CompTIA Linux+ XK0-005 – Unit 15 – Troubleshooting and Maintenance part 2

14. Demo – Recovering the Root Password

All right, I’m in VMware, and I’m going to interrupt this booting operating system by rebooting it and then very quickly getting into the full size screen so I can catch the grub menu in time. There we go. To I hit my down arrow and I’m going to edit this single user mode line just a little bit so that I can basically get in and make some changes to the password. So I’m going to type in E for the edit. I’m going to go down to that single user one and edit that line there. And I’m going to add at the end of init for the initialization. Basically, we’re going to start it up with the bin bashshell. From there, I’m going to hit Enter to save that and B to boot up to that particular line. And when I get there, I’m going to log in actually, I’m not going to log in.

I’m going to be in the command shell, the bash shell of this operating system. As you can see now, at the very bottom, it says root at none. Now, one of the problems I have is I need my file system back. So I’m going to remount that file system with read write permissions because I do need to make a change to it that is, namely the password. And from there, I’m going to type in the password command and we’re going to change the new Unix password. I’m going to use the same one as I had before, but I’m adding the one, two, three at the end of it. So I’m making it a little more secure. Oh, I didn’t match those passwords, so that’ll teach me a lesson. Let’s try that one more time and see if I can type that in twice the same time.

There we go. Now the password is updated successfully, and from this point, all you’d have to do is reboot your system. Since I’m in the environment that I am with virtual machines, I’m just going to go and reboot it this way and I’ll maximize it back up again. And there’s the regular grub menu. I’m going to go into the regular connection and as you’ll see, I can get into the regular login screen and then I know the new password. I can log in to my regular Trainer account. And when I type in Su, what you’ll see me do is just well, you won’t actually see it typed. You’ll have to just take my word for it. But if you try these steps, you’ll get the same events, you’ll get the same results, and you can see that it will have your new password.

So right now we’re just going to wait for that GUI to come in. I’ll log in as Trainer, type in the Su command to become the root, and then I’ll type in the password that I’ve changed it to. All right? So now I’m going to log in as Trainer, use my old password for Trainer, which hasn’t changed. I just changed the route. We’ll get our login screen, I’ll open a shell and then from there we’ll try the Su and do our changes, or try our changed password, I should say. Almost have my desktop complete. I’m waiting for the bling to show up over here on the side, all my little shortcuts and folder features. When that stuff shows up, then I’ll get on to the opening, the actual application. Otherwise it’ll just kind of hang there for a second.

You can see I’m still building the workspaces down here below on this toolbar. So we’re getting there and we’ll start the terminal and hopefully I’m going to cross my fingers to prove my point that the new password is going to work. All right, so there’s my bling. I’m going to go to the Applications Accessories terminal and give this just a couple of seconds to start up. I was pretty rough with this poor version of Linux by rebooting it several times through VMware. So I don’t blame it for being just a little bit upset with me. But in a couple of moments, that terminal will open up, even though it looks like it just disappeared off my desktop. It will come back and visit me here in just a minute.

And like I said, we will get the changes to the root account. All right, so now I’ve got my console type in Su. I’m going to try the old or the new password. And just like that, now I can do who am I? And I’m root. So that was that easy to create those passwords for us, and it just was a matter of having to be able to have physical access to that. You could reboot these things. And I’ve said that many times already throughout most of this class. If you can touch it, you can own it. And just like any operating system, any router, any device, it is very well published on the websites about how to recover passwords. And you just saw how easy it was in the Linux environment.

15. Kernel Options and Recovery

Now one of the other things you can do is talk about some of the options you have with kernel, the kernel options as far as the booting up, how it boots up, what it sees and even some recovery information. One of the things you might want to do is run the command D message to be able to see what kind of hardware had been detected in your computer. Now, with your kernel options you can actually modify your configuration settings for the kernel, the kernel itself, including the information about the hardware that it has. Now that might be beneficial for your wanting to add proposed hardware or changing information about existing hardware if you have no other way to do it.

You can also create what’s called a rescue disk. A rescue disk is a way of being able to return or recover your operating system to a functional state for whatever reason, some files get corrupted, things happen with hard drives, sectors become unreadable. If that’s the issue, you may not be able to boot up and have to almost reload Linux but if you reload Linux you’re going to lose all this configuration information but not if you have a rescue disk.The rescue disk is designed during the part of the installation process to say oh, here are my settings and I want to use those. Now, the commands we would use to create a rescue disk are the older commands of make boot Disk, MK boot disk, or MK boot commands.

You also can get third party boot disks but today what you’re going to see is that you’re going to probably want to create what we call a bootable USB drive that has your information on there to be able to boot up to. The reason I say that is a lot of these go back to the days of a three and a half inch floppy, or even the days of five and a quarter inch floppy. Nobody has those anymore. I don’t even know that you’ve buy one of those drives except from a specialty shop. So look at some of these other boot disks that you might use, including bootable USB drives or CDROMs, to be able to help you with doing a recovery. But the idea of recovery is not doing a clean, brand new installation, but to help do the installation with the purpose of rescuing your old stuff.

16. Demo – Troubleshooting Boot Problems

All right, so here we are. We’re going to take a look at some issues with troubleshooting boot problems. Now, first of all, if you can get to this point where you can see this shell, odds are you didn’t have very many boot problems unless it was something of a warning. So one of the things I can do is I’m going to take this boot up log file, this Dmessage file. I want to redirect it to a file of my own making called Boot Message Messages, just so I can look at it, parse it, deal with it, play with it, save it for later if I want. So I just redirected the output of it right to that boot messages. And now I’ll use the less command to boot up or not boot up. But take a look at that file and you can see the listings as I hit page down of what’s occurred, what’s happening, and of course I might use the forward slash.

If you look at the bottom left of this little screen here, bottom left, I hit the forward slash and I might look for the word fail. Didn’t find it. Bottoms hit the slash, look for warning, didn’t find any warnings info. I got to show you I can find something. There we go. So I found words info and so of course, I could do a search for S zero. There we go. So you can kind of get the idea of what’s happening and what’s going on. So now I’m going to quit that. And if you really have gone out there and got a system that won’t boot up, two websites that they would like you to look at, this is Knoppix and I’m going to click on the England North American English flag so you can get an idea of what Nappix does. It is a bootable Linux operating system and it allows the support for Scuzzy USB, the peripherals.

It’s actually quite a nice operating system, kind of like my backtrack that I’ve shown you in some other examples. Well, if you don’t like that one, you can use this GRML, which is another bootable debian based operating system. Here’s the thing, you’re going to want to have something that you can boot up to and then mount the drive that you’re trying to get your data off of and then you can look at your boot messages and then go from there to try to figure out what might be the problem and what you can fix. It’s very similar to getting into a recovery mode with any Windows machine. If the thing is not going to boot up, you got to boot it to something. So you can read the logs on the file or on the hard drive. And that’s just an example of what they’re trying to show you here.

17. Topic B: Network Troubleshooting

All right, now, in this next section, we’re going to talk about network troubleshooting. We’re going to assume you’ve got your root password, you’ve got your system up and running, and you’ve got it in the run level. That’s normal multiuser with networking. And now we’re saying, wow, we got to do some network troubleshooting. So we’re going to look at some commands and some things you can check on to try to figure out what is wrong and at least, if anything, be able to say, well, here’s what I’ve discovered. When you talk to the network people.

18. Troubleshooting

Now when you’re doing any kind of troubleshooting and you want to look up what’s the best way of troubleshooting? You’re going to see an endless parade of different methodologies. Fortunately, they have some things in common. Number one, this thing called divide and conquer. In other words, ask some questions. Is it just you that is having this problem or is it other systems that are having similar problems? If it’s everybody well, then you kind of have a clue of where issues might be. If it’s just you, then you’ve divided it down into just a specific point of failure. And our goal is to basically narrow in our focus. Divide and conquer, narrow in the focus, exclude those things that are working fine and then we can conquer or fix what’s wrong.

Now, some of the other questions you should ask is simply especially if somebody calls you and says hey, my computer is not working, one of the things you do is you say, well what’s different? Did you install some new software? Did you install a new piece of hardware? What’s changed since the last time when it was working? Now, the unfortunate part of this is that a lot of times people might be messing around with their systems and they don’t want to tell you that they screwed it up. But you can always hope that there is some indication of what might have changed. And whatever else you do, you should work methodically. Now, that doesn’t mean slow. That means if you say to yourself, well, there are maybe four things that could cause this problem so let’s fix all four of them and then see if it works.

Okay, maybe it does, but which of those four was the real problem? That’s what we mean by methodically. Fix one thing, test it. If it doesn’t work, go to the next thing. Go to the next thing. Which do you do first? Well, that’s where some of this discrepancy comes in. Generally people say whatever is the most likely thing that’s wrong and is fairly economical. In other words, cheap to remedy, such as a new cable. Is it the actual network cable that’s bad? Is it maybe a bad cable? Those are pretty cheap. Put a new one in that you know works. If that didn’t fix it, then go on to something else. So don’t just immediately go out and buy the brand new best network card there is for a couple of shove that in and find out it was just because you didn’t configure the card. Right? You want to go through, as I said, kind of the ideas of most likely and most inexpensive. Try those first.

19. Network Utilities Part1

Now when it comes to things you can run at the command line, you can look at and interrogate your Linux server to figure out if there’s any issues with the server itself or to help start testing the different types of connectivity. One of the first things you should do is look at the configuration of your network card. If config for the wired card, iwconfig for your wireless card, look at the settings. Now, if you have yourself set up as a DHCP client, one of the first things you’ll know if there is a problem is that your IP address would say 169 254 x y. It won’t put the letters x y, but that just means we don’t care what the last two numbers are.

That’s often called an epipha address, which Microsoft machines and other machines will put in automatically if DHCP doesn’t respond with an actual IP address. It’s your way of kind of saying, oh, I didn’t get an address. It’s a nice thing to look at and say, okay, I got it. But you’re also going to look to see if you have a gateway. If you don’t have a gateway, then you probably can’t get to the Internet and just machines around you. So you need to know that you have a gateway address and it’s the right IP address for the gateway. A lot of people think that when they can’t open up a web page that it’s because the network is down, when in fact it’s just their DNS server is failing.

DNS’s job was to take the URL that you typed in and translate it to an IP address for connectivity. So what I tell people is, if you know an IP address of a website somewhere, just type in http putin the IP address and see if you get there. If you get there, but you can’t get it to it by its name, it might be a DNS issue. You either have the server down or you don’t have it configured. But that’s what you’re checking for when you do the commands if config or IW config. Now, the next stop is if I have a gateway, if I have all those settings to do the route command, what are the routes in my routing table? Now this is kind of an interesting thing. A lot of times people have these VPN clients they run to connect back to headquarters.

So as an example, they might be out on the road, out on a meeting, maybe even sitting in a training class, and they use this little VPN client software to connect over to their headquarters. Now what this little client does is it changes the routing table and the routing table that’s changed to reflect the IP addresses of their remote network to go through this little connection, this little software solution to get to that desktop. But some of those VPN clients were designed to not allow what’s called split tunneling, which means you can’t go to the Internet while you’re connected to work and then that can cause a problem. So you can look at the routing table and see what it says about the default route. Is it going to the real gateway? Or is it maybe being shoved through this VPN card?

20. Network Utilities Part2

Another common tool is called ping. Now ping to me is that thing I remember from submarine movies where I send out this pulsating noise and it hits something metal and reflects back to me. But I’ve actually heard people say that it stands for Packet Internet Groper. I don’t know that I like that name, but I haven’t seen any other definition of the acronym. So I’m going to stick with the old submarine ping show because the idea of a ping is actually it’s two separate ICMP messages. It’s you’re sending what’s called an echo request and the person you send it to is sending you the echo reply. That’s called a ping. Now, one down thing with ping is that if it fails, you might think it’s something you did wrong. Well, ping can fail because a firewall might block it.

The machine you hit with the ping might have said, hey, I’m not allowed to reply to those. Or the thing that you pinged might say, oh, I’m going to reply, but I myself don’t know a route to get back to you. So in order for ping to work, you really have to have a lot of things set up. So here’s what we tell you to do. When you ping. First, ping the address on your network card to make sure the driver and the connectivity of your operating system to network card is working. Then ping another machine in your local area network. If you don’t have one, ping the address of your gateway. Now normally we would say ping somebody local, then ping your gateway.

If you can connect to your gateway with the ping, then try to ping something on the other side of the gateway. If that works, then generally we’re going to say you’ve got your networking set up just fine. It’s something else having the problem. Now Netstat is another connection or tool that you can look at to see what connections you have going on. That’s going to actually show you all the ports you’re listening on. It’s going to show you what ports people have connected to you on. It’s kind of a nice way to see what’s going on with your system. Might help with some troubleshooting. Trace Route is a way that you can test issues that maybe ping can’t solve. For instance, you can ping something on the other side of your gateway, but you still can’t get to the internet.

So trace route to some website out there, www. cisco. com, and see where it goes and if it can’t make it there. What you should hopefully see is which router died. Basically said, oh, I can’t finish this job for you and it gives you a good idea whether it was you or some other device. Now people will say, well, why do I need FTP telnet and SSH? Okay, telnet and SSH are methods of being able to connect remotely to a device, including a Linux machine, to be able to have a remote command console. The big difference between telnet and SSH is that SSH is secured encrypted sessions. Telnet is clear. Text FTP is also an important process for us if we need to download perhaps some sort of update or patch file to be able to have options of being able to make that connectivity.