Generate and Add SSH keys to remote host.

Example: If you want to login from serverA to serverB without password then you need to follow the step below.
First Login to Server-A and generate SSH keys using ssh-keygen
command

[root@server-A /]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/justgeek/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/justgeek/.ssh/id_rsa.
Your public key has been saved in /home/justgeek/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx root@server
The key's randomart image is:
+---[RSA 2048]----+
|    .      ..oo..|
|   . . .  . .o.X.|
|    . . o.  ..+ B|
|   .   o.o  .+ ..|
|    ..o.S   o..  |
|   . %o=      .  |
|    @.B...     . |
|   o.=. o. . .  .|
|    .oo  E. . .. |
+----[SHA256]-----+

So you have successfully generated keys and now you need to copy public key to the remote host which you wish to login without password.

You need to append the key mentioned in /home/justgeek/.ssh/id_rsa.pub to server-b in the file /home/justgeek/.ssh/authorized_keys

So the file (/home/justgeek/.ssh/authorized_keys) on server-b will look something like this.

[justgeek@server-b]$ cat /home/justgeek/.ssh/authorized_keys
ssh-rsa QFSJZPPFWWFa4sLrqXPNyY2gJWtef7ZBYFEc19sl6BjnhwMMRnBrcGX1JBlm3fWW8+DwmwrG73LEomYk5KZNKV1nCNjwhLCanmmZwv8R6TIOrMASV4aOIFvVWgYDlKfQsmqZFKQm2H5Pem7qUGdJ962I9ZeC8pqPwYPR2YMrWiffMBlBXfqhfjiZlxyhuPeBr2YwPEyPoJ1iSdMarG3HgbCTkcfYHn4L9RMLvN4wrgkN3n1b8ArR3JV7kg0IIvxAAYlTQaZtl0f70yLSSO0SI1ZTQryPC0hWCS5Uz5T12YtEC85ymYhA\4vOnKebfXhuCsiGiCY5zVWNfXBNdXcXyeUrqV9HyKtjHdpcH6iB7MNSiIRn5F74== justgeek@server-a

Note: Key mentioned above is just an example, it’s not a real key.

Another, simple command to copy key to server-b is using ssh-copy-id

[root@server-a /]# ssh-copy-id justgeek@server-b
justgeek@server-b's password:
X11 forwarding request failed on channel 0

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'server-b'"
and check to make sure that only the key(s) you wanted were added.

Bingo !! Now just do ssh justgeek@server-b from server-a and password won’t be asked.

Dig Command Examples

Simple Dig Command

[root@server ~]# dig justgeek.net

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> justgeek.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53092
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;justgeek.net.                  IN      A

;; ANSWER SECTION:
justgeek.net.           267     IN      A       104.28.12.34
justgeek.net.           267     IN      A       104.28.13.34
justgeek.net.           267     IN      A       172.67.130.28

;; Query time: 10 msec
;; SERVER: 108.61.10.10#53(108.61.10.10)
;; WHEN: Wed May 27 07:13:17 UTC 2020
;; MSG SIZE  rcvd: 89

How to check A record of the website using DIG command

[root@server ~]# dig redhat.com +noall +answer

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> redhat.com +noall +answer
;; global options: +cmd
redhat.com. 3547 IN A 209.132.183.105

Check MX record using dig command

[root@server ~]# dig redhat.com MX +noall +answer

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> redhat.com MX +noall +answer
;; global options: +cmd
redhat.com. 600 IN MX 10 us-smtp-inbound-2.mimecast.com.
redhat.com. 600 IN MX 10 us-smtp-inbound-1.mimecast.com.
[root@server ~]#

How to check NS record of the website using DIG command.

[root@server ~]# dig justgeek.net NS +noall +answer

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> justgeek.net NS +noall +answer
;; global options: +cmd
justgeek.net. 86400 IN NS kia.ns.cloudflare.com.
justgeek.net. 86400 IN NS jerome.ns.cloudflare.com.
[root@server ~]#

About nslookup

So here we wil learn about NSLOOKUP (Name Server Lookup) and we will see some of it’s examples.

So we will start with, What is nslookup

nslookup is the tool which lets you the enter the host-name or domain name and see it’s corresponding IP address. It also lets you to pass IP address and get corresponding hostname. (reverse DNS)

Installation, if your CentOS machine says nslookup command not found.

[root@server /]# nslookup google.com
-bash: nslookup: command not found

so here you will have to Install bind-utils to get nslookup command. Simply run yum install bind-utils to take advantage of nslookup command.

[root@server /]# yum install bind-utils

nslookup command examples.

nslookup command followed by domain/hostname will display IP address of the domain.

[root@server /]# nslookup unix.com
Server:         108.61.10.10
Address:        108.61.10.10#53
 
Non-authoritative answer:
Name:   unix.com
Address: 209.126.104.117

You can use -type option to get various dns details. For example to get MX records.

[root@server /]# nslookup -type=mx redhat.com
Server:         108.61.10.10
Address:        108.61.10.10#53

Non-authoritative answer:
redhat.com      mail exchanger = 10 us-smtp-inbound-2.mimecast.com.
redhat.com      mail exchanger = 10 us-smtp-inbound-1.mimecast.com.

To get nameserver of the domain.

[root@server /]# nslookup -type=ns google.com
Server:         108.61.10.10
Address:        108.61.10.10#53

Non-authoritative answer:
google.com      nameserver = ns3.google.com.
google.com      nameserver = ns2.google.com.
google.com      nameserver = ns1.google.com.
google.com      nameserver = ns4.google.com.

Reverse DNS

[root@server /]#  nslookup 209.132.183.181
181.183.132.209.in-addr.arpa    name = origin-www2.redhat.com.

Authoritative answers can be found from:

To get Information using specific DNS server.

[root@server /]# nslookup redhat.com ns1.redhat.com
Server:         ns1.redhat.com
Address:        209.132.186.218#53

Name:   redhat.com
Address: 209.132.183.105

we have used the ns1.redhat.com as the DNS server. Here you may notice that, we don’t get any “Non-authoritative answer:” header, since ns1.redhat.com has all the zone information of redhat.com

Shell Script to reboot multiple servers.

Here is simple bash script where you can add the server names in the command line and then it will go on rebooting every server which you have listed.

Script Usage:-

[root@server /]# ./server-reboot.sh appserver1 sqlserver1 dataserver1

Above command will reboot appserver1 sqlserver1 and dataserver1, if you have not setup ssh keys it will ask for password.

To use this script create a file called server-reboot.sh and following contents.

#!/bin/bash
for server in "${@}"
do
{
scriptName=$0
scriptPath=$(dirname $0)
script=$scriptPath/boot.txt
command=`base64 -w0 $script`
ssh -t $server "echo $command | base64 -d | sudo bash"
}
done

Create a another file named boot.txt in the same location where you have created server-reboot.sh.

for ((i=03; i>0; i--)); do sleep 1 ; printf "\rREBOOTING SERVER in $i Second. PRESS CTRL + C to cancel " ; done
shutdown -rf now

Save both the files, give execute permissions to server-reboot.sh and start rebooting.

It’s just not reboot script but you can add any commands which you want to run on multiple Linux servers in the file boot.txt

There are many other ways to do the same task but this works best for my environment. Add in comments what works best for you.