• Monitor & Management of Linux Processes using Top Command

    In Linux environments, managing system processes efficiently is crucial for optimal performance and resource utilization. The top command serves as a powerful tool for real-time process monitoring, providing insights into CPU, memory, and overall system performance.

    Introduction to Top Command

    The top command is a versatile utility that offers a dynamic, real-time overview of system processes. When executed, it presents a continuously updated list of processes, sorted by various criteria such as CPU usage, memory consumption, and more.

    Understanding the Display

    Upon running the top command, the display is divided into several sections:

    • Header: Provides summary information about system uptime, total number of processes, CPU usage, memory usage, and more.
    • Process List: Displays a list of running processes, sorted by default based on CPU usage.
    • Command Bar: Offers interactive commands for managing processes, such as sorting, filtering, and killing.

    Changing Display Modes

    The top command allows users to customize the display according to specific monitoring requirements. Here are some common display modes:

    Memory Usage Mode

    To view processes sorted by memory usage:

    top -o RES
        

    This command sorts the process list based on the amount of memory (RES) each process is utilizing.

    CPU Usage Mode

    To display processes sorted by CPU usage:

    top -o CPU
        

    Using this command, processes are sorted based on their CPU consumption, with the most CPU-intensive processes listed at the top.

    Filtering Processes by User ID

    To filter processes by a specific user ID:

    top -u username
        

    Replace username with the desired user’s username. This command displays only the processes associated with the specified user.

    Killing Processes

    To terminate a process using the top command:

    1. Run top.
    2. Identify the PID (Process ID) of the process you want to terminate.
    3. Press k to enter PID mode.
    4. Enter the PID of the process.
    5. Press Enter.
    6. Confirm the action by pressing y.

    This process termination method provides a safe and controlled way to stop misbehaving or unnecessary processes.

    Keyboard Shortcuts

    While running the top command, users can utilize various keyboard shortcuts for enhanced functionality:

    • m: Toggle memory usage mode.
    • p: Toggle CPU usage mode.
    • k: Kill a process by entering its PID.
    • Shift + M: Sort processes by memory usage.
    • Shift + P: Sort processes by CPU usage.
    • Shift + U: Filter processes by user ID.
    • Shift + T: Sort processes by cumulative CPU time.
    • Shift + R: Reverse the sort order of processes.
    • Shift + H: Toggle thread display.

    Examples

    Let’s delve into practical examples of utilizing the top command:

    Example 1: View Memory Usage

    top -o RES
        

    This command sorts processes based on their memory utilization, allowing administrators to identify memory-intensive processes.

    Example 2: View CPU Usage

    top -o CPU
        

    With this command, users can monitor CPU-intensive processes, helping in troubleshooting performance issues related to CPU utilization.

    Example 3: Filter Processes by User ID

    top -u myusername
        

    By specifying a username, this command filters and displays processes associated with the specified user only.

    Example 4: Kill a Process

    To terminate a process with PID 1234:

    top
    k
    1234
        

    By entering the PID and confirming the action, the selected process is safely terminated, freeing up system resources.

    Watch Video Tutorial

    Conclusion

    The top command is an invaluable tool for Linux system administrators, offering real-time insights into system processes and resource utilization. By leveraging its various display modes, keyboard shortcuts, and functionalities, administrators can effectively manage and optimize system performance.

  • Authenticating with Password in Apache and Nginx on Raspberry Pi OS

    In this guide, we’ll learn how to set up password authentication in both Apache and Nginx on Raspberry Pi OS (Debian).

    Prerequisites

    Before you begin, make sure you have:

    • A Raspberry Pi running Raspberry Pi OS (Debian).
    • Apache and Nginx installed and configured.

    Setting Up Password Authentication in Apache

    Step 1: Create a Password File

    First, create a password file using the htpasswd utility. Replace username1 and username2 with the desired usernames:

    htpasswd -c /etc/apache2/.htpasswd username1
    htpasswd /etc/apache2/.htpasswd username2
        

    Step 2: Configure Apache

    Edit the Apache configuration file:

    sudo nano /etc/apache2/sites-available/000-default.conf
        

    Add the following lines inside the <VirtualHost> section:

            <Directory "/var/www/html">
                Options Indexes FollowSymLinks
                AllowOverride All
                Require all granted
                AuthType Basic
                AuthName "Restricted Content"
                AuthUserFile /etc/apache2/.htpasswd
                Require valid-user
            </Directory>
        

    Step 3: Restart Apache

    Restart the Apache service to apply the changes:

    sudo systemctl restart apache2
        

    Step 4: Access Restricted Content

    Now, when you access your website, you’ll be prompted to enter the username and password you created in Step 1.

    Setting Up Password Authentication in Nginx

    Step 1: Create a Password File

    Similar to Apache, create a password file using the htpasswd utility:

    sudo htpasswd -c /etc/nginx/.htpasswd username1
    sudo htpasswd /etc/nginx/.htpasswd username2
        

    Step 2: Configure Nginx

    Edit the Nginx configuration file:

    sudo nano /etc/nginx/sites-available/default
        

    Add the following lines inside the server block:

            location / {
                auth_basic "Restricted Content";
                auth_basic_user_file /etc/nginx/.htpasswd;
            }
        

    Step 3: Restart Nginx

    Restart the Nginx service to apply the changes:

    sudo systemctl restart nginx
        

    Step 4: Access Restricted Content

    Now, accessing your website in Nginx will prompt you to enter the username and password you created in Step 1.

    Conclusion

    Congratulations! You’ve successfully set up password authentication in both Apache and Nginx on Raspberry Pi OS. This adds an extra layer of security to your web servers.

  • How to Install OpenVPN Server on Windows 10 Pro 22H2

    How to Install OpenVPN Server on Windows 10 Pro 22H2 (Build 19045.3448)

    1. Set up OpenVPN

    Set up an OpenVPN connection following this guide

    2. Generate a TA key

    Generate a TA key and place it in the same folder as the other certificates/keys: openvpn --genkey --secret ta.key

    3. Update server.ovpn profile

    Append the following lines to your server.ovpn profile:

    # Route all traffic through VPN
    push "redirect-gateway def1"
    # Push Google DNS to prevent leak
    push "dhcp-option DNS 8.8.8.8"
        

    4. Update client.ovpn profile

    Append the following lines to your client.ovpn profile:

    # Block DNS leak
    block-outside-dns
        

    Here is my completed configuration file

    local 1.2.3.4
    port 9194
    proto udp
    dev tun
    ca ca.crt
    cert server.crt
    key server.key
    dh dh.pem
    auth SHA512
    tls-crypt tc.key
    topology subnet
    server 10.8.0.0 255.255.255.0
    push "redirect-gateway def1 bypass-dhcp"
    ifconfig-pool-persist ipp.txt
    push "dhcp-option DNS 8.8.8.8"
    push "dhcp-option DNS 8.8.4.4"
    push "block-outside-dns"
    keepalive 10 120
    cipher AES-256-CBC
    user nobody
    group nogroup
    persist-key
    persist-tun
    plugin /usr/lib/x86_64-linux-gnu/openvpn/plugins/openvpn-plugin-auth-pam.so login
    client-cert-not-required
    username-as-common-name
    verb 3
    crl-verify crl.pem
    explicit-exit-notify
    duplicate-cn
    

    5. Service Tweaks

    1. Open the Services window
    2. Find Routing and Remote Access and set it to: Startup type – Automatic
    3. Start the service

    6. Adapter Tweaks

    1. Open the network adapters window
    2. Right-click your internet adapter (e.g. Ethernet) and then: Properties -> Sharing -> Allow other network users to connect through this computer’s Internet connection
    3. (if applicable) From the drop-down list select your OpenVPN TAP adapter (e.g. Ethernet 2)
    4. Note: Only one adapter can be shared at a time, so if you don’t see the Sharing tab, make sure no other adapter is being shared.

    7. Registry Tweaks

    Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

    Value: IPEnableRouter

    Type: REG_DWORD

    Data: 0x00000001 (1)

    8. Configure a Static Route (if behind a router)

    You have to route all packets sent to the client’s virtual IP back to the VPN server.

    Example using Cisco router:

    • 10.8.0.0 – virtual network subnet
    • 255.255.255.0 – virtual network subnet mask
    • 192.168.1.175 – VPN server internal IP (in the subnet of the router)

    9. Issues with ICS (Internet Connection Sharing)

    There are a few issues you might encounter when using OpenVPN together with ICS:

    • ICS by default automatically assigns a static IP (192.168.137.1) on your LAN adapter, conflicting with OpenVPN IP. To address this, change OpenVPN config to have a consistent IP range or change HKLM\System\CurrentControlSet\services\SharedAccess\Parameters\ScopeAddress to 10.8.0.1.
    • On some later Windows versions, ICS might stop working after a reboot. The way to address this is mentioned in this Microsoft support article.

    10. Final OpenVPN Tweaks

    1. Right-click openvpn-gui.exe and then: Properties -> Compatibility -> Run this program as an administrator
    2. (optional) Configure the OpenVPN server to start and connect automatically:
    "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" --connect server.ovpn