Created
December 3, 2020 01:58
-
-
Save richlamdev/83d2e110d2b62230993a2a1430de1c8c to your computer and use it in GitHub Desktop.
ubuntu random notes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| INITIAL PACKAGES TO INSTALL | |
| sudo apt update | |
| sudo apt install vim git ansible sshpass | |
| DNS CONFIG | |
| /etc/systemd/resolved.conf | |
| DNS=192.168.x.x 192.168.x.x | |
| (space delimited/separation between DNS server list) | |
| sudo ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf | |
| sudo systemctl restart systemd-resolved.service | |
| #get status: | |
| resolvectl | grep -i "Current DNS" | |
| CONFIGURE UTC OFFSET | |
| sudo timedatectl set-timezone America/Vancouver | |
| NTP Configure | |
| edit /etc/systemd/timesyncd.conf | |
| NTP=192.168.x.x 192.168.x.x | |
| (space delimited/separation between NTP server list) | |
| sudo systemctl restart systemd-timesyncd.service | |
| #get status: | |
| timedatectl timesync-status | |
| timedatectl status | |
| timedatectl show-timesync | |
| DISABLE NOUVEAU (install nvida drivers) | |
| /etc/modprobe.d/blacklist.conf | |
| blacklist nouveau | |
| options nouveau modeset=0 | |
| OR | |
| sudo bash -c "echo blacklist nouveau > /etc/modprobe.d/blacklist-nvidia-nouveau.conf" | |
| sudo bash -c "echo options nouveau modeset=0 >> /etc/modprobe.d/blacklist-nvidia-nouveau.conf" | |
| /etc/default/grub | |
| GRUB_CMDLINE_LINUX_DEFAULT="quiet splash ipv6.disable=1 nouveau.blacklist=1 " | |
| sudo update-initramfs -u | |
| sudo update-grub2 | |
| NVIDIA DRIVERS FOR LAPTOP | |
| #sudo apt-get purge libvdpau-va-gl1 bumblebee* nvidia | |
| #sudo apt-get install nvidia-390 nvidia-settings nvidia-prime | |
| #sudo nvidia-settings | |
| NVIDIA DRIVERS AUTO INSTALL | |
| #sudo add-apt-repository ppa:graphics-drivers/ppa | |
| #sudo apt update | |
| #ubuntu-drivers devices | |
| #sudo ubuntu-drivers autoinstall | |
| NVIDIA DRIVERS MANUAL INSTALL | |
| sudo ubuntu-drivers devices | |
| sudo apt install gcc make | |
| sudo apt install nvidia-390 nvidia-settings | |
| HASHCAT | |
| #sudo apt install ocl-icd-* opencl-headers lsb-core | |
| sudo apt install ocl-icd-libopencl1 nvidia-cuda-toolkit | |
| nvidia-smi | |
| sudo reboot | |
| sudo add-apt-repository ppa:graphics-drivers/ppa | |
| sudo apt-get update | |
| sudo apt-get install mesa-common-dev freeglut3-dev | |
| sudo reboot | |
| UFW CONFIG | |
| sudo ufw limit proto tcp from 192.168.x.x/24 to any port 22 | |
| sudo ufw limit 22/tcp | |
| sudo ufw status numbered | |
| sudo ufw delete <number> | |
| sudo ufw app list | |
| # /etc/ufw/ufw.conf | |
| IPV6=no | |
| # /etc/default/ufw | |
| IPV6=no | |
| GOOGLE CHROME INSTALL | |
| wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo apt-key add - | |
| sudo sh -c 'echo "deb https://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list' | |
| sudo apt-get update | |
| sudo apt-get install google-chrome-stable | |
| DISABLE IPV6 | |
| /etc/default/grub | |
| GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1 quiet splash" | |
| GRUB_CMDLINE_LINUX="ipv6.disable=1" | |
| sudo update-grub | |
| sudo vim /etc/sysctl.conf | |
| # Add the following to bottom of file: | |
| sudo sh -c "echo 'net.ipv6.conf.all.disable_ipv6 = 1' >> /etc/sysctl.conf" ; | |
| sudo sh -c "echo 'net.ipv6.conf.default.disable_ipv6 = 1' >> /etc/sysctl.conf"; | |
| sudo sh -c "echo 'net.ipv6.conf.lo.disable_ipv6 = 1' >> /etc/sysctl.conf" ; | |
| sudo sysctl -p | |
| SSHD_CONFIG | |
| /etc/ssh/sshd_config | |
| AddressFamily=inet | |
| X11Forwarding=no | |
| PermitRootLogin=no | |
| For publickey authentication only: | |
| PasswordAuthentication no | |
| PermitEmptyPasswords no | |
| PubkeyAuthentication yes | |
| DISABLE VMWARE PORT 902 | |
| 1. In /etc/init.d/vmware | |
| Comment out the line: | |
| vmware_exec 'VMware Authentication Daemon' vmware_start_authdlauncher | |
| Add the following line: | |
| echo 'Skipping: VMware Authentication Daemon' | |
| DISABLE SERVICES | |
| sudo apt-get purge avahi-daemon avahi-utils | |
| sudo apt-get purge whoopsie | |
| sudo apt-get purge apport | |
| sudo systemctl status | |
| sudo service --status-all | |
| sudo systemctl disable openvpn | |
| sudo chmod -x /usr/libexec/evolution-addressbook-factory | |
| sudo chmod -x /usr/libexec/evolution-calendar-factory | |
| sudo chmod -x /usr/libexec/evolution-data-server/evolution-alarm-notify | |
| sudo chmod -x /usr/libexec/evolution-source-registry | |
| SSH KEY Generation | |
| ssh-keygen -t rsa -b 4096 | |
| cat id_rsa.pub >> ~/.ssh/authorized_keys | |
| sudo chmod 644 ~/.ssh/authorized_keys | |
| /etc/ssh/sshd_config | |
| ChallengeResponseAuthentication no | |
| PasswordAuthentication no | |
| UsePAM no | |
| INSTALL DUO | |
| Create /etc/apt/sources.list.d/duosecurity.list with the following contents: | |
| for 18.04 (bionic) | |
| sudo sh -c "echo 'deb http://pkg.duosecurity.com/Ubuntu bionic main' >> /etc/apt/sources.list.d/duosecurity.list" | |
| curl -s https://duo.com/APT-GPG-KEY-DUO | sudo apt-key add - | |
| sudo apt-get update && sudo apt-get install duo-unix | |
| FIX CHROME REP ERRORS: | |
| sudo vim /etc/apt/sources.list.d/google.list | |
| #deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main | |
| sudo apt-get update | |
| PRINTER E250DN CUPS INSTALL | |
| 1) Choose App/Socket/HP JetDirect | |
| 2) socket://192.168.x.x whatever the IP address of your printer is. Do not add :9100 | |
| PIP | |
| pip3 install --user --upgrade pip | |
| MOZILLA OBSERVATORY | |
| git clone https://github.com/mozilla/http-observatory.git | |
| cd http-observatory | |
| pip3 install --user --upgrade . | |
| pip3 install --upgrade -r requirements.txt | |
| ./httpobs-local-scan github.com --format report >> github.log | |
| grep --colour=always -E '[0-9]| not implemented' github.log | |
| CRYPTSETUP | |
| sudo cryptsetup --verbose --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 5000 --use-random luksFormat /dev/sdx1 | |
| sudo cryptsetup luksDump /dev/sdx1 | |
| sudo cryptsetup luksOpen /dev/sdx1 luks_temp | |
| sudo mkfs.ext4 /dev/mapper/luks_temp | |
| sudo tune2fs /dev/mapper/luks_temp -m1 | |
| COMPILE NMAP | |
| sudo apt install flex | |
| sudo apt install bison | |
| sudo apt install libssl-dev | |
| # libnmap | |
| pip3 install python-libnmap | |
| SAMBA / CIFS | |
| sudo mount -t cifs -o user=username,uid=uid_of_username,gid=gid_of_username //ip_or_hostname/sharename /folder | |
| sudo umount /folder | |
| ATFTPD / ATFTP | |
| sudo apt-get install atftpd | |
| sudo mkdir /tftp | |
| sudo chmod -R 777 /tftp | |
| sudo chown -R nobody /tftp | |
| # /etc/default/atftpd | |
| USE_INETD=false | |
| # OPTIONS below are used only with init script | |
| OPTIONS="--tftpd-timeout 300 --retry-timeout 5 --mcast-port 1758 --mcast-addr 239.239.239.0-255 --mcast-ttl 1 --maxthread 100 --verbose=7 /tftp --logfile /var/log/atftp.log" | |
| sudo touch /var/log/atftpd.log | |
| sudo chmod 644 /var/log/atftpd.log | |
| sudo systemctl enable atftpd | |
| sudo systemctl restart atftpd | |
| netstat -lnp | grep ":69 " | |
| PARTED (format USB or Hard disk) | |
| sudo parted -a optimal /dev/sdb | |
| mklabel gpt (or msdos,mac,bsd) | |
| mkpart exfat 0% 100% | |
| sudo parted /dev/sdb align-check optimal 1 (1 is ths partition number, or use minimal) | |
| sudo mkfs.exfat /dev/sdb1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment