Die habe erfolgreich die AWS Certified Solutions Architect absolviert.
Autor: tomas.dusek@tomdus.de
Create Toolchain with ptxdist
This is a small introduction to create a toolchain with ptxdist (Version ptxdist-2019.08.0.tar.bz2)
sudo apt install libncurses5-dev python-dev
cd
mkdir ptxdist
cd ptxdist
wget http://public.pengutronix.de/software/ptxdist/ptxdist-2019.08.0.tar.bz2
tar -xjf ptxdist-2019.08.0.tar.bz2
cd ptxdist-2019.08.0
./configure --prefix /home/tomas/ptxdist/install
make
make install
cd /home/tomas/ptxdist/install/bin/
./ptxdist setup
Create your own toolchain
sudo apt install python3-dev
cd /home/tomas/ptxdist
wget https://public.pengutronix.de/oselas/toolchain/OSELAS.Toolchain-2018.12.0.tar.bz2
tar -xjf OSELAS.Toolchain-2018.12.0.tar.bz2
cd OSELAS.Toolchain-2018.12.0/
/home/tomas/ptxdist/install/bin/ptxdist-2019.08.0 select ptxconfigs/i686-atom-linux-gnu_gcc-8.2.1_glibc-2.28_binutils-2.31.1_kernel-4.19-sanitized.ptxconfig
/home/tomas/ptxdist/install/bin/ptxdist-2019.08.0 migrate
/home/tomas/ptxdist/install/bin/ptxdist-2019.08.0 go
change in selected_ptxconfig from PTXCONF_PREFIX=“/opt“ to PTXCONF_PREFIX=“/home/tomas/ptxdist/toolchain“
How To Setup and Orange PI One
This is a small introduction to setup orange pi one
Format and prepare SD Card
Prepare 32GB SD Card, thus Orange Pi One can boot from up to 32GB SD Card. I am using SDCard Formatter,
Install Linux image on SD Card
Download image, e.g Debian Buster based version from https://www.armbian.com/orange-pi-one/.
Use e.g. Etcher to flash linux image to SD Card:
First time boot
Insert an SD Card into Orange Pi One and connect power supply
How can I download public key from HTTPS vie openssl
Obtain public key for google.de
openssl s_client -connect google.de:443 | openssl x509 -pubkey -noout
Obtain certificate for google.de
openssl s_client -connect google.de:443 | openssl x509
Obtain certificate for google.de and store to google.crt
openssl s_client -connect autostadt.vwg:636 | openssl x509 -out google.crt
Connect to MySQL with python
The mysql libraries are not per see installed with python, thus:
sudo apt-get install python-mysql
Script:
#!/usr/bin/python
import MySQLdb
db = MySQLdb.connect(host="localhost", # your host, usually localhost
user="tomas", # your username
passwd="tomas1234", # your password
db="test") # name of the data base
# Create a cursor object that executes all required queries
cur = db.cursor()
# create sample table
cur.execute("CREATE TABLE IF NOT EXISTS tomastest(id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, data VARCHAR(100))")
# create sample data
cur.execute("INSERT INTO tomastest(data) VALUES('Test data'); commit;")
# execute select sql
cur.execute("SELECT * FROM tomastest")
# Get the number of rows in the resultset
numrows = cur.rowcount
print "Rows count: ",numrows
for row in cur.fetchall():
print row[0], row[1]
db.close()
If not providede, thus create test mysql db (sMySQL Docs)
mysql> CREATE DATABASE test;
mysql> use test
If not already exist create user (MySQL Docs)
mysql> CREATE USER 'tomas'@'localhost' IDENTIFIED BY 'tomas1234';
mysql> GRANT ALL ON test.* TO 'tomas'@'localhost';
How to create server key and certificate
How to create server key and certificate
openssl req -x509 -newkey rsa:2048 -keyout server.key -out server.crt -days 365
Convert PFX certificate to crt and key for apache httpd
How to convert PFX certificate to .crt and .key to use with apache httpd
Certificate in PFX format are commonly exported from MS Active Directory Using OpenSSL Command in Linux System:
openssl pkcs12 -in server.pfx -out server.key -nodes -nocerts
server.key
-----BEGIN ENCRYPTED PRIVATE KEY----- MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIl4COeWKpJooCAggA MBQGCCqGSIb3DQMHBAhzLEVbvIcuIASCBMhLiTd6/n6feWfBNRPDpeQl4oecUt6Q nQrGbtcbDlPaMcCjSrquZO3MCfwstPhv3kyk6ntc8A6MJZCALvAdf6g0xetNb4L0 ThoJ5IfsVM4K7SRy/Q4JxR6OWhdTVNSinc4aPncjJClImPmFc+QOrHuFY19Z9kTW nVsWOg3CG4tx2HfNVLrH3ZQJ7bM0Imohw464wGLf2k+l5/+XEnqqHfJLazx67GbP KGdq7YnZLWXv8j6E4ZLrxpEx+KyGgSqB8vcVMttpjM07iVTKD7ig0FwRaN2TlPeT FiK7n0y/UCIpH4KRFtJIgJfWuGkKUJFQVs+eiD8xZRM6sl6KvkebG4O4vEtJS2PF cXNfVxtbmhroOjRrP9Wjd0K9tZQ+zBGnhoF2fo5T8LCyeTRPeECFCiRoGmW2QF3y 8QHz017qw4CwfSPMQRf6Y6gTlvg9tFmuIHgA9YGSGXYgqNXYtkw7dxR40LsbKYTb y81j5EjT0Whn6dQYhYx4dSWGcx/m7Ybzlka9ftkrV+E9KvBh1eg8vjrU/VSAAFHo BmDCK3dxQNt5gDqlbjX5d/cmd9eu1oYGqZKkhC1fN0TRK7XmnPEZ8bHc+YCDzeHb yAEgETngSm2AOTFRd7TMpzHOaMJUMnFqX4QYeQfuerPkF3lvIf/OOi9UKdcYkY3Y 97zFqZny2rFVmaCiFk/a8X+Ecwn4xm9RZHeibo1dCTrZ54BIzO7bBaae7HOjxwwH ZqWCfLeFboZ2GoQ3zAhIOF3h8jL+UVHJRDKlJJix9i0uyOm0JmIzFyx7k1b1lr66 zxfQbl2H5up3GU2dzRRdNOfFefOmDqwSyJ6ZThzpSyhvqmDWlRdRoRQ105G+8OrP dj+Y/Kxm1znucHUHuaKrIOiwrHtXIX3Lfmp66/Azmw2TBBV/4sv5+lKwewXbPuSq 34lAXHYIw1/v85/KlAE3fr0O/u0ROofzpUKlhdCJ4c/1VrWvfdCmbbxjsXTIzLrY cvzT7FPo8avVE6jfgVKt9Y4Q8pmS2ZjvHmmB7HwwOpR/jDJwuvTRAly5s1rdrkW9 0sU3jrujY0zyV/oPyuBdJBmixFOrZx8jaYyoC6wgRzlfXBxi0wCIvOLRZE305co6 qFN1zRYjL8Hv1rj3kI+oRtGgg/al8/WItBG28l+N4Q3qucG3+fXZ7sTULHV5TIVp Ud6PjkstveK+3oosBxwkDqXtC4gdRSzjtnUHEWwE+Df2pqQGDEK0kLxisgorGaDz 0P4eYHce8y14UZty0y2KioyUW7nlunwsPAvResyNjqjgxJ7USaurRCspkIDDXrim C0c3Xj7J6F8wNakHCzX9cJamV9I0rYGDEEwM29MtS3W8UU03YeeAdGxbmZRXyOH8 xYZdHxCdh3QKxf3+U19LRdUEUdTWpa96yp4lcTZyvEK6AODjzY8Qg9PhZqAH1L1T 6HePzR70udLzEXiUci4H0oLqMtHJOhLfhsFZFiO0Std+nKUSJu5KdsXzxIhRAYCu 3oxhAGc8QaYruZ0qx2VZ3ujIcD+CzezqzXzjeKWrjP6dKEKx3uEP8qIRPnrkDX9d GpjKRI3ATOt8ojzgdreGv3Hg9qSAHXVl23ocTCl18HPRLzaF9TZrVhiuferQHO5k M3U= -----END ENCRYPTED PRIVATE KEY-----
openssl pkcs12 -in server.pfx -out server.crt -clcerts
server.crt
-----BEGIN CERTIFICATE----- MIIDXTCCAkWgAwIBAgIJAOu8IGet1qEEMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX aWRnaXRzIFB0eSBMdGQwHhcNMTcwNzA2MTE1MTAxWhcNMTgwNzA2MTE1MTAxWjBF MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAtM/17uVeeUsFzt0QL8OhoIbma5l6gpqRGZOPcbAMBmdVFcOgouwe8DLF Jt+2yZMnHbjdEMArgcDFOZW+jJKJiI7vV/fvMB5Ey50A57P4IADrwZN4nAHVqDD6 1v1ZwI9hintyUs+Mke1fDl++Q9D4eFfv36VEx6IV+xWdEREbJZPqxzQCNUDQhSwg Tsr/mWUKvwomY0Dt8l6BWPKIzlx0hOZFsz7mAc1FlRRodt0GaUtVJskPjjJ3WDsW zmk/RGViGKSpFyz8Dk9Sc7+lElCas39Yx8869DIRSdcgw0DU0kORZsIH4OJUUBn/ A8/CEkDOi1/2tYjnnzg7YUqjrDrDXQIDAQABo1AwTjAdBgNVHQ4EFgQUcR0veqM0 EAIVawdoqhln/mvEYFQwHwYDVR0jBBgwFoAUcR0veqM0EAIVawdoqhln/mvEYFQw DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEArPZNXaa7EG1tm4P65Mis 2u/Bf5qa8ylgJVKUfEvz6SQRKq+5NV7FE/CyVRGinkmNKy37G3IUV7J+UkaPx+Rz 7CwGQC3yIWOA/ASClTs4P/56sLZ5RxtzAdJ/bZZUKx4HhfkkWYFUEM1PCl8ZXJQq uWliKzF6Id/HdsgJtH7vBFyp0yuKoKrB2msRdPWK99D7ir6T2PZ457OqpQtJhGYW R9AvftZUG0QfsSSAOa942ItnPW7kgoU/pgV88zkvUYnAhEQ98NFSgTSQa83eaBXz id8lrrea7Yi5TXkArgh9kMQbuTWBbyJCAKKeBNV6nt7ZVLcTn22Xjkat+33BgaFh 4g== -----END CERTIFICATE-----
Network Konfiguration im CentOs7
Die default Konfiguration und Installation von CentOS7 hat deaktivirtem Netz (Network) nach dem boot:
$ nmcli d
Die Netzeinstellung werden in GUI mit $ nmtui
bearbeitet
Das vordefiniertes Netz „enp0s3“ soll „Automatisch verbinden“ gestellt werden um nach dem Reboot aktin zu sein
Zertifikats Inhalts auslesen
Wie lese ich den Inhalt des Zertifikates (*.pem oder *.crt) aus?
Der Inhalt des Zertifikates kann mit OpenSSL ausgelesen werden:
openssl x509 -in ZERTIFIKAT.CRT -text -noout
openssl x509 -in ZERTIFIKAT.PEM -text -noout
Beispiele
openssl x509 -in /etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem -text -noout
openssl x509 -in/etc/pki/tls/certs/localhost.crt -text -noout
Certificate: Data: Version: 3 (0x2) Serial Number: 18473 (0x4829) Signature Algorithm: sha256WithRSAEncryption Issuer: C=--, ST=SomeState, L=SomeCity, O=SomeOrganization, OU=SomeOrganizationalUnit, CN=centos1.localdomain/emailAddress=root@centos1.localdomain Validity Not Before: Oct 6 14:49:10 2016 GMT Not After : Oct 6 14:49:10 2017 GMT Subject: C=--, ST=SomeState, L=SomeCity, O=SomeOrganization, OU=SomeOrganizationalUnit, CN=centos1.localdomain/emailAddress=root@centos1.localdomain Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:c1:0d:b0:20:81:73:a4:3f:d2:09:33:bd:5f:3d: 42:d8:4f:0e:11:86:ad:6d:84:93:55:5c:9c:b6:00: 4e:a0:35:a9:72:68:0e:f7:3d:9f:7d:b7:73:a3:30: a5:d1:ea:c8:c3:6c:96:46:f2:9e:8c:d2:2c:5f:44: 4d:2b:07:35:f7:92:4e:48:80:a3:5f:d4:5f:16:82: 83:a5:f2:09:9e:74:b8:95:8f:55:13:1e:3d:a1:07: c7:11:24:f3:e7:75:3e:e5:da:4e:85:dd:b6:b9:b5: e3:32:8d:ec:23:08:bf:22:7c:c0:55:27:07:36:f2: b3:18:5a:6b:62:0d:9a:a4:d0:4a:e0:3a:ea:b6:31: d2:06:52:46:8a:6e:16:aa:cb:fe:bc:8a:f8:c8:94: 0f:ca:e1:78:a6:f9:b3:b6:69:07:0d:18:97:b1:60: 6e:24:4b:df:bf:ba:67:42:3e:2d:81:cf:f7:55:ed: 47:15:a0:00:b9:26:36:56:d3:29:d6:9e:bf:99:6d: 0f:a9:63:b8:4a:9f:f4:e0:f8:98:e5:ab:2e:81:9c: f3:eb:a3:0a:27:dd:4f:70:e9:3b:e2:c1:1f:07:fe: cb:1c:ee:5b:74:e9:31:b8:e8:5e:80:30:28:e6:e1: 7a:16:ac:25:d0:39:50:08:ff:db:71:5d:46:87:49: 47:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Key Usage: Digital Signature, Non Repudiation, Key Encipherment Signature Algorithm: sha256WithRSAEncryption 37:e0:e1:92:2a:cc:51:8a:4c:d4:31:91:20:f4:f3:72:b2:bb: 34:82:5c:e0:b1:29:33:b5:6d:c5:3b:42:50:8b:49:2b:cc:8c: 72:57:c3:ff:92:00:f4:cb:7e:00:34:86:88:ed:38:ea:10:57: 8d:43:fc:9d:ae:5c:9d:87:4f:73:c0:8d:79:e4:a3:44:de:b1: 27:6c:93:f3:c9:d1:b3:4c:df:6c:5f:0b:1e:19:e9:51:69:68: af:fb:47:45:85:03:64:04:a9:47:24:3a:8d:8b:b5:4f:0c:25: 44:e2:10:a8:58:6a:f9:8d:5d:3f:2f:9f:41:75:f5:04:47:a4: e1:90:53:a1:dc:a1:fa:20:5b:d5:41:79:cb:f5:47:66:1b:02: dd:94:bb:52:69:00:2c:3a:d5:44:0a:a4:15:23:36:fb:5c:aa: fa:28:af:89:17:fb:f4:c6:d7:8b:1b:14:d2:7d:6b:01:d2:33: eb:43:62:c0:bd:88:b9:31:86:ed:e7:28:11:b4:b2:9e:b3:1e: c6:3e:bd:54:8b:f9:53:ed:0d:c3:ea:1d:c2:54:53:b5:d5:83: 30:58:6e:37:87:9f:d8:cf:44:3f:29:90:0c:84:b7:9f:cb:4f: 11:f5:d0:a3:6e:ea:22:87:eb:9b:63:b9:9c:46:99:32:6d:a7: 42:3c:e8:a0
Backup und Wiederherstellung von MySQL Datenbank
Backup
Der Backup kann entweder von allen Datenbanken erfolgen:
sudo mysqldump --all-databases > /tmp/mysqldump.sql
mysqldump -u root -p --all-databases > /tmp/mysqldump.sql
oder mit nur eine Datenbank (Beispiel xwiki)
sudo mysqldump -u root -p xwiki > /tmp/xwiki.sql
Wiederherstellung
Wenn nur eine Datenbank wiederherstellt werden soll, dann muss die Ziel-Datenbank eingegeben werden:
mysql -u root -p --database=xwiki < /tmp/xwiki.sql
Weitere Information in https://dev.mysql.com/doc/refman/5.7/en/mysqldump-sql-format.html