Category Archives: Linux

Record shell input/output in file

$ script [file]

Run `script` command and a new shell starts up and records the input/output in the specified file until the shell is terminated.

To exit, `exit`.

If file is omitted, input/output are recorded in the file named 'typescript' in the current directory.

By default the log file is overwritten. If you want to append it, add the -a option.

How to input control characters


C-q <Control Character>

Example: Input escape character

C-q C-[

Shell, Vim

Ctrl+V <Control Character>

Example: Input escape character

Ctrl+V Ctrl+[

How to find a letter which should be pressed in combination with Control key?

<Control Character> in above explanation should be input in combination with Control key. The letter which should be input with Control key is a letter which is produced by setting 7th bit of the letter you want to input to 1, that is to say, by adding 0x40(64).
You can find it in `man ascii` etc.

Escape character is 0x1B(27).
Set 7th bit to 1, i.e. add 0x40(64) and you get 0x5B(91).
0x5B(91) is '['.
Therefore, to input escape character press Ctrl+[.

Line feed is 0x0A(10).
Set 7th bit to 1, i.e. add 0x40(64) and you get 0x4A(74).
0x4A(74) is 'J'.
Therefore, to input line feed press Ctrl+J.

エスケープ文字の入力方法 - nelnalog.note

Adjust timing of fsck using tune2fs

I rebooted my server but fsck started forcibly on boot and it took long time until the system started.
To show or adjust fsck timing on ext2/ext3/ext4 filesystem, you can use tune2fs.


# tune2fs -l /dev/sda1
Mount count:              7
Maximum mount count:      27
Last checked:             Fri Oct 21 03:41:32 2011
Check interval:           15552000 (6 months)
Next check after:         Wed Apr 18 03:41:32 2012

Stop forcible fsck

# tune2fs -c 0 -i 0 /dev/sda1 
tune2fs 1.39 (29-May-2006)
Setting maximal mount count to -1
Setting interval between checks to 0 seconds


# tune2fs -l /dev/sda1
Mount count:              7
Maximum mount count:      -1
Last checked:             Fri Oct 21 03:41:32 2011
Check interval:           0 (<none>)

Source: tune2fs でfsckを制御 - ike-daiの日記

Delete or grep the results of find

-exec command {} \;
  • Execute command after find. To pass results of find use {}.
  • You must put a blank before "\;". If a blank is missing, an error occurrs like below.
    $ find . -name *~ -exec rm {}\;
    find: missing argument to `-exec'
    $ find . -name *~ -exec rm {}\;
    find: -exec: no terminating ";" or "+"
  • To execute more than one command, specify multiple -exec.


find ~ -name '*bak' -exec rm {} \;
  • In above example, "rm {} \;" following "-exec" is the command to execute. Last ";" denotes the end of the parameters. "\" before ";" is needed to escape "\" so that shell does not evaluate ";".


Delete all files whose name are *~ (Emacs backup file) in home directory.

$ find ~/ -name "*~" -exec rm {} \;

Delete all .svn directories from working directory tree of Subversion.

find . -name .svn -exec rm -rf {} \;

Grep files in directory tree.
(grep option -H for printing filename headers, -n for printing line number)

find <directory> -type f -exec grep -nH <pattern> {} \;

Setting the maximum send / receive size of Postfix


message_size_limit = 20480000

The default when message_size_limit is not specified is 10240000 (10MB).

For complete parameter list of, see the postconf(5) man page.

$ man 5 postconf
message_size_limit (default: 10240000)
       The maximal size in bytes of a message, including envelope information.


Be careful when changing message_size_limit.
message_size_limit must not be larger than mailbox_size_limit.
If message_size_limit is larger than mailbox_size_limit、you can't receive any messages.

The default of mailbox_size_limit is 51200000 (50MB).
Zero means no limit.

mailbox_size_limit = 0
mailbox_size_limit (default: 51200000)
       The  maximal  size  of any local(8) individual mailbox or maildir file, or zero (no limit).  In fact, this limits the size of any
       file that is written to upon local delivery, including files written by external commands  that  are  executed  by  the  local(8)
       delivery agent.

       This limit must not be smaller than the message size limit.

Allowing ftp with iptables

When you allow ftp with iptables, allowing port 21 like below is not enough to accept LIST command.

# iptables -A INPUT -p tcp --dport 21 -j ACCEPT

You need to load 2 modules ip_conntrack_ftp and ip_nat_ftp.
Edit /etc/sysconfig/iptables-config and add the following and they will be loaded automatically.

IPTABLES_MODULES="ip_conntrack_ftp ip_nat_ftp"

Then restart iptables.

# service iptables restart

Make sure the modules are loaded.

# lsmod
Module                  Size  Used by
nf_nat_ftp              7361  0 
nf_conntrack_ftp       13761  1 nf_nat_ftp

Source: iptablesでftpを通す

Set up public key authentication with SSH

1. Generate a keypair using the ssh-keygen

$ ssh-keygen -t rsa

You will be prompted to supply a filename for saving the keypair. Press enter to accept the default filename.
Then enter passphrase twice.
The keypair files below are generated in ~/.ssh.

  • id_rsa

2. Add public key to the remote SSH server

Copy the public key file generated in step 1 to the user's home directory of remote server using scp or ftp.

$ scp ~/.ssh/ user@host:

On remote server register the public key to ~/.ssh/authorized_keys using cat command and redirection.

$ cat >> ~/.ssh/authorized_keys

Modify the permissions of ~/.ssh directory and ~/.ssh/authorized_keys to allow only owner of them to read or write.

$ chmod 700 ~/.ssh
$ chmod 600 ~/.ssh/authorized_keys
  • Pay attention to the permission of the user's home directory of client side.
    In case that write permission for other than owner is set, it's bad.
    For example, when file mode of /home/hoge is 777 and you attempt to connect with SSH, you will have an error below.

    Permission denied (publickey,gssapi-with-mic).

    In this case the log file of server side (/var/log/secure) says

    Authentication refused: bad ownership or modes for directory /home/hoge

    You should set home directory's permissions to 700, 711, or 755.

3. Attempt to log in with public key authentication

$ ssh -l user host

You will be prompted to enter passphrase then enter the passphrase which you specified in executing ssh-keygen command.
Notice the passphrase is NOT a password of the user

4. Client side

Copy private key file (id_rsa) to the client side ~/.ssh

  • Pay attention to the permission of the private key file.
    Below is an error on Mac OS X.

    Permissions 0640 for '/Users/xxx/.ssh/id_rsa' are too open.
    It is recommended that your private key files are NOT accessible by others.
    This private key will be ignored.
    bad permissions: ignore key: /Users/xxx/.ssh/id_rsa
    Permission denied (publickey,gssapi-with-mic).

    Set the permissions of id_rsa to 600 and it will be OK.

  • If you use cwRsync, copy private key file (id_rsa) in .ssh directory under the HOME environment variable. (Same as directory in which known_hosts is created)

    For example:

    If HOME is /home/pistolfly and cygwin directory is C:\cygwin, use C:\cygwin\home\.ssh.
    (You can also specify path to private key file with -i option in rsync -e or --rsh options)

5. Disable password authentication

Edit /etc/ssh/sshd_config (server side)


PasswordAuthentication yes


PasswordAuthentication no

Disable root login.

PermitRootLogin no

Reload sshd as a root. Don't logout as root yet.

$ /etc/init.d/sshd reload