Basic Openssl Commands

Openssl is an open source implementation SSL protocol. It is widely used and it has different functions which allows you to check CSR, Certificate and it’s expiry.

Here are some basic open commands which will be useful when you are dealing with certificate or anything related to that.

To decode certificate.

[root@server ~]# openssl x509 -in certificate.crt -text -noout

Check Expiry Date of Certificate Using OpenSSL command

[root@server ~]# cat certificate.crt | openssl x509 -noout -enddate

How to see if Certificate and a Private Key match.
Compare the output from both commands. If they are identical then the private key matches the certificate.

openssl pkey -in privateKey.key -pubout -outform pem | sha256sum
openssl x509 -in certificate.crt -pubkey -noout -outform pem | sha256sum 

Above are the most basic Operations and Widely used. Do let me know if you want us to add more here. So you can refer here.

How to use Array in Bash Scripting

First we will see what is Array in Linux

If you have been doing shell scripting, you must have definitely came across the term called variable. So when you use a variable, you can add a single name to the variable – In other words one variable can hold only one value.

Example of an Variable

#!/bin/bash
cityname="Berlin"
echo "$cityname"

So if you want to hold names of multiple cities, then you will have to create new variable for each city.

For an Example

cityname01="Berlin"
cityname02="Tokyo"
cityname03="Moscow"
cityname04="Rio"
cityname05="Denver"

However, to ease life we could use a single Array which could hold up all values in a single variable.

To define Array :-

cityname[0]="Berlin"
cityname[1]="Tokyo"
cityname[2]="Moscow"
cityname[3]="Rio"
cityname[4]="Denver"

So here we have stored all city Names in a Array called “cityname”. So now question is how do you access an Array.

You just need to echo it’s number 🙂 Like shown below.

#!/bin/bash
cityname[0]="Berlin"
cityname[1]="Tokyo"
cityname[2]="Moscow"
cityname[3]="Rio"
cityname[4]="Denver"
echo "${cityname[3]}"

So above script will print “Rio” If you want to print all city names then you would use

echo "${cityname[@]}"

OR

echo "${cityname[*]}"

You can copy paste the script below and run it which will help you understand better.

#!/bin/bash
cityname[0]="Berlin"
cityname[1]="Tokyo"
cityname[2]="Moscow"
cityname[3]="Rio"
cityname[4]="Denver"

echo Cities I love are : "${cityname[@]}"

Output would be.

Cities I love are : Berlin Tokyo Moscow Rio Denver

How to change Default SSH port

Why should you change default SSH port in Linux?

The main reason to change the default SSH Port from 22 to something else is to prevent server from SSH attacks. Port 22 is default SSH port and that is the first thing it would be tried. Changing default port will prevent your server from brute-force and malicious attacks.

How to change SSH port in Linux

To change SSH port you will need to have root access to the system. The first Step would be choosing the port. You should always avoid ports from 0-1023 as they are system default ports.

Open file /etc/ssh/sshd_config

[root@server ~]# vi /etc/ssh/sshd_config

Looks for the line below

#Port 22

Now remove comment and change the port, so the line should look something like this.

Port 5867

Now you will need to restart sshd service so the changes would be reflected.

[root@server ~]# systemctl restart sshd

Important Note: Before you change port please make sure you have whitelisted the new port in the firewall, else you will be locking your self out.

Testing the Changes

Well, the golden rule is to verify all the changes you do and make sure it works. So before logging out the current session, you will have to make sure that you are able to access the server using new port.

[root@server ~]# ssh -p 5867 username@your-server-ip

Done, you have successfully updated SSH port. Please do always remember to allow new port in firewall and to test new port before closing the current session – so that you don’t lock out.

Grep Command Examples.

The grep is a Linux utility command which will help you in searching the contents within the file. It is the most useful when you are debugging through a large message file. It can be helpful in the scripts too.

Below are the few examples and the tricks for grep command.

Grep Command to highlight Color

Below command will search for “DB Error” in the /var/log/messages and highlight it with red color so you can quickly identify.

[root@server ~]# grep --color "DB Error" /var/log/messages

Print 3 lines before and after the pattern match in grep

If you want to print the lines before/after the pattern matches then you can use -A (after) or -B (before) option. Below command will print 3 lines before and after match.

[root@server ~]# grep "DB Error" /var/log/messages -A3 -B3