Category Archives: Linux

The Linux Category actually encompasses *BSD, RH, Fedora, Ubuntu, and the like.

Forgotten Passwords

I can’t tell you the number of people that come up to me and ask if I can retrieve their password. For certain devices I can either reset the password or I can figure out a way to reset the password. Several websites give options to reset your password. Several Instant Messaging programs give the option to reset your password. I’m really just trying to see how many times I can type “reset your password”.

So here’s the lowdown on what can be reset, and a mostly “how-to” do it:

Mac OS 6.* – 8.5: If you set up a password you’re a fool. The OS doesn’t support native passwords and is a single user OS. You set one? Reformat and start from scratch. Or just live with it.
Mac OS 8.6 – 9.*: Read above. The OS was meant to be a single user Operating System, but somewhere along the line someone decided it would be a good idea to include basic password login protection. Usually a reboot will yield an “auto login” situation where you can change the preferences of a screen saver password. Otherwise you’ll have to reformat once again.
Mac OS X.*: Here’s the really easy part – Apple has included the utility to reset the password for you. It’s on the Apple Installation Disc. Don’t have the disc? You’ll have to download or buy one then. Have the disc? Boot off of it (press and hold C while turning on the computer), and then when you see a menu at the top of the screen click on Utilities. You’ll now see a “reset password” option. You can get the rest from there.

Windows 95/98: Press ESC instead of trying to login.
Windows ME: Burn your computer and that crappy Operating System and buy a new one.
Windows 2000/NT/XP/2003/Vista: Find a linux boot disc (knoppix should work) that can edit SAM files and reset administrator passwords.

Ubuntu: Press ESC at the grub prompt, Press E for edit, Select the line that begins with Kernel and press E, Go to the very end of the line and add “rw init=/bin/bash” without the quotes, Press enter and then B to reboot. This will give you full root shell access, so then type “passwd ” to reset that user’s password.

A lot of people work in corporations with Active Directory Microsoft Windows computers. Here’s a couple things that people should know:
1.) Administrators do NOT know your password for your login to the computer. We can reset it, but we can’t retrieve it (with normal means)
2.) Administrators do NOT know your password for your personal chatting application. We, like EVERY OTHER PERSON, can go to the provider’s website (ie and have them send a reset password email to the registered email address.
3.) Administrators do NOT know the POP server or IMAP settings to your personal email. I actually block access to POP and IMAP so I don’t have to hear this one daily.

Eggdrop Bot Installation on Ubuntu

Since I’m being lazy this post is mostly for me. Here’s a good starting place:
After you’ve downloaded the tar.gz file, uploaded it to your server, and pretty much gone to ./configure, then come back here.

If you can go to ./configure and everything runs peachy, you’re a better system setup guy than I am. Otherwise Eggdrop requires TCL to be installed and compiled (you should get some sort of compiler error saying it can’t create executables if not installed).

apt-get install gcc
apt-get install tcl8.4
apt-get install tcl8.4-dev

That’s it. Go and run that ./configure again.

Unless you’re on Ubuntu 14.04…
./configure --with-tclinc=/usr/include/tcl8.6/tcl.h --with-tcllib=/usr/lib/x86_64-linux-gnu/

Apt-Get not apt-getting

I had just finished installing Ubuntu 7.10 on a virtual machine. This virtual machine had no active connection to the internet (which is why this actually happened).

After install, I tried to run the software update service. It said that there were no updates to install. I tried to apt-get install ssh and that failed too. So I tried apt-get update. No updates. Hmmm.

It turns out that if there is no active connection, Ubuntu will comment out all the sources for software in the sources.list file. You can find it here:
cd /etc/apt
nano sources.list
uncomment some of the repositories and save the file
apt-get update

Ubuntu Broadcom BCM4318 802.11g Laptop Wireless Driver

A fresh install of Ubuntu 7.04 or 7.10 will yield quite a few drivers built in. I’m actually impressed that most of the devices on my laptop work right out of the box (so to speak). Not complaining about Windows too much, but I’m constantly drawn towards Linux because of the support given via hundreds of thousands of individual peoples. Have an issue? Probably it’s been well documented and there are fixes available. If not, someone can most likely help you out. Want to make changes to your OS? Want free software and free support? Linux.

Now that the rant is over with, here’s an issue I came across while installing 7.04 AND 7.10 on my laptop (actually Windows had this issue too, but it’s much easier to find driver support on that side). The problem was my built-in Broadcom wireless 54G card (BCM4318 is the model). I didn’t want to use ndiswrapper to solve this one. I wanted a linux native driver.

BCM43xx Auto Install Driver

This is a debian package script that will install the Linux Native driver. Double click, install, reboot. If the wireless doesn’t work, you may have the wrong Broadcom card installed, or you will have to use ndiswrapper.

EDIT 08042008
Ubuntu 8.04 and beyond actually has built-in support for the Broadcom Card (not quite as good as the NDIS wrapper, but it will connect at 54mbps and has fairly decent range). You can go to System, Administration, Hardware Drivers. It should then be listed as one of the available to use.

Ubuntu Startup Screen Blank Issue

That’s the best description I could come up with. Basically I installed Ubuntu 7.10 on my laptop (Compaq V5000 CTO). After a series of simple updates, I no longer had the booting Ubuntu screen with the progress loading bar. Basically the Grub boot menu will load, but then the screen goes blank for roughly 2 to 3 minutes. Then the login screen for Ubuntu will finally load. After a series of quick google searches, I finally came across the answer:

It’s a resolution issue.

Here’s the fix:
1.) Open up Terminal
2.) CD to /etc/
3.) Nano usplash.conf
4.) Change the resolutions to 1024×768
5.) Save the file
6.) sudo update-initramfs -u -k `uname -r`

It looks like this is an issue mostly found on ATI based computers. So if you have an nVidia based video card, you probably won’t be able to fix this using the above technique (correct me if I’m wrong). After the fix, the boot time went from 2 to 3 minutes down to less than 30 seconds. I’d say that’s a pretty good bug fix.

EDIT 08042008
I’m pretty sure since 804 came out this is no longer an issue.

Secure Your Linux Box

Here are just a few small tricks to use to secure your linux based machines.

Disable Direct SSH Access For Root – Hackers must break or know TWO passwords to damage your system
1. SSH into your machine as root
2. cd /etc/ssh
3. nano /sshd_config
4. Under Authentication change PermitRootLogin to “no”
5. service sshd restart (Ubuntu is sudo /etc/init.d/ssh restart)

Slow Down SSH Attempts – This slows down attempts to no more than 3 per minute
1. SSH into your machine and su to root
2. iptables -I INPUT -p tcp –dport 22 -i eth0 -m state –state NEW -m recent –set
3. iptables -I INPUT -p tcp –dport 22 -i eth0 -m state –state NEW -m recent –update –seconds 60 –hitcount 4 -j DROP
4. iptables-save
5. iptables restart

[UPDATE 01.28.2008]
This requires a new(er) kernel with built-in support for the “recent” tag
1. SSH into your machine and su to root
2. iptables -N SSH_CHECK (this will create a new chain to lable all incoming SSH connections as SSH_CHECK)
3. iptables -A INPUT -p tcp –dport 22 -m state –state NEW -j SSH_CHECK (Checks the connection state port 22)
4. iptables -A SSH_CHECK -m recent –set –name SSH (labels the session type as SSH)
5. iptables -A SSH_CHECK -m recent –update –seconds 60 –hitcount 4 –name SSH -j DROP (Drops the connection if the hit counter reaches 4 in 60 seconds)

And then in Ubuntu
6. nano /etc/network/interfaces
7. After your eth0 or other network connection, add pre-up iptables-restore /etc/iptables.rules and post-down iptables-restore /etc/iptables.rules

[UPDATE 05.05.2009]
Running on Debian 5 this one works:
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 3 -j DROP

[UPDATE 01.06.2010]
Running on Ubuntu 9.10 this works:
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 240 --hitcount 3 -j DROP

This only allows 3 connection attempts (or successes) for every 6 minutes. Since my box is a small one that doesn’t require a lot of logins, I’d probably go even higher than this. Too high, though, and you could be locked out of your own box by others.

If you were to reboot your machine right now, your iptables configuration would disappear. Rather than type this each time you reboot, however, you can save the configuration, and have it start up automatically. To save the configuration, you can use iptables-save and iptables-restore.

[UPDATE 02.15.2010]
You can also limit based on username and IP address:

Limit based on Username:
nano /etc/ssh/sshd_config

PermitRootLogin no
AllowUsers userA userB@localhost userC@IPaddress

Limit based on IP address:
nano /etc/hosts.allow

sshd : localhost
sshd :
sshd :
sshd : localhost 192.168.1.*

nano /etc/hosts.deny

sshd : all

[UPDATE 08.31.2010]
You should probably make sure that your phpmyadmin and webmin installations are secured as well. It’s not hard to check the logs and see that there are many bots trying to gain access to these two installations – even if you don’t have them installed/configured on your box. Damn bots…

nano /etc/apache2/conf.d/phpmyadmin.conf

Obviously add your own IP’s into the config file. Then save the file and exit. Then restart apache.
apache2ctl restart