-get update
Get:1 http://security.debian.org wheezy/updates Release.gpg [836 B]
Get:2 http://security.debian.org wheezy/updates Release [102 kB]
Hit http://http.debian.net wheezy Release.gpg
Hit http://http.debian.net wheezy-updates Release.gpg
Get:3 http://security.debian.org wheezy/updates/main amd64 Packages [92.5 kB]
Hit http://http.debian.net wheezy Release
Hit http://http.debian.net wheezy-updates Release
Get:4 http://security.debian.org wheezy/updates/contrib amd64 Packages [14 B]
Hit http://http.debian.net wheezy/main Sources
Get:5 http://security.debian.org wheezy/updates/non-free amd64 Packages [14 B]
Hit http://http.debian.net wheezy/main amd64 Packages
Get:6 http://security.debian.org wheezy/updates/contrib Translation-en [14 B]
Hit http://http.debian.net wheezy/main Translation-en
Get:7 http://security.debian.org wheezy/updates/main Translation-en [53.3 kB]
Hit http://http.debian.net wheezy-updates/main Sources
Get:8 http://security.debian.org wheezy/updates/non-free Translation-en [14 B]
Hit http://http.debian.net wheezy-updates/main amd64 Packages
Ign http://http.debian.net wheezy-updates/main Translation-en
Fetched 249 kB in 4s (55.4 kB/s)
Reading package lists... Done

-----output-------

Join the VOIP & Tell!: Voip Users Conference.

Asterisk 12 Preview and you can get a chance to interact with Digium's Asterisk Leader of Development Team.

Friday April 12th at 12 Noon EDT

MD5 asterisk encryption

How to secure your passwords in your sip.conf / users.conf?



Linux Console:

Syntax: echo -n "<user>:<realm>:<secret>" | md5sum

Example:
$ echo -n "9001:asterisk:testpass123" | md5sum
cd9fc062abcc415c6505cbbe07ec18de  -



SIP.conf / USERS.conf
# add the following in your extension
md5secret="your md5 generated password from above"

Example:
md5secret=cd9fc062abcc415c6505cbbe07ec18de

iptables log on ubuntu lucid 10.04

# edit /etc/rsyslog.conf and add the following.

:msg,contains,"iptables" /var/log/iptables

& ~

example:

$nano /etc/rsyslog.conf


# if you experience problems, check
# http://www.rsyslog.com/troubleshoot for assistance

# rsyslog v3: load input modules
# If you do not load inputs, nothing happens!
# You may need to set the module load path if modules are not found.

$ModLoad immark   # provides --MARK-- message capability
$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imklog   # kernel logging (formerly provided by rklogd)

# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*                                                 /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none                -/var/log/messages

:msg,contains,"iptables" /var/log/iptables
& ~

# The authpriv file has restricted access.
authpriv.*                                              /var/log/secure

# Log all the mail messages in one place.
mail.*                                                  -/var/log/maillog

host key verification failed - fixed

When connecting to EC2 via ssh, you need to use authorized keys and correct username. When the attempt failed, you can't connect again even if you have the correct details.

The error looks like below:



@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@       WARNING: POSSIBLE DNS SPOOFING DETECTED!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The RSA host key for ec2-12-345-67-89.ap-southeast-1.compute.amazonaws.com has changed,
and the key for the corresponding IP address 12.345.67.89
has a different value. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
Offending key for IP in /root/.ssh/known_hosts:27
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
9a:1e:a5:82:12:23:a6:b7:63:d9:e0:12:0c:12:b2:02.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:38
RSA host key for ec2-12-345-67-89.ap-southeast-1.compute.amazonaws.com has changed and you have requested strict checking.
Host key verification failed.

Solution:
You need to remove the offending key from known hosts.

Console:
ssh-keygen -R hostname

Example:
ssh-keygen -R ec2-11-234-56-78.ap-southeast-1.compute.amazonaws.com

Debian Squeeze AMI for Amazon EC2

For reference, I got the following image of Debian Squeeze 6.0.1 - 32-bit. You can use this AMI to install your asterisk. 

Arch: 32bit

Version: 6.0.1 (Squeeze)

Disk: EBS

AMI ID: ami-b02d54e2
Size: 8GB
maintainer: chris.fordham@rightscale.com
login user: root

for more info: http://wiki.debian.org/Cloud/AmazonEC2Image

Sip Configuration of Asterisk on Amazon AWS EC2

Inorder for asterisk to work well in Amazon EC2, you need to do some tweaks in your asterisk configuration files. If you don't do this, you'll end up with no sound / no audio during your call.




1. Login to your instance.

$ ssh -i asterlui.pem root@ec2-123-456-789-101.ap-southeast-1.compute.amazonaws.com

2. Enter this command to get you external IP. 

$ curl -s http://169.254.169.254/latest/meta-data/public-ipv4

example output. 123.456.789.101

3. Edit your "sip.conf" and add the following settings.

$ nano /etc/asterisk/sip.conf

#add the two lines in your sip.conf

localnet=10.0.0.0/255.0.0.0

externip=123.456.789.101

4. Edit your extension/user config in your sip.conf / users.conf and change the value of nat to yes.


[asterlui]
secret=password
alwaysauthreject=yes
disallow=all
;allow=g722
;allow=g729
allow=ulaw
;allow=alaw
type=friend
nat=yes

5. Don't forget to reload asterisk. 

$ asterisk -rvvvvvvvvvvvvvvvvnc

ip-10-100-955-102*CLI>reload

Note: The settings you've added in your sip.conf is applicable to any Asterisk Server with Public IP.

List files within date range

Problem: List files from january 26 to february 25


Files:


asterlui@192.168.1.1:/usr/src/test$ ls -l
total 0
-rw-r--r-- 1 root root 0 Mar  1 07:32 log_20130126
-rw-r--r-- 1 root root 0 Mar  1 07:32 log_20130127
-rw-r--r-- 1 root root 0 Mar  1 07:32 log_20130225
-rw-r--r-- 1 root root 0 Mar  1 07:32 log_20130227

command: ls log_* | awk -F \_ -v start=20130126 -v end=20130225 '{d=substr($1,9); if (d>=start&&d<=end) print}'

asterlui@192.168.1.1:/usr/src/test$ ls log_* | awk -F \_ -v start=20130126 -v end=20130225 '{d=substr($0,9); if (d>=start&&d<=end) print}'

log_20130126

log_20130127

log_20130225

Debian Offline apt-get repositories

How to install debian packages/applications offline?

SOURCE MACHINE:
# make a directory to store the offline packages.
mkdir /luirepo

# copy all packages found in your cache archives directory.
cp /var/cache/apt/archives/*.deb /luirepo

# go to your directory with the copied packages.
cd /luirepo

# make packages.gz to be needed later on.
dpkg-scanpackages . /dev/null | gzip -9c > Packages.gz

DESTINATION MACHINE:
# copy the folder "luirepo" in your new machine and place it in the root folder. you can use winscp for copying.
/luirepo

# edit the sources.list of your new machine. point it to the directory.
nano /etc/apt/sources.list

---------------------------------
deb file:/luirepo/ /
---------------------------------

# you're done! try to update run some installations offline

#example 1:
apt-get update

#example 2:
apt-get install build-essential

Shell Script to Search Words in between Letters

In our example below.. It will display all the words that starts with letter "B" and ends with letter "D".

linux command:

wget -nv -O - "http://www.morewords.com/?=b*d" | awk '/word/' | awk '/class/' | awk 'sub(".........$", "")' | cut -b 1-31 --complement | rev | cut -d/ -f2- | rev

sample output:



baaed
babbitted
babbled
babied
babyhood
baccated
bached
bachelorhood
backbend
.
.
.
byword



Happy Scripting!