Assorted hints, that makes the life easier in the daily life with Linux. Most of the hints are noted here in order to remember the exact syntax of the construct.
- 1 Using ssh and friends extensively
- 2 NX hint collection
- 3 Howto downgrade a yum-installed package
- 4 Scan a network for occupied addresses
- 5 Sendmail
Using ssh and friends extensively
SSH is one of the most versatile commands in the *nix environment.
In the text below please remember that
user is a login you have access to (typical your own user name or maybe in rare situations root) on host.
If you have not dropped your public ssh key file on the remote host you will be prompted for at valid password.
can be specified as a host name, which is known in the DNS or an IP address.
Copy your credentials to a remote host
By coping your credentials to a remote host you don't have to enter a password every time you login.
First if you have not previously generated a private-public key pair you'll have to do so, but first check that you have not done this previously:
]$ ls -la ~/.ssh
if you don't see a id_rsa and a id_rsa.pub file go ahead with this command:
just hit enter on all questions.
Now you're ready to use ssh-copy-id. ssh-copy-id has this format:
Usage: /usr/bin/ssh-copy-id [-i [identity_file]] [user@]machine
Typically you'll enter:
]$ ssh-copy-id -i ~/.ssh/id_rsa.pub <my username>@<remote hostname or IP>
Test that you can create a ssh connection without loggin in.
I believe that Putty also have or can generate a private-public key pair giving the same convenience. It can be copied the manual way.
The manual way
First copy the local id_rsa.pub file to the remote host using scp as described below.
Then add the file to the ~/.ssh/authorized_keys file by issuing this command:
]$ cat <your id_rsa.pub file from where you have placed it> >> ~/.ssh/authorized_keys
Note the >> which means add to the file if it exists or create it if it don't.
Create a file remotely
If you need to let output from one command locally be the input to a file on a remote system issue this command:
<local command>|ssh <remote username>@<remote host> "cat > <remotefilename>"
]$ xmodmap -pke|ssh -p 2222 firstname.lastname@example.org "cat > .Xmodmap"
the output (on stdout) will be sent to bren using klausk's login and send the result into the file .Xmodmap
Comparing two files
In general comparing two files can be done like this:
diff <firstfile> <secondfile>
or using vim
vim -d <firstfile> <secondfile>
To compare two files of which one resides on another system issue this command:
vim -d <firstfile> scp://<remote-system>//<path-to-file>/<secondfile>
To compare two files both resident on different systems issue this command:
vim -d scp://<first-remote-system>//<path-to-file>/<firstfile> scp://<second_remote-system>//<path-to-file>/<secondfile>
where <remote-system> is either the IP address or its hostname including domain as in bren.hih.au.dk - if using a different username than the one you're logged in with on current system use <username>@<remote-system>
Using SSH to get around
Thanx to this page it is easy to collect useful examples of extensive usage of ssh.
Here are examples of copying from local to remote and the other way around.
tar cvf - . | gzip -c -1 | ssh user@host cat ">" remotefile.gz ssh target_address cat <localfile ">" remotefile ssh target_address cat <localfile - ">" remotefile cat localfile | ssh target_address cat ">" remotefile cat localfile | ssh target_address cat - ">" remotefile dd if=localfile | ssh target_address dd of=remotefile ssh target_address cat <localfile "|" dd of=remotefile ssh target_address cat - <localfile "|" dd of=remotefile ( cd SOURCEDIR && tar cf - . ) | ssh target_address "(cd DESTDIR && tar xvpf - )" ( cd SOURCEDIR && tar cvf - . ) | ssh target_address "(cd DESTDIR && cat - > remotefile.tar )" ( cd SOURCEDIR && tar czvf - . ) | ssh target_address "(cd DESTDIR && cat - > remotefile.tgz )" ( cd SOURCEDIR && tar cvf - . | gzip -1 -) | ssh target_address "(cd DESTDIR && cat - > remotefile.tgz )" ssh target_address "( nc -l -p 9210 > remotefile & )" && cat source-file | gzip -1 - | nc target_address 9210 cat localfile | gzip -1 - | ssh target_address cat ">" remotefile.gz
ssh target_address cat remotefile > localfile ssh target_address dd if=remotefile | dd of=localfile ssh target_address cat "<" remotefile >localfile ssh target_address cat "<" remotefile.gz | gunzip >localfile
###This one uses CPU cycles on the remote server to compare the files: ssh target_address cat remotefile | diff - localfile cat localfile | ssh target_address diff - remotefile ###This one uses CPU cycles on the local server to compare the files: ssh target_address cat <localfile "|" diff - remotefile
Push: Push local file to remote server.
Pull: Pull remote file from remote server to local machine.
Tunnelling through SSH
On Reverse ssh tunneling there is a fine description of how to ssh from a host behind a firewall.
Login to a virtual host from home
You want to log into your development host, but from home. It is possible using bren as a jump-stone. Issue a command like this, where you have modified addresses etc to suit your needs:
ssh -A -t <user>@<hostname> ssh -A <user on virtual>@<ip of virtual host>
The -A instructs ssh to run an ssh-agent in the background serving keys. The -t instructs ssh to force a pseudo-tty to be allocated.
Ensure that you can login without entering passwords distribute your public key using ssh-copy-id.
Direct login to your virtual dev-host
This is the setup:
+---------+ § +------------------+ | | § | bren | | | § | +----------+ | | Home PC |-----§-------§-+ | | | | | § | | | virtual | | | | § | +-| dev-host | | | | § | | | | +---------+ § | +----------+ | § | | § +------------------+ § = network boundaries (firewalls and the Internet)
and you'd like to login in just a few keystrokes. Is that possible? Yes!
You can login in one command. Follow these instructions to set-up up your Linux. If you're running Apple (which is FreeBSD down below) it is probably something alike, but there may be differences. Windows user: Installing the full Cygwin should enable you to prepare at set-up alike.
Create/edit the file ~/.ssh/config and insert this
Host bren HostName bren.hih.au.dk Host my-devhost ProxyCommand ssh -q <user>@bren nc 10.1.18.nnn 22
The first two lines specifies that you want to reach the host bren at bren.hih.au.dk (because this is not a public address you'll need to have it define locally in your /etc/hosts or in your local DNS.
The next two lines tells us, that when accessing my-devhost, we shall use ssh to connect to bren and as user <user>, next the nc command is used to jump to the dev-host at the 10.1.18.nnn address on port 22 (replace nnn with your specific number).
In this particular case I login in on my home PC as klaus not klausk, so when establishing a connection to my dev-host I issue
$ ssh klausk@klaus-devhost
which will bring me directly to the devhost using bren as a jump stone.
You can use the ssh-copy-id to send your ssh keys directly to the devhost and thereby login without being prompted for your password.
sshfs - a user mounted remote file system
Please see the Sshfs page.
NX hint collection
NX is a wonderful envention, but it comes with some quirks. I've collected my experiences here.
After an upgrade
After updating the free-nx server it might be necessary to run, as root:
to reinstall the configuration.
After upgrading ssh
Sometimes an update of ssh makes the configuration unstable. Try this:
nxsetup --install --setup-nomachine-key
which should bring the ssh-keys back in working order.
If the keyboard doesn't work correctly (typically the arrow, pagup/dwn, etc keys) execute this in a NX session console:
setxkbmap -model evdev -layout us
change us with your keyboard layout. i.e. dk for Danish.
If you encounter that you can login, but the session is immediately closed issue this on the remote server:
$ /sbin/restorecon -v -v /home/<your home dir>/.Xauthority
Slow NX on Windows
From nomacinhe.com I've picked up this advice:
NX can be slow in drawing some elements of KDE desktop This problem has been verified with NX Client installed on a Windows 7 64-bit connected to an NX session running a KDE desktop version 3. This desktop environment shows a tool-tip box which appears gradually and then disappears completely when the pointer moves over the elemnts on the task bar. The drawing of such tool-tips appears slow. While drawing progresses, the NXWin process on the Windows host takes a lot of CPU time (50% on a dual core CPU). This problem doesn't occur if DirectDraw engine is disabled in NX Client settings. To do it: Press "Configure" Chose tab "Advanced" Check the box "Disable DirectDraw for screen rendering". This problem has never seen on 32-bit Windows versions.
Howto downgrade a yum-installed package
Lookup the exact version number - maybe in /var/log/yum.log*
Login as root or sudo: (here nx-3.4.0-4.el5.centos.i386 is downgraded to nx-3.3.0-14.el5.centos.i386)
yum downgrade nx-3.3.0-14.el5.centos.i386
To prevent automatic upgrade when yum in run by cron add this to the yum.conf in /etc:
Scan a network for occupied addresses
To scan the 255 addresses for activity in the network 10.1.18.0 use this command.
$ nmap -sP 10.1.18.0/24
In order to let sendmail forward root messages to a human receiver edit the /etc/aliases file and add something like this at the end (only root can do):
where email@example.com shall be changed to an appropriate mail address.
newaliases service sendmail restart
to reflect the changes.