You must consider both size and quality when creating a a blog image. Images have multiple conflicting interests. You must consider the specific blog post topic and the theme of the web site. Next you need to create an image that has a fast load time, often the image must be compressed, or a specific file format and finally it must be a quality image that makes the page appealing. We need to find the right balance and consider all these options.
The most important image of any post is the main image displayed at the top of your blog post. This image is often called the “featured image”. I will explore some of observations that will give you some guidelines and suggestions to create these featured images.
Make note that I will often reference exact image pixel dimentions. They will be displayed in the format of (680×382), meaning 680 pixels x 382 pixels. Generally speaking, you want the length of the featured image to be the wide of the main posting.
General rules for any image
Most often the best way to create a fast load time is to use compress images like jpeg and to use image ratio’s that produce a smaller image. But, smaller images tend to not look as sharp on high resolution monitors. Also, you can try using less colors when making an image.
Only crop from larger images images.
When making a custom images, use less colors.
Only resize larger image to smaller, not smaller to a larger.
Keep images < 200 kb for fast load time. Max can be 500 kb.
Word Press size recommendations
Thumbnails 150 x 150
Medium 300 x 300
Large 1024 x 1024
Image Resolution
You may see references to this term. Although it is often discussed, I have not personally found it to be a very useful term and do not generally use it when creating iamges. I have included this concern as a reference only, in case you come across it.
Image resolution is often described in dots-per-inch (dpi). Older displays are typically 72 dpi and modern displays are 200 – 400 dpi.
Aspects ratios
I feel that the best aspect ratio is 16×9 or 4×3. I choose based on the type or article I am writing. Ratio is based on wide x height of the image. So, for the fist example it is 16 wide x 9 high. the 800×450 is a good choice if most audiances will be accessiing by mobile devices.
16×9: 1200×675 or 800×450 or 680×382
4×3: 800×600
2×1: 800×400, 600×300, 1170×585 (Slider)
3×2: 800×600
1×2: 1200×600
4×1: 728×90 or 1900×250 (Header)
File Formats
I generally save my files in jpeg format, they have good compression and can saved in native format by most photo editors.
jpeg = General photos
gif = Animations and product photos.
png = Graphics requiring background transparency like icons and logos.
webP = Product banners, and featured images, good replacement for jpg.
Guidelines
Background: 1920×1080, ratio 16:9, size < 20 MB
Header: 1280×720, ratio 16:9, size < 10 MB
Featured Image: 800×450, ratio 16:9, size <200 kb
Featured Image: 1200×900, ratio 4:3, size < 200kb
Banner: 600×160 (regular), ratio 15×4, size < 150 kb.
Logo: 100×100 (square), ratio 1:1 ratio, size < 100 kb
Most folks are familiar with logging into a device or a a web page using a username and password. But a more secure method is to use a public private key exchange.
Ubuntu comes preinstalled with all the tools necessary to create public private keys. The private key is kept hidden and secure. The public key will be give out freely. It is recommend that you rotate your key pair frequently as a safety precaution.
In this article, we will look you how to generate a key pair, save your private key to a secure location, copy your public key to a remote host, troubleshoot, and introduce an auto login auto method.
Create a key pair
In order to make this work, you must have a user account already on the remote server.
Login to the Linux computer that will be the device that you will connect from. This computer is the main control computer and where you will save your private key.
Open a command line prompt and run …
ssh-keygen -t rsa
After the keys are generated, they will be stored under:
/home/username/.ssh/id_rsa (private key).
/home/username/.ssh/id_rsa.pub (public key).
Store the fingerprints of the remote PC
Before we can use the keys, we need to first store the remote server’s finger prints. We do this by ssh to the remote server three times.
Server’s host-name (i.e. server1).
Server’s FQDN (server1.mycomapny.com).
Server’s IP address (192.168.20.100).
ssh username@hostname, FQDN, and IP address
Each time you ssh, you will be cautioned that the server is unknown and do you want to store the fingerprint. Select yes.
The fingerprints will then be stored in a file located under the specific user at /home/username/.ssh/known_hosts.
Push the public key to the remote host
ssh-copy-id ~/.ssh/id_rsa.pub username@hostname
This will create the ~/.ssh/authorized_keys directories, if they do not exist and place the public key inside the file.
Add a passphrase to your private key
If you add a passphrase to your key, if the key gets compromised, bad actors will need to crack the passphrase first before they can use the key. This may give you a little extra time. You can use this time to generate new keys. It is best practice to add a passphrase.
To clear a passphrase, just hit enter, when it prompts you too add a phrase.
ssh-keygen -p
Automatically present your private key
If you add a passphrase to a key you will be prompted to enter it each time you logon to a remote server. If you have multiple servers to login to, it can become a burden.
The solution is to temporary store your passphrase. It will only be kept as log as the current session is running. If you logout of you session the temp file is auto removed.
It will be auto presented on login by running two small built in programs by using these commands.
You can specify the file path to a specific key or if it is not stored in the default location by using the -i switch.
$ ssh -i ~/.secret/pvtkey.key username@hostname
-i = identity file (aka. private key)
Troubleshoot File Permissions
Verify .ssh and authorized keys belong to the correct user. chown -R user:user ~/.ssh
Check permissions of files.
Authorized_keys = 644 = loaded on the remote servers you are connecting to
.ssh = 700
public key = 644
private key = 600
known_hosts = 644
home directory = /home/user = chmod go-w /home/user
restart ssh after permissions update = $ service ssh restart
Remove a host from authorized_host file
If you replace a remote host that you connect to and reuse the IP address or the host name. they next time you connect you may get an error. This is because the remote host fingerprint has changed. The older fingerprint needs to be removed and and new fingerprint needs to be installed (see above).
ssh-keygen -f "/home/username/.ssh/known_hosts" -R [IP of host to remove]
PPA stands for Personal Package Archive. The primary purpose of a PPA is to provide a way for developers to distribute their own software. PPA are stored on Launchpad.net, which is the official website for PPA’s and is managed by Canonical. PPA’s can be created by anyone and you should only install a PPA from a trusted developer. Use at your own risk.
A secondary purpose of PPA’s is for updating well known software. When Ubuntu reaches out to the official archive repository to get updates, these packages are often outdated and do not contain the latest available software. To get the most recent version, you can set up and install an appropriate PPA. Then, when you run the update command, your host will reach out to both the official archive and the PPA. Whom ever has the most recent software available, will get download and installed on your host.
Typically, each PPA has a GPG key that needs to be installed. Each time an update is run, the keys are exchanged, to verify that you have connected to the correct repository, prior to any downloads. The key should be automatically installed with the initial PPA installation setup.
After a PPA is initially setup. It should survive any system reboots. If you need to disable the PPA for any reason, you can open the PPA file under /etc/apt/sources.list.d/ and comment out the line calling the PPA. Then run an ‘apt update’ again, before running ‘apt upgrade’.
Example PPA Install & Setup
We will be using the popular PPA Apache2 for installation. This is a well known PPA and is maintained by ondrej, a Debian developer. So, it should be safe.
apache2 -v (Note the current installed version).
sudo apt -y install software-properties-common (to install a PPA, the add-apt-repository command is needed).
sudo ls /etc/apt/trusted.gpg.d/ (Check the key was installed).
sudo add-apt-repository ppa:ondrej/apache2 (The GPG keys are also installed w this command).
sudo ls /etc/apt/sources.list.d/ (verify the package was installed).
sudo apt update
sudo apt install apache2
apache2 -v (verify that the new version is installed).
I use PuTTY as my primary terminal program. For one thing, it will hold open an SSH session all day and not time out (unlike PowerShell). It is easy to customize the look and feel of your Shell session. Finally, you can save your session settings for subsequent logins.
My top recommendations are to save your login name, private key, and change the font size and color. It is relatively easy and once you set up these, you’ll be grateful for the amount of time saved.
Save your login name
To prevent having to type in your login name each time you start a session, go to Connections > data > add your username on the right side.
Add the path to your private key
If you want to login to a server without typing in a password, add the path to your private key in a saved session. This is a good method if you only log into a few servers. As, each server needs to have a separate saved session. If you have more than a few servers, you should run ‘Pagent’ to present your key upon each server’s login request.
To add the path to your private key, go to Connections > SSH > Authentication and provide the path to your private key.
Change the font color & size
To make things easier to read you can enlarge the font size and change the color. Select Colors > Default Foreground > Modify > Pick a color.
Now when you open putty, it is easier to read.
For font size, you can change it by going to Appearance > Change > and Select the options.
Save all of the options to a session
After you have all everything set up the way you want, then save the setting as a session. Select session > enter an IP & port, Give it a name (like the hostname of the server), in my case I am just saying “Web Server” > and hit “save”.
Now when you want to start an SSH session with your web server, just launch putty, hit “load” and then “Open”. It will take you right into a session, no need to enter a username and password.
Robocopy (Robust Copy) is a command line tool for copying files in Windows. It replaces the older ‘copy’ command. It contains many new features and can copy files both to an external hard drive or a remote computer.
Before you can copy files to an external hard drive, you need to create a folder on the destination drive first and set the permission on that folder to ‘Everyone’ (see below). I like to somewhat mirror the folder structure of the source and destination files. It makes for an easy reference, when you need to look for the files on the backup.
Command Layout
The three primary copy switches are /E, /S, and /MIR. They will copy just the data, attributes, and timestamps (/COPY:DAT), and not file permissions. The default behavior (not using any switches) of robocopy is to copy only newer files and overwrite the older files at the destination.
The basic format of the command.
robocopy <source directory> <destination directory> <file to copy> <switches>
If you are copying files you are not the owner of, you will need to run the the command prompt as an Administrator and use the /B switch to override the file and folder permissions. You will typically want to use the /Z if coping files over a network and you want to exclude Hidden and System files. The /TEE switch is only necessary if it is an attended backup. Finally, I like to drop a log file in the backup folder in case I need to review anything.
Copy Switches
/L Test the command before you execute it.
/S Do not copy empty directories.
/E Copy all directories, including empty ones.
/MIR Sync a directory. (Caution! If a file is deleted in source, will be deleted in destination).
/B Copy in backup mode. Copy all files regardless of permissions. (Needed if copying files other than your own. Run command prompt as an Administrator).
Network Switches
/Z Use Restart mode, Start copy where you left off. (Needed when possible network interference).
/ZB Use Restart mode & Backup mode. (Needed when coping over a network).
/W:2 Wait time between retries. (Needed when copying over a network).
/R:1 The number of retries, if the file is locked. (Needed when coping over a network).
Exclude Switches
/XA:H Exclude files with the attribute Hidden. (Typically want to use this switch)
/XA:S Exclude files with the attribute System. (Typically always want to use the switch).
/XA:SH Exclude System and Hidden files (Needed when coping a User’s Profile).
/XJ exclude junction points. (Needed when coping a User’s Profile).
/FTT format in FAT32 File system. (Needed if backing up files to a Linux host).
/XD exclude directory. Use if you want to exclude some Hidden files and not others.
Logging Switches
/NFL Don’t log file names of copied files.
/NDL Don’t log directory names. (Include if using a log file).
/NP Suppress % copied output to a log file. (Include if using a log file).
/LOG:/F:\backup.log Writes output to a log file.
/LOG+:F:\file.log Append output to an existing log file.
/TEE Write output to the console window AND the log file.
Get Help
robocopy /?
Copy Files to an External Drive
Copy one or two files. If you have spaces in the file path, be sure to enclose in quotes.
Copy a user’s profile (MIR), exclude the junction points (XJ), system files (XA:S), and the user’s “AppData” folder (XD). Suppress the percent copied results (NP). Junction points are a kind of soft link or a shortcut. The copy process could get stuck in a copy loop if you do not exclude. This will still copy any other hidden files. Output results to screen and log file (TEE & LOG).
Begin by plugging in a USB stick into any open port on the PC. In our example, it shows up as “Drive F”. Now, make a new folder called F:\backups.
Set the permissions on the new folder to ‘Everyone’ by right clicking on the folder, go to properties, security tab, select add group or username, and select check names. Be sure to verify that the “Everyone” has all the allow permissions.
Now, any folders or files copied to the “backup” folder during the backup, should inherit the same permissions. (i.e. Everyone).
If you don’t do this and you need to access the files on a PC other than the original computer, you may not be able to open the files. This is because you are not logged in as the original user that ran the backup. But, with folder permissions set to Everyone, you can plug the external drive or USB stick into any computer, and you will have full access to the copied files.
Make a Backup Script
We will backup the contents of a generic folder and two user’s profiles. It will copy to an external hard drive and also to a remote windows computer. For this example, we are logged in as a user called Jack and it is an “admin” account, so we can be granted rights to copy files of other users.
First, we will start by coping all files in a folder called “Data”. Since we don’t know who owns this folder, we will use the /B switch to overwrite any potential permissions issues. Finally, we will make a log file but exclude the percent copied for each file. As this unnecessary clogs up the log output.
rem backup.bat
robocopy C:\Data F:\backups\data /MIR /B /NP /LOG:F:\backup.log
Next, we can now copy Jack and Jill’s profiles. Jack’s profile, we will exclude all hidden files, system files, and junction points. Since his “AppData” folder is already hidden, we do not need to specifically exclude it.
In Jill’s profile, we have several hidden files that we want to copy that contain her SSH keys. So, we will not create a blanket exclusion for all hidden files. Instead, we will exclude her “AppData” folder specifically. Finally, we will add to the previously created log file, but again we will exclude the total percent copied. Also, we need to add her file using the /B switch to copy in backup mode.
Finally, copy the same files to a remote computer for a secondary backup. As before, we will use the /MIR switch to make an exact duplicate folder tree, /B to run in backup mode and exclude the System, Hidden, Junction Points, and specifically exclude Jill’s “AppData” folder. Also, we use the /Z (restart mode), /R (retry) and /W (wait) in case there are network issues.
Save the script to Jack’s desktop as backup.bat. To run the script, open a command prompt as an Admin, and navigate to Jack’s desktop. Type the script name and hit enter. To run the script nightly, you can set up a scheduled task to execute.
A great way to backup your Linux files is through automation. Linux contains many built in commands that can be used to automate this process. In this article, we will write a simple bash script to backup critical files to a remote host.
For this to work, a user account is needed on both hosts to transfer the files. The sending server will need the private SSH key and the receiving server will need the public SSH key. These keys are used to automatically authenticate to the remote server. Creating and deploying a SSH key pair for authentication is beyond the scope of this article.
The script will use the scp command as it uses SSH underneath the hood. This means it will natively automatically check for an identity file stored under the user’s account at ~/.ssh/config. When creating the SSH credentials, do not add a passphrase to the private key.
Secure copy (scp) command is good if you just want to copy a single file. You can use the -R switch to copy all files in a directory. If you need to backup multiple files, you can modify the script and just add additional variables, update checks, and then add more scp commands.
If you need to transfer entire directories consider using the rsync command. Rsync like scp should automatically use the ~/.ssh/conf file by default. However, rsync sometime has issues using an identity file, so do proper testing.
Finally, Consider setting up a CRON job to run the script nightly.
Procedure
Lets build a script on server1 and we will be connecting and coping our file to server2. First, set up the head of the script and call bash and add any comments.
#!/bin/bash
# backup.sh
Next, let’s set up the script variables.
DATE=`date`
DAY=$(date -d "1 day ago" +%d)
MONTH=$(date -d "1 day ago" +%b)
YEAR=$(date -d "1 day ago" +%Y)
SRC_DIR="/var/logs/$YEAR/$MONTH"
DST_DIR="/user1/backup/$YEAR/$MONTH"
FILE="important-file-$DAY.sql"
Next, lets run a check on the remote server and test if the file path exists!
# test if path exist on remote server.
# -d=test for file & if file exists is it a dir?
TEST=`ssh server2.company.com "test -d $DST_DIR && echo 1 || echo 0"`
if [ $TEST = 0 ] ; then
echo "$DATE : $DST_DIR was not found. Making ..."
# -p=make all missing directories in the file path.
ssh server2.company.com "mkdir -p $DST_DIR"
else
echo "$DATE : $DST_DIR was found."
fi
