Resetting forgotten password in RH enterprise Linux version

We have installed the latest version Redhat.Enterprise.Linux.v6.UPDATE.2.X86_64 on one of our servers. Probably the grub prompt time setting is set to 0, so we never see a grub prompt when the computer booted. Numerous posts indicate that one has to set the run level to 1 during boot time to set the kernel settings to single user mode, then just type a password. Howver, in our machine, we could not get that prompt at all.

Yesterday, one of my students, Dhritiman Jana was in the lab and he spent around few hours of his time in solving the issue. Following are his note on how to get to the grub prompt:
1. During boot time tap any key and enter into the grub prompt.
2. Goto kernel entry and press e to edit. After "rhgb quiet" enter "1"
to set the runlevel to single user mode.
3. Press b to boot the edited kernel entry.
4. Reset Password by using #passwd 

Hope this solution works for all!

When your web server gets attacked.....

This post may be a mixture of rants and some quick tips on how to save your web server when you suspect there is some malicious attack on it and you have limited admin access and support.

It becomes imperative to create a world writable directory if you have a web server that plots, maps data on user demand. I would like to hear more from people if they knew how to do this otherwise. I have been looking for solutions into this problem, but did not find any. Now I have settled for something that makes your web program clean its own mess.

Suppose say you have a world writable directory called /tmp/XX and some hacker has been able to put in some malicious code into it and is being able to run it. Now my solution for that is to delete the content of this folder after n hours. Just put in a small command inside your web program that runs frequently, and when that runs, the world writable folder will be cleaned.

# To delete all files older than 6 hours in /tmp directory

$command="find /tmp -type f -name \"*.*\" -mmin +360 -exec rm {} \\;";
system($command);

Will probably partly solve your problem.

Creating login/password less ssh connection with multiple remote machines

Many times while working in multiple machines, you may like to automate certain processes where the programs can directly access information/data from another server effortlessly - without a password. This can be done using ssh-keygen protocol.

So, what happens here is; you have a local machine, lets call it 'A' and you have a remote machine, lets call it as 'B'. You have an account in 'B' and that is say 'myname'. Everytime you log into that machine using ssh, you have to do something like:

$ ssh myname@B

$Password:

$myname@B:

In order to directly log into a machine without a password, you have to generate a pair of keys; called as a public key and a private key. The public key is the public information and the private key is only known to your local machine i.e; 'A'. You can use ssh-keygen to create a pair of keys in a given time. This is how you should proceed:

$ ssh-keygen -t rsa

Generating public/private rsa key pair.
Enter file in which to save the key (/home/Sucheta/.ssh/id_rsa): /home/Sucheta/.
ssh/iicb_rsa [ Remember here to enter a new file name, else it will over write any other id_rsa file that you may have saved earlier for any other computer ]
Enter passphrase (empty for no passphrase): [Enter a paraphrase that is > 4 characters long. This is essential if your computer has more than one pair of public private keys for more than one remote server]
Enter same passphrase again:
Your identification has been saved in /home/Sucheta/.ssh/iicb_rsa.
Your public key has been saved in /home/Sucheta/.ssh/iicb_rsa.pub.
The key fingerprint is:
95:13:96:1b:66:ef:36:74:25:76:05:23:64:58:bb:94 Sucheta@Sucheta-PC
The key's randomart image is:
+--[ RSA 2048]----+
|          o== o.o|
|         .*+ +o.o|
|         o++E. + |
|         ..oo..  |
|        S  o..   |
|            +    |
|           . .   |
|                 |
|                 |
+-----------------+

Then do:

$ssh-copy-id myname@B

[This command will append your public key in the ~/.ssh/authorized_keys file in the remote host. You can also do this manually by logging back to your remote computer and copy pasting your public key in the 'authorized_keys' file. Make sure your public key is copy pasted in one single line.


Another thing to remember is, depending on the OS and version, the file that needs to have the public key in the remote machine may be different. In order to confirm that it is indeed called as "authorized_keys" do the following:
[root@Apala ssh]# cat /etc/ssh/sshd_config | grep Keys
# HostKeys for protocol version 2
#AuthorizedKeysFile     .ssh/authorized_keys
#AuthorizedKeysCommand none
#AuthorizedKeysCommandRunAs nobody

This tells you indeed the file that stores public key in your remote computer is named as authorized_keys .

Next time you try to create another passwordless connection to another computer, just repeat the above steps. And always remember to write the public and private key into different files, else it will overwrite contents into id_rsa and id_rsa.pub file. Add a passphrase too.

One more important thing to remember is to check the file permission for "authorized_keys" file in the remote machine. Always set it to 700.

Using this, you can also automate file transfer by an sftp or any other remote ftp protocols

Some of the Query strategies for Oomycetes Genomes in FungiDB

Querying Oomycetes genomes in FungiDB 2.0

FungiDB 2.0 released with 6 Oomycetes genomes:

Phytophthora  sojae V5.0

Phytophthora ramorum V1.0

Phytophthora capsici V11.0

Phytophthora  infestans V4.0

Pythium ultimum V 2.0

Hyaloperonospora arabidopsidis V8.3

Naming conventions:

Gene ids:

There are 2 types of standards followed in naming of oomycetes gene ids in FungiDB. In most of the cases, the gene ids are represented by a 5 letter word followed by an underscore, followed by the gene identifier devised by the sequencing center e.g; Physo_517720, Phyra_74442, Hyaar_813319, Phyca_96628, Pytul_G005233. Genomes sequenced and annotated at Broad (P. infestans, P. parasitica), already have gene ids prefixed by a 4 letter code such as PITG and we have left those as is e.g; PITG_05520 .

Scaffolds:

Since most of these genomes are released as draft assemblies, their genome fasta files are named as follows:  a  5 letter organism prefix + strain name _ ‘SC’XXXX,  where SC stands for super Contig and XXXX are the 4 digit representation of the scaffold number.  Example: PytulBR144_SC1841, PhysoP6497_SC0001, PhyraPr102_SC0008, PhycaLT1534_SC0024, PhyinT30-4_SC0007, HyaarEmoy2_SC0165 etc.

Search Options:

Figure - 1

In the main FungiDB page, there are three search columns available(Figure 1). The search results of these columns return different result types e.g; the first column almost always returns gene records page, the second column returns other data types and the third column has links to tools such as blast, genome browser etc. On the top right hand corner of the page, there are quick search options available  for search by gene_id and by gene product name.

Few of the Search strategies are listed below:

1.       Curate all infection related genes in Phytophthora sojae as described in the science paper (Tyler et al, 2006) with key word searches such as serine proteases, Metalloproteases, Cysteine proteases, glycosyl hydrolases, pectinesterases, pectate lyases, cutinaes, chitinases, lipases, phospholipases, protease inhibitors, NPP family, PcF family, Six Cys Family, Eight Cys family, Crn Family, nonribosomal peptide synthetases, Polyketide synthases, Cytochrome P450s, CYP51 clan, ABC transporters, PDR, ABCG-half, MDR, MRP, elicitins, Avhs, Crinklers.

Hint: Start your search by Text (product name, Gene Id) search for proteases. After the results are displayed, run another Text(Product name, Gene Id) search and use the next item in your gene list  e.g; glycosyl hydrolases. Choose union of both searches and keep repeating this until you are done with your list. Following is the strategy for curating all the infection related genes in Phytophthora sojae.

http://fungidb.org/fungidb/im.do?s=5e276dc38a69ece3

2.       Find all the Oomycetes proteins that have an RXLR motif within first 20-50 residues , followed by a dEER motif within 20,60 residues of the first motif. Also see if they have predicted signal peptide leaders and transmembrane domains. (start with similarity-> protein motif search and use the following pattern ^.{20,50}R.LR.{20,60}DEER. Then add a step to it on whether the protein has a signal peptide followed. Then add another step on if the secrted proteins have a transmembrane domain. The stratergy can be found here:

http://fungidb.org/fungidb/im.do?s=53a175bca66b25a7

3.       Genomic locations: All the Oomycetes genomes are draft sequences, so searching genomic locations can be little tricky. Click on genome location search (as in figure 2 A)  and this will open a page where the pull down menu only displays the genomes that have the complete chromosomes available. Instead, choose genomic sequence id (as in figure 2 B) and fill up the start and stop locations you are interested in. Run the query and go to add step. If you are interested in seeing how many of these genes have orthologs in other oomycetes, just click on add step and click on Eolution->orthology, Phylogenetic profile and choose Oomycetes genomes (Figure 2 C). This results in 32 genes belonging to 25 ortholog groups. Clicking on the ortholog groups and it will display a cascade of glycosyl Hydrolases (Figure 2 D) belonging to different Oomycetes. From the gene_ids, it appears that the genes occur in a syntenic block.

Strategy can be found here: http://fungidb.org/fungidb/im.do?s=dce0a3dacc71bb06