Installing Debian Wheezy in Amazon EC2
1. Go to the website of debian and look for the official AMIs.
https://wiki.debian.org/Cloud/AmazonEC2Image/Wheezy#A7.2
2. Get the AMI that you want and use it in ec2.
Example: ami-537f1b52
3. Go to the AMI and enter the ami id above in the search field.
4. Select the AMI and click Launch.
* Configure your instance on how you want it to be.
5. Once launched. Go to your Instances tab, select the instance, right-click then click on start.
6. To Connect to your running instance, follow the instructions below.
To access your instance:
Open an SSH client. (find out how to connect using PuTTY)
Locate your private key file (yourkeypair.pem). The wizard automatically detects the key you used to launch the instance.
Your key must not be publicly viewable for SSH to work. Use this command if needed:
chmod 400 yourkeypair.pem
Connect to your instance using its Public DNS:
ec2-12-123-45-67.ap-northeast-1.compute.amazonaws.com
Example:
ssh -i yourkeypair.pem admin@ec2-12-123-45-67.ap-northeast-1.compute.amazonaws.com
Wednesday, November 20, 2013
Tuesday, July 30, 2013
Debian Wheezy Sources.list (Debian 7)
In a network installation of Debian Wheezy (Debian 7), you need to update your packages or dependencies.
To do this, I listed the following lines.
#edit sources.list file
nano /etc/apt/sources.list
#insert the following lines
deb http://ftp.us.debian.org/debian/ wheezy main
deb-src http://ftp.us.debian.org/debian/ wheezy main
deb http://security.debian.org/debian-security wheezy/updates main contrib non-free
deb http://ftp.us.debian.org/debian/ wheezy-updates main
deb-src http://ftp.us.debian.org/debian/ wheezy-updates main
#update your sources
apt-get update
-----output-------
root@debian7:~# apt-get update
Get:1 http://security.debian.org wheezy/updates Release.gpg [836 B]
Get:2 http://security.debian.org wheezy/updates Release [102 kB]
Hit http://http.debian.net wheezy Release.gpg
Hit http://http.debian.net wheezy-updates Release.gpg
Get:3 http://security.debian.org wheezy/updates/main amd64 Packages [92.5 kB]
Hit http://http.debian.net wheezy Release
Hit http://http.debian.net wheezy-updates Release
Get:4 http://security.debian.org wheezy/updates/contrib amd64 Packages [14 B]
Hit http://http.debian.net wheezy/main Sources
Get:5 http://security.debian.org wheezy/updates/non-free amd64 Packages [14 B]
Hit http://http.debian.net wheezy/main amd64 Packages
Get:6 http://security.debian.org wheezy/updates/contrib Translation-en [14 B]
Hit http://http.debian.net wheezy/main Translation-en
Get:7 http://security.debian.org wheezy/updates/main Translation-en [53.3 kB]
Hit http://http.debian.net wheezy-updates/main Sources
Get:8 http://security.debian.org wheezy/updates/non-free Translation-en [14 B]
Hit http://http.debian.net wheezy-updates/main amd64 Packages
Ign http://http.debian.net wheezy-updates/main Translation-en
Fetched 249 kB in 4s (55.4 kB/s)
Reading package lists... Done
To do this, I listed the following lines.
#edit sources.list file
nano /etc/apt/sources.list
#insert the following lines
deb http://ftp.us.debian.org/debian/ wheezy main
deb-src http://ftp.us.debian.org/debian/ wheezy main
deb http://security.debian.org/debian-security wheezy/updates main contrib non-free
deb http://ftp.us.debian.org/debian/ wheezy-updates main
deb-src http://ftp.us.debian.org/debian/ wheezy-updates main
#update your sources
apt-get update
-----output-------
root@debian7:~# apt-get update
Get:1 http://security.debian.org wheezy/updates Release.gpg [836 B]
Get:2 http://security.debian.org wheezy/updates Release [102 kB]
Hit http://http.debian.net wheezy Release.gpg
Hit http://http.debian.net wheezy-updates Release.gpg
Get:3 http://security.debian.org wheezy/updates/main amd64 Packages [92.5 kB]
Hit http://http.debian.net wheezy Release
Hit http://http.debian.net wheezy-updates Release
Get:4 http://security.debian.org wheezy/updates/contrib amd64 Packages [14 B]
Hit http://http.debian.net wheezy/main Sources
Get:5 http://security.debian.org wheezy/updates/non-free amd64 Packages [14 B]
Hit http://http.debian.net wheezy/main amd64 Packages
Get:6 http://security.debian.org wheezy/updates/contrib Translation-en [14 B]
Hit http://http.debian.net wheezy/main Translation-en
Get:7 http://security.debian.org wheezy/updates/main Translation-en [53.3 kB]
Hit http://http.debian.net wheezy-updates/main Sources
Get:8 http://security.debian.org wheezy/updates/non-free Translation-en [14 B]
Hit http://http.debian.net wheezy-updates/main amd64 Packages
Ign http://http.debian.net wheezy-updates/main Translation-en
Fetched 249 kB in 4s (55.4 kB/s)
Reading package lists... Done
-----output-------
Thursday, April 11, 2013
Monday, April 8, 2013
MD5 asterisk encryption
How to secure your passwords in your sip.conf / users.conf?
Linux Console:
Syntax: echo -n "<user>:<realm>:<secret>" | md5sum
Example:
$ echo -n "9001:asterisk:testpass123" | md5sum
cd9fc062abcc415c6505cbbe07ec18de -
SIP.conf / USERS.conf
# add the following in your extension
md5secret="your md5 generated password from above"
Example:
md5secret=cd9fc062abcc415c6505cbbe07ec18de
Linux Console:
Syntax: echo -n "<user>:<realm>:<secret>" | md5sum
Example:
$ echo -n "9001:asterisk:testpass123" | md5sum
cd9fc062abcc415c6505cbbe07ec18de -
SIP.conf / USERS.conf
# add the following in your extension
md5secret="your md5 generated password from above"
Example:
md5secret=cd9fc062abcc415c6505cbbe07ec18de
Wednesday, March 20, 2013
iptables log on ubuntu lucid 10.04
# edit /etc/rsyslog.conf and add the following.
:msg,contains,"iptables" /var/log/iptables
& ~
$nano /etc/rsyslog.conf
# if you experience problems, check
# http://www.rsyslog.com/troubleshoot for assistance
# rsyslog v3: load input modules
# If you do not load inputs, nothing happens!
# You may need to set the module load path if modules are not found.
$ModLoad immark # provides --MARK-- message capability
$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imklog # kernel logging (formerly provided by rklogd)
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none -/var/log/messages
:msg,contains,"iptables" /var/log/iptables
& ~
# The authpriv file has restricted access.
authpriv.* /var/log/secure
# Log all the mail messages in one place.
mail.* -/var/log/maillog
:msg,contains,"iptables" /var/log/iptables
& ~
example:
$nano /etc/rsyslog.conf
# if you experience problems, check
# http://www.rsyslog.com/troubleshoot for assistance
# rsyslog v3: load input modules
# If you do not load inputs, nothing happens!
# You may need to set the module load path if modules are not found.
$ModLoad immark # provides --MARK-- message capability
$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imklog # kernel logging (formerly provided by rklogd)
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none -/var/log/messages
:msg,contains,"iptables" /var/log/iptables
& ~
# The authpriv file has restricted access.
authpriv.* /var/log/secure
# Log all the mail messages in one place.
mail.* -/var/log/maillog
Wednesday, March 13, 2013
host key verification failed - fixed
When connecting to EC2 via ssh, you need to use authorized keys and correct username. When the attempt failed, you can't connect again even if you have the correct details.
The error looks like below:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The RSA host key for ec2-12-345-67-89.ap-southeast-1.compute.amazonaws.com has changed,
and the key for the corresponding IP address 12.345.67.89
has a different value. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
Offending key for IP in /root/.ssh/known_hosts:27
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
9a:1e:a5:82:12:23:a6:b7:63:d9:e0:12:0c:12:b2:02.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:38
RSA host key for ec2-12-345-67-89.ap-southeast-1.compute.amazonaws.com has changed and you have requested strict checking.
Host key verification failed.
Solution:
You need to remove the offending key from known hosts.
Console:
ssh-keygen -R hostname
Example:
ssh-keygen -R ec2-11-234-56-78.ap-southeast-1.compute.amazonaws.com
The error looks like below:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The RSA host key for ec2-12-345-67-89.ap-southeast-1.compute.amazonaws.com has changed,
and the key for the corresponding IP address 12.345.67.89
has a different value. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
Offending key for IP in /root/.ssh/known_hosts:27
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
9a:1e:a5:82:12:23:a6:b7:63:d9:e0:12:0c:12:b2:02.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:38
RSA host key for ec2-12-345-67-89.ap-southeast-1.compute.amazonaws.com has changed and you have requested strict checking.
Host key verification failed.
Solution:
You need to remove the offending key from known hosts.
Console:
ssh-keygen -R hostname
Example:
ssh-keygen -R ec2-11-234-56-78.ap-southeast-1.compute.amazonaws.com
Friday, March 1, 2013
Debian Squeeze AMI for Amazon EC2
For reference, I got the following image of Debian Squeeze 6.0.1 - 32-bit. You can use this AMI to install your asterisk.
Arch: 32bit
Version: 6.0.1 (Squeeze)
Disk: EBS
AMI ID: ami-b02d54e2
Size: 8GB
maintainer: chris.fordham@rightscale.com
login user: root
for more info: http://wiki.debian.org/Cloud/AmazonEC2Image
Size: 8GB
maintainer: chris.fordham@rightscale.com
login user: root
for more info: http://wiki.debian.org/Cloud/AmazonEC2Image
Sip Configuration of Asterisk on Amazon AWS EC2
Inorder for asterisk to work well in Amazon EC2, you need to do some tweaks in your asterisk configuration files. If you don't do this, you'll end up with no sound / no audio during your call.
1. Login to your instance.
1. Login to your instance.
$ ssh -i asterlui.pem root@ec2-123-456-789-101.ap-southeast-1.compute.amazonaws.com
2. Enter this command to get you external IP.
$ curl -s http://169.254.169.254/latest/meta-data/public-ipv4
example output. 123.456.789.101
3. Edit your "sip.conf" and add the following settings.
$ nano /etc/asterisk/sip.conf
#add the two lines in your sip.conf
localnet=10.0.0.0/255.0.0.0
externip=123.456.789.101
4. Edit your extension/user config in your sip.conf / users.conf and change the value of nat to yes.
[asterlui]
secret=password
alwaysauthreject=yes
disallow=all
;allow=g722
;allow=g729
allow=ulaw
;allow=alaw
type=friend
nat=yes
5. Don't forget to reload asterisk.
[asterlui]
secret=password
alwaysauthreject=yes
disallow=all
;allow=g722
;allow=g729
allow=ulaw
;allow=alaw
type=friend
nat=yes
5. Don't forget to reload asterisk.
$ asterisk -rvvvvvvvvvvvvvvvvnc
ip-10-100-955-102*CLI>reload
Note: The settings you've added in your sip.conf is applicable to any Asterisk Server with Public IP.
Thursday, February 28, 2013
List files within date range
Problem: List files from january 26 to february 25
Files:
asterlui@192.168.1.1:/usr/src/test$ ls -l
total 0
-rw-r--r-- 1 root root 0 Mar 1 07:32 log_20130126
-rw-r--r-- 1 root root 0 Mar 1 07:32 log_20130127
-rw-r--r-- 1 root root 0 Mar 1 07:32 log_20130225
-rw-r--r-- 1 root root 0 Mar 1 07:32 log_20130227
Files:
asterlui@192.168.1.1:/usr/src/test$ ls -l
total 0
-rw-r--r-- 1 root root 0 Mar 1 07:32 log_20130126
-rw-r--r-- 1 root root 0 Mar 1 07:32 log_20130127
-rw-r--r-- 1 root root 0 Mar 1 07:32 log_20130225
-rw-r--r-- 1 root root 0 Mar 1 07:32 log_20130227
command: ls log_* | awk -F \_ -v start=20130126 -v end=20130225 '{d=substr($1,9); if (d>=start&&d<=end) print}'
asterlui@192.168.1.1:/usr/src/test$ ls log_* | awk -F \_ -v start=20130126 -v end=20130225 '{d=substr($0,9); if (d>=start&&d<=end) print}'
log_20130126
log_20130127
log_20130225
Wednesday, February 13, 2013
Debian Offline apt-get repositories
How to install debian packages/applications offline?
SOURCE MACHINE:
# make a directory to store the offline packages.
mkdir /luirepo
# copy all packages found in your cache archives directory.
cp /var/cache/apt/archives/*.deb /luirepo
# go to your directory with the copied packages.
cd /luirepo
# make packages.gz to be needed later on.
dpkg-scanpackages . /dev/null | gzip -9c > Packages.gz
DESTINATION MACHINE:
# copy the folder "luirepo" in your new machine and place it in the root folder. you can use winscp for copying.
/luirepo
# edit the sources.list of your new machine. point it to the directory.
nano /etc/apt/sources.list
---------------------------------
deb file:/luirepo/ /
---------------------------------
# you're done! try to update run some installations offline
#example 1:
apt-get update
#example 2:
apt-get install build-essential
SOURCE MACHINE:
# make a directory to store the offline packages.
mkdir /luirepo
# copy all packages found in your cache archives directory.
cp /var/cache/apt/archives/*.deb /luirepo
# go to your directory with the copied packages.
cd /luirepo
# make packages.gz to be needed later on.
dpkg-scanpackages . /dev/null | gzip -9c > Packages.gz
DESTINATION MACHINE:
# copy the folder "luirepo" in your new machine and place it in the root folder. you can use winscp for copying.
/luirepo
# edit the sources.list of your new machine. point it to the directory.
nano /etc/apt/sources.list
---------------------------------
deb file:/luirepo/ /
---------------------------------
# you're done! try to update run some installations offline
#example 1:
apt-get update
#example 2:
apt-get install build-essential
Thursday, February 7, 2013
Shell Script to Search Words in between Letters
In our example below.. It will display all the words that starts with letter "B" and ends with letter "D".
linux command:
wget -nv -O - "http://www.morewords.com/?=b*d" | awk '/word/' | awk '/class/' | awk 'sub(".........$", "")' | cut -b 1-31 --complement | rev | cut -d/ -f2- | rev
sample output:
baaed
babbitted
babbled
babied
babyhood
baccated
bached
bachelorhood
backbend
.
.
.
byword
Happy Scripting!
linux command:
wget -nv -O - "http://www.morewords.com/?=b*d" | awk '/word/' | awk '/class/' | awk 'sub(".........$", "")' | cut -b 1-31 --complement | rev | cut -d/ -f2- | rev
sample output:
baaed
babbitted
babbled
babied
babyhood
baccated
bached
bachelorhood
backbend
.
.
.
byword
Happy Scripting!
Subscribe to:
Posts (Atom)