Category Archives: Linux

Linux tips for Automation

1. How to Keep Your SSH Sessions Alive

Login as root and change two settings below:

$vi /etc/ssh/sshd_config
ClientAliveInterval 0
#ClientAliveCountMax 3

ClientAliveInterval:
number of seconds that the server will wait before sending a null packet to the client (to keep the connection alive). This is the limit of how long a client are allowed to stay unresponsive before being disconnected. Setting a value of 0 (the default) will disable these features so your connection could not be dropped if it is idle too long.

ServerAliveCountMax
Sets the number of server alive messages (see below) which may be sent without ssh(1) receiving any messages back from the server. If this threshold is reached while server alive messages are being sent, ssh will disconnect from the server, terminating the session.
you can run $man sshd_config to read more details about these settings.

Another example:
/etc/ssh/sshd_config:
ClientAliveInterval 300
ClientAliveCountMax 2

These settings will make the SSH client or server send a null packet to the other side every 300 seconds (5 minutes), and give up if it doesn’t receive any response after 2 tries, at which point the connection is likely to have been discarded anyway.

 

2. Running  a command with sudo without entering password.

[admin@Thachsystem ]$ sudo /usr/share/hnthach/install_build.sh

for example, i want to run the script above in admin user. There are some commands in that script required sudo. So to run it , I need to do the following steps:

– Create the file installation in  /etc/sudoers.d/ directory.

–  Add one line to installation file:

[admin@Thachsystem ]$ sudo visudo -f /etc/sudoers.d/installation
%admingrp ALL=(ALL) NOPASSWD:/usr/share/hnthach/install_build.sh

the syntax is:  %groupname host = (user privileges ) NOPASSWD: /sbin/shutdown

admingrp is group name, this means that all member of the admingrp group will run this command using sudo without a password.

You can also use /etc/sudoers  instead of modifying /etc/sudoers.d. But i would prefer sudoers.d.  This is good way to separate customized changes to sudo rights and leaves the original sudoers file untouched.

 


 

 

Advertisements