Ubuntu 16.10
ubuntu 16.10
ssh root@138.197.x.x
adduser eric
usermod -aG sudo eric
ssh-keygen
ssh-copy-id eric@138.197.x.x
sudo nano /etc/ssh/sshd_config
PermitRootLogin without-password
PasswordAuthentication no
sudo nano /etc/nanorc
set tempfile
set autoindent
sudo systemctl reload sshd
exit
ssh eric@138.197.x.x
sudo ufw app list
sudo nano /etc/ufw/applications.d/tinc
[Tinc]
title=Tinc 655
description=Mesh VPN
ports=655/tcp|655/udp
sudo ufw app update Tinc
sudo ufw app info Tinc
sudo ufw allow in on tun0 to any app Tinc from 10.0.0.0/24
sudo ufw allow out on tun0 to any app Tinc
sudo nano /etc/ufw/applications.d/elasticsearch
[ElasticSearch]
title=ElasticSearch
description=Data nodes cluster
ports=9200:9400/tcp|9200:9400/udp
sudo ufw app update ElasticSearch
sudo ufw app info ElasticSearch
sudo ufw allow in on tun0 to any app ElasticSearch from 10.0.0.0/24
sudo ufw allow out on tun0 to any app ElasticSearch
sudo ufw allow in OpenSSH
sudo ufw allow out OpenSSH
sudo ufw enable
sudo ufw status verbose
sudo ufw disable
sudo ufw reset
sudo nano /etc/default/ufw
# IPV6
sudo nano /etc/services # to view list of services/ports
sudo apt-get install nmap
sudo nmap -O 671xxxx.com
sudo nmap -sV 671xxxx.com
sudo nmap -vv 671xxxx.com
sudo nmap -sP 10.0.0.1/24
sudo nmap -sP 10.0.0.1-10
sudo nmap -e tun0 10.0.0.1-10
sudo apt-get install python-software-properties software-properties-common
sudo add-apt-repository ppa:git-core/ppa -y
sudo apt-get update
sudo apt-get install git -y
git --version
sudo add-apt-repository -y ppa:webupd8team/java
sudo apt-get update
sudo apt-get -y install oracle-java8-installer
sudo nano /etc/envirnment
echo $JAVA_HOME="/usr/lib/jvm/java-8-oracle"
echo $JRE_HOME="/usr/lib/jvm/java-8-oracle/jre"
echo $JDK_HOME="/usr/lib/jvm/java-8-oracle"
source /etc/environment
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.1.1.deb
sudo dpkg -i elasticsearch-5.1.1.deb
sudo update-rc.d elasticsearch defaults. ( or sudo systemctl enable elasticsearch.service)
sudo updatedb
nano /etc/elasticsearch/elasticsearch.yml
bootstrap.mlockall: true # or is it? bootstrap.memory_lock: true
nano /etc/default/elasticsearch
ES_HEAP_SIZE=1g
MAX_LOCKED_MEMORY=unlimited
sudo service elasticsearch restart
sudo nano /opt/elasticsearch/config/elasticsearch.yml
ps aux | grep -i elasticsearch
sudo kill XXX
/opt/elasticsearch/bin/elasticsearch -d
sudo apt-get install tinc
sudo apt-get install bridge-utils
sudo mkdir -p /etc/tinc/propertydb/hosts
sudo nano /etc/tinc/propertydb/tinc.conf
Name = pdb1
AddressFamily = ipv4
Interface = tun0
ConnectTo = pdb2
ConnectTo = pdb3
ConnectTo = www1
ConnectTo = imac
sudo nano /etc/tinc/propertydb/hosts/pdb1
Address = 138.197.212.21
Subnet = 10.0.0.1/32
sudo tincd -n propertydb -K4096
sudo nano /etc/tinc/propertydb/tinc-up
ifconfig $INTERFACE 10.0.0.1 netmask 255.255.255.0
sudo nano /etc/tinc/propertydb/tinc-down
ifconfig $INTERFACE down
sudo chmod 755 /etc/tinc/propertydb/tinc-*
sudo nano /etc/tinc/propertydb/hosts/pdb2
Address = xxx.xxx.xxx.xxx
Subnet = 10.0.0.2/32
sudo nano /etc/tinc/propertydb/hosts/pdb3
Address = xxx.xxx.xxx.xxx
Subnet = 10.0.0.3/32
sudo nano /etc/tinc/propertydb/hosts/www1
Address = xxx.xxx.xxx.xxx
Subnet = 10.0.0.10/32
-----BEGIN RSA PUBLIC KEY-----
-----END RSA PUBLIC KEY-----
sudo nano /etc/tinc/propertydb/hosts/imac
Address = 189.176.x.x
Subnet = 10.0.0.100/32
sudo nano /etc/tinc/nets.boot
# vpn network name for startup script
propertydb
sudo apt-get install gcc
sudo apt-get install make
sudo apt-get install autoconf
sudo apt-get install gettext
sudo apt-get install liblzo2-dev
sudo apt-get install zlib1g-dev
sudo apt-get install libssl-dev
sudo apt-get install texinfo
sudo apt-get install build-essential
curl -OL http://ftp.gnu.org/gnu/make/make-4.2.tar.gz
tar -xzf make-4.2.tar.gz
cd make-4.2
./configure && make && sudo make install
curl -OL http://mirrors.concertpass.com/gcc/releases/gcc-6.2.0/gcc-6.2.0.tar.gz
tar -xzf gcc-6.2.0.tar.gz
cd gcc-6.2.0
./configure && make && sudo make install
curl -OL http://zlib.net/zlib-1.2.8.tar.gz
tar -xzf zlib-1.2.8.tar.gz
cd zlib-1.2.8
./configure && make && sudo make install
# may need to install via package ("apt-get install liblzo2-dev" and "atp-get install libssl-dev")
curl -OL http://www.oberhumer.com/opensource/lzo/download/lzo-2.09.tar.gz
tar -xzf lzo-2.09.tar.gz
cd lzo-2.09
./configure --enable-shared && make && sudo make install
curl -OL http://ftp.gnu.org/gnu/texinfo/texinfo-6.3.tar.gz
tar -xzf texinfo-6.3.tar.gz
cd texinfo-6.3
./configure && make && sudo make install
curl -OL http://ftp.gnu.org/gnu/m4/m4-1.4.17.tar.gz
tar -xzf m4-1.4.17.tar.gz
cd m4-1.4.17
./configure && make && sudo make install
curl -OL http://ftpmirror.gnu.org/autoconf/autoconf-2.69.tar.gz
tar -xzf autoconf-2.69.tar.gz
cd autoconf-2.69
./configure && make && sudo make install
curl -OL http://ftp.gnu.org/gnu/automake/automake-1.15.tar.gz
tar -xzf automake-1.15.tar.gz
cd automake-1.15
./configure && make && sudo make install
curl -OL https://mirrors.kernel.org/gnu/libtool/libtool-2.4.6.tar.gz
tar -xzf libtool-2.4.6.tar.gz
cd libtool-2.4.6
./configure && make && sudo make install
curl -OL https://tinc-vpn.org/packages/tinc-1.1pre14.tar.gz # 1.1pre14
tar -xzf tinc-1.1pre14.tar.gz
apt-get install build-essential
apt-get install libreadline-dev
apt-get install libncurses5-dev
apt-get install libssl-dev
apt-get install liblzo2-dev
cd tinc-1.1pre14
./configure --prefix=/ --exec-prefix=/usr --datadir=/etc --localstatedir=/var
make
make install
sudo mkdir -p /etc/tinc/propertydb/hosts
cp mv or mkdir property with tinc.conf, tinc-up, tinc-down, and hosts folder
sudo chmod 755 /etc/tinc/propertydb/tinc-*
tinc -n propertydb generate-keys # creates both
tinc -n propertydb generate-ed25519-keys # if you already have rsa
tincd -c /etc/tinc/propertydb --pidfile=/var/run/tinc.propertydb.pid -D --debug=5
sudo tincd -n propertydb -d5 -D
nano /etc/systemd/system/tinc@propertydb.service
[Unit]
Description=Tinc Daemon
After=network.target
Requires=network.target
[Service]
Type=simple
ExecStart=/usr/sbin/tincd -D -n propertydb -L -R
Restart=always
[Install]
WantedBy=multi-user.target
systemctl daemon-reload
systemctl enable tinc@propertydb.service
systemctl start tinc@propertydb.service
systemctl status tinc@propertydb.service