Thursday, January 11, 2018

how long server has been up in linux using uptime command ?

Linux Server Uptime Command To Find Out How Long The System Has Been Running

Both Linux and Unix-like systems comes with various command to find out server uptime command. Under Linux file /proc/uptime has uptime information and file /var/run/utmp has information about who is currently logged on. However, information from /proc or utmp file is not directly readable by humans so you need to use the uptime command.
uptime - Tell how long the system has been running.

UNIX / Linux uptime command

Open a command-line terminal and then type the following commands:
Sample outputs:
 12:04:44 up 8 days, 19:42,  3 users,  load average: 1.56, 2.56, 1.96
Note: The uptime command gives a one line display of the following information.
1). The current time
2). How long the system has been running
3). How many users are currently logged on
4). The system load averages for the past 1, 5, and 15 minutes

See uptime in pretty format pass the -p option to the uptime command

#uptime -p
Sample outputs:
uptime -p
up 1 week, 1 day, 19 hours, 47 minutes

See uptime in system up since, in yyyy-mm-dd MM:HH:SS format pass the -s option to the uptime command

#uptime -s
uptime -s
2017-12-27 16:22:09

How to Disable Ctrl-Alt-Delete in Ubuntu ?

Having a physical access to the keyboard can simply use the Ctrl+Alt+Delete key combination to reboot the server without having to logged on, But we can prevent the use of this key combination on a production server for an accidental reboots.
To disable the reboot action taken by pressing the Ctrl+Alt+Delete key combination,
Comment out the following line in the file /etc/init/control-alt-delete.conf
$ sudo vi /etc/init/control-alt-delete.conf
$sudo gedit /etc/init/control-alt-delete.conf
Find line that read as follows:
exec shutdown -r now “Control-Alt-Delete pressed”
delete configuration line or comment out line by prefixing # symbol
#exec shutdown -r now "Control-Alt-Delete pressed"
Save and close the file.
But In 16.04
In the systemd world, Ctrl+Alt+Delete is handled by systemd starts this target whenever Control+Alt+Del is pressed on the console. Usually, this should be aliased (symlinked) to

Disable Ctrl+Alt+Delete using following command

$systemctl mask
$systemctl daemon-reload

Thursday, January 4, 2018

How to Find All Failed SSH login Attempts in Linux ?

Each attempt to login to SSH server is tracked and recorded into a log file by the rsyslog daemon in Linux. The most basic mechanism to list all failed SSH logins attempts in Linux is a combination of displaying and filtering the log files.
The most simple command to list all failed SSH logins is the one shown below.
#grep "Failed password" /var/log/auth.log
Sample output.
grep "Failed password" /var/log/auth.log
Sep 26 09:49:11 sshd[32138]: Failed password for ravi from port 33325 ssh2
Oct  2 23:04:25 sshd[25028]: Failed password for root from port 55800 ssh2
In order to display extra information about the failed SSH logins, issue the command as shown in the below example.
#egrep "Failed|Failure" /var/log/auth.log
In CentOS or RHEL, the failed SSH sessions are recorded in /var/log/secure file. Issue the above command against this log file to identify failed SSH logins.
#egrep "Failed|Failure" /var/log/secure
Sample output
Dec 29 16:11:01 localhost sshd[32526]: Failed password for root from port 31729 ssh2
Dec 29 16:11:04 localhost sshd[32526]: Failed password for root from port 31729 ssh2

Saturday, November 18, 2017

how to install and configure aws cli on linux ?

AWS Command Line Interface (CLI). Depending on your operating system ways are different for installation. I will show you installation of AWS CLI on Ubuntu and CentOS Linux OS.

Install AWS Command Line Interface ( CLI)
 Install AWS CLI in Ubuntu Linux
Pip is recommended method of installing AWS CLI on Linux which is python based tool helps in install, upgrade, and remove Python packages.
– Install python-pip package using apt-get
[root@linuxforfreshers~] apt-get install python-pip

Install AWS CLI using pip command

[root@linuxforfreshers~] pip install awscli

– Configure AWS CLI

You can configure it using “aws configure” command.

While configuring, it will ask you for the several information like AWS Access Key ID, AWS Secret Access Key, Default region name, Default output format. You need to provide that information. In my case below is the Access Key and Secret Access Key.

AWS Secret Access Key = HZiGF4VQKRzblpk8WmaQnwioR0qFhUO25phWptEi

Let’s configure it using command.

[root@linuxforfreshers~] aws configure
AWS Secret Access Key [None]: HZiGF4VQKRzblpk8WmaQnwioR0qFhUO25phWptEi
Default region name [None]: us-east-1
Default output format [None]:

Once configuration complete, It will create .aws folder in user’s home directory. Below is the content of .aws directory.
[root@linuxforfreshers~] ls .aws/
Config Credentials

[root@linuxforfreshers~] cat .aws/config
region = us-east-1
[root@linuxforfreshers~] cat .aws/credentials
aws_access_key_id = AKIAJRSF3SHFXWALVL2A
aws_secret_access_key = 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


 – Now Test if AWS CLI is installed correctly or not.

[root@linuxforfreshers~] aws help

If you are given wrong access_key u will get following error.

An error occurred (InvalidAccessKeyId) when calling the ListBuckets operation: The AWS Access Key Id you provided does not exist in our records.

– Check Version of AWS CLI.

[root@linuxforfreshers]aws --version
aws-cli/1.11.129 Python/2.7.6 Linux/4.4.0-59-generic botocore/1.5.92

Install AWS CLI in CentOS Linux

– Check if python is installed in your system or not. If not install it using below command.

[root@linuxforfreshers~]# yum -y install python

– Install Pip on Linux.
Download the installation script.
[root@linuxforfreshers~]# curl -O
  % Total    % Received % Xferd  Average Speed   Time    Time        Time  Current
                                    Dload  Upload   Total   Spent    Left  Speed
100 1388k  100 1388k    0       0   205k      0  0:00:06  0:00:06 --:--:--  265k

Run the script with Python.

[root@linuxforfreshers~]# python
  Downloading pip-7.0.3-py2.py3-none-any.whl (1.1MB)
    100% |████████████████████████████████| 1.1MB 155kB/s
Collecting wheel
  Downloading wheel-0.24.0-py2.py3-none-any.whl (63kB)
    100% |████████████████████████████████| 65kB 252kB/s
Collecting argparse (from wheel)
  Downloading argparse-1.3.0-py2.py3-none-any.whl
Installing collected packages: pip, argparse, wheel
Successfully installed argparse-1.3.0 pip-7.0.3 wheel-0.24.0

– Now install AWS command line using pip.

[root@linuxforfreshers~]# pip install awscli

– Let’s configure AWS CLI.

[root@linuxforfreshers~] aws configure
AWS Secret Access Key [None]: HZiGF4VQKRzblpk8WmaQnwioR0qFhUO25phWptEi
Default region name [None]: us-east-1
Default output format [None]:

– Verify either file and folder is created.

[root@linuxforfreshers~] ls .aws/
Config Credentials

[root@linuxforfreshers~] cat .aws/config
region = us-east-1
[root@linuxforfreshers~] cat .aws/credentials
aws_access_key_id = AKIAJRSF3SHFXWALVL2A
aws_secret_access_key = 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

Installation is complete now and you can start using aws cli.

Tuesday, November 7, 2017

How to kill defunct or zombie process in linux?


"defunct" processes is also known as a "zombie" processes. A Zombie process is referred as dead process which is receding on your system though it’s completed executing. In one shot we can say it’s a dead processes which is still in RAM. This process will be in your process table and consuming your memory. Having more defunct process will consume your memory which intern slows your system. We have to kill the defunct process in order to free RAM and make system stable.

What is a zombie process?
When a process finishes execution, it will have an exit status to report to its parent process. Because of this last little bit of information, the process will remain in the operating system’s process table as a zombie process, indicating that it is not to be scheduled for further execution, but that it cannot be completely removed (and its process ID cannot be reused) until it has been determined that the exit status is no longer needed.

When a child exits, the parent process will receive a SIGCHLD signal to indicate that one of its children has finished executing; the parent process will typically call the wait() system call at this point. That call will provide the parent with the child’s exit status, and will cause the child to be reaped, or removed from the process table.

Why defunct process are created?
Ans : When ever a process ends all the memory used by that process are cleared and assigned to new process but due to programming errors/bugs some processes are still left in process table. These are created when there is no proper communication between parent process and child proces

How do I remove zombie processes from a system?
Well, first you can wait. It’s possible that the parent process is intentionally leaving the process in a zombie state to ensure that future children that it may create will not receive the same pid. Or perhaps the parent is occupied, and will reap the child process momentarily.
Secondly, you can send a SIGCHLD signal to the parent (“kill -s SIGCHLD <ppid>“). This will cause well-behaving parents to reap their zombie children.
Finally, you can kill the parent process of the zombie. At that point, all of the parent’s children will be adopted by the init process (pid 1), which periodically runs wait() to reap any zombie children. Then system need reboot to kill zombie process.

Interview questions & answers

1. How to find a defunct process?
Ans : Using ps command
#ps -ef | grep defunct


Run “ps aux” and look for a Z in the STAT column.

ps aux | awk '"[Zz]" ~ $8 { printf("%s, PID = %d\n", $8, $2); }'

2. How can I kill a defunct process?
Ans : Just use kill command
#kill defunct-pid

3. Still not able to kill?
Ans : Then use kill -9 to force kill that process
#kill -9 defunct-pid

4. Still have an issue in killing it?
Ans : Then try to kill it’s parent id and then defunct.

#kill parent-id-of-defunct-pid


#kill -9 parent-id-of-defunct-pid

5. Still having defunct?
Ans : If you still find defunct process eating up RAM then last and final solution is to reboot your machine(This is not preferred on production boxes).

6.What is orphan process?
Ans : An orphan process is said to be a process which runs through parent process is terminated, these process do not know what to do and when to terminate.

7. What is difference between orphan and defunct processes?
Ans : A defunct process is a dead process where there is no execution happening whereas orphan process is a live process which is still in execution state but don't have parent process