How to Create LUKS encrypted partition in Centos 7 / RHEL 7 Linux

Leave a Comment
In this post, i will tell how to encrypt data stored on your Linux machine partitions using cryptsetup utility.

Firstly, Install the cryptsetup binary (LUKS) package using yum on your Centos 7 or RHEL 7 Linux machine.


[root@techbuzz ~]# yum install -y cryptsetup


Loaded plugins: product-id, search-disabled-repos, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Skipping unreadable repository '/etc/yum.repos.d/rhel7_errata.repo'
Package cryptsetup-1.7.2-1.el7.x86_64 already installed and latest version
Nothing to do
[root@techbuzz ~]#


Activate LUKS module by running  modprove dm_crypt and after that check that module is loaded in the kernel.

[root@techbuzz ~]#  modprobe dm_crypt

[root@techbuzz ~]# lsmod | grep dm_crypt

dm_crypt               27403  0
dm_mod                114430  25 dm_log,dm_persistent_data,dm_mirror,dm_bufio,dm_crypt,dm_thin_pool
[root@techbuzz ~]#


Run below command to check free space in Volume group 

[root@techbuzz ~]# vgs

  VG   #PV #LV #SN Attr   VSize  VFree
  rhel   1   5   0 wz--n- 99.51g 3.82g


Create a Logical Volume of 100 mb using below command 

[root@techbuzz ~]# lvcreate --size 100M --name lv_vol rhel

Sample outputs:


  Logical volume "lv_vol" created.
[root@techbuzz ~]# lvs | grep lv_vol
  lv_vol    rhel -wi-a----- 100.00m
[root@techbuzz ~]#


Run below command to convert the newly created Logical volume into LUKS format. Enter the passphrase that should not be weak one and must contain Upper case / alphanumeric characters.

[root@techbuzz ~]# cryptsetup luksFormat /dev/rhel/lv_vol
Sample outputs:

WARNING!
========
This will overwrite data on /dev/rhel/lv_vol irrevocably.

Are you sure? (Type uppercase yes): YES
Enter passphrase:
Verify passphrase:


Open and give the LUKS format LV name as volume. You can given any name you want.

[root@techbuzz ~]# cryptsetup luksOpen /dev/rhel/lv_vol volume
Enter passphrase for /dev/rhel/lv_vol:
[root@techbuzz ~]#


Create any File system you want ext4 or xfs here using mkfs command.

[root@techbuzz ~]#  mkfs.xfs /dev/mapper/volume
Sample outputs:
meta-data=/dev/mapper/volume     isize=512    agcount=4, agsize=6272 blks
         =                       sectsz=512   attr=2, projid32bit=1
         =                       crc=1        finobt=0, sparse=0
data     =                       bsize=4096   blocks=25088, imaxpct=25
         =                       sunit=0      swidth=0 blks
naming   =version 2              bsize=4096   ascii-ci=0 ftype=1
log      =internal log           bsize=4096   blocks=855, version=2
         =                       sectsz=512   sunit=0 blks, lazy-count=1
realtime =none                   extsz=4096   blocks=0, rtextents=0
[root@techbuzz ~]#

Create below file and add below entry in the same :

[root@techbuzz ~]# vi /etc/crypttab

VOLUME_NAME  /dev/vg/lv_name /root/luks.key

[root@techbuzz ~]# cat /etc/crypttab
volume /dev/rhel/lv_vol /root/luks.key
[root@techbuzz ~]#


Create the /root/luks.key file and store the passphrase.

[root@techbuzz ~]# vi /root/luks.key

[root@techbuzz ~]# cryptsetup luksAddKey /dev/rhel/lv_vol /root/luks.key

Enter any existing passphrase:


Modify the /etc/fstab as below. last two options in fstab are for backup dumps and file system check at the time of boot.

/dev/mapper/volume     /vol     xfs    defaults   0  0

[root@techbuzz ~]# mkdir -p /vol
[root@techbuzz ~]# mount /vol


[root@techbuzz ~]# df -h /vol
Filesystem          Size  Used Avail Use% Mounted on
/dev/mapper/volume   95M  5.1M   90M   6% /vol
[root@techbuzz ~]#






Read More...

Flipkart Affiliate Program - Maximum earnings for August'18 are capped at Rs.100 , No Referral Fees for September

1 comment
Hello to all fellow bloggers and affiliate marketers, Flipkart has been since couple of years in Indian business and a well established brand in  e-commerce and Online shopping portal. Like most of the big brands, Flipkart also offers its Affiliate program to bloggers to monetize by sharing affiliate links on their website. Earlier the payout for payment was fixed as Rs 1000 but later it was changed to Rs 5000. Many bloggers were using this affiliate campaign to advertise flipkart products and earn some commissions for every valid purchase and order via their link.

Last month, Flipkart sent out email and a notification was showing up at top while logging into flipkart account regarding July affiliate fees

Dear Affiliate Partner,​Kindly note that we haven't allocated any earning referral fees for July'18 to this account hence request to pause your campaigns this month.Please be informed commissions earned in the month of July'18 is not liable for payment.Thanks & Regards,Flipkart Affiliate Team


Again, this month, Flipkart Affiliate promoters are not happy with the August  2018 referral program earnings as the same are capped at merely Rs 100.

Well what could be reason of such drop of commissions that is not clear yet, Could it be related to Walmart acquisition of  Flipkart  or seems like they are going to update the terms and policies soon, Most of the bloggers are stopping Flipkart campaigns and moving to Amazon and other brands since there is no drop in their payout.



Update : September 2018

Flipkart has not allocated any referral fees for September month, while logging into the account, Got below message on the homepage.

" No earning referral fees allocated for September'18. Request to pause your campaigns for this month.
Maximum earnings for August'18 are capped at Rs.100 
No earning referral fees allocated for July'18 "

Read More...

IPSec Configuration in Rhel 7 - Securing VPNs using Libreswan

Leave a Comment
This post describes the procedures to install and configure IPSec on Rhel 7.x. IPSec is available for both IPv4 and IPv6 address versions.

In Rhel7 , Virtual Private Network (VPN) can be configured using the Ipsec protocol that can be configured using libreswan 

Prerequisite :

Ensure that Yum repository is configured in the system. The package of the libreswan can be found in Rhel / Centos  iso dvd.

Below are the steps to configure IPSec using libreswan on RHEL 7

1.    Login to the system as root user (to both the nodes) using ssh protocol, if not already logged in.

2.    Install the libreswan package with all its dependencies for IPsec from YUM repository:

yum install libreswan -y

3.    IPsec configurations are stored inside /etc/ipsec.d/ directory and /etc/ipsec.conf file
Generate a public/private key pair for RSA-based authentication on both the Nodes that are being configured for IPsec.
Run the following commands one-by-one on both the Target nodes, that are node1 and node2:

a.    Generate the certificate for IPsec configuration:
certutil -N -d /etc/ipsec.d/
On <password> prompt, keep pressing Enter key until command exit.
The following is the sample output:

Enter Password or Pin for "NSS Certificate DB":
Enter a password which will be used to encrypt your keys.
The password should be at least 8 characters long,
and should contain at least one non-alphabetic character.

Enter new password:
Re-enter password:
Password changed successfully.

b.    Generate the IPsec database and set of public and private certificates inside /etc/ipsec.d/ and adds the key entries in /etc/ipsec.secrets file:
rm -f /etc/ipsec.secrets
ipsec newhostkey --output /etc/ipsec.secrets --bits 2192 --random /dev/urandom --configdir /etc/ipsec.d/


Note:  Ignore the warning message related to RSA key size (if appears).

Make a note of the public key from /etc/ipsec.secrets using following command:
grep "#pubkey=" /etc/ipsec.secrets
The public key is used for IPsec configuration.

4.    Ensure that the public key has been generated on both the nodes and available with the installation personnel.

5.    Check and uncomment the following entry in /etc/ipsec.conf file on both the Target nodes.
include /etc/ipsec.d/*.conf

6.    Create a new file (if not already exist) on any of the Target nodes /etc/ipsec.d/nodes_details_ipsec.conf and append the following lines after updating the parameter values with correct entries:

Note:  Ensure proper indentation for entries in /etc/ipsec.d/nodes_details_ipsec.conf file and maintained otherwise IPsec services will fail to start.

vi /etc/ipsec.d/nodes_details_ipsec.conf
conn nodes_ipv4
     left=<node1_ip>
     leftrsasigkey=<public_key_of_node1>
     leftnexthop=%defaultroute
     right=<node2_ip>
     rightrsasigkey=<public_key_of_node2>
     rightnexthop=%defaultroute
     auto=start

In case IPSec is to be configured for IPv6 along with IPv4, append the file /etc/ipsec.d/nodes_details_ipsec.conf with below lines after updating the parameter values with correct entries:


conn nodes_v6
     connaddrfamily=ipv6
     left=<node1_ipv6>
     leftrsasigkey=<public_key_of_node1>
     leftnexthop=%defaultroute
     right=<node2_ipv6>
     rightrsasigkey=<public_key_of_node2>
     rightnexthop=%defaultroute
     auto=start
Save the files after making required configuration.

7.    After update transfer the /etc/ipsec.d/nodes_details_ipsec.conf file to another node on same PATH.

8.    Start/Restart the IPsec service using the following commands:

systemctl enable ipsec
systemctl restart ipsec
To verify IPsec services, execute the following command:
systemctl status ipsec


To test if IPSec is configured properly, run below command:

The "ipsec whack --trafficstatus" command shows the tunnels that are currently established

Sample Output

[root@techbuzz ~]# ipsec whack --trafficstatus
006 #4: "mm18_nodes", type=ESP, add_time=1535366781, inBytes=84, outBytes=84, id='10.62.241.51'

006 #3: "mm18_nodes_v6", type=ESP, add_time=1535366781, inBytes=104, outBytes=104, id='2001:1a60:81b7:1258:10:62:241:56'



Read More...

Creating Virtual machines in KVM using GUI tool

Leave a Comment
In our earlier post, we explained how you can easily install and configure KVM Hypervisor on RHEL 7 or Centos 7, In this post, i will tell you the steps to create your first Kernel based Virtual machine using GUI based Virt Manager.

If you have not installed Hypervisor yet,please read below post and do the same first.

Read Post : How to install and configure KVM Hypervisor 

Once you are done with installation/configuration tasks of KVM hypervisor along with x window package.

Type virt-manager on your Hypervisor that will open up a GUI tool that is used to manage KVM

[root@himanshu ~]# virt-manager



You will see something like below, In below screenshot, i already have 2 KVM machines created.



Click on File > New Virtual machine or Desktop/Screen button to Create a new Virtual machine.


The Virtual Machine Manager VM wizard

If you are creating VM using iso image, browse the iso file/media locally on your system and click Forward.



Give the name of machine you want and click Finish








Read More...

Sell your old Gadgets easily with Cashify.in and get instant Cash on your doorstep

Leave a Comment
Everything around us is getting automated and digitalized saving both our time and money,Thanks to our Smartphones, Useful websites on Web, Applications that acts a boon and we can do a lot from them in matter of seconds. 

Tech is improving day by day, so as the number of cores in your gadget's Snapdragon Processor. Being tech and gadget lover, i love to explore new Smartphones with more enhanced features, better performance and improved Hardware. 


But what about your old device, how to sell it, worrying about bargains/negotiations, Don't worry, Cashify.in is hassle free solution for all these that can help you sell your old gadget in matter of minutes and you will get instant Cash on your doorstep.

Cashify Review 2018 | How to Sell Old mobile phones 




My experience of selling my Old Moto G4 plus

Well, i was quite bored of my old Moto G4 plus and wanted to get rid of the same this Diwali. Obviously, phone do have cons that provoked me to get rid of the same and get a new Smartphone with better features.

Now  my mind browsed for the options that  i can opt for Selling my Old device. 
I came across below Options.

1. Selling it Offline - Visited Nehru Place market.
2  Flipkart / Amazon exchange policies.
3  Selling via OLX
4. Cashify.in and it worked smoothly.


I will discuss above options one by one.

Fisrtly, i visited Famous Gadget Market in South Delhi - Nehru place as there are several shops that buys old gadgets like laptops and mobiles, I showed them my Moto G 4Plus but i was not getting the required return, The highest price i was offered was merely Rs 2200 that was way too low, so i did not opted this option.
                                      



Secondly, I visited Flipkart and Amazon that allows us to sell our old mobiles as exchange policy in case you are planning for purchasing new one, it offered better return than Option 1 but still it was not much convincing, Moreover Rs 100 is charged as picking charges and secondly this option can only be used if you have to Purchase a new one that means you have to spend more to get rid of old device. As per exchange, i was getting 3800 - 100 = Rs 3700 for my device, but i have to spend 11,299  more to get rid of my old device that is the disadvantage of exchange policy.






Thirdly, I tried posting ad on Olx, but  again, i did not found it much useful as there are too much bargains and negotiations in the process and i found it not safer to sell my device to a stranger  who can later on ping/contact me for any issues occurring in device later post selling. Process was full of negotiations,So, i cancelled this option.


> Well Fourth one, that i found really great is none other than Cashify.in

I visited the site and checked for the price that i can get for my Old Moto,it asked some questions regarding my Device status like whether it switchs on or not, Is there any feature that do not work,we need to select that Feature, I must say The Site interface was very User Friendly, Other info gathered was warranty info, after giving all the details, I got instant Quote of Rs 5450, now that is a Great Deal for my old moto g4  and I was really happy to see great return for my old mobile.


Device was quoted for Rs 5450, that's more than Flipkart or any other option i explored till now and other selling choice/offers (Amazon, Myntra vouchers) gave more value than Cash (upto Rs 6250), which is another advantage.

Well, i scheduled the pickup time slot as per my convenience and Sold the same without any fuss or difficulty



How it works : Watch Below Video:



Below are the Pros of Selling Your Old device/gadget on Cashify:

1.  You will get best selling price of your  old Gadget.
2.  Get instant Price Quote for your device
2.  Free pickup will be scheduled as per time/date/day selected by us.
3.  Customer support over email (support@cashify.in) and Phone +91-9555-657-657
4.  Get instant Cash at your doorstep on selling.
5.  You can get more selling value with Amazon, Myntra Vouchers Option that offers 5-10 % more amount than quoted. I found  this feature great as well.
6.  Hassle free and safe process



BONUS :Use code CLEANCASH to get additional Rs 250 on the sale of your Gadget


Thus, to summarize my experience of selling my Old Motog4 plus:

S. NoOptionMaximum Price Offered in INRComment
1Offline - Nehru Place Market2200Lowest price among all
2Flipkart Exchange 3700Rs 100 Pickup Charges and You have to spend more money for buying new device
3Amazon Exchange 3503You have to spend more money for buying new device
4Olx3000 - 5500Process Full of Negotiations
5Cashify5450Hassle Free, Safe process with instant Cash on doorstep
6Cashify vouchers(Amazon, Myntra)Upto 6250Great option, offers more than Cash Value

**  Well if you are planning to sell your old device (Mobile or Laptop), you can trust Cashify and Go ahead and Sell your device.   #CleanUpCashOut 


Do share us your experience of selling old gadgets and don't forget to like, Share this Post. 


Read More...

How to Install and Configure KVM Hypervisor on RHEL 7

Leave a Comment
KVM stands for Kernel based Virtual machine is open source Virtualization infrastructure for Linux Kernel that turns Linux server into a Hypervisor that allows you to run multiple Linux and windows based machines.

KVM architecture

Also read : Boot process in Linux 

Prerequisites :

Check for Hardware compatibility for running KVMs

First precheck or prerequisite is to check whether our hardware/CPU  supports it or not. Run below command to check the same. If below command returns either vmx or svm in the output, that means our hardware is fine  for KVM and having  required CPU virtualization extensions.


For Intel based Hardware : vmx
For AMD based Hardware : svm


[root@himanshu ~]# cat /proc/cpuinfo | egrep 'vmx|svm'


Install KVM packages using Yum 

Below packages need to be installed on your Linux machine for installing  KVM hypervisor.

[root@himanshu ~]# yum install qemu-kvm qemu-img virt-manager libvirt libvirt-python libvirt-client virt-install virt-viewer bridge-utils


 After installing the packages, start and enable the libvirtd service (Virtualization daemon)

[root@himanshu ~]# systemctl start libvirtd
[root@himanshu ~]# systemctl enable libvirtd

Run below command to check if KVM modules are loaded in kernel or not.

[root@himanshu ~]# lsmod | grep kvm
kvm_intel             170181  10
kvm                   554609  1 kvm_intel
irqbypass              13503  1 kvm

Check whether virt-manager tool is opening the GUI based tool to manage/launch machines.In case, same is not opening, install below x-window package and restart the server and check again.

[root@himanshu ~]# yum install "@X Window System" xorg-x11-xauth xorg-x11-fonts-* xorg-x11-utils –y


[root@himanshu ~]# virt-manager


Running virt-manager will pop up window (GUI tool)by which you can manage KVM machines.



Configure Bridge Interface 

If you want to access Virtual machines outside hypervisor network, you need to configure Bridge interface as below.


[root@himanshu ~]#cd /etc/sysconfig/network-scripts/
                         
[root@himanshu ~]#cp ifcfg-eno49 ifcfg-br0
                         
[root@himanshu ~]#cat ifcfg-eno49
TYPE="Ethernet"
BOOTPROTO="static"
DEVICE="eno49"
ONBOOT="yes"
BRIDGE="br0"

[root@himanshu ~]#cat ifcfg-br0
TYPE="Bridge"
BOOTPROTO="static"
DEVICE="br0"
ONBOOT="yes"
IPADDR="10.65.247.168"
PREFIX="23"
GATEWAY="10.65.246.1"

[root@himanshu ~]#systemctl restart network


Hope you have successfully installed and configured KVM hypervisor on your  RHEL/Centos 7 machine. Now you can easily start creating machines.


Also read : How to install Google chrome in Linux using CLI /Yum 



Read More...

Unboxing WD My Passport 1 TB Wired External Hard Disk Drive with Saco Back Cover - Review

Leave a Comment
Our storage requirements are increasing day by day, Earlier we were  having computers with hard disk of 100 GB capacity that was considered to be very high at that time,also our data requirements were low those days, but  now 1 TB hard disks have become very common and storage requirements are increasing day by day. Be it anywhere, Home, Internet business or enterprise, data is growing at a great pace and  this Big data that is known subject these days also known as Hadoop

If  your  internal drives become full and you don't want to delete any stuff, don't worry- External  Hard Disk Drives will come to rescue and will help you to save all you important data, on the other hand if you want to take backup of huge data say 500 GB that is not feasible for storing over cloud, same can be backed up over External hard drives.

Recently, my old buddy storage  - Dell Inspiron 14r (6 years old) almost reached almost 90% and was not able to find any thing that can be deleted and was not in mood to delete old movies, Favorite Tv series, so i thought about buying a new External  Hard disk drive.

Why WD  over other brands ?

Coming over choosing brand, there are many players in market, WD, Seagate, Toshiba, Adata, Sony, Tracend, without any single thought, i selected WD because i have great experience with WD earlier when i replaced my Faulty WD hard disk back in 2012  drive without visiting Service centre, WD is the brand  that provides great after sale service to their Customers. My passport hard disk drive comes with 3 years limited warranty, that means physical damages are not covered.

Analyse your Storage requirement

WD offers external Hard drives with 1 TB, 2 TB and 4 TB capacity, analyze your storage requirements and go for it.


I ordered WD  My passport hard disk of 1 TB Capacity on Flipkart and here are the unboxing images  of the same.
You can get WD My passport for around Rs 3500 - 4000,  i ordered the sane during big billion days so got  SBI bank offer that offered 10% instant discount. The product was delivered in 3-4 days and packing was fine.






The product was protected by air bubble sheet as shown below.










Inside the package, there was My passport Hard Disk Drive, Connecting cable and manuals



In order to keep the hard disk safe, i ordered Saco back cover that is shock proof and prevents damage  to hard drive in case same is fallen, dropped or mishandling, It has separate pocket for cable and hard drive and can costs you for Rs 200 - 300 and it is a great investment to  ensure safety of WD Hard drive.






Back cover for protection of Hard disk drive.









My passport with Moto G 1st Gen- size comparison.


If you are planning to Buy WD My passport Hard drive you can go ahead without second thought as per your storage requirements






Read More...