DEV Community: MUHAMMAD ARBAB ANJUM

Expose localhost to the network using Cloudflare Tunnel

MUHAMMAD ARBAB ANJUM — Mon, 25 Aug 2025 23:41:55 +0000

Install cloudflared

Download from: https://github.com/cloudflare/cloudflared/releases

Change Dir

cd C:\cloudflared\

Login to Cloudflare

cloudflared tunnel login

Create tunnel

cloudflared tunnel create nextjs-tunnel

Route DNS

cloudflared tunnel route dns nextjs-tunnel test.myworkly.com

Create config.yml file in C:\cloudflared\config.yml

tunnel: nextjs-tunnel
credentials-file: C:\Users\%USERNAME%\.cloudflared\[your-tunnel-id].json

ingress:
  - hostname: test.domain.com
    service: http://localhost:3000
  - service: http_status:404

Quick Test

cloudflared tunnel --hostname test.domain.com --url http://localhost:3000

Run tunnel pointing directly to Next.js

cloudflared tunnel --config config.yml run nextjs-tunnel

How to setup nginx proxy?

MUHAMMAD ARBAB ANJUM — Mon, 11 Aug 2025 11:07:02 +0000

Update nginx.conf file:

worker_processes  1;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    keepalive_timeout  65;

    server {
        listen 443 ssl;
        server_name test.domain.com;

        ssl_certificate D:/nginx/ssl/cert.crt;
        ssl_certificate_key D:/nginx/ssl/priv.key;

        # Enable SSL protocols and settings
        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_ciphers HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers on;

        # Security headers
        add_header X-Content-Type-Options nosniff;
        # add_header X-Frame-Options DENY;  # (Commented out, uncomment if needed)
        add_header X-XSS-Protection "1; mode=block";

        location / {
            proxy_pass http://localhost:5000;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;

            # WebSocket support
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
        }
    }
}

Update Host:

127.0.0.1 -> test.domain.com

Setup Firewall on Linux

MUHAMMAD ARBAB ANJUM — Sat, 26 Jul 2025 06:40:30 +0000

Let's secure the server with firewall:

sudo apt install ufw
sudo ufw status
sudo ufw enable

This will enable the firewall and allow all incoming and outgoing traffic. To allow incoming traffic on a specific port

Allow Inbound:

sudo ufw allow 22
sudo ufw allow 22,80,443 #allow multiple ports
sudo ufw allow 8000:9000/tcp #allow port range
sudo ufw allow from 192.168.1.100 #allow specific IP
sudo ufw allow from 192.168.1.100 to any port 22 #restrict to a port
sudo ufw allow HTTP #allow HTTP
sudo ufw allow https #allow HTTPS

Deny Inbound

sudo ufw deny 21 #deny port
sudo ufw deny out to 10.0.0.5 #deny to an IP

Allow Outbound

sudo ufw default allow outgoing #allow all
sudo ufw allow out 443 #on specific port
sudo ufw allow out to 1.1.1.1 #allow specific IP

Check Rules

sudo ufw status numbered
sudo ufw delete 3 #Delete rule number 3
sudo ufw reset #reset all rules

Example: NodeJs App running with Local DB

sudo ufw allow 22/tcp
sudo ufw allow from your_ip to any port 22 #limit SSH to your IP
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw allow 3000/tcp
sudo ufw deny 5432/tcp  #PostgreSQL (Port 5432): Explicitly block external access

PostgreSQL should already bind to 127.0.0.1 (check /etc/postgresql/.../postgresql.conf):

listen_addresses = 'localhost'  #Ensures DB is not exposed externally

Other ports allow (If necessary):

Allow HTTP/HTTPS

sudo ufw allow out 80/tcp
sudo ufw allow out 443/tcp

Allow SMTP (If sending emails)

sudo ufw allow out 25/tcp
sudo ufw allow out 587/tcp  # For TLS

Allow NTP (For time sync)

sudo ufw allow out 123/udp

Block All Other Outbound

If you want strict outbound control, first allow what’s needed, then:

sudo ufw default deny outgoing

Enable UFW & Verify Rules

sudo ufw enable
sudo ufw status verbose

Protection against brute-force

sudo apt install fail2ban
sudo systemctl enable fail2ban

Configuration for fail2ban

sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo nano /etc/fail2ban/jail.local

[DEFAULT]
# Ban IPs for 1 hour (3600 seconds)
bantime = 3600
# Maximum retries before ban
maxretry = 5
# Time window for maxretry
findtime = 600
# Ban IPs on all ports (not just the attacked service)
banaction = ufw
# Whitelist your own IP (replace `your_ip`)
ignoreip = 127.0.0.1/8 ::1 your_ip

How to do Node.js Deployment on VPS

MUHAMMAD ARBAB ANJUM — Sat, 26 Jul 2025 06:25:49 +0000

1- Server Setup

Log in to your server
Once your machine is up and running SSH to the server.

ssh root@IP.x.x.x
OR
ssh -i key.pem root@IP.x.x.x

System Update/Upgrade
Now we are inside the machine, update and upgrade the system.

sudo apt update -y
sudo apt upgrade -y

Change Password
Once system has been updated/upgraded You can change your password (optional)

passwd

Add a new non-root user and add it to sudoers

sudo usermod -aG sudo username
sudo -l -U username #Verify the user has sudo access

OR 

useradd -m -s /bin/bash username
groups username
usermod -aG sudo username

Set password for new user

sudo passwd username

Now log in as a new user:

ssh username@192.IP.IP.IP

Authenticate using SSH and Restrict Password Login (Recommended)

ssh-keygen -t ed25519 -C "user@domain.com"

To view all public keys

Windows: C:\Users\YourUser\.ssh\id_ed25519.pub
Linux: cat ~/.ssh/id_ed25519.pub

Copy the content of the public(.pub) key file. Paste the public key into the file.

nano ~/.ssh/authorized_keys
ssh-add -k ~/.ssh/id_ed25519 #add it to the ssh utility

Disable password login if you only want authentication using ssh only.

sudo nano /etc/ssh/sshd_config
Search for: PasswordAuthentication=no
For root user: PermitRootLogin=no

Now restart the ssh service:

sudo service ssh restart "OR" sudo systemctl restart ssh
ssh username@IP.x.x.x #Login With ssh

2- Secure server with firewall

View firewall setup doc

3- Setup Nginx on Ubuntu

Install and configure nginx on your ubuntu server

sudo apt install nginx
sudo systemctl start nginx #start service
sudo systemctl enable nginx #enable service
sudo vim /etc/nginx/sites-available/default #Create new server block config

Do nginx configuration for your site:

server {
  listen 80;  # Listen on port 80, the default HTTP port
  server_name localhost;  # The server name, here it is set to localhost

  root /var/www/html;  # The root directory where files are served from
  index index.html index.htm;  # The default files to serve

  location / {
    try_files $uri $uri/ =404;  # Try to serve the requested URI, if not found return a 404
  }
}

If /var/html/www doesn't exist

sudo mkdir -p /var/www/html
sudo chown -R $USER:$USER /var/www/html #Change ownership of the document root directory to the current user
sudo chmod -R 755 /var/www/html #set permission

Test the nginx server serving file:

cd /var/www/html
touch index.html #write some dummy code
sudo nginx -t #test the configuration
sudo systemctl reload nginx #reload to apply changes
Visit URL/IP to see if it works

Setup Ratelimit

sudo vim /etc/nginx/nginx.conf

Add the following code to the http block

http {
  limit_req_zone $binary_remote_addr zone=mylimit:10m rate=2r/s;

  ...
}

$binary_remote_addr: This is a variable that holds the client’s IP address in a binary format. Using the binary format saves memory, which is important when dealing with large numbers of requests
zone=mylimit:10m: This specifies the name and size of the shared memory zone used to store the state of rate limits. mylimit means the name of the zone. 10m means that the size of the zone is 10 megabytes.
rate=2r/s: means that each IP address is allowed to make 2 requests per second

Edit nginx server block config to apply rate limit

sudo vim /etc/nginx/sites-available/default

# Add following inside server block
server {
  ...

  location / {
    limit_req zone=mylimit burst=20 nodelay;
    try_files $uri $uri/ =404;
  }

  ...
}

sudo nginx -t
sudo systemctl reload nginx

4- Setup SSL Certificate

sudo apt install certbot python3-certbot-nginx
sudo vim /etc/nginx/sites-available/default


server {
  ...
  server_name test.arbab.com;
  ...
}

sudo nginx -t

# Obtain an SSL
sudo certbot --nginx -d test.arbab.com

Follow the prompts:

Enter the email address associated with your domain registrar account.
Accept the terms of service.
Press Enter to continue.

Renew Certificate

sudo certbot renew --dry-run #To check if the certificate is close to expiring
sudo certbot renew

How to push your code on new github/gitlab account?

MUHAMMAD ARBAB ANJUM — Thu, 17 Jul 2025 01:19:34 +0000

1- Create SSH Key:
ssh-keygen -t ed25519 -C "arbab@gmail.com"

2- Command to Start SSH Agent
eval "$(ssh-agent -s)"

3- Command to add your key
ssh-add ~/.ssh/id_ed25519

4- Copy your ssh key from ~/.ssh/id_ed25519.pub

5- Paste Keys:

For Github: Paste in project_repo > settings > Deploy Keys
For Gitlab: Paste in project_repo > settings > Repository > Deploy Keys

Linux From Zero to Hero

MUHAMMAD ARBAB ANJUM — Mon, 19 May 2025 18:11:17 +0000

Access Linux Server Remotely Using SSH

ssh -i ./keyPair.pem ubuntu@remote_host

If you want to access the server on your VM, then in VirtualBox, you have to change the network setting from `NAT` to `Bridge Adapter`

# Sometimes you need to install this package to access your server remotely. 

sudo apt install openssh-server
systemctl start ssh

# Check ssh service
systemctl status ssh.service

# Access from Windows:
ssh ubuntu@remote_host

SCP (Secure Copy Protocol)

# from current server to remote
scp /local/file ubuntu@remote_host:/path/

# from remote to current server
scp -v ubuntu@remote_host:/path/ <current_server_path>

Editors

vim Editor

vim abc.txt

Press i -> start editing the file
Esc + d -> to stop editing
esc, shift + :wq -> Save File
:q! -> quit without Save
shift + g -> Move to end of file
small g two times --> Move to top of file
/hello -> will seach the hello word in the file
Press n -> To move to the next search location of that word
?search → use ? when searching from bottom to top
Shift + * → to search on the highlighted word
:%s/searc_word/replace_word/g → Replace word, %s (Substitue), /g (Globally) 
U → undo everything
Ctrl + r → redo everything
Press O → to enter text in the next line where you are currently
Press Shift + O → to enter text in before the line where you are currently
Shift + I → insert in the start of the line
Shift + A → insert in the end of the line
Press r → to replace the selected character
Press d d  → press d two times to delete the line
:e! → revert all the changes
Type 15 and press dd two times to delet 15 lines from the place where your cursor is currently
Press p → to paste the line in the clipboard
Shift + p → paste before the line where you are currently
Shift +v → select the lines you want to copy → press y → to copy the selected lines
:set nu → show line number next to each line in the editor
:set nonu → hide line number next to each line in the editor
:syntax on → show colors in the file → mostly for code purpose
:syntax off → hide colors
:100 → jump to line number 100

User Account Management

View all users

less /etc/passwd

# View with encrypted password
less /etc/shadow

Create user

# Add user
useradd <username>

# Check if user created or not?
id <username>

# Personalize user info while account creation?
useradd -g <group_name> -s /bin/bash -c <comment here> -m -d /home/<user_name> <user_name>

# -g -> Group
# -s -> default shell
# -c -> comment or any message 
# -m -> Want to make home dir or not
# -d -> if -m then -d means directory path

Delete user

userdel <user_name>
userdel -r <user_name> (remove home dir also)
userdel -f <user_name> (force delete even if user is logged in)

Modify user

# Add user to new group but default group will remain same
usermod -G <group_name> <user_name>

# Change default group
usermod -g <group_name> <user_name>

# -L/-U -> Lock or unlock user from login
# -p -> change password OR passed <user_name>
# -s -> Change shell type
# -m -d -> move home content to the new folder

Group Management

Create Group

# New group
groupadd <group_name>

# View all groups
less /etc/group

Password Aging

For single user:

#One time using 'chage' command
#Making default for every new user by making change in /etc/login.def file

#Format:

chage [-m mindays] [-M maxdays] [-d lastday] [-I inactive] [-E expiredate] [-W warndays] <user_name>

-m -> No of days required a user is allowed to change password
-M -> Max no of days password is valid
-d -> Days since Jan 1, 1970 that password was last changed
-I -> No of days after password expire, account is disable
-E -> Days since Jan 1, 1970 that password was last changed


# Password Aging matrix

less /etc/shadow
username:password:last_pass_change:min_pass_age:max_pass_age:warning_period:inactivity_period:expiration_date:unused

# Example: password valid until 90 days and when 10 days are left throw a warning.
chage -M 90 -W 10 <user_name>

For multiple user:

nano /etc/login.def

PASS_MAX_DAYS 90
PASS_MIN_DAYS 10
PASS_MIN_LEN 8
PASS_WARN_AGE 10

SU and SUDO Command

#switch to the home directory of the login user
su - <user_name> 

#Even after switching user stays in same dir of previous user
su <user_name> 

#switch to root user
su -

# view details of sudoers
less /etc/sudoers

#Update sudoers file from anywhere 
visudo

Firewall

Tools for managing firewall.

- iptables
- firewalld -> latest now a days

Linux Hardening

Making linux system more secure by turning off things you don't need, limiting access, and add extra layer of protection to keep it safe from hackers. List below to have secure system:

- Principle of Least Privilege (PoLP)
- Minimize Attack Surface
- Keep the System Updated
- Strong Authentication and Password Policies
- Secure Remote Access
- Logging and Monitoring 

**Enable Logging:** Use tools like rsyslog, syslog-ng, or
journald to record system events.

**Log Analysis:** Use intrusion detection tools like
fail2ban or AIDE to monitor logs and detect suspicious activity.

Regularly check system logs and automate alerts for
unusual activities (e.g., /var/log/auth.log).

- Firewall Configuration
- File System Security
- System Auditing
- Disable Unused Network Services and Ports
- File and Directory Permissions
- Kernel Hardening
- Use Security Tools and Enhanced Security Applications
- Data Backup and Recovery
- Physical Security
- Secure Boot Process
- Network Security Configurations
- Intrusion Detection and Prevention
- Authentication Management

Cockpit - Tool

Access your server with help of Web UI

sudo apt install cockpit
access using: http://<server_IP>:9090

LogRotate - Tool

# Log files location in linux
cd /var/log/

# Config Files

/etc/logrotate.conf
/etc/logrotate.d

Log Files Location

/var/log

Shell Scripting - Zero to Hero

MUHAMMAD ARBAB ANJUM — Sun, 04 May 2025 08:32:34 +0000

Shell scripting consists of set of commands to perform a task.

Different types of shells:

bash
sh
ksh
tsh
fish
zsh (Extended version of bash with more advanced features)

What is my shell type?

echo $0

How to check supported shells?

cat /etc/shells

What is shebang?

It specifies which interpreter should be used to execute the script.

#!/bin/bash

Basic shell script

#!/bin/bash
echo "hello world!"

How to execute script?

Make sure script have execute permission rwx.
1- ./file.sh
2- path/file.sh
3- bash file.sh

How to add comments?

1- single line comment 

#comment

2- Multiline comment

<<comment 

---- Your Comment Here ----

comment

Variables:

How to use variables?

#!/bin/bash
person="Arbab Anjum"
hostName=$(hostname)
readonly role="superadmin"

echo $person is using $hostName and role is $role

------
> Output: Arbab Anjum is using ubuntu and role is superadmin

Array:

How to define and get value of an array?

Set Value:

myArray = (1 2 3 Hello "World");

Get Value:

echo "${myArray[0]}"
echo "${myArray[1]}"

How to find length of an array?

echo "${#myArray[*]}"

How to get specific values?

echo "${myArray[*]:1}"
echo "${myArray[*]:1:2}" // from index 1, get 2 values

How to update an array?

myArray+=(New 7 8)

How to store the key value pairs?

declare -A myKeyValArray
myKeyValArray=([name]="Arbab Anjum",[city]="London")
echo "Name is ${myKeyValArray[name]}"

String Operations:

myVar="My name is Muhammad Arbab Anjum"
echo "Length: ${#myVar}"
echo "Uppercase: ${myVar^^}"
echo "Length: ${myVar,,}"
echo "Replace (name) with (Name): ${myVar/name/Name}"
echo "Slice: ${myVar:6:13}"

User Interaction:

echo "What is your name? "
read name
echo "Name is $name"

read in same line:

read -p "What is your name: " name
echo "My name is $name"

Arithmetic Operations

x=10
y=2
let mul=$x*$y # use 'let' to tell it's a mathematical operation
echo "Multiplication: $mul"
echo "Addition: $(($x+$y))"

Conditional Statement

If Else

Example: 1

if [[ $marks -gt 40 ]]
then
    echo "Pass!"
else
    echo "Fail!"
fi

Example: 2

if [[ $marks -gt 40 ]]
then
    echo "Above 40!"
elif [[ $marks -eq 30 ]]
    echo "Fail!"
then
    echo "Equal 30!"
else
    echo "Less than 30!"
fi

Example: 3 || Logical operation

if [[ $age -gt 18 ]] && [[ $country -eq "London" ]]
then
    echo "Pass!"
else
    echo "Fail!"
fi

Equal > -eq/==
Greater than or equal to > -ge
Less than or equal to > -le
Not equal to > -ne/!=
Greater than > -gt
Less than > -lt

Switch Case

echo "Choose an option below:"
echo "a =  To see current data"
echo "b =  list all files in current directory"

read choice

case $choice in
    a) date;;
    b) ls;;
    *) echo "Not a valid input"
esac

For Loop

Example: 1

for i in 1 2 3 4 5
do
      echo "Number: $i"
done

Example: 2

for i in {1..10}
do
      echo "Number: $i"
done

Example: 3 - Getting value from file name.txt

FILE='/home/arbab/name.txt'
for name in $(cat $FILE)
do
      echo "Name is: $name"
done

Example: 4 - Getting value from file name.txt

myArray=(1 2 3 4 5 6 7)
for (( i=0; i<${#myArray[*]}; i++ ))
do
      echo "Value is: ${myArray[$i]}"
done

while Loop

Code keeps executing till the statement is true

count=0
num=10

while [ $count -le $num ]
do
    echo "Number: $count"
    let count++
done

Until loop

Code keeps executing till the statement is false

a=10

until[ $a -eq 1 ]
do
    echo "Number: $a"
    let a--
done

Read content from CSV file

while IFS="," read f1 f2 f3
do
    echo "$f1"
    echo "$f2"
    echo "$f3"
done < file_name.csv

Function

Example 1:

function myFun{
    echo "--------"
    echo "Welcome"
    echo "--------"
}

# Calling Function
myFunc

Example 2:

myFun(){
    echo "--------"
    echo "Welcome"
    echo "--------"
}

# Calling Function
myFun

Example 2: With arguments

#!/bin/bash
myFun(){
    local num1=$1 # $1-> First argument: 5
    local num2=$2 # $2-> Second argument: 2
    let result=$num1+$num2 
    echo "--------"
    echo "Sum: $result"
    echo "--------"
}

# Calling Function
myFun 5 2

Example 2: Send arguments while executing file

./file.sh arbab anjum

file.sh:

echo $1 # result: arbab
echo $@ # result: arbab anjum -> $@ means all arguments
echo $# # result: 2 -> number of arguments

Useful Concept

break - To stop the loop
continue - To stop current iteration of loop and start from the next iteration
sleep - To create delay between two execution e.g; sleep 1m/1s
exit - To stop script to a point. e.g; exit 1
$? - exit status - gives you status of previous command if that was successful - status 0 means success
basename - strip directory info and only give filename
dirname - strip the filename and gives dir path
realpath - gives you full path for a file
RANDOM - generate random number - echo $RANDOM
UID - User ID of the logged in user - echo $UID - UID of root user is 0

Debugging:

Add `set -x` in the script to enable debugging

Scripts:

Check if file exist or not

#!/bin/bash
FILPATH=/home/test/file.csv
if[[ -f $FILEPATH ]]
then
    echo "FILE EXIST"
else
    echo "FILE DON't EXIST"
fi

If you want to exit script when a command fail

set -e # use this
echo "Hello"
cd /root #fail and skip next execution
pwd

Run script in background

nohup ./script.sh

Run Script at specific time using At command

at 12:09 AM # Run and hit enter it will ask what to do 
bash ./script.sh

atq -> to check scheduled job
atrm <id> -> to remove a scheduled job

Crontab - Script automation

crontab -l # view existing cronjobs
crontab -e # Create New

Format:

* * * * * cd /home/arbab/ && ./runfile.sh

Stars from Right To Left
* -> Day of Week (0-6) Sunday=0
* -> month 1-12
* -> Day of month (1-31)
* -> hour 0-23
* -> minute 0-59

https://crontab.guru

Mini Projects

Monitoring free RAM Space

#!/bin/bash
FREE_SPACE=$(free -mt | grep "Total" | awk '{print $4}')
TH=500

if [[ $FREE_SPACE -lt $TH ]]
then
    echo "Normal Memory!"
else
    echo "Running out of memory!"
fi

#--------- Comments ---------
#free -mt -> show total free memory
#grep "Total" -> pick the line containing word total
#awk '{print $4}' print 4th column value

Monitoring free disk Space and send an alert email

#!/bin/bash
FREE_DISK_SPACE=$(df -H | egrep -v "Filesystem|tmpfs" | grep "sda2" | awk '{print $5}' | tr -d %)
TH=90
TO=user@gmail.com

if [[ $FREE_DISK_SPACE -lt $TH ]]
then
    echo "Disk has enough space!" | mail -s "Disk Space Alert" $TO
else
    echo "Low disk space!"
fi

#--------- Comments ---------
#configure postfix to send emails
#df -h -> show all disk usage
#egrep -v "Filesystem|tmpfs" -> Remove Filsystem and tmps line from output
#grep "sda2" -> search sda2
#awk '{print $5}' print 5th column value
#tr -d % -> truncate/delete % from output

Move files having size more than 20MB to achieve folder

!/bin/bash
# Version: 1
# Date: 19 April 2025

#Variables
BASE=/home/arbab/myFiles
DAYS=10
DEPTH=1
RUN=0

#check if the directory is present or not

if [[ ! -d $BASE ]]
then
    echo "Dir doesn't exist: $BASE"
    exit 1
fi

#create 'archive' folder if not present

if [[ ! -d $BASE/archive ]]
then
    mkdir archive
fi

#Find list of files largest than 20MB

for i in `find $BASE -maxdepth $DEPTH -type f -size +20M`
do
    if [[ $RUN -eq 0 ]]
    then
        echo "[$(date "+%y-%m-%d %H:%M:%S")] archiving $i ==> $BASE/archive"
        gzip $i || exit 1
        mv $i.gz $BASE/archive || exit 1
    fi
done

## ||  runs the command on right side when left side result is false

Automate user account creation

#!/bin/bash

# script should execute with sudo/root access.
if [[ "${UID}" -ne 0 ]]
then
    echo 'Please run with root or sudo user'
    exit 1
fi

# user should provide atleast one argument as username else guide him
if [[ "${#}" -lt 1 ]]
then
    echo 'Usage: ${0} USER_NAME [COMMENT]...'
    exit 1
fi

# ${0} -> Tells the name of script
# store first argument as username

USER_NAME="{$1}"

# All other arguments as comment
shift
COMMENT="{$@}"

# create a password

RANDOM_PASS=$(date +%s%N)
# seconds and nano seconds

# create a user
useradd -c "${COMMENT}" -m $USER_NAME

# -c -> comment
# -m -> Make Dir

# Check if user created successfully or not

if [[ $? -ne 0 ]]
then
    echo "Failed to create user"
    exit 1
fi

# set password for user
echo $PASSWORD | passwd --stdin $USER_NAME

# Check if password is successfully set or not

if [[ $? -ne 0 ]]
then
    echo "Failed to create user"
    exit 1
fi

# force password change on first login
passwd -e $USER_NAME

# Display username password and hostname

echo "Username: $USER_NAME"
echo "Username: $PASSWORD"
echo "Hostname: $(hostname)"