Suji's blog

Format of the /etc/passwd file A non-shadowed /etc/passwd file has the following format: username:passwd:UID:GID:full_name:directory:shell Where: username The user (login) name passwd The encoded password UID Numerical user ID GID Numerical default group ID full_name The user's full name - Actually this field is called the GECOS (General Electric Comprehensive Operating System) field and can store information other than just the full name. The Shadow commands and manual pages refer to this field as the comment field. directory User's home directory (Full pathname) shell User's login shell (Full Pathname) For example: username:Npge08pfz4wuk:503:100:Full Name:/home/username:/bin/sh Where Np is the salt and ge08pfz4wuk is the encoded password. The encoded salt/password could just as easily have been kbeMVnZM0oL7I and the two are exactly the same password. There are 4096 possible encodings for the same password. (The example password in this case is '

Configuration of disk usage quotas on Linux - Perform the following as root: Edit file /etc/fstab to add qualifier "usrquota" or "grpquota" to the partition. The following file system mounting options can be specified in /etc/fstab : grpquota, noquota, quota and usrquota. (These options are also accepted by the mount command but ignored.) The filesystem when mounted will show up in the file /etc/mtab , the list of all currently mounted filesystems.) To enable user quota support on a file system, add "usrquota" to the fourth field containing the word "defaults". ... /dev/hda2 /home ext3 defaults,usrquota 1 1 ... Replace "usrquota" with "grpquota", should you need group quota support on a file system. ... /dev/hda2 /home ext3 defaults,grpquota 1 1

Use self-signed certificates to test single systems, such as a test web server. Self-signed certificates become impractical in any other case. A local CA , while more complex to setup, reduces the number of keys that need to be distributed for verification, and properly replicates a real world certificate environment. Creation of certificates requires the openssl utility. This command should be part of an OpenSSL installation, though may be installed out of the standard search path in /usr/local/ssl/bin or elsewhere. $ which openssl /usr/bin/openssl Generate the Rivest, Shamir and Adleman (RSA) key OpenSSL can generate a Digital Signature Algorithm (DSA) key (with the gendsa option), though for compatibility RSA keys are most frequently used. Learn more about the genrsa option to openssl . $ openssl genrsa 1024 > host.key $ chmod 400 host.key Modern systems should provide a random device and sufficient entropy for key generation. The data in the host.key file must be protected