go to https://whatismyipaddress.com and get IP number example: 123.123.123.123

SELECT User, Host FROM mysql.user WHERE 1 AND Host != ‘localhost’ ;
## optionally REMOVE:
DROP USER ‘MarkEdwards’@‘321.321.321.321’ ;

CREATE USER ‘MarkEdwards’@‘123.123.123.123’ IDENTIFIED BY ‘MarksPassword’;

GRANT ALL ON `comptonPractice`.* TO ‘MarkEdwards’@‘123.123.123.123’ IDENTIFIED BY ‘MarksPassword’ WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0;

GRANT ALL PRIVILEGES ON `comptonPractice`.* TO ‘MarkEdwards’@‘123.123.123.123’;

/etc/csf/csf.allow:

tcp|in|d=3306|s=123.123.123.123
123.123.123.123 ## CenturyLink Phoenix — 2021-01-30
d= – destination
s= – source ;-)

systemctl restart csf.service ; ## important???
systemctl restart iptables ; ## important ???
iptables —flush ; ## VERY IMPORTANT!!!!!!

Google Auth

---

https://console.cloud.google.com/apis/credentials/

Yahoo Auth

important to get the CALLBACK correct:

https://dev-2a5ae3w8.auth0.com/login/callback

Micro$oft

never got it to work… https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/ApplicationMenuBlade/~/Credentials/appId/9f0d54bc-7080-4533-8abd-41a5fa2c29de/objectId/5944588b-4488-4223-8db6-bc7582c73ba4/isMSAApp~/false/defaultBlade/Overview/appSignInAudience/AzureADMyOrg/servicePrincipalCreated~/true

—dry-run — flag to experiment

ON REMOTE BOX:

dnf —assumeyes install rsync ;
sudo cat /etc/ssh/sshd_config | grep PasswordAuthentication ; ## look for ‘yes’

ON LOCAL BOX:

su comptonpeslonline.com ;

cat /home/comptonpeslonline.com/.ssh/known_hosts ; ## delete any previous keys so the first login will prompt for it.

ssh comptonpeslonline.com@35.192.35.140 ; ## verify login works, prompts for password

ssh-keygen ; ## creates /home/comptonpeslonline.com/.ssh/id_rsa.pub !

ssh-copy-id -i /home/comptonpeslonline.com/.ssh/id_rsa.pub comptonpeslonline.com@104.218.50.87 ; ## prompts for password

##ssh-copy on LOCAL: does nothing (??)
##ssh-copy on REMOTE: adds line to /home/comptonpeslonline.com/.ssh/authorized_keys

ssh comptonpeslonline.com@35.192.35.140 ; ## verify login works, stops prompting for password

## 2020-09-01 (is —owner really required??) sshpass -p “XXXXXXXXXXXXx” \ runuser —user comptonpeslonline.com — /usr/bin/rsync \ —dry-run —verbose —archive \ —owner=comptonpeslonline.com \ /home/comptonpeslonline.com/ \ comptonpeslonline.com@edwardsmarkf.info:/home/comptonpeslonline.com/ \ ;

rsync —verbose —archive /home/comptonpeslonline.com/public_html/ \ comptonpeslonline.com@104.218.50.87:/home/comptonpeslonline.com/public_html/

sshpass and rsync ======= — 2020-01-22
sync data between different servers (or possibly the same one)

sshpass -p  “zXXXX”   \ rsync —verbose —archive     \ mark@comptonpeslonline.info:/home/mark/rsyncTest  \ /home/mark/  ;  ## NEW to OLD!

sshpass -p “XXX”  \   rsync —verbose —archive \   /home/mark/rsyncTest    \   mark@comptonpeslonline.info:/home/mark/  ;   #   OLD  to NEW!

## remote usage, notice StrictHostKeyChecking was required in some instances.
sshpass -p ‘XXX’ \ rsync —dry-run —verbose —archive \ —rsh=“ssh -o StrictHostKeyChecking=no” \ /home/comptonpeslonline.com \ comptonpeslonline.com@edwardsmarkf.info:/home/comptonpeslonline.com ; ## this machine to a “remote” machine! (notice ‘dry-run’ — remove it!)

## https://www.digitalocean.com/community/tutorials/how-to-use-rsync-to-sync-local-and-remote-directories-on-a-vps
cd ~ ; ssh-keygen -t rsa ; ### create a new keyset at the root directory ssh-copy-id —dry-run comptonpeslonline.com@edwardsmarkf.info ; ### copy key to appropriate place
==========================================

for insecure uses, generate a “special” password here: https://myaccount.google.com/u/2/apppasswords?rapt=AEjHLxxxxxx

“special” password is used for mailx (mail.rc) and SMTPMailer.php and insecure nodeMailer

mailx

mailx – uses /etc/mail.rc uses password generated in the step above.

EXAMPLE:
echo `date` | /usr/bin/mailx -A gmailSMTP-noreply -s “test subject TEST” mark@edwardsmark.com ;

/etc/mail.rc:

account gmailSMTP-noreply {
        set smtp-use-starttls
        set ssl-verify=ignore
        set smtp-auth=login
        set smtp=smtp://smtp.gmail.com:587
        set smtp-auth-user=noreply@comptonpeslonline.com
        set smtp-auth-password=gXXXXv
        set ssl-verify=ignore
        set nss-config-dir=/home/comptonpeslonline.com/gmailCerts/
}

php

SMTPMailer.php:

define  (‘DEFAULT_EMAIL’   , ‘noreply@comptonpeslonline.com’                                       );
define  (‘PORT25TEST’     , ‘check-auth-edwardsmarkf=gmail.com@verifier.port25.com’       );

define  (‘DEFAULT_SMTP_HOST’    , ‘smtp.gmail.com’   );      // 2016-12-05
define  (‘DEFAULT_SMTP_LOGIN’   , ‘noreply@comptonpeslonline.com’  );      // 2016-12-05
define  (‘DEFAULT_SMTP_PASSWD’  , ‘gXXXXXXXv’   );

nodeMailer Insecure

const nodemailer        = require('nodemailer')         ;
const   authEmailAddy   =       'info@comptonpeslonline.com'    ;
const   authPassword    =       'zmcafzfppvquyqjj'              ;
const transporter = nodemailer.createTransport(
        {       service : 'gmail'
        ,       auth    :
                {       user    : authEmailAddy
                ,       pass    : authPassword
                }
        }
);
const mailOptions =
        {       from    :       authEmailAddy
        ,       to      :       'mark@edwardsmark.com'
        //,     cc      :       teacherNameAndEmail
        ,       bcc     :       'mark@edwardsmark.com'
        ,       subject :       'test subject from testSecureMailer.js'
        ,       text    :       'test text body from testSecureMailer.js'
        ,       html    :       '<h3>test html body from testSecureMailer.js</h3>'
        };
transporter.sendMail(mailOptions, (err, res) => {
        if (err) {
                console.log('Failed mailing to ' + ': ' + JSON.stringify(res));
                return console.log(err);
        } else {
                console.log('Successful mailing to ' + userObject.userEmail + ': ' + JSON.stringify(res));
        }
});

nodeMailer with Oauth

node uses an “auth0” approach:

step one:

log out of all accounts (or do all this in firefox)

step two:

https://console.cloud.google.com/apis/credentials/oauthclient/

step three:

enter https://developers.google.com/oauthplayground/

step four:

approve

step five:

create and copy the Refresh token: https://nodemailer.com/smtp/oauth2/

const nodemailer        = require(‘nodemailer’)         ;

const   authEmailAddy   =       ‘noreply@comptonpeslonline.com’                                                 ;
const   clientId        =       ‘6884XXXXXXh6n.apps.googleusercontent.com’      ;
const   clientSecret    =       ‘SXXXXXXS’                                                      ;
const   refreshToken    =       ’1//0XXXXCq4’               ;
const auth =
        {       type            : ‘oauth2’
        ,       user            : authEmailAddy
        ,       clientId
        ,       clientSecret
        ,       refreshToken
        };
const transporter = nodemailer.createTransport(
        {       service : ‘gmail’
        ,       auth
        }
);

node example: /home/comptonpeslonline.com/public_html/comptonPractice/homeworkAssignment/ticklerMailer/ticklerMailer.js

written from:
https://tanaikech.github.io/2018/01/08/send-mails-from-gmail-using-nodemailer/
https://medium.com/@nickroach_50526/sending-emails-with-node-js-using-smtp-gmail-and-oauth2-316fe9c790a1
https://dev.to/documatic/send-email-in-nodejs-with-nodemailer-using-gmail-account-2gd1
https://stackoverflow.com/questions/24098461/nodemailer-gmail-what-exactly-is-a-refresh-token-and-how-do-i-get-one
https://stackoverflow.com/questions/72128433/authenticating-google-gmail-api-using-access-and-refresh-token

2023-09-14 ================================================
to bypass creating an account in /etc/mail.rc :
1) add new password in /etc/postfix/sasl/sasl_passwd
2) postmap -v /etc/postfix/sasl/sasl_passwd ;
3) systemctl reload postfix ; systemctl restart postfix ; systemctl status postfix ;

https://www.javascripttutorial.net/javascript-anonymous-functions/

( () => { console.log(‘Immediately invoked function execution’);
}) ();