Centos – Create an FTP yum repository with out user authentication for your private Network

Create a YUM repo that retrieves files from an VSFTP server. This tutorial is closely tied to the tutorial that shows how to create a YUM repository using Apache, which is located here. In this how to the same repository directory will be used that Apache is using but we will also make it available via VSFTP. Reason being is that there is no need to have double copies of the same files on the same server.

Setup your YUM Repo Server

1) Install VSFTP

yum install vsftpd

2) Create your YUM directory 

mkdir /var/ftp/ftp_repo

3) Mount the contents of your YUM repository that Apache servers to this newly directory

mount --bind /storage/Centos06/centos/ /var/ftp/ftp_repo/

4) Allow user root to access the ftp directory by uncommenting out the user root

vi /etc/vsftpd/user_list

5) Start your VSFTPd Service

service vsftpd start

Make sure that your firewall will allow FTP connections.

Setup your client machine

1) Create your new repo file

vi /etc/yum.repos.d/ftp.repo

2) Add the following entries

[ftp_repo]
name=ftp_repo
baseurl=ftp://192.168.1.26/ftp_repo
enabled=1

 

Run yum repolist in order to see YUM sees your new repo. Then run yum update in order to make sure it can login to the FTP server.

Share Button

BASH – Script that reports failed SSH connections

It will scan for servers in the network you specified and detect which servers have the SSH port open thus avoiding any non SSH running servers such as Windows (saves a huge amount of time).  In other words you can only SSH to a server by actually typing your password.

The script assumes that ssh passwordless access is not setup. In order for this to work you will need to install the sshpass utility found in the EPEL yum repository and also have nmap installed.  The script will only report on which servers a specific username failed to connect.

 

>SSH_failure
ADMINLOGIN="gmastrokostas"
ADMINPASS="SomePassword"
#It is useless to scan host ".1" and ".255". In fact it is borderline dangerous to scan 255 because the router will broadcast the command on all servers which will lead to a lot of traffic 
nmap_network=`nmap -n -P0 -p22 192.168.1.2-254 | grep Interesting | awk '{print $4}' | awk -F: '{print $1}'`

for loop in $nmap_network;
do
/usr/bin/sshpass -p $ADMINPASS ssh -oStrictHostKeyChecking=no -oCheckHostIP=no -t $ADMINLOGIN@$loop exit;
if [[ $? -gt 0 ]];
then
echo "Failed to connecit to server "$loop"" >> SSH_failure
else
echo "Success on $loop";
fi
done
echo "Here are the servers user name $ADMINLOGIN cannot login"
for loop in `awk '{print $6}' SSH_failure`; do nslookup $loop | grep name | awk '{print$4}'; done;
Share Button