Category Archives: Linux

Ubuntu 12/04にOpenCV 2.4.5をインストール

1.ダウンロードURL:
http://opencv.org/
OpenCV2.4.5を解凍
/home/ユーザー名/opencv2.4.5

2.cmakeのインストール
$sudo apt-get install cmake

3.opencvのコンパイル
3.1.opencvの解凍ディレクトリにbuildフォルダを作成
$cd ~/opencv2.4.5

$mkdir build

$cd build

$cmake -D CMAKE_BUILD_TYPE=RELEASE -D CMAKE_INSTALL_PREFIX=/usr/local -D BUILD_PYTHON_SUPPORT=ON ..
3.2 cmakeを実行
$make
$sudo make install
4.インストールが成功したかどうかをテスト
$cd ~/opencv2.4.5/samples/c

$g++ pkg-config --cflags opencv -o mydelaunay delaunay.c pkg-config --libs opencv

「Linux」サーバーでウェブサイトが重い原因を調べる方法

1.システムのパフォーマンスを見る:メモリ、CPUとディスク
free -m //メモリ
top //cpu負荷
df -h //ディスク容量
2.topのステータスの確認
netstat -n | awk ‘/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}’

3.iftopでトラフィックを確認
iftop – i eth0
TX:トラフィックの送信量
RX:トラフィックの受信量
TOTAL:トラフィックの総量
peak:瞬間に発生したトラフィックの最大量
rates:平均値

「Linux」OpenSSLでのプライベート認証局(CA)と自己証明書の作成手順

1.CA鍵ペアが生成
[root@localhost ~]# cd /etc/pki/CA/
[root@localhost CA]# ls
certs crl newcerts private
[root@localhost CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048)
Generating RSA private key, 2048 bit long modulus
………………………………………………….+++
……..+++
e is 65537 (0x10001)
[root@localhost CA]# ls -l private/cakey.pem
-rw——- 1 root root 1675 Mar 19 18:55 private/cakey.pem
[root@localhost CA]#

2.自己署名証明書を生成

[root@localhost ~]# cd /etc/pki/CA/
[root@localhost CA]# ls
certs crl newcerts private
[root@localhost CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048)
Generating RSA private key, 2048 bit long modulus
………………………………………………….+++
……..+++
e is 65537 (0x10001)
[root@localhost CA]# ls -l private/cakey.pem
-rw——- 1 root root 1675 Mar 19 18:55 private/cakey.pem
[root@localhost CA]#

3.必要なファイルを作成
[root@localhost CA]# touch index.txt serial crlnumber
[root@localhost CA]# echo 01 > serial
[root@localhost CA]#

4.アプリケーションサーバ鍵は証明書の構成ディレクトリに保存
[root@localhost ~]# mkdir /etc/httpd/ssl
[root@localhost ~]# cd /etc/httpd/ssl
[root@localhost ssl]# (umask 077;openssl genrsa -out httpd.key 1024)
Generating RSA private key, 1024 bit long modulus
………………….++++++
…++++++
e is 65537 (0x10001)
[root@localhost ssl]# ls -l
total 4
-rw——- 1 root root 887 Mar 19 11:24 httpd.key
[root@localhost ssl]#
5.証明書を生成して、リクエストを署名
[root@localhost ssl]# openssl req -new -key httpd.key -out httpd.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [XX]:JP
State or Province Name (full name) []:tokyo
Locality Name (eg, city) [Default City]:shinakawa
Organization Name (eg, company) [Default Company Ltd]:startnews24
Organizational Unit Name (eg, section) []:Linux Operation
Common Name (eg, your name or your server’s hostname) []:ca.arkgame.com
Email Address []:caadmin@arkgame.com
Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
[root@localhost ssl]# ls -l httpd.csr
-rw-r–r– 1 root root 720 Mar 19 11:27 httpd.csr
[root@localhost ssl]#

6.CAにリクエストファイルを送信
[root@localhost ssl]# ls
httpd.csr httpd.key
[root@localhost ssl]# scp httpd.csr root@172.16.5.3:/etc/pki/CA
The authenticity of host ‘172.16.5.3 (172.16.5.3)’ can’t be established.
RSA key fingerprint is b1:b0:d8:51:a6:10:63:6f:ec:9a:47:96:2b:81:f4:75.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘172.16.5.3’ (RSA) to the list of known hosts.
root@172.16.5.3’s password:
httpd.csr 100% 720 0.7KB/s 00:00
[root@localhost ssl]#

7.CA署名付き証明書
[root@localhost ~]# cd /etc/pki/CA/
[root@localhost CA]# ls -l httpd.csr
-rw-r–r– 1 root root 720 Mar 19 19:28 httpd.csr
[root@localhost CA]# openssl ca -in httpd.csr -out httpd.crt -days 3650
Using configuration from /etc/pki/tls/openssl.JPf
Check that the request matches the signature
Signature ok
Certificate Details:
Serial Number: 1 (0x1)
Validity
Not Before: Mar 19 11:31:27 2014 GMT
Not After : Mar 16 11:31:27 2024 GMT
Subject:
countryName = JP
stateOrProvinceName =tokyo
organizationName = startnews24
organizationalUnitName = Linux Operation
commonName = ca.arkgame.com
emailAddress = caadmin@arkgame.com
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
20:EB:87:77:A1:8B:2C:04:B0:B9:08:29:4D:57:F3:81:29:9B:56:3F
X509v3 Authority Key Identifier:
keyid:6E:55:BA:24:FB:A2:5E:A1:46:8F:55:AE:5E:91:32:F4:0A:B3:9E:A2
Certificate is to be certified until Mar 16 11:31:27 2024 GMT (3650 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

8.証明書をリクエスト側に返す
[root@localhost CA]# scp httpd.crt root@172.16.5.6:/etc/httpd/ssl
The authenticity of host ‘172.16.5.6 (172.16.5.6)’ can’t be established.
RSA key fingerprint is 4e:15:59:c4:6e:b3:10:5b:46:e5:a8:b5:2d:05:29:be.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘172.16.5.6’ (RSA) to the list of known hosts.
root@172.16.5.6’s password:
httpd.crt 100% 3929 3.8KB/s 00:00
[root@localhost CA]#

9.証明書の確認
[root@localhost ssl]# ls -l httpd.crt
-rw-r–r– 1 root root 3929 Mar 19 11:33 httpd.crt
[root@localhost ssl]# cat httpd.crt
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=JP, ST=tokyo, L=shinakawa, O=startnews24, OU=Linux Operation, JP=ca.arkgame.com/emailAddress=caadmin@arkgame.com
Validity
Not Before: Mar 19 11:31:27 2014 GMT
Not After : Mar 16 11:31:27 2024 GMT
Subject: C=JP, ST=tokyo, O=startnews24, OU=Linux Operation, JP=ca.arkgame.com/emailAddress=caadmin@arkgame.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:f1:f6:5b:ad:82:7c:ca:27:df:7d:64:d2:bb:02:
69:81:3a:c0:10:1c:a8:d0:be:12:d3:e5:d6:02:b2:
3c:ee:49:9f:db:67:9e:65:3d:5f:36:8e:c2:0e:3b:
33:7e:b5:9a:25:e0:61:96:8f:79:e9:86:ca:d4:77:
6e:8a:b5:d2:f9:0e:72:f7:0b:dd:e6:55:63:ce:06:
ee:0f:6c:2d:44:68:4d:bd:02:11:79:7c:1d:fb:06:
49:cf:f4:ff:3d:e7:6b:99:74:5b:43:3a:de:ab:83:
a1:e0:d3:fe:64:f9:17:59:64:7a:c2:da:a5:46:8c:
74:94:93:9b:49:78:bc:cb:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
20:EB:87:77:A1:8B:2C:04:B0:B9:08:29:4D:57:F3:81:29:9B:56:3F
X509v3 Authority Key Identifier:
keyid:6E:55:BA:24:FB:A2:5E:A1:46:8F:55:AE:5E:91:32:F4:0A:B3:9E:A2
Signature Algorithm: sha1WithRSAEncryption
15:c0:88:62:d1:e1:fe:f5:6d:95:f9:41:a3:51:f7:13:39:cb:
dc:1d:ef:22:5b:77:e1:a2:3b:38:c5:85:b7:ad:b4:ac:18:93:
7c:0b:95:0c:32:a8:33:0d:d5:34:47:57:ae:b6:a5:04:6c:cc:
81:0b:64:97:a1:c9:91:ed:56:1b:da:0a:62:34:7a:48:8d:07:
3e:00:c2:df:53:fd:0d:a2:8a:84:33:af:5a:1c:c6:81:3c:22:
e3:da:7e:ab:00:2e:57:8f:ba:34:2d:1d:06:5a:ce:d6:2a:f3:
6c:67:da:12:cf:94:54:19:9e:10:d3:38:d9:6d:ac:a8:06:34:
a1:3c:95:3a:ba:3a:44:23:c1:c1:4f:31:d8:93:1a:09:58:80:
d0:62:3f:00:a1:89:ec:ce:48:e9:86:1b:56:65:0f:84:90:9d:
9d:ee:94:09:25:2a:81:13:eb:61:e6:36:55:19:f6:22:34:94:
27:38:db:12:df:c0:f4:c1:80:b9:4d:36:43:1a:fe:1b:80:f5:
1c:25:6f:1d:8e:fa:6e:53:25:9c:47:54:82:c4:82:2c:1e:14:
68:6f:9c:ce:79:9c:45:38:e1:b0:d8:60:df:f2:f9:d1:d3:67:
cf:6e:d4:6f:75:f8:c2:65:0b:9e:97:b4:02:a9:34:3a:99:65:
9a:dd:f7:c1
—–BEGIN CERTIFICATE—–
MIIDlTCCAn2gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBmjELMAkGA1UEBhMCQ04x
EjAQBgNVBAgMCUd1YW5nZG9uZzERMA8GA1UEBwwIU2hlbnpoZW4xDzANBgNVBAoM
Bm1lc2FkYTEYMBYGA1UECwwPTGludXggT3BlcmF0aW9uMRYwFAYDVQQDDA1jYS5t
ZXNhZGEuY29tMSEwHwYJKoZIhvJPAQkBFhJjYWFkbWluQG1lc2FkYS5jb20wHhJP
MTQwMzE5MTEzMTI3WhJPMjQwMzE2MTEzMTI3WjCBhzELMAkGA1UEBhMCQ04xEjAQ
BgNVBAgMCUd1YW5nZG9uZzEPMA0GA1UECgwGbWVzYWRhMRgwFgYDVQQLDA9MaW51
eCBPcGVyYXRpb24xFjAUBgNVBAMMDWNhLm1lc2FkYS5jb20xITAfBgkqhkiG9w0B
CQEWEmNhYWRtaW5AbWVzYWRhLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
gYEA8fZbrYJ8yifffWTSuwJpgTrAEByo0L4S0+XWArI87kmf22eeZT1fNo7CDjsz
frWaJeBhlo956YbK1HduirXS+Q5y9wvd5lVjzgbuD2wtRGhNvQIReXwd+wZJz/T/
PedrmXRbQzreq4Oh4NP+ZPkXWWR6wtqlRox0lJObSXi8y9sCAwEAAaN7MHkwCQYD
VR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlm
aWNhdGUwHQYDVR0OBBYEFCDrh3ehiywEsLkIKU1X84Epm1Y/MB8GA1UdIwQYMBaA
FG5VuiT7ol6hRo9Vrl6RMvQKs56iMA0GCSqGSIb3DQEBBQUAA4IBAQAVwIhi0eH+
9W2V+UGjUfcTOcvcHe8iW3fhojs4xYW3rbSsGJN8C5UMMqgzDdU0R1eutqUEbMyB
C2SXocmR7VYb2gpiNHpIjQc+AMLfU/0NooqEM69aHMaBPCLj2n6rAC5Xj7o0LR0G
Ws7WKvNsZ9oSz5RUGZ4Q0zjZbayoBjShPJU6ujpEI8HBTzHYkxoJWIDQYj8AoYns
zkjphhtWZQ+EkJ2d7pQJJSqBE+th5jZVGfYiNJQnONsS38D0wYC5TTZDGv4bgPUc
JW8djvpuUyWcR1SCxIIsHhRob5zOeZxFOOGw2GDf8vnR02fPbtRvdfjCZQuel7QC
qTQ6mWWa3ffB
—–END CERTIFICATE—–
[root@localhost ssl]#
10.キーを紛失場合、速やかに証明書を失効させる
[root@localhost CA]# openssl ca -revoke httpd.crt
Using configuration from /etc/pki/tls/openssl.JPf
Revoking Certificate 01.
Data Base Updated
[root@localhost CA]#

「Linux」opensslでファイルの暗号化、復号化操作サンプル

1.対称暗号方式

1.1ファイルを暗号化する
[root@localhost ~]# openssl enc -des3 -a -salt -in /etc/fstab -out /root/fstab.cipher
enter des-ede3-cbc encryption password:
Verifying – enter des-ede3-cbc encryption password:
[root@localhost ~]# ls -l ./fstab.cipher
-rw-r–r– 1 root root 1118 Mar 19 17:52 ./fstab.cipher
[root@localhost ~]# cat ./fstab.cipher
U2FsdGVkX1+pP0xxwJRYkpfPW2rSkKY1qTIqrmbSD1WVk+8HoixNPxUP5GSpbd4e
YJUhMCfVZwPLbKgTuWfUclPMox7yJ2o2kAwfi0WfAWORsOGyO9MENl0/l/iY1xJ/
s7zwqmJwycTib3fHleDmCkxiNm/X5969n1SCGiSKGElTTQYGE2295yP+RySmheU+
c3gwQrj2hDq7CPS038ZmnNsrRVlsTBykcLtxOxDvelckdSS3N3z6V6VmTSOcudqC
ZfXPcAVYwLB5/9C+x/S1CjbBPzQM2i2PD8jG1V3g9V44xRVe/1lcJpSFkUyPxTkj
a5NQZqi6JtXbSywY7cZjAHXu7F/DpTKUX3hLB8A+VuLLb8x2VI5uj+oCePFw7Exz
xj51iJHsLmf9sXq2N6C+4ZlvHONXcD7K3WCQW/UwuYWGYY0sssuvbkyPMO5JEX9f
qLzKxb79e9RUfg5KMTMaqmCHNtvmCWEBKZyeTIJmWKmzvOgnEy+BhqPhCfQMhEPf
pbN3Yi+tVFs5GvyBN7MKV8vG3qoGJKzHG2Nn/RgvV/+GcnQZiRHYSdZjLxIUIuNj
gZ5uJWif9vbdYRVB6KMbp2F50l41pUJFXFsRY+C6Fk/wcCcQJDakHGrKWWiC0yDm
T5DdBsV0zy8A4EEtSxUa4TxWYgeLPBZSUDAxT9o5llzmX1QkP0TBNNEaITFKmsXJ
7Tv4V58JsiwxhmPvW+TirN7MLfK26/v+1TB+49DZjMQfSxS6aw9EAl+sk6LSrNwe
XIdTzvQlkTPlxW4Lj8QqsAannfqVR8kQYvx9QnzSpjFiGHcG1fBsrG8oUeqWj7uY
bN4AInv0V7Eq5kMb51XlZD4rxajgepdX8jjl/A5gCx+8BqLvqffkh99dem2ov9GY
FSyT+tKT69YvuHITI1VbwD+4VrxyF558W3Gwo1T8D8XnSAYgfosM4Lly1np1UN0w
VqlFDenH6sxslutag/CuKc5eNRZJf8mVk54QElL956APwPWSSlOtBzsBqA37M7MO
QKR4tjITJYWxuup0rvagBJQ6fhHYqlU81rbGcHRBP5HeJ/D3gl6/ePnCAbHnpPeA
rna7jWPVOEM=
[root@localhost ~]#

1.2 ファイルを複合化する
[root@localhost ~]# openssl enc -d -des3 -a -salt -in ./fstab.cipher -out ./fstab
enter des-ede3-cbc decryption password:
[root@localhost ~]# ls -l ./fstab
-rw-r–r– 1 root root 805 Mar 19 17:57 ./fstab
[root@localhost ~]# cat ./fstab
#
# /etc/fstab
# Created by anaconda on Fri Mar 14 08:41:02 2014
#
# Accessible filesystems, by reference, are maintained under ‘/dev/disk’
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
UUID=b7e89175-1bb1-4f9b-af34-7450d276bc62 / ext4 defaults 1 1
UUID=85a0d4fa-fc8b-4147-95ff-cdee4fbe5869 /boot ext4 defaults 1 2
UUID=02bca372-7b18-46b0-9c81-67b807847d36 swap swap defaults 0 0
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
[root@localhost ~]#
2.非対称暗号方式
[root@localhost ~]# ls
anaconda-ks.cfg install.log install.log.syslog
[root@localhost ~]# cp /etc/fstab .
[root@localhost ~]# ls
anaconda-ks.cfg fstab install.log install.log.syslog
[root@localhost ~]# md5sum fstab
35a092e2a7f450fdc2d8fb0e48ba8f07 fstab
[root@localhost ~]# openssl dgst -md5 fstab
MD5(fstab)= 35a092e2a7f450fdc2d8fb0e48ba8f07
[root@localhost ~]#

LinuxにNTP時刻同期サーバーを迅速に構築する手順

1.ntpのインストール
yum -y install ntp

2.ntp.confを設定
2.1 vim /etc/ntp.conf
方法1:「192.168.100.0」のネットワークのクライアントを時刻同期する
「restrict default kod nomodify notrap nopeer noquery」の後ろ下記を追加
restrict 192.168.100.0 mask 255.255.255.0 nomodify notrap
 方法2:任意のIPクライアントが時刻を同期することができる
「restrict default kod nomodify notrap nopeer noquery」の後ろ下記を追加
Restrict default nomodify

2.2 タイムサーバーのsereverパラメータを設定
sever IPまたはドメイン 「prefer」
2.3 NTPサーバーの時間遅延を校正
driftfile  ファイル名
2.4 自動起動:chkconfig ntpd on
2.5 校正後時間をCMOSに書き込む
vim /etc/sysconfig/ntpd
SYNC_HWCLOCK=yes
3.タイムサーバのステータスを確認
ntpq -p
    
4.クライアントの設定
conteb -e
*/18 * * * * /usr/sbin/ntpdate 192.168.100.102(サーバIPアドレス)

Zorin OS 9 ダウンロード

ダウンロード
Download (MD5)zorin-os-9-core-64.iso(1,426MB)

更新内容:

The main focus for Zorin OS 9 has been on stability and the refinement of Zorin OS’s wide array of incredible features. Firstly, Zorin OS 9 includes a myriad of updated software and bug fixes to ensure that your computer runs better than ever. New applications such as the Firefox Web Browser and Rhythmbox Music Player have also been included in this release. EFI boot support has been added, making it easier to get Zorin OS on newer computers (64 bit only). 

releasenote

Debian7.6 をダウンロード

ダウンロード
提供元サイトからダウンロード
概要:
Debian は、現在 Linux カーネルか FreeBSD カーネルを利用しています。Linux は、Linus Torvalds が開発を始めたソフトウェアです。現在では、世界中の (おそらく 1000 人以上の) プログラマによってサポートされています。FreeBSD はオペレーティングシステムで、カーネルやその他のソフトウェアが含まれます。
しかしながら、Hurd のような他のカーネルのための Debian を提供する計画も進行中です。Hurd は、(Mach のような) マイクロカーネル上で動作し、さまざまな機能を実装するサーバ群です。 Hurd は GNU プロジェクトによって開発されているフリーソフトウェアです。

Ubuntu MATE Remix 14.04 Alpha 1ダウンロード

ダウンロード
提供元サイトからダウンロード

インストールコマンド:

FreeBSD 9.3-RC1 ダウンロード

ダウンロード:
提供元サイトからダウンロード

更新内容:

Ubuntu 14.10ミラーのテスト版はダウンロードするころができる

ダウンロード:
提供元サイトからダウンロード