Securely Storing Client User’s Password

I read an nice article here which talking about how we should store client user’s password securely with PHP and MySQL database. Basically the main idea is:

  • Don’t store the password as plaint text (obviously)
  • Don’t use reversible way to process the password such as encryption (so that no one can retrieve the original password even if they know how you process your password)
  • Don’t use MD5 alone to hash and store the password (because of rainbow table)
  • Don’t use a constant salt (because of rainbow table again, if someone know the salt you are using he can generate a rainbow table specially for the salt that you use)
  • Do make your password authentication process takes reasonably long time (to avoid brute force)
  • For extra security, generate the a new salt again each time after the client user logged in

The article has provided a PHP sample code on how to store the password securely using PHP and MySQL. Go take a look if you are lazy to understand what I am talking about.

Resize LVM Partition

I partitioned the server hard drive with previous sizing when I reinstalled the Red Hat. At that time I still don’t quite familiar with Linux yet and now, with better understanding on the application and Linux I found that the partition size is not good enough so I tried to resize it. I used the Red Hat Linux installation disc in rescue mode to resize the partition in LVM. Before the resize:

[root@server ~]# fdisk -l

Disk /dev/sda: 299.4 GB, 299439751168 bytes
255 heads, 63 sectors/track, 36404 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1          13      104391   83  Linux
/dev/sda2              14       36404   292310707+  8e  Linux LVM
[root@server ~]# lvm lvs
  /dev/hda: open failed: No medium found
  LV       VG         Attr   LSize  Origin Snap%  Move Log Copy%  Convert
  LogVol00 VolGroup00 -wi-ao 72.84G
  LogVol01 VolGroup00 -wi-ao 79.97G
  LogVol02 VolGroup00 -wi-ao 79.97G
  LogVol03 VolGroup00 -wi-ao 40.00G
  LogVol04 VolGroup00 -wi-ao  5.97G
[root@server ~]# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/VolGroup00-LogVol00
                       71G  724M   67G   2% /
/dev/mapper/VolGroup00-LogVol01
                       78G  242M   74G   1% /home
/dev/mapper/VolGroup00-LogVol02
                       78G  2.2G   72G   3% /usr
/dev/mapper/VolGroup00-LogVol03
                       39G   20G   18G  53% /var
/dev/sda1              99M   20M   75M  21% /boot
tmpfs                 2.0G     0  2.0G   0% /dev/shm
[root@server ~]#

Below is the command I used:

# Check partition status
fdisk -l
df -h
lvm lvs --units m
lvm vgdisplay /dev/VolGroup00

# Unmount all partition
swapoff /dev/VolGroup00/LogVol04
umount /mnt/sysimage/home
umount /mnt/sysimage/usr
umount /mnt/sysimage/var
umount /mnt/sysimage/boot
umount -l /mnt/sysimage/dev
umount -l /mnt/sysimage

# Reduce / to 20GB
e2fsck -f /dev/VolGroup00/LogVol00
resize2fs -p /dev/VolGroup00/LogVol00 20G
lvm lvreduce -L 20G /dev/VolGroup00/LogVol00

# Reduce /usr to 40GB
e2fsck -f /dev/VolGroup00/LogVol02
resize2fs -p /dev/VolGroup00/LogVol02 40G
lvm lvreduce -L 40G /dev/VolGroup00/LogVol02

#Extend /home to 90GB
lvm lvextend -L 90G /dev/VolGroup00/LogVol01
e2fsck -f /dev/VolGroup00/LogVol01
resize2fs -p /dev/VolGroup00/LogVol01

#Extend /var to 110GB
lvm lvextend -L 110G /dev/VolGroup00/LogVol03
e2fsck -f /dev/VolGroup00/LogVol03
resize2fs -p /dev/VolGroup00/LogVol03

#Extend swap to (Size of RAM x 2) + 1MB
lvm lvextend -L 8193M /dev/VolGroup00/LogVol04

#Fill up the disk to /
lvm lvextend -l +100%FREE /dev/VolGroup00/LogVol00
e2fsck -f /dev/VolGroup00/LogVol00
resize2fs -p /dev/VolGroup00/LogVol00

# After reboot, recreate swap space
swapoff -v /dev/VolGroup00/LogVol04
mkswap /dev/VolGroup00/LogVol04
swapon -v /dev/VolGroup00/LogVol04

Changing Hostname on Linux

Changing hostname on Linux seems to be an easy task but in fact it is easy to miss the place that required changes. Depends on which Linux you use, the method may varies:

For RHEL5 and RHEL6 

According to this article, here are some files and 1 command that needs to be edited and executed.

  1. Edit file /etc/hosts
  2. Edit file /etc/hostname (For RHEL7)
  3. Edit file /etc/sysconfig/network (For RHEL5, RHEL6)
  4. Execute the command hostname
  5. If you are using samba, you may also want to edit the samba configuration file at /etc/samba/smb.conf

For CentOS7

Actually there is a command called hostnamectl which you can use to change the hostname. I didn’t have the environment to test it. You may also need to edit some of the configuration file mentioned above to make it fully working.

Finally

I would suggest restarting the server to avoid trouble. As mentioned in that article, sendmail will not function properly without restart the sendmail.

Changelog

Edit 2016-05-30: Updated for RHEL7 with use of hostnamectl.

Edit 2015-06-22: Updated for RHEL7.