Linux hints

From Klaus' wiki
Revision as of 16:40, 9 February 2012 by Klaus (Talk | contribs)

Jump to: navigation, search

See also Centos and Fedora

Assorted hints, that makes the life easier in the daily life with Linux. Most of the hints are noted here in order to remember the exact syntax of the construct.

Using ssh and friends extensively

SSH is one of the most versatile commands in the *nix environment.

In the text below please remember that

user@host

user is a login you have access to (typical your own user name or maybe in rare situations root) on host.

If you have not dropped your public ssh key file on the remote host you will be prompted for at valid password.

host

can be specified as a host name, which is known in the DNS or an IP address.

Copy your credentials to a remote host

By coping your credentials to a remote host you don't have to enter a password every time you login.

First if you have not previously generated a private-public key pair you'll have to do so, but first check that you have not done this previously:

 
]$ ls -la ~/.ssh

if you don't see a id_rsa and a id_rsa.pub file go ahead with this command:

 
]$ ssh-keygen

just hit enter on all questions.

Now you're ready to use ssh-copy-id. ssh-copy-id has this format:

 
Usage: /usr/bin/ssh-copy-id [-i [identity_file]] [user@]machine

Typically you'll enter:

 
]$ ssh-copy-id -i ~/.ssh/id_rsa.pub <my username>@<remote hostname or IP>

Test that you can create a ssh connection without loggin in.

I believe that Putty also have or can generate a private-public key pair giving the same convenience. It can be copied the manual way.

The manual way

First copy the local id_rsa.pub file to the remote host using scp as described below.

Then add the file to the ~/.ssh/authorized_keys file by issuing this command:

 
]$ cat <your id_rsa.pub file from where you have placed it> >> ~/.ssh/authorized_keys

Note the >> which means add to the file if it exists or create it if it don't.

Create a file remotely

If you need to let output from one command locally be the input to a file on a remote system issue this command:

<local command>|ssh <remote username>@<remote host> "cat > <remotefilename>"

an example:

]$ xmodmap -pke|ssh -p 2222 klausk@bren.hih.au.dk "cat > .Xmodmap"

the output (on stdout) will be sent to bren using klausk's login and send the result into the file .Xmodmap

Comparing two files

In general comparing two files can be done like this:

diff <firstfile> <secondfile>

or using vim

vim -d <firstfile> <secondfile>

To compare two files of which one resides on another system issue this command:

vim -d <firstfile> scp://<remote-system>//<path-to-file>/<secondfile>

To compare two files both resident on different systems issue this command:

vim -d scp://<first-remote-system>//<path-to-file>/<firstfile> scp://<second_remote-system>//<path-to-file>/<secondfile>

where <remote-system> is either the IP address or its hostname including domain as in bren.hih.au.dk - if using a different username than the one you're logged in with on current system use <username>@<remote-system>

Using SSH to get around

Thanx to this page it is easy to collect useful examples of extensive usage of ssh.

Here are examples of copying from local to remote and the other way around.

PUSH:

tar cvf - . | gzip -c -1 | ssh user@host cat ">" remotefile.gz
ssh target_address cat <localfile ">" remotefile
ssh target_address cat <localfile - ">" remotefile
cat localfile | ssh target_address cat ">" remotefile
cat localfile | ssh target_address cat - ">" remotefile
dd if=localfile | ssh target_address dd of=remotefile
ssh target_address cat <localfile "|" dd of=remotefile
ssh target_address cat - <localfile "|" dd of=remotefile
( cd SOURCEDIR && tar cf - . ) | ssh target_address "(cd DESTDIR && tar xvpf - )"
( cd SOURCEDIR && tar cvf - . ) | ssh target_address "(cd DESTDIR && cat - > remotefile.tar )"
( cd SOURCEDIR && tar czvf - . ) | ssh target_address "(cd DESTDIR && cat - > remotefile.tgz )"
( cd SOURCEDIR && tar cvf - . | gzip -1 -) | ssh target_address "(cd DESTDIR && cat - > remotefile.tgz )"
ssh target_address "( nc -l -p 9210 > remotefile & )" && cat source-file | gzip -1 - | nc target_address 9210
cat localfile | gzip -1 - | ssh target_address cat ">" remotefile.gz

PULL:

ssh target_address cat remotefile > localfile
ssh target_address dd if=remotefile | dd of=localfile
ssh target_address cat "<" remotefile >localfile
ssh target_address cat "<" remotefile.gz | gunzip >localfile

COMPARE:

###This one uses CPU cycles on the remote server to compare the files:
ssh target_address cat remotefile | diff - localfile
cat localfile | ssh target_address diff - remotefile
###This one uses CPU cycles on the local server to compare the files:
ssh target_address cat <localfile "|" diff - remotefile

Push: Push local file to remote server.

Pull: Pull remote file from remote server to local machine.

Tunnelling through SSH

On Reverse ssh tunneling there is a fine description of how to ssh from a host behind a firewall.

Login to a virtual host from home

You want to log into your development host, but from home. It is possible using bren as a jump-stone. Issue a command like this, where you have modified addresses etc to suit your needs:

ssh -A -t <user>@<hostname> ssh -A  <user on virtual>@<ip of virtual host>

The -A instructs ssh to run an ssh-agent in the background serving keys. The -t instructs ssh to force a pseudo-tty to be allocated.

Ensure that you can login without entering passwords distribute your public key using ssh-copy-id.

See also this page and this page for further info about multihop and other advanced ssh connections.

NX

After updating the free-nx server it might be necessary to run

nxsetup --install

to reinstall the configuration.

Sometimes an update of ssh makes the configuration unstable. Try this:

nxsetup --install  --setup-nomachine-key

which should bring the ssh-keys back in working order.


Howto downgrade a yum-installed package

Lookup the exact version number - maybe in /var/log/yum.log*

Login as root or sudo: (here nx-3.4.0-4.el5.centos.i386 is downgraded to nx-3.3.0-14.el5.centos.i386)

yum downgrade nx-3.3.0-14.el5.centos.i386

To prevent automatic upgrade when yum in run by cron add this to the yum.conf in /etc:

exclude=nx*

Scan a network for occupied addresses

Use nmap.

To scan the 255 addresses for activity in the network 10.1.18.0 use this command.

$ nmap -sP 10.1.18.0/24