Listen To Your Music In Spotify For Free Without Wine

Music aficionados who delight in listening to millions of tracks through Spotify’s free version but feel petered out of needing Wine at the same time have just got some good news to enjoy. The DRM-based music streaming service now announces a new free version specifically for Linux users. Spotify for free will now enable listeners to indulge in gripping tunes without calling out for Wine.

Integrated with a host of great user –friendly features, the music streaming application allows users to listen to millions of songs, any time they like. One can simply rifle through Spotify for a particular song and start playing in unprecedented clarity. For those unaware, Spotify is music based software which provides users with an intuitive medium to search download and play their favorite songs.

Almost like a new music collection, Spotify brings forth convenient access to unlimited tracks and features compatibility with home audio systems and smartphones. The app also lends support to users’ desktop and Mac for tunes that should follow everywhere. At the same time, the app allows users to discover and share music with their closed ones. In fact, users can even hear what their friends are listening to – just by hitting ‘play’ on any music post.

However, Spotify distinguishes from Last FM and Pandora in a couple of significant ways. To state, the app lets music buffs listen to entire albums on demand. But, be careful as there are certain obnoxiously genre-defying advertisements contained. Irrespective of the pros and cons that it comes with, the app still emerges to be an ideal pick. With this one around, people can seamlessly search up and down for songs and share them with amigos.

Although Spotify was extended to several platforms, the software did arch shoulders for those who would always need Wine just to listen to the music. Previously, the Linux version for Spotify used to function merely with paid accounts. Nevertheless, the free version of Spotify for Linux is now anticipated to make things simpler for enthusiasts by large.

The native Linux adaptation starts up pretty quickly and does not gulp down much of a listener’s time while delivering a better experience than Wine. As far as the enrollment is concerned, users will be required to register for an account at Spotify’s official website before kicking off their musical journey. But, a bit to dismay, registering feels a dearth of a Facebook account since the company has made it mandatory to have an account on the stated social networking site.

Besides Spotify for free without Wine, the music streaming service can be downloaded either in Premium which makes users shell our £9.99 per month or in Unlimited which costs just about £4.99 per month. Those who do not wish to fork their pennies out can simply download the free version. However, irrespective of which subscription has been settled upon, the software ensures a thorough, rich music experience. So, what are you waiting for? Just head towards Spotify and we believe the rest you know!

About the author: Rebecca is a blogger by profession. She loves writing on environment and technology. Beside this she is fond of books. She recently bought a AGP Graphics Card. These days she is busy in writing an article on  Magnetic Earrings.

Here is how you share a screen session:

#User 1, initiator of the screen session
screen -R sessionName

#User 2, connecting to an existing session
screen -x -R sessionName

The -R flag means try to reattach to an existing session, if the existing session does not exist, create a new session and attach to that.  The -x flag means to connect to an already attached session, which allows for session sharing.

I ran into a problem as a non-root user (that I normally run as) when I first started using shared screen sessions.  The error is as follows:

Cannot open your terminal '/dev/pts/0' - please check.

There are several terminal devices that screen can use under the /dev/pts directory, starting with 0.  Only root can traditionally access these terminal devices, therefore, we need to modify each necessary device to allow normal users access.  I didn’t research the security implications that the following fix has, so use this at your own risk.  The server that I was using has only trusted users on it, so I was not concerned about possible risks.

#run this as root, or as sudo
#this gives others read and write access to the device
chmod o+rw /dev/pts/0

Finally, up until last week, I could never get myself out of a screen session safely without completely closing my putty terminal window.  Here is the proper key sequence to detach from a screen session.

ctrl-A  followed by  ctrl-D

To terminate a session in screen, simply type exit.

About a week ago, I finally got around to reviewing and upgrading my existing backup routine for my exchange server.  My previous backup scheme involved pushing a full server backup image to a remote server on a weekly basis.  If the server failed during a backup, I would have no viable way of recovering from a complete disaster.  Obviously, this required some changes.

With the release of SP1 for Exchange 2010, a few new power shell commandlets came out that provide functionality to back up Exchange accounts directly on the server (no needing second computer with outlook and exchange management tools anymore!).  This meant that I decided to utilize some backup scripts that backup each mailbox nightly.  I also modified the weekly system backup.

There are scripts attached to this post.  With any kind of solution that I provide, I always provide it on an as is basis with no warranty provided that it will work for your situation, although I try my best to cover as many scenarios as I can.

So what was decided upon?

Full Image Backup: On the local Exchange front, I opted to make the monthly full system image backup run the first Sunday of every month.  It is configured to back up to a network share that is actually on the same server.  When backing up to a local drive, Windows Backup typically appends to the backup and I prefer to have the previous backup removed so that disk space usage is minimized.  The full backup takes about 25 minutes to complete and is stored locally.

rmdir /S /Q localhostbackupwinbackup
mkdir localhostbackupwinbackup
C:WindowsSystem32wbadmin.exe START BACKUP -backupTarget:localhostbackupwinbackup -vssFull -allcritical -quiet

Then, on the eighth day of each month, my Linux-based backup server connects via SCP to pull the monthly image that was created.  Technically, it would take a dual hard drive failure (both the system drive, and backup drive) to completely render the system un-restorable with this scheme.  It is very rare to see a dual drive failure, but if it were to occur, I still would have the nightly backups to fall back on and it might take about 5 to 10 hours more to complete a restoration.

SCP as I’ve mentioned in the past is a way to copy files between two Linux based servers securely.  It operates using the SFTP protocol which runs on top of SSH.  Remember that SSH is a way to bring up a command prompt that runs on the remote system.  Since Windows doesn’t natively support any decent secure file transfer techniques that I’m aware of, I installed copssh (http://www.itefix.no/i2/copssh), which is a Cygwin based solution for Windows that supports SSH and SFTP (and ultimately the SCP command).  With Cygwin working on the Exchange server, I added a user to Cygwin with bash shell access and I firewalled port 22 to where only the remote backup server could connect (for security reasons mostly).  I will leave the actual SCP script writing up to the reader, although here is a helpful page (located here).  I will also hint that the reader will need to learn about public keys to allow for a passwordless remote ssh login so that sftp doesn’t prompt for a password when ran as a cron job.

Nightly Backup: When Exchange 2010 SP1 was released, several commandlets were created in powershell which allow for the export of PST files without needing Outlook installed on the same computer (which should never be installed on an exchange server directly).

I’ve found that in my initial testing of the PST export, there is a fairly large performance hit on the server, so I recommend doing it at the least used hour available.  I’ve also found that it takes a fair amount of time (10 minutes or so) and cpu power to export a large mailbox (> 1GB).  I also found that when restoring (importing) a PST, it can only be imported to another folder of the mailbox, it cannot overwrite existing mail in the box (I guess this is a good thing and a bad thing).

Anyways, I managed to find how to do a mass export using powershell at Steve Goodman’s Tech Blog.  I modified the script because his script included mailboxes that I didn’t care about (such as alias boxes, the discovery box, etc).  My Script takes in a constant array of usernames (mailbox alias names) and only backs up those boxes sequentially (posted with this article).  This happens nightly at 12:45am since that is the least active time for my system.  I chose to export to the same local drive as my other backups so that they could be pulled in by my backup server (via SFTP).  This maintains security of all the email data I handle.

The first task when implementing this backup plan is to set appropriate permissions to make the backup work.  The folder or server share (in my case) where the export will be saved needs to have the modify permission set for the Exchange Trusted Subsystem.  Remembering my firewall woes post, make sure that file and printer sharing rules are present in the firewall (even if you have custom rules and disable the default rules), otherwise you will get an illegal exception error without any real clue for what the problem is.  Then, within exchange’s powershell interface, the user who will be running the export commandlet will need to have permissions set.  This can be done by the command:

New-ManagementRoleAssignment –Role “Mailbox Import Export” –User “ADAdmin”

Next, it is probably helpful to get a listing of all the mailboxes so that we know the aliases of each mailbox that needs to be backed up.  I will note that I’ve also noticed that lower/upper case doesn’t matter on Windows Powershell like it would on a Linux based shell.  The command to get the listing is:

get-mailbox

Using the output of the Alias column, you should be able to fill in the script that I’ve modified (from Steve Goodman) and have it run.  At the end of a successful run, I have powershell send me an email telling me if the job was completed successfully or not.  I’ve noticed that my spam filters caught that email, so I added an exception for my Exchange server.  The end of this post has the actual script, and the source can be found here.   The email portion of my script initially threw errors to me, eventually I used telnet to test if port 25 was open and I discovered that it wasn’t.  It turns out that my exchange server was not listening on port 25 of the localhost address.  If you run into this situation, I’d recommend checking that or the firewall before jumping to conclusions.  Telnet is a very powerful tool!

Last but not least, I pull the nightly backups from Exchange every day at 8am, well after the nightly backup is finished.  The script that pulls these backups is very similar to the monthly script but it copies the existing daily backup to a weekly retention folder every Sunday before it begins grabbing the latest nightly backup.  I’ve included that script below for your reference.

Conclusion: Backups are a necessary part of any viable disaster recovery plan.  I’ve outlined one above that I use on my own systems.  I’m sure it isn’t perfect, but it’s well thought out and I have used it to recover systems in full before.  As with any backup plan, I usually always test it out immediately after its implementation to verify that it will work in the event of a disaster.  As a system admin, I never want to be left holding onto a faulty backup that I believe worked and I’m sure that you can also appreciate this thinking.

#Crontab Entry
#5 8 * * * /back/exchangedaily.sh  | mail -s "daily exchange offsite backup finished" phil@matthouse.us
#!/bin/bash
cd /backup/exchange
if [ $(date +%A) = "Sunday" ]
then
        rm -Rf weekly
        mv daily weekly
        mkdir daily
        cd daily
else
        rm -Rf daily
        mkdir daily
        cd daily
fi
scp -r admin@matthouse.org:/cygdrive/e/bck/pstbackup ./

This script has been updated:  http://famousphil.com/blog/2011/07/revisiting-exchange-2010-sp1-pst-backups-improved-script/

# Exchange 2010 SP1 Mailbox Export Script
# Steve Goodman. Use at your own risk! - modified by Philip Matuskiewicz for Matthouse 1/2/11

#create a .cmd file with the following line to invoke this:
#C:WindowsSystem32WindowsPowerShellv1.0powershell.exe -command ". 'c:Program FilesMicrosoftExchange ServerV14binRemoteExchange.ps1'; Connect-ExchangeServer -auto; .MassExport.ps1"

#what to back up from?
$Server = "exchangeserver.matthouse.org"

#who to backup, use the alias from commandlet Get-Mailbox -Server $Server (replace $server appropriately)
$USRALIAS = @("FamousPhil", "MyUserOne", "Staff ", "AnotherUSER")

# Share to export mailboxes to. Needs R/W by Exchange Trusted Subsystem
$ExportShare = "localhostbackuppstbackup"

#error checking

    if (!(Get-ExchangeServer $Server -ErrorAction SilentlyContinue))
    {
        throw "Exchange Server $Server not found";
    }
    if (!(Get-MailboxDatabase -Server $Server -ErrorAction SilentlyContinue))
    {
        throw "Exchange Server $Server does not have mailbox databases";
    }
# Make batch name
$date=Get-Date
$BatchName = "Export_$($date.Year)-$($date.Month)-$($date.Day)_$($date.Hour)-$($date.Minute)-$($date.Second)"

        Write-Output "Queuing Pre-defined mailboxes as batch '$($BatchName)' sequentially"

foreach ($element in $USRALIAS)
{

        if (Get-Item "$($ExportShare)$($element).PST" -ErrorAction SilentlyContinue)
        {
                Remove-Item "$($ExportShare)$($element).PST" -Confirm:$false
        }
        New-MailboxExportRequest -BatchName $BatchName -Mailbox $($element) -FilePath "$($ExportShare)$($element).PST"

        while ((Get-MailboxExportRequest -BatchName $BatchName | Where {$_.Status -eq "Queued" -or $_.Status -eq "InProgress"}))
        {
                Write-Output "Waiting on backup of $($element), refreshing every 60 seconds"
                sleep 60
        }
}

###REPLACE SMTP SERVER, FROM, and TO addresses and potentially subjects below.

        $SmtpClient = new-object system.net.mail.smtpClient("exchangeserver.com")
        $msg = new-object Net.Mail.MailMessage
        $msg.From = "phil@matthouse.us"
        $msg.To.Add("phil@matthouse.us")

    $Incomplete = Get-MailboxExportRequest -BatchName $BatchName | Where {$_.Status -ne "Completed"} | Get-MailboxExportRequestStatistics | Format-List
    if ($Incomplete)
    {
        Write-Output "Process didn't complete, Emailing report to admin"
        $msg.Subject = "Double.matthouse.org Backup Incomplete"
        $msg.Body = $Incomplete
        $SmtpClient.Send($msg)
    }

    $Completed = Get-MailboxExportRequest -BatchName $BatchName | Where {$_.Status -eq "Completed"} | Get-MailboxExportRequestStatistics | Format-List
    if ($Completed)
    {

        Write-Output "Backup done, sending the report to admin"
        $msg.Subject = "Double.matthouse.org Backup Complete"
        $msg.Body = $Completed
        $SmtpClient.Send($msg)
    }

# Remove Requests and clean up
Write-Output "Removing requests created as part of batch '$($BatchName)'"
Get-MailboxExportRequest -BatchName $BatchName | Remove-MailboxExportRequest -Confirm:$false

Write-Output "Process complete!"

About 2 months ago now, I finally got back to school and I got back to work on my Masters project, which is basically building a condor flock and programming on it.  For those of you who don’t know what that means, I’m building a variant of a super computer.  Last year, I spent hours putting together everything and making it all work, but there were tiny things here and there that I finally got time to address.  With 35 computers that do the same thing, generally, performing the same tasks to the machines is acceptable (for example, monthly updates).

Cron Jobs in Linux will run a script (or program) at a specified time (and date).  The description of a Linux cron job fits the bill perfectly for running updates automatically on the 35 machines that I’m tasked with keeping updated and running smoothly.  I am also aware that in Linux, NFS (Network File System) can share files between Linux enabled computers.  Using NFS, I can put a file in a central location and grab it from each computer automatically, run it, then move on. 

This seems like it would work, but I forgot one tiny problem, NFS is very insecure.  Let me explain, with NFS, there is no such thing as authentication (ouch).  NFS simply looks for computers on the network to request files and folders.  When a request is received, it looks at the user who made the request, then if that user has read / write access to the directory they requested from the server, they will get access.  Passwords aren’t sent, so there isn’t any kind of password that protects the information, you simply have to be logged in as that username to get to a user’s files on a server.  For this reason, typically when NFS is ran on a network, that network is heavily fire walled and the NFS server can only be reached by trusted computers on the network.  Even though trusted computers are specified on the network, it is very easy to spoof their identity with a personal Linux laptop and connect to the server.  This is why NFS also has something called root_squash which disables root from getting access to files on the server (since root can do anything in Linux, kind of like a Windows Administrator, but more powerful).

I decided to keep NFS for user’s files since it is easily implemented, and my network is physically secure to where users can’t plug into the network physically to spoof users.  However, I did decide that it would be best to squash root access to the NFS server.  From this information, I found that NFS will not be suitable to run scripts from since root is going to be running those scripts.  Therefore, I switched my approach to scp.  SCP in Linux is a utility that securely transfers files from one computer to another.  It is able to use public key encryption (RSA) to login to a remote machine as a user.  SCP is sort of like SSH, but it doesn’t provide a shell to the user.

With SCP and Cron ready to go, I wrote a script that would simply login to the head server as a user to download a script securely that each machine could run.  The script worked perfectly every time I ran it manually from the terminal, so my testing phase was done and I went to implement it as a cron.  What I found after implementing the cron on the 35 machines was that only 50% of the machines or about there actually ran the script.  Another weird consideration is that the 50% that ran the script was random.  At this point a few days later, I was wondering what was going on.  I began examining the cron job, figuring out if there was a bug of some sort, or something along those lines.  I suspected paths might be an issue, so I modified the cron job to contain full paths to each program.  For example, for cd (change directory), I changed that command to /usr/bin/cd which is the full path to the variable.  Linux usually sets a path variable when you login to it, so cd is automatically found in /usr/bin, but I figured that cron may not be doing that.  I continued getting the same problem.

After a week of being perplexed, I finally thought back to my algorithms class, and I remember something about a race condition.  Basically, what happens when 35 machines are bombarding one central machine simultaneously for information… Usually they give up after a while (a matter of seconds in the cyber world).  So with this in mind, I tried making the crons run at different times of the hour and furthermore, I also verified that the main file server didn’t have any limits set which would cause scp to fail at getting the file.  After an hour of modifying the cron jobs, they work perfect.

I wish I would have seen this problem sooner, but hopefully my mistake can help save someone else a week of their professional career

Before I get to the main point, I’d like to explain how a web server acts under the hood.  Deep down in the guts of the web server’s programming, there is a concept called a socket and a protocol.  Sockets are used to open a connection from any web browser (Internet Explorer, Firefox, Chrome, Safari, Opera, etc) to the web server sitting in a data center somewhere.  A socket is similar to establishing a telephone call to a friend, the wires that connect both ends of the telephone receivers together can be viewed as a socket.  A protocol can be simply described as a means of communication.  When you’re on the telephone, there is a way that you speak, for example, you expect to hear hello before the conversation begins, and there are pauses and such as both sides understand the other.  If the connection is weak, one side may ask to hear the message over again.  This is the normal protocol of a telephone call.  Computers are no different, they expect hello messages, acknowledgment messages and such to validate that the message each side got was the correct message.  In the web’s case, this protocol is called Hyper Text Transfer Protocol (HTTP).  Finally, there is data that is passed through the socket.  The data follows the protocol specification.  On the telephone, you’d begin speaking English, then once done, you’d wait for the other side to return its response in English.  Most web browsers understand HTML (Hyper Text Markup Language) and this is passed through the socket.  The last paragraph has been ultra simplified so that you can get the idea.

Contrary to popular belief, Windows hosting is actually just as compatible with the world as Linux hosting is!  Because of HTTP, all web servers must communicate using a single protocol which is HTTP.  All browsers that work with the web send an HTTP request to a web server for a certain content and the web server returns it.  It may not always be plain text (HTML is written in plain text), but at times it may be binary (1/0 encoded) data that contains an image or other files.  Regardless, the web server must be uniform in a response, it is up to the browser how this data may be displayed.

ASIDE: Most web developers are annoyed about how they HAVE to test Internet Explorer, Opera, Firefox, Chrome, and Safari to make sure that their web page looks correct.  Browsers all will get the same exact data from the server, but they parse the data differently.  Think of English, I’m sure that you’ve been in situations where you misunderstood the other party and therefore took a different action.  Computer browsers parse (or understand) the same web page differently, so they may display web pages a bit different than other browsers.  To implement (program) a browser, you need to look at the specification of the HTTP protocol and HTML language then give the browser methods to display what it understands.  There is no single way to write a parser, therefore all parsers (browsers in this case) may produce slightly different results.  In the past, Microsoft has been the worst offender since they didn’t fully implement the HTML specification which is well known, but they’ve gotten much better.

Back to the original topic, since all servers have to return the same exact data, it doesn’t matter what operating system is on the server, it will return the same compatible data regardless.  So now, what are the differences between Windows and Linux based hosting?

Windows Hosting-

• Price: Just like with your copy of Windows on your local computer, a copy of Windows for a server is quite pricey.  If you want the latest and greatest Windows Server version (currently 2008 R2), you are looking at anywhere between $300-$1500 PER COPY of Windows Server 2008 R2.  This is on top of the costs to keep the server running in a data center that is climate controlled and sufficiently powered (backup systems in place, multiple excellent internet connections to many providers).
• Stability: Windows has a monthly release of updates from Microsoft, sometimes these are more frequent as important issues are found and fixed.  Normally, 99% of Windows updates require a reboot of the server.  During the reboot, your websites are not accessible.  Therefore, you can easily look at 5 to 10 minutes of downtime at least once per month if your host cares anything about security.
• Ease of administration: Most administrators start in Windows and never leave because Windows typically babies the administrator through any task.  Windows has really nice wizards that take all the difficulty out of administration.  Windows also typically can fix itself if it runs into issues, so there is less time spent fixing problems.  Unfortunately, since administrators don’t need to know a lot to get by with Windows, some security measures are often overlooked.
• Control Panels: These are often desired in hosting since it gives the client the power to do anything with their website space, including create accounts, view statistics, add additional domains, control email accounts and more.  There are 4 control panels that I’m aware of, they are dotnetpanel, vdeck, plesk, helm.  All 4 of these controls panels can cost anywhere from $20-$100/month to maintain from their suppliers.
• Supported Languages: ASP.net, ASP, JSP, Perl (CGI), PHP, Python, Ruby, etc
• Supported Database Servers: MySQL, MSSQL, Oracle, etc

Linux Hosting-

• Price: Linux is free, so you’re really looking at the bare cost to keep the server running in a data center.  This dramatically reduces the cost of hosting.
• Stability: In my experience, I see the need to reboot a Linux server every 4 to 5 months due to a major security vulnerability that involves the kernel (the heart of Linux).  Linux can be easily updated without a reboot, so clients typically experience much less down time.
• Ease of administration: Linux has very few wizards and graphical screens that say “let me baby you through this dreaded task”.  In fact, Linux is 99% controlled by the command line when it is used as a server.  Often, Linux often will not even notify the administrator that there is a problem directly.  Therefore, administrators tend to monitor Linux more closely.  They also know the command line more because to get a server running in Linux takes a lot more knowledge than it does in Windows.  Linux administrators are also more likely to know about security measures more because they read more about flaws that are found.  This makes Linux administrators get a better pay check, but in the end, Linux tends to be very stable because the admins really know what they’re doing (in most cases).
• Control Panels: Like Windows, control panels on Linux cost between $20-$100/month from their suppliers.  The most common panel for Linux is CPanel, Plesk also exists.  These give you full control over your web space and in many cases, they also simply the administrator’s job by doing the hand editing of vital configuration files automatically (like Windows would do).
• Supported Languages: JSP, Perl (CGI), PHP, Python, Ruby, etc
• Supported Database Servers: MySQL, Oracle, etc

So, I’ve done a comparison, what is the verdict?  In my humble opinion, Linux is by far my choice of a hosting platform.  Although Linux admins may cost a little more, they really don’t cost enough more to make it unreasonable (Windows admins make a good pay check too!).  It does everything that Windows can do and more.  There is just one catch with Linux.  Linux doesn’t support Microsoft SQL Server or ASP.NET (active server pages) fully (You can achieve partial support using MONO).  Therefore, if you must have a website that uses either MSSQL or ASP/ASP.NET, I’m afraid that you have no choice if you want your website to work without problems.  Most websites are programmed in PHP, so this is rarely a problem, but for some businesses that started long before PHP was created, ASP is a need, therefore, Windows is needed.

Yet another Aside: You may have noticed that not too long ago, I added a new Windows server to Matthouse (bit).  This was added because I do not have a lot of ASP experience and I thought it would be nice to get some experience with it.  I’ve decided to use ASP to pull data from Microsoft Exchange to display a new calendar on FamousPhil.  I hope that this is done by the end of August!  Unfortunately, I cannot access Exchange from PHP, so I had no real choice but using ASP.net to pull data.

This blog post was made because I’ve always seen newbies go for Windows without a real reason.  Its sort of like the Mac fans who fight to get Mac products for no real advantage over something like the Android OS on Verizon Phones.  Hopefully this blog post will convince you that Linux is indeed a better choice unless you seriously want to learn or use ASP.net for your website.

SSH is the heart and soul of linux based computers because *everything* can be done through the command line simply.  Unfortunately, Windows is just starting to catch up with Telnet using a new application called powershell.  Powershell is very unlike the linux command line though since it is more a scripting language than a command based language.  This is why I always scratch my head when working with Microsoft Exchange Server’s Powershell commands and end up reverting to the famous Microsoft graphical administration interface which gives me the option of “next next next finish”.  I really do appreciate the Microsoft wizards that make software so easy to administer.  Anyways, Linux never started with a graphical desktop (Unlike Windows and Macintosh), therefore, the command line in linux is far easier to use when administering a system.

To get back to my original topic, I am a fan of passwordless entry into my own systems.  With linux and SSH, there are a few authentication methods, 1 being password entry, and 2 being public key authentication.  With a password login, you basically enter a username and password and you are logged into a command prompt on linux.

With public key authentication, you generate 2 keys at your local computer, one being a private key and the other being a public key.  Basically, you give the server you wish to connect to the public key, and only you hold onto the private key.  When you connect to the server, it will first give you the public key so that you can verify that the server is actually the server that you want to connect to.  This will be ignored on the first connect, but in the future, if this key changes, you will be notified that the server was possibly compromised.  Upon allowing the connection, you will give the server your private key and it will run some calculations on the key you provided.  If the result matches that of the server’s public key, you will be granted access.  Since keys are generally 256 hexadecimal characters long, these are much more secure than normal passwords, and they are generally much easier to use (unless your laptop is stolen).

So now onto how to actually use these keys:

1. Generate the key on your local machine (not the remote machine).
A. ssh-keygen -t rsa
2. Verify that your remote server has an ~/.ssh directory.  ~ in linux is the home directory.
3. Copy the local public key to the server
A. This can be done with: scp ~/.ssh/id_rsa.pub user@remote_server:~/.ssh/authorized_keys2
B. Notice I specified authorized_keys2… this is actually for SSH Protocol 2 which is a more secure SSH protocol than the original.
C. scp is secure copy in linux and it copies files between computers using SSH tunnels.
4. Attempt to ssh into your remote machine.  It should not need a password anymore.
A. ssh user@remote_server

Hopefully this helps make sense of SSH keys.

Afterthought on 2/4/10:
when using the scp command as a copy / paste above, this will overwrite your authorized_keys2 file on the remote computer.  To prevent this from happening, append to the file using this command (thanks Cris for pointing this out to me):

cat ~/.ssh/id_rsa.pub | user@remote_server “cat >> ~/.ssh/authorized_keys2“

First, I have a fairly simple environment set up for my backup.  I have a Linux backup server running samba sitting in Seattle (mthsweb2).  This server has the Windows IP white listed so that only my Windows server can connect to it to map a network share.  For those of you who don’t know what samba is, samba is a daemon in Linux that will allow Windows to naively connect to a Linux server for file sharing.  Samba is a very simple solution for mapping a network drive to Linux in Windows without needing any specialized software such as sftpdrive (not called something else).

I want to connect Windows to Linux so I mapped a network drive on the Windows server (and I made sure reconnect at login was checked).  I logged in using the proper credentials and saved them to my Windows user account.  I then proceeded to setup NTBackup (the Windows server backup utility).  Configuring NTBackup was quite simple, a few next’s and a couple of checks on my exchange server information, system state, and a few very important directories that hold onto ssl certificates for the server.  Naturally, the backup ran fine while I was logged in.  The problem was, when I was logged off the server, the backup failed because the network drive wasn’t there.

After some research, I found an easy way to solve this via batch scripting.  I could schedule a task in Windows that would run the batch script which would map the network drive for my system and execute NTBackup.  Below is the script  (you will need to customize the bold parts as described below):

—————————————————–
@echo off

net use z: serverbackup /persistent:yes

C:WINDOWSsystem32ntbackup.exe backup “@C:Documents and SettingsadminLocal SettingsApplication DataMicrosoftWindows NTNTBackupdatad.bks” /a /d “Set created 7/10/2009 at 1:49 PM” /v:no /r:no /rs:no /hc:off /m normal /j “d” /l:s /f “C:Documents and SettingsadminMy DocumentsBackup.bkf”

net use z: /d /y

exit
———————————————————

Now that we have a script, what do we put in place of the bold remarks?  Server should be the IP Address of your remote file server.  This can either be a Linux server running samba or a Windows File Server.  Either method will require that you open up a range of file sharing ports on your firewall, I tend to just whitelist the ip of the server doing the backup from the backup server’s firewall.  If you are curious of the ports, I believe you need TCP ports 135-139 open for Windows file sharing to work, but there may be more.    The bolded backup is the path from the file sharing server to where you want to store your backup.

To get the other bolded part, you will need to login to Windows and map a network drive under the letter you used in the script (Z in this case).  Once the drive is mapped, make sure you save your login credidentials.  Now goto the system backup utility in start>programs>accessories>system.  Select your desired backup files and when you get to the location selection screen, make sure you save to the network drive letter you created.  Then when you get to the finish screen, click advanced.  Do a normal backup appending to existing backups (or whatever you desire).  Schedule the job for later (try a few days or a week later).  You will need to type in your username / password up to 4 times until you get past this screen to the finish screen.   Once done configuring your backup, goto start>programs>accessories>system -> scheduled tasks.  Double click the backup you made and you should see something like the blurb in the batch script above.  You will need to copy this entire line and paste it into this batch script.  After you have this line successfully saved into your script, you should disconnect the drive letter from my computer by right clicking the drive and selecting disconnect.

Now take the entire composed batch script and paste it into a new notepad document.  Now goto file > save as on notepad and save it to a file like backup.bat in the c drive or someplace where it will be easily findable.

Now you can go back to the scheduled tasks, remove that backup job (its not needed anymore) and remove it from the recycle bin.  Now create a new scheduled task.  This time select the bat script you made and schedule it as needed.  Its a fairly simple set of on screen instructions to follow.  Once this task is scheduled you’re all set.

If you wish to test the batch script before making it a scheduled task, simply click on it and your backup should run perfectly.

Thats all there is to it.  This was a 5 minute fix for me and I no longer have to worry about finding a third party solution to making stable backups of my operating system.  In addition to this backup method, you might want to look into running a mirror where 2 drives copy each other live.  This will also prevent against data loss provided there isn’t any danger in the server room such as fire or water damage.

Prior to last October (2008), I have solved a wide array of problems consisting of Apache malfunctions and complete Server Hard Drive failures requiring data recovery, to simply having to unblock a person’s ip address from the firewall because they tried to login to the server incorrectly too many times.  I never really messed a server up so badly that I couldn’t undo what I attempted to fix in the first place.

The biggest problem that I have ever had up until October 2008 was with an email server’s outgoing email queue.  All email that was sent from this server would always be refused by other popular mail servers on the internet due to it not having the correct configuration.  I never did figure out that error, and instead I changed the software that manages the email server from LXAdmin to CPanel.  This fixed the problem, I never did understand why the server wouldn’t send, but CPanel fixed my mail problems and so many other problems that I sort of fixed on LXAdmin but didn’t really have a long term solution for.

Now that I have blabbed on enough about my experience, lets get to this blunder (I’m sure I’ve posted about it elsewhere, but I don’t recall putting it here).  In October, Justin, a good friend who runs AmpHosted came to me (this wasn’t the first time incase you are wondering) asking about some sort of tiny problem that he was somewhat unsure of how to fix, but he had the right idea and I confirmed it.  He also asked me how to free up space on the linux /var directory since his was getting pretty full.  I’m not sure how the conversation went anymore, however I know that there were a few possible solutions.

My first goal was to free up enough space so that the /var partition wouldn’t overflow and risk crashing the server.  Server crashes can be costly, and Justin was in no mood to lose money as a president of a strengthening hosting company.  So I began googling to figure out what log files were safe to delete.  I know that linux has a lot of log files that cannot be deleted safely, and I was finding these so I would know not to delete them.

My second goal was to have this partition expanded from free space on the other partitions so that the problem would have a more permanent solution (which did happen in November).

I then noticed that one of the mysql directories was using most of the space.  I quickly did a google search and read that it was safe to delete a mysql log directory.  Unfortunate for me, I only saw what I wanted to see, and didn’t read the article thoroughly.  Needless to say, I wiped out the /var/lib/mysql directory from his server, effectively freeing up a lot of disk space on the /var partition, and also wiping out the mysql server and all of the database files. On top of this, when I began looking for the backup files to quickly restore the databases within an hour, I found out quickly that some of the backups were corrupt and others non existant.  After restoring most of the server, one client lost a month of data and I felt horrible!

Since then, my admin buddies still push that blunder in my face.  I’m not entirely sure why because I still feel sorry for Justin.  I have also started taking the time to read what is safe to remove and not so I don’t accidently do something that bad again.  A mistake like that could have costed me my job or a pay cut if I was working directly for a big time hosting company, even if I did have 10 to 15 years of experience.

Since then, when it comes to matthouse and my own hosting company, or when I’m helping Justin, I always make sure to double check that I’m right before I proceed.  I know that I’m now slower, but I also have made changes to my procedures to make them more safe, sacraficing speed in my repairs.

I feel that I should write this blog for 2 reasons, 1. to make it known that I DO make mistakes and I’m not perfect, and also, I hope that anyone who reads this blog will make sure to check twice before doing an operation that is not reversable (at least easily).

I will be taking a system administration course next semester which is linux based with a FreeBSD pioneer teaching that course.   The final reason why I wrote this was to say how good of an Admin I consider myself now, so that after that course, I can re-rate myself and hopefully talk about a lot of my experiences in that class.

One final note, I’m still working on adminreference.com, and I will probably start posting more recent knowledge that I’ve acquired in the near future after this final week of college classes and work.

CPanel is the control panel that I choose to use for Matthouse hosting accounts, but why did I choose CPanel, what are its advantages and disadvantages?

I suppose I should first begin with a small description of what CPanel is.  CPanel allows the hosting client to modify all aspects of their site from an easy to use web-based interface such as FTP accounts, Email accounts, statistics, subdomains, additional domains to host, etc.  CPanel makes it very easy for the hosting company to give the client total control of their website without the requirement of providing full server access.

Here are the advantages of using CPanel:

1. Its very easy to install, just install Linux and run the installation script, it will configure most of your server automatically
2. Cpanel provides a very easy visual interface where you can manage your server.  There are several panels that are meant for administrators, clients, and even email users.  There are also very easy to follow tutorials posted on CPanel’s website for those users who may not know where to start
3. Cpanel automates most of the hosting experience which reduces stress on the hosting company

So, what are the disadvantages of hosting with CPanel?

1. I personally believe that CPanel is meant for websites that are small to medium. CPanel itself is a resource hog and requires at least 256MB of ram on the server to run, and this amount probably won’t even run a website getting 200 hits a day without running out of memory or running into swap space on the server.    Most servers will have much more RAM than this, but a base install should not require more than 50 to 60MB of ram.
2. On a default install, CPanel usually is optimized for a dedicated server with 4 to 16GB of RAM.  Even the VPS Optimized version of CPanel requires additional configuration to keep CPanel within check.  If you don’t do initial configuration in Apache, etc, you may run into memory errors easily since Apache will start up 20 to 30 processes at 1 to 6MB a piece.  In addition, most of the Apache configuration is default and many modules are missing such as Source Gaurdian which will protect PHP code from hurting your server.  In addition, CPanel doesn’t secure SSH or FTP, you you should still install a firewall and tighten SSH security.
3. CPanel is software which contains vulnerabilities just like any other software.    Cpanel updates run nightly, however what happens if someone discovers a security risk and decides to attack your server before the updates are pushed to your server covering the vulnerability?  To come back to my past disadvantage of Cpanel is meant for small to medium sites, I believe this aids to the arguement that big sites are more likely to be hacked than smaller sites.
4. CPanel costs money to license. This is rarely a factor to most big sites and companies because they have that kind of money to spend for something easy to use, however CPanel licenses are not cheap.  This really could be neither and advantage of disadvantage, but its worth sticking on my list of points to consider.

So when would I recommend a CPanel installation?  Thats simple, I’d recommend it for hosting companies that host many sites on a single server.  It reduces stress on the hosting company, and generally these servers have plentiful resources to handle CPanel in its entirety.  Also sites that are generally on shared CPanel hosting are not big enough to have a good probability of being hacked.

When would I not recommend installing CPanel.  I would personally say never install CPanel on a large site that gets over 5000 unique hits a day or more.  CPanel may make administering the site easier, however most sites that are this big bring in a lot of revenue  and paying for CPanel could be just slightly cheaper than hiring an experienced server administrator or a friend to run the server without CPanel.  Installing the core components and configuring them manually will also ensure that you have minimal code that can be hacked (Yes, web servers are software).  I’ve always been taught that the less code you use, the less likely there will be problems with it.

Thats all the time I have.  I might follow up on this depending on how many comments I receive.

Earlier today, I helped a friend in the hosting business move a massive website (http://clevelandleader.com) from his server to a virtual server that will just host that website.  This website is ranked ~76,000 on the alexa scale which means that it gets an insane amount of traffic.  My best guess would be 300 to 1500 loads per second.  The site itself has a huge mysql database that is over 2GB and the sql move alone almost crashed a dedicated server with a quadcore processor (it did have a lot of other websites on it though).  Regardless, after the move, my friend didn’t realize that a default whm (cpanel, inc) installation doesn’t optimize the server nearly enough for a large website like this.  Heck, I don’t even know if whm was made for such a large website.  I did optimize the server and compile apache correctly just to handle the needs of clevelandleader.com.  I also did a lot to prevent apache from crashing with the high load.

Traditionally, with such a large website such as cleveland leader, the web server hosting the site would only run a web server, no overhead like cpanel.  I feel that cpanel has made the hosting process much easier, but I just don’t think it was made to handle such a large website.   Also, the fact that cpanel uses the root password directly means that if there is a security vulnerability and the user obtains that root password through hacking or whatever, the server could be compromised not only from cpanel’s whm but also from the terminal through ssh (or a rare occasion of console access, meaning sitting in front of the server physically).  This could present a major problem.  Most smart hosting companies use cpanel’s wheel group to give su access to certain cpanel uesrs that can then login to the terminal via ssh and then su root with the root password to gain root.  This provides a 2 password layer and adds an additional layer of security to the server.

Another pitfall that large websites face is the need for a dedicated mysql server, that is if mysql can even handle the load.  Mysql was made for small to medium sites and it was made for maybe 100 to 200 queries per second, but much more than that and it undergoes a massive strain.  Many large websites find themselves moving to more powerful database servers such as Microsoft SQL or Oracle which are much more powerful solutions that were made for high loads.

So why am I even talking about this!  I felt that this would be the best way to introduce a new idea that I’m going to begin working on within the next couple of weeks.  I have purchased the domain (http://adminreference.com) and will begin a forum where users can share their administration experience and knowledge to the world.  I am a seasoned Windows administrator and a somewhat experienced Linux admin.  I find myself knowledgable about both server operating systems and I post tutorials on multiple websites that don’t really aim for administration concepts.  I also hope that some day this can help me when I am stuck on a massive problem.

I encourage you to stay informed as I begin this new journey.  I will likely be ready to release the site sometime in the next couple of weeks.  I am not sure how to market such a website, however I’m sure as people begin coming, someone will have knowledge about that as well.