thorko.deLinux / Unix systems administrator

Latest SysadminDB entries

Poodle-Attack - Disable SSLv3 in apache, postfix, dovecot


In your site configuration add

SSLProtocol all -SSLv2 -SSLv3 +TLSv1 +TLSv1.2 +TLSv1.1
SSLHonorCipherOrder On



In your file

smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3



In your 10-ssl.conf file

ssl_protocols = !SSLv2 !SSLv3
# SSL ciphers to use
#ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL


To test if SSLv3 is disabled you can run

openssl s_client -connect -ssl3


Install dependency when compiling from source

When you install some software from source it is always a pain to get the packages which are needed for dependency. Auto-apt is a package which solves this issue.

~$ apt-get install auto-apt
~$ auto-apt update
~$ auto-apt update-local
~$ auto-apt -y -x run ./configure .....

auto-apt will check during the configure run which packages are needed and installs them automatically.

Use perl to compare version numbers

~$ perl -wle 'print 1 unless "7.0.23-1" gt "7.0.25-2"'

Show memory consumption by process

~$ ps -e -orss=,args= | sort -b -k1,1n | pr -TW$COLUMNS

Bash hints

change to previous directory

cd -

change to home


rename many files at once

for f in *;do mv $f ${f/test/prod};done

ctrl-aMove cursor to beginning of line
ctrl-eMove cursor to end of line
meta-bMove cursor back one word
meta-fMove cursor forward one word
ctrl-wCut the last word
ctrl-uCut everything before the cursor 
ctrl-kCut everything after the cursor
ctrl-yPaste the last thing to be cut

do a fast backup of file

cp test1.cfg{,.bak}

do a fast copy and replace

cp $a ${a/1/2}


untar a gzipped file
$ gzip -dc | tar -tf -        # show content of file
$ gzip -dc | tar -xvf -     # extract files

(c) 2014 by