This small guide is meant for those who need to
- clone an existing server/desktop the hard way (for those who lack virtualization tools)
- start from scratch with all packages previously installed (with or without maintaining the personalized settings)
- Get the current installed packages on the main machine: dpkg –get_selections > installed_packages.txt
- Make a copy of your old /etc/apt/sources.list and copy everyting from /etc/apt/sources.list.d/* onto your new machine
- Still on the new new machine, make sure you install dselect: apt-get install dselect
- Update to check for missing keys: apt-get update
- And add the missing keys: apt-key adv –keyserver keyserver.ubuntu.com –recv-keys XXXXXXXX
- Update again: apt-get update
- Register the new packages: dpkg –set-selections < installed_packages.txt
Now the fun part – use dselect to install the missing packages:
- dselect update
- dselect install
If you’d like the same personalized settings, simply copy the config files and folders from your /home/user located on the old machine -> onto the new machine. Same rule applies for other programs (apache, fpm, postfix): copy all files from /etc/apache, /etc/postfix and so on onto the new machine. For the future, using rsync or something similar might come more in handy.
This was the ‘hard way’ of cloning a server. Since the best sysadmin is a lazy sysadmin, you might want to consider Chef/Puppet/Ansible/SaltStack or any virtualization & cloning tool.
If you clone (make a snapshot) of a CentOS 6 in your RunAbove ControlPanel, you might encounter difficulties placing it online. This is due to the fact that a snapshot is literally a clone, therefore cloning IP and MAC addresses onto the new server. To overcome this, we should…
- Check your old MAC address `ifconfig -a`.
- Login into the new server via VNC and do a `ifconfig -a`
- your interface will show up as `eth1` at this very moment.
- go to `/etc/udev/rules.d/70-persistant-net.rules`.
- Confront the two interfaces eth1/eth0 and
- delete or comment out `eth0`
- modify the `eth1` to `eth0` parameter on the line where you MAC (HWaddr) address resembles the `ifconfig -a` on the cloned server
- Reboot and voila, you’re online.
- Some modifications need to be made
- `/etc/hostname` and enter the corresponding hostname + IP address
- run `hostname your.new.hostname`
- `service network restart` or reboot
Shortcut: simply delete the
/etc/udev/rules.d/70-persistant-net.rules file and reboot :)
Don’t forget! You’re ssh keys will be cloned too. Fork the old putty config for the new server and simply change the IP address. You may want to generate a new login key and add it to .ssh/authorized_keys!
We are going to quickly transfer some folders (recursive) from server1 to server2 through SCP (Secure Copy). Let us spam the std/out/in a little.
scp -2 -P your_custom_ssh_port -r /path/to/target user@server2:/path/to/destination
-2: use protocol 2
-P: use non standard port
your_custom_ssh_port = I hope you’re not using the standard 22!
If by chance you encounter
[rsyslog] imklog: error reading kernel log - shutting down: Bad file descriptor
and your CPU halts at 100% load, you must edit
And comment (already done):
#$ModLoad imklog # provides kernel logging support
WHY? rsyslog tries to log kernel messages, which is as OpenVZ/Proxmox Container default not possible.
How to remove file metadata on Linux – a little more privacy
EXIF data in photo images can reveal personally identifiable information such as your camera model, GPS coordinate of shooting, your favorite photo editor software, etc. Metadata in documents and spreadsheets contain author/affiliation information and other editing history.
Introducing MAT (Metadata Anonymisation Toolkit)
apt-get install mat
Scan all files in the current directory and its sub directories, and report their state (clean or unclean):
mat -c .
Check actual metadata detected:
mat -d <input_file>
If you don’t supply any option with mat command, the default action is to remove metadata from files. If you want to keep a backup of original files during cleanup, use ‘-b’ option. The following command cleans up all files, and stores original files as ‘*.bak” files:
mat -b .
Taken from MAN pages:
wondershaper is a traffic shaping script that provides low latency, prioritizes bulk transfers below normal web traffic, prioritizes interactive shells above normal web traffic, and attempts to prevent upload and download traffic from affecting each other’s ack packets. Put simply, the wondershaper makes your internet connection more “responsive”.
apt-get install wondershaper
wondershaper [interface] [downlink] [uplink]
wondershaper venet0 256 256
Note: the speeds are in KBps.