Categories
RHEL / CentOS

Generate Random Password – Red Hat/CentOS

There are instances wherein you want to generate random passwords for setting up credentials. There is a very simple random password generator in-built into Linux. Just run the below command.

# cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 24 | head -n24 | head -n1
Categories
Red Hat IDM

Get rid of Error “LDAP Connect error You are attempting to import a cert with the same issuer”

When you come across this error “LDAP Error: Connect error: TLS error -8054:You are attempting to import a cert with the same issuer” enrolling a client to FreeIPA/IDM server, it means that the existing certificate does not match the one on the IDM server and can be fixed quite easily with just one command. The scenario in which this can happen is that you might have had the client enrolled to a different IDM server previously and the old cert is still lying around.

Categories
VMWare

Resize LVM disk after extending Virtual Machine disk (vmdk)

Follow these simple steps to resize a Virtual machine disk (vmdk) and then extend the volume using LVM. Make sure that you have/make a backup before carrying out these steps. First go ahead and extend the vmdk from ESXi/vCenter. I increased the disk size from 20GB–>>30GB.

Categories
PNP4Nagios

Fix PNP4Nagios graphs custom date/time display issue – Nagios

When trying to get the custom time range for PNP4Nagios graphs, it might result in an error “application/models/data.php [664]:". It can easily resolved by editing “system.php”  in PNP4Nagios controllers folder. To start with first make a backup of the file.

# cp -a /usr/local/pnp4nagios/share/application/controllers/system.php /usr/local/pnp4nagios/share/application/controllers/system.php.bkp

Categories
Puppet

Install Puppet Master and Agent on same host/node – Puppet – CentOS/Red Hat

It’s now possible to install both Puppet Master and Agent on the same host with different certs for each, to avoid future conflicts when managing master server with puppet. You need to have 2 seperate entries on puppet.conf, one in [master] and one in [agent] so that separate certs are generated.

Categories
Rasberry Pi

Install Nagios NRPE latest version v3.x.x (source) on RaspberryPi – Jessie and Pixel

Its now possible to install the latest version of Nagios NRPE v 3.0.1 (source install) on RaspberryPi (incl. Pixel OS). Just follow this simple article and you will be up and running with NRPE on Nagios clients as well as on the Nagios server which needs to communicate to clients via nrpe agent. This guide is valid for Raspbian Jessie and the latest version that is Raspbian Pixel OS.

Categories
ESXi

Replace SSL Certificates on ESXi 6.x/6.5 – VMware

The process of replacing the default SSL certificates on ESXi 6.x/6.5 is a simple process involving around 5-10 steps. We would need a seperate linux host to generate the openssl self-signed certificate (NOTE: we are not using any CA). Host needs to be in Host Maintenance mode during the process. Please plan downtime.

Categories
Puppet

Automate iptables using Puppet – Red Hat/CentOS

This article shows you how to Automate iptables for the whole infrastructure (linux/unix) and maintain the state during the lifecycle of a host. We would need to install 2 modules from PuppetLabs so that we can assign Rules based on the requirements, whether its from one destination to another or from one host to multiple destinations or vice-versa.

  1. puppetlabs/Firewall = Standard module for iptables.
  2. puppetlabs/Firewall_multi = Module that takes care off when adding multiple source/destination/ports in one Rule.
Categories
Nagios Core

Generate/Create a SHA2/SHA256 cert for Nagios CORE – RedHat/CentOS

To make Nagios CORE security compliant with a SHA2/SHA256 cert, follow these steps using Openssl and you will be ready in no time with a PCI compliant cert. This is a standard requirement nowadays in any PCI compliant environment. This is implemented with Apache backend. Run the below command to generate .crt and .key files.

Categories
RHEL / CentOS

Generate/Create a SHA2/SHA256 self-signed cert – RedHat/CentOS

To generate a SHA256 certficate in linux all you need to do is run this openssl command and you will be ready with a PCI compliant cert. This is a standard requirement nowadays in any PCI compliant environment. This is implemented with Apache backend. Run the below command to generate .crt and .key files.