Commands: Difference between revisions
Line 722: | Line 722: | ||
==get public key from command above== | ==get public key from command above== | ||
gpg --recv-keys 754817487F42735A | gpg --recv-keys 754817487F42735A | ||
==encrypt file== | |||
gpg --encrypt --recipient user1@inter.net --recipient user2@inter.net --recipient user3@inter.net file.txt | |||
==decrypt gpg file== | ==decrypt gpg file== | ||
gpg --decrypt vpn-0ea602e33ab9c49fd.txt.gpg | gpg --decrypt vpn-0ea602e33ab9c49fd.txt.gpg | ||
==who has encrypted file== | ==who has encrypted file== | ||
gpg --pinentry-mode cancel --list-packets file.gpg | gpg --pinentry-mode cancel --list-packets file.gpg |
Revision as of 11:19, 20 April 2022
7za
decompress file
7za e myfiles.7z
ab
apache benchmarking
ab -n 50 https://www.halfface.se/photos/ ab -n 1000 -c 10 https://www.halfface.se/wiki/index.php/Halfface
abcde
Rip cd.
abcde
agrep
Aproximate grep. 3 differences from andreas
agrep -3 andreas /var/log/messages
alternatives
alternatives --set mta /usr/sbin/sendmail.postfix
antiword
antiword bad.doc > pure.txt
arecord
List soundcards.
arecord -l
Chose source.
alsamixer
Create mp3 from source.
arecord -f cd -d 5 -t raw | lame -x -r - out.mp3
arp-scan
Scan ip addresses on local subnet
sudo arp-scan --localnet | sort -n -k4 -t.
at
Run command at specific time. Look at queue.
echo '/usr/bin/espeak -s120 "I will say this only once."' | at -t 201810180833 atq
List at jobs.
atq ; atq | awk '{print $1}' | while read i ; do echo '***' $i ; at -c $i 2>&1 | tail -3 | head -1 ; done 2 Sun May 17 04:00:00 2020 a root *** 2 /usr/bin/systemctl restart springboot_uc_supportrouter.service
base64
base64 -d /tmp/html | elinks --dump | less -ISRM
blkid
Get uuid of disk.
blkid /dev/sdb1 /dev/sdb1: UUID="64cd54f7-5330-425d-81e5-a0e473a5f5e7" TYPE="ext4" PARTLABEL="primary" PARTUUID="21f38e48-af2d-4fdd-854a-5910f392a6e0"
bonnie++
Report performance on disk. benchmark
bonnie++ -u 0:0
On machine running out of disk
sudo bonnie++ -d ./ -s 400 -r 200 -u root
Example command.
bonnie++ -d /storage/temp/ -s 32G -n 0 -m TEST -f -b -u abjorklund
boot
Booting singe user mode.
kernel ... single
bootchart
Analyze startup times.
bootgraph
How to use.
Kernel later than 2.6.28 kernel option initcall_debug dmesg | /usr/src/linux-headers-2.6.28-11-generic/scripts/bootgraph.pl > /tmp/bootgraph.svg
bpftrace
run code at each system call
#!/usr/bin/bpftrace interval:s:5 { exit(); } kprobe:do_sys_open { printf("%s %s\n", comm, str(arg1)); }
bzip2
Extract keep original
bzip2 -dk /compressed_file.bz2 and extract standard out via tar.
Extract bunzip2 file and extract via tar from standard out.
bzip2 -c /compressed_file.bz2 | tar -xivf -
cdrecord
Blank cd/dvd rw
cdrecord -v gracetime=2 dev=/dev/cdrom -eject blank=all -force
chage
List password properties of user
chage -l abjorklund
Unlimited login
chage -I -1 -m 0 -M 99999 -E -1 sftponly
chattr/lsattr
Set extendet attributes of files.
# Lock file for most activities. chattr +i file # Unlock file chattr -i file # recursive lsattr looking for imutable. lsattr -aR -- .//. 2>/dev/null | sed -rn '/i.+\.\/\/\./s/\.\/\///p'
chmod
Sticky bit on directory. Only owners of files are able to delete.
chmod 1755 /file. -rwxr-xr-t
GUID on file. binaries started will have the group set to the defined group.
chmod 2755 /file -rwxr-sr-x
SUID on file.
chmod 4755 /file -rwsr-xr-x
Remover permissions for others
chmod o-rwx
chntpw
# Change windows passwords offline mkdir /mnt/disk ; mount /dev/sd1 /mnt/disk; cd /mnt/disk/Windows/System32/config # List local users. chntpw -l SAM # clear password on user. chntpw -u Administrator SAM
chrony
# setup time sync via ntp. /etc/chrony.conf # look at status chronyc tracking # List ntp sources. chronyc sources
Force syncronize
sudo chronyc -a 'burst 4/4'
Make a big step. Did not work for me.
chronyc -a makestep
Verify clock
chronyd -q 'server pool.ntp.org iburst'
chvt
From a script change to a virtual interface and connect script to that terminal. chvt 3 exec < /dev/tty3 > /dev/tty3
cacafire
View some fire in ascii.
clean
Clean file from comments and blank lines.
sed '/ *#/d; /^ *$/d'
codepage
Change codepage of file.
convmv -f cp850 -t iso-8859-1 --notest * convmv -f utf8 -t iso8859-1 -r --notest * convmv -f iso8859-1 -t en_US.UTF-8 -r --notest .
Change codepage of file.
iconv --from-code=ISO-8859-15 --to-code=UTF-8 document.csv > document_iconv.csv
column
Create nice column. Use tab as delimiter.
column -t -s $'\t' /file.tsv
compgen
List all commands
compgen -A function -abck
convert
Convert Image to 8 bit grey with threshold for white.
for tif in *.tif; do convert -depth 8 -white-threshold 70% ${tif} ${tif%%.*}.png;done
Resize image
convert -resize 25% -gamma 1.5 2011-08-03_11-09-43.jpg 2011-08-03_11-09-43_new.jpg
Multipage pdf.
convert -adjoin -page A4 -compress jpeg Infineon1.tif Infineon2.tif Infineon.pdf
Prepare photos for printing.
convert -rotate 90 -gamma 1.5 -resize 25% -compress jpeg -quality 80 -adjoin -page A4 * print.pdf
Resize change aspect.
convert Slide1.PNG -resize 1920x1080\! slide01.png
animated gif
convert -delay 100 -loop 0 *.jpg animation.gif
Create multipage pdf of photos.
convert -resize 25% -adjoin -page A4 -rotate 90 -compress jpeg *.jpg test.pdf ; pdfjam test.pdf --no-landscape --frame true --nup 2x2 --suffix 4up --outfile /temp/photos/Alva/test_2x2.pdf
For vertical stacking (top to bottom):
convert -append 1.jpg 2.jpg out.jpg
For horizontal stacking (left to right):
convert +append 1.jpg 2.jpg out.jpg
Remove transparancy
convert image.png -background white -flatten image.jpg
cpio
Copy wanted partitions.
#!/bin/bash ssh root@192.168.2.148 "(cd /boot/ ; find ./ -xdev -depth -print0 | cpio -o -0Hnewc )" | (cd /mnt/sysimage/boot ; cpio -idvuma ) ssh root@192.168.2.148 "(cd / ; find ./ -xdev -depth -print0 | cpio -o -0Hnewc)" | (cd /mnt/sysimage ; cpio -idvuma ) # -o copy out mode. # -0 terminated by null character. # -Hnewc som storing format. # -i extract copy in mode. # -d make directories. # -v verbose. # -V print dot. # -u replace all files. # -m preserve modification time. # -a preserve access time.
cpulimit
Limit application cpu usage to 25% cpu utilization. Inherit limit to spawned processes.
cpulimit -i -l 25 /apps
crontab/cron
crontab.
* * * * * command to be executed - - - - - | | | | | | | | | +----- day of week (0 - 6) (Sunday=0) | | | +------- month (1 - 12) | | +--------- day of month (1 - 31) | +----------- hour (0 - 23) +------------- min (0 - 59) 0 Sunday 1 Monday 2 Tuesday 3 Wednesday 4 Thursday 5 Friday 6 Saturday @reboot "run command at reboot" If you need % in crontab escape it. \%
Run command every 10 minutes.
*/10 * * * * command
Run command at 12:00 and 24:00 hours.
00 0,12 * * * command
Run command between 8-17 every 2 hours.
0 8-17/2 * * * /path/command 0 8,10,12,14,16 * * * /path/command
Start program under crontab.
#!/bin/bash COMMAND="screen -L -d -m ping www.dn.se" if [ "$(ps -ef | grep -i ping | grep -v grep)" ] then echo "\"${COMMAND}\" already running." else echo "Starting \"${COMMAND}\"." cd /tmp ${COMMAND} fi
cut
Cuf everything from field 5.
cut -f5- -d ' '
curl
Get http return code.
curl --connect-timeout 3 --max-time 9 -ksL -w '%{http_code}\n' 'http://www.dn.se' -o /dev/null
get external ip. what is my ip
curl ifconfig.me
curl ifconfig.me/all
Alternative address for domain.
curl -sk --resolve www.halfface.se:80:127.0.0.1 http://www.halfface.se
Get header / mime type
curl -I http://url.se
post file
curl -X POST -d @myfilename http://user:pass@myhost/hudson/job/_jobName_/postBuildResult
cookie format. tab delimited.
domain - The domain that created AND that can read the variable. .halfface.se flag - A TRUE/FALSE value indicating if all machines within a given domain can access the variable. This value is set automatically by the browser, depending on the value you set for domain. path - The path within the domain that the variable is valid for. secure - A TRUE/FALSE value indicating if a secure connection with the domain is needed to access the variable. expiration - The UNIX time that the variable will expire on. UNIX time is defined as the number of seconds since Jan 1, 1970 0:00:00 GMT. name - The name of the variable. value - The value of the variable.
add certificate authority to openssl
Redhat based os:es this file gets updated. /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt
cp /tmp/ca.crt /etc/pki/ca-trust/source/anchors/ update-ca-trust
Debian based
cp /tmp/ca.crt /usr/share/ca-certificates/extra update-ca-certificates
curl ipv6
curl -6 -g "http://[::1]:80/" curl -g "http://[2001:9b1:402d:0:ffff:f038:ec3e:b5d4]/"
proxy
curl --proxy http://proxy.se:3128 -sk "http://mirrorlist.centos.org"
qr code
curl qrenco.de/ostechnix
date
Get date in requested format.
date '+%Y-%m-%d %H:%M' date +%Y-%m-%d-%H%M date "+%F_%T" # 2017-01-16_19:41:41
date 033121422003.55
Mon Mar 31 21:42:55 PST 2003 date MMDDhhmmCCYY.ss
Whats the date in 1000 years. Or any other increment.
date --date="+1000 years" +%C%y-%m-%d date --date="-2 hour" +%C%y-%m-%d\ %H:%M TZ=CEST date --date="-2 hour" +%C%y-%m-%d\ %H:%M
What is the time in other timezone given in unixtime/epoch.
TZ=GMT date -d '@1345064585' Wed Aug 15 21:03:05 GMT 2012
Unix time.
date +%s
Unix to normal
date -d @1234567890
scew clock by a second.
DATE_OFF=$(date --date="-5 second" +%C%y-%m-%d\ %H:%M:%S\ %Z) ; date --set="${DATE_OFF}"
Set clock
date '+%Y-%m-%d %T %Z' -s "2008-11-28 08:08:08 UTC"
dateseq
Create date sequense.
dateseq 2017-04-01 2017-04-05
db2
Empty catalog remove node
for DB2 in $(db2 list node directory | grep "Node name" | awk '{print $4}') ; do db2 uncatalog node $DB2;done
Empty catalog remove db
for DB2 in $(db2 list db directory | grep "Database name" | awk '{print $4}') ; do db2 uncatalog db $DB2;done
- Load db2 environment.
. /home/db2/sqllib/db2profile
- Connect to database.
db2 connect to ${database_name} user ${user} using ${password}
- Test query.
SELECT service_level, fixpack_num, bld_level FROM TABLE (sysproc.env_get_inst_info()) as A;
- System Database Directory
db2 list db directory
- Node Directory
db2 list node directory
- setup directory
db2 "catalog tcpip node db2datan remote 1.2.3.4 server 5000" db2 "catalog db db2datadb as db2datadb at node db2datan"
- Drop connection.
db2 terminate
dbus-monitor
dbus-monitor # Monitor activity on the dbus to see what system and sessions are doing.
dd
output your microphone to a remote computer's speaker
dd if=/dev/dsp | ssh -c arcfour -C username@host dd of=/dev/dsp
Add 2GB to disk image.
dd if=/dev/zero of=/system_image.img bs=1M oflag=append conv=notrunc count=2000
dd with progress bar.
dd if=kali.iso of=/dev/sdc status=progress pv -ptre /install/backup/machine/raspberry/ipcenter_view.img | sudo dd of=/dev/mmcblk0 bs=1M
dd to position on disk
dd of=/dev/disk1 if=/dev/urandom obs=500000 seek=1 bs=1MB count=1 conv=notrunc
consume 100GB ram
mount -o remount,size=300G /dev/shm dd if=/dev/zero of=/dev/shm/$(date '+%Y-%m-%d_%H-%M-%S') bs=1073741824 count=100 status=progress
debugfs
ctime: Shows file change time. atime: Shows file access time. mtime: Shows file modification time. crtime: Shows file creation time. Birth.
Example
debugfs -R 'stat /etc/exports.bkp-2021-11-17_10-07-46' /dev/mapper/vg_rbnetstorage0-lv_root debugfs 1.41.12 (17-May-2010) Inode: 924905 Type: regular Mode: 0644 Flags: 0x80000 Generation: 2068409071 Version: 0x00000000:00000001 User: 0 Group: 0 Size: 4775 File ACL: 0 Directory ACL: 0 Links: 1 Blockcount: 16 Fragment: Address: 0 Number: 0 Size: 0 ctime: 0x6194c662:deae4368 -- Wed Nov 17 10:07:46 2021 atime: 0x6193bd7f:c4faf658 -- Tue Nov 16 15:17:35 2021 mtime: 0x61925419:34c06f18 -- Mon Nov 15 13:35:37 2021 crtime: 0x6194c662:deae4368 -- Wed Nov 17 10:07:46 2021 Size of extra inode fields: 28 Extended attributes stored in inode body: selinux = "unconfined_u:object_r:etc_t:s0\000" (31) EXTENTS: (0-1): 3718194-3718195
df
df output one per line. Without header.
df -Plk / /apps | tail -n+2
dhclient
[root@wall sysconfig]# cat /etc/dhclient.conf
interface "eth0" { prepend domain-name-servers 127.0.0.1; supersede domain-name "bltprojektering.se"; }
dialog
Create dialog in terminal. Example a progressbar.
for i in {0..100} ; do echo $i | dialog --gauge "Please wait" 7 70 1 ; sleep .1 ; done
diff
sdiff <(echo -e 'hej\nda\nvi\nses\ni\nmorgon') <(echo -e 'hej\ndå\nvi\nSES\ni\nmorgon')
Only show files that differ.
-q --brief
dig
- Get all dns information about host.
dig any www.halfface.se
- Trace dns lookups from root dns. Use 8.8.8.8 for lookups.
dig +trace @8.8.8.8 www.halfface.se
- Recursive lookup.
dig -tAXFR halfface.se
- backward resolve
dig -x 89.253.75.84
- get ttl
dig +nocmd +multiline +noall +answer any halfface.se
- Get external ip.
dig +short myip.opendns.com @resolver1.opendns.com
digitemp
digitemp_DS9097 -c /etc/.digitemprc -t0
disk
disk usage
baobab
foremost
recover deleted files.
disown
Disconnect process(pid) so that is survives a logout.
disown %2
display
Change resolution
xrandr --output LVDS --mode 1280x800 xrandr --output default --mode 1280x1024
Query graphics card capabilities.
xrandr -q
Change dpi
xrandr --dpi 138/eDP1
du
du -amx / | sort -n | tail -5
duplicity
Encrypted backups over rsync
dmesg
dmesg with iso time format
dmesg --ctime --time-format iso
dmidecode
List memory banks
sudo dmidecode -t 17
dnf
install skip if not exist
sudo dnf install --setopt=strict=0 $(sort -u /temp/other_machine_rpm)
update system
dnf -y upgrade --refresh reboot dnf -y install dnf-plugin-system-upgrade dnf -y system-upgrade download --refresh --allowerasing --releasever=35 dnf -y system-upgrade reboot # broken deps. dnf repoquery --unsatisfied # look for duplicates dnf repoquery --duplicated # which rpms do not exit in repo. dnf list extras # remove no longer used. dnf autoremove dnf remove $(rpm -qa| grep \.fc23)
auto update
# Install auto updates. dnf install dnf-automatic # Enable auto update. sed -i "s/apply_updates = no/apply_updates = yes/g;s/email_from = root@example.com/email_from = root@${HOSTNAME}/g;s/email_to = root/email_to = anden@halfface.se/g" /etc/dnf/automatic.conf # Enable timer. systemctl enable dnf-automatic.timer && systemctl start dnf-automatic.timer # Trigger timer. systemctl start dnf-automatic.timer # Check status of dnf-automatic: systemctl list-timers *dnf-*
build environment
dnf group install "C Development Tools and Libraries"
dnsmasq
cat /etc/dnsmasq.d/shish.conf
listen-address=127.0.0.1 bind-interfaces server=/redbridge.se/185.53.164.25 server=/int.redbridge.se/172.30.32.100 server=/mic.redbridge.se/172.30.32.100 server=/mgmt.rbcloud.net/172.30.32.100 server=10.111.222.2
dvgrab
Capture dv material
dvgrab -f dv2 -i -showstatus -s 0 -timestamp California-2
e2fsck
Scan for bad blocks.
e2fsck -ycv /dev/VolGroup00/LogVol00
edid/ddc
startx -- -logverbose 5. The EDID information turns up in /var/log/Xorg.0.log.
enca
detect and convert encoding of text files. (codepage utf)
enca -L none /temp/locale2
etckeeper
Keep your /etc/ directory under git revision control.
What has happened.
git log -p /etc/resolv.conf
Wipe /etc/.git
etckeeper uninit etckeeper init
ethtool
show-features
ethtool -k generic-segmentation-offload = gso tcp-segmentation-offload = tso
exiftool
Change meta data for files, exif, jpg, mp3... Get info from file.
exiftool $file.mp4
gps format
41°24'12.2"N 2°10'26.5"E
gps format known to maps.google.com
exiftool -c "%.6f" 2022-03-06_10-39-40.mp4 | grep -i gps
exportfs
Install server
dnf install nfs-utils
Start nfs server
systemctl start nfs-server
Reexport everything.
exportfs -avr
Example export.
*(rw,no_root_squash,async,insecure) rw rewritable no_root_squash Allow root on remote machine same permissions as local root async insecure NFS version 2 and 3 servers only provide (insecure) host-based authentication: Hosts are allowed/denied based on hostnames and/or IP addresses. Authorization of users is controlled on the clients using the permissions of the files based on user/group IDs. allows clients with NFS implementations that don't use a reserved port for NFS
fdupes
Find duplicate files.
fdupes -r /home
ffmpeg
ffmpeg
ffmpeg -y -deinterlace -aspect 16:9 -author "Andreas Bjorklund" -title "Tanzania" -year 2007 -i Tanzania.m2t -acodec mp3 -vcodec mpeg4 -b 3000k -s 720x540 test.avi
Create swf/flv from mpeg2 stream
ffmpeg -deinterlace -i VTS_01_1.VOB -ab 56 -ar 22050 -b 500000 -r 15 -s 360x288 sisyfos.swf
Create horse movie.
ffmpeg -deinterlace -i /temp/VTS_01_1.VOB -ab 100 -ar 22050 -b 1200000 -r 25 -s 360x288 3horses.swf
Cut video from command prompt.
ffmpeg -i video.avi -vcodec copy -acodec copy -ss 00:00:00 -t 00:00:04 trimmed_video.avi
Record desktop.
ffmpeg -f alsa -ac 2 -i pulse -f x11grab -r 5 -s 1920x1080 -i :0.0 -acodec pcm_s16le -vcodec libx264 -threads 0 -y output.mkv ffmpeg -f x11grab -s $(xrandr | grep \*+|awk '{print $1}') -r 25 -i :0.0 -sameq /tmp/out.mpg
Change container.
ffmpeg -i film.mov -vcodec copy -acodec copy film.mp4
Transcode to h264 aac
ffmpeg -i original.avi -vcodec libx264 -acodec aac -strict experimental new_file.mp4
Transcode mp3 to ogg vorbis
for file in *.mp3; do ffmpeg -i "${file}" -acodec libvorbis "${file/%mp3/ogg}";done
Take photo
ffmpeg -f video4linux2 -s 1280x720 -i /dev/video0 -f image2 snapshot.jpg
Take a photo from a video steam every 10 seconds.
ffmpeg -i video.mp4 -r 0.1 -f image2 %03dandreas.jpg
Take a photo every 1 put it in a file.
ffmpeg -y -i http://balcony.halfface.se:8080 -r 1 -f image2 -update 1 stream_image.jpg -probesize 5e+07
Rotate 180 degrees.
ffmpeg -i input.mp4 -filter:v "transpose=1,transpose=1" output.mp4
Change rotation without transcoding.
ffmpeg -i IMG_0703.MOV -metadata:s:v rotate="" -codec copy rotate_IMG_0703.MOV
Concaternate videos.
ffmpeg -f concat -safe 0 -i mylist.txt -c copy output
find
Find exluding directory.
find . -wholename '/var/' -prune -o -ls
Find in only files.
find /opt/ongame/ -type f -exec grep --color=always -r '10\.7\.' /dev/null {} \;
Find text file in directoy execpt directory. Grep for text in that file and show it with colours in less.
find /opt/ongame/ -wholename '/opt/ongame/napsjb/server/naps/tmp' -prune -o -type f -exec grep --color=always -r '/fraud' /dev/null {} \; | less -SR
Find excluding several directories.
find / -type d \( -path /proc -o -path /dev -o -path /net \) -prune -o -gid 1002 -exec chgrp -h 1001 {} \;
Find excluding svn.
find . -path '*/.svn' -prune -o -type f -print
Searches for files modified up to 4 days ago.
find ./ -type f -mtime -4
Searches for files modified between certain dates. Here for files older than 30 days but younger than 60 (penultimate month).
find ./ -type f -mtime -60 ! -mtime -30 sudo find . -newermt "2014-10-19 09:30" ! -newermt "2014-10-19 09:35"
Find which dir is consuming inodes.
find /var -xdev -printf '%h\n' | sort | uniq -c | sort -k 1 -n for i in $(ls) ; do echo $(find $i | wc -l) $i ; done | sort -n
findmnt
view the mount tree
findmnt
flash
When firefox is complaining about outdated flash plugin
rm pluginreg.dat
flock
used to use cript that only used 1 time concurrently.
flock
fmt
Join lines
ifconfig -a | fmt -w 300
forward traffic
service x11 { disable = no socket_type = stream protocol = tcp wait = no user = root server = /usr/bin/nc server_args = 172.28.37.152 6000 }
free
You have 15956MB physical ram. 9033MB is used by applications. 6922MB is free.
free -m total used free shared buffers cached Mem: 15956 15755 200 0 300 6421 -/+ buffers/cache: 9033 6922 Swap: 19998 2405 17593
free new
Total memory 8076624k and 5169152 free.
total used free shared buff/cache available Mem: 8076624 2536328 1069132 284152 4471164 5169152 Swap: 7815164 2809244 5005920
Free memory usage from /proc/zoneinfo and /proc/meminfo
awk -v low=$(grep low /proc/zoneinfo | awk '{k+=$2}END{print k}') '{a[$1]=$2} END{print a["MemFree:"]+a["Active(file):"]+a["Inactive(file):"]+a["SReclaimable:"]-(12*low);}' /proc/meminfo 5168456
physical memory
Show physical memory in machine. Consider points below.
grep MemTotal /proc/meminfo
meminfo:
Provides information about distribution and utilisation of memory. This varies by architecture and compile options...
MemTotal:
Total usable ram (i.e. physical ram minus a few reserved bits and the kernel binary code)
Gives more information not really sure how.
dmesg|grep Memory:
List memory modules
dmidecode -t memory lshw -class memory
fstab
Use ram for some logfiles.
none /var/log/ tmpfs defauls,noatime,size=10% 0 0 none /tmp/ tmpfs defauls,noatime,size=10% 0 0 none /var/tmp/ tmpfs defauls,noatime,size=10% 0 0 none /var/spool/ tmpfs defauls,noatime,size=10% 0 0
fswebcam
Capture photo.
fswebcam -r 1920x1080 --jpeg 85 -D 1 --quiet --no-banner shot.jpg fswebcam -d /dev/video0 -i 0 -r 2592x1944 -p YUYV /net/10.111.222.1/storage/temp/logitech.jpg
genisoimage
genisoimage -o nuc.iso nuc
gnome-font-viewer
view fonts
gnome-font-viewer /file.woff2
gpg
Simple encryption decryption with gnupg.
gpg -c --force-mdc /temp/shadow echo "$(gpg -qd /temp/shadow.gpg)"
create keys
gpg --full-generate-key
list secret keys
gpg --list-secret-keys --keyid-format LONG
list public keys
gpg --list-public-keys --keyid-format LONG
export public key
gpg --armor --export 3AA5C34371567BD2
export private key
gpg --armor --export-secret-keys 3AA5C34371567BD2
export secret subkey
gpg --armor --export-secret-subkeys 3AA5C34371567BD2
import keys
gpg --import pub.key gpg --import sec.key gpg --import sub.key
add trust to private key
gpg --edit-key 6252FC9A029A2669 trust quit # 5 y
edit gpg key
gpg --edit-key 6252FC9A029A2669
send gpg key
gpg --send-key 6252FC9A029A2669
delete public key
gpg --delete-key "User Name"
change trust level on all keys
gpg --list-keys --fingerprint |grep pub -A 1|egrep -Ev "pub|--"|tr -d ' ' | awk 'BEGIN { FS = "\n" } ; { print $1":6:" } ' | gpg --import-ownertrust
get info about gpg encrypted file
gpg --list-packets crypto-text.pgp
list keys in gpg file
gpg --list-packets crypto-text.pgp # | grep keyid
get public key from command above
gpg --recv-keys 754817487F42735A
encrypt file
gpg --encrypt --recipient user1@inter.net --recipient user2@inter.net --recipient user3@inter.net file.txt
decrypt gpg file
gpg --decrypt vpn-0ea602e33ab9c49fd.txt.gpg
who has encrypted file
gpg --pinentry-mode cancel --list-packets file.gpg
remove expired public keys
for i in $(gpg --list-public-keys --keyid-format LONG 2>&1 | grep -A1 -B1 expired | grep -Ev '^$|^pub|^uid') ; do gpg --delete-key $i ; done
gphoto2
Capture photo from the command line linux.
gphoto2 --camera='Canon EOS 40D (PTP mode)' --port=usb: --capture-image-and-download
graphviz
Create graph.
dot -Tps /flow -o /tmp/flow.ps
grep
Colorize grep output.
grep --color=always -r '10\.7\.' /opt/ongame/
Show non comment lines ending with a blank.
find . -name '*.properties' -exec grep --color=always -E '^[^#].*\ $' {} \; | less -SR
grep ipaddress from message file.
sudo grep DHCP /var/log/messages | grep -oir --color=always '192\.168\.[0-9]*\.[0-9]*' | sort -u grep -E '([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))'
grep ipaddress from file
grep -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'
grep for tab
grep 10.199.2.1$'\t' /etc/hosts
grep from word containing regex space separated.
grep -oE '\S*regex\S*' /file
When grep start to complain about file being binary run the following command to define where.
grep -Pa '\x00' /temp/file_name
Remove binary part of file.
sed -i 's/\x00//g' /temp/file_name
Grep email addresses.
grep -E -o "\b[a-zA-Z0-9.-]+@[a-zA-Z0-9.-]+\.[a-zA-Z0-9.-]+\b" filename.txt
Grep for exact string like \
grep -F \\ blabla.json
gsettings
Emulate 3 button mouse
gsettings set org.gnome.settings-daemon.peripherals.mouse middle-button-enabled true
Blinking cursor disable
gsettings set org.gnome.Terminal.Legacy.Profile:/org/gnome/terminal/legacy/profiles:/:$(gsettings get org.gnome.Terminal.ProfilesList default|tr -d \')/ cursor-blink-mode off
List settings
gsettings list-recursively
gsync
Install gsync
git clone https://github.com/iwonbigbro/gsync.git cd gsync/ sudo python setup.py install
Download data.
gsync -u -r -t -v --progress --delete -l -s drive://motion/ /temp/motion2/
gzip
Compress a stream.
find . | gzip -9 > /tmp/file_list.gz
gscan2pdf
Scan and ocr pdf dokuments
Handbrake
Compress dvd
- Rip dvd.
sudo vobcopy -o /storage/temp/ -v -x -l
- compress video.
HandBrakeCLI -e x264 -Z Normal -i source.vob -o destination.mkv -a 2 -r 25 -E faac -f mkv -d -S 600 --crop 0:0:0:0
- Create film for android.
HandBrakeCLI -i 01.Alla.Vi.Barn.I.Bullerbyn.1986.SWEDiSH.vob -o 01.Alla.Vi.Barn.I.Bullerbyn.1986.SWEDiSH.mp4 -x level=30:bframes=0:cabac=0:ref=1:vbv-maxrate=1500:vbv-bufsize=2000:analyse=all:me=umh:no-fast-pskip=1 -e x264 --vb 300 -E faac --ab 128 --maxWidth 320 -2 -T -d
- Compress.
SOURCE=/ssd/temp ; DESTINATION=/temp ; for FILM in $(cd ${SOURCE}; ls *.mov | sed 's/\.mov$//g'); do HandBrakeCLI -e x264 -q 20 -B 160 -i ${SOURCE}/${FILM}.mov -o ${DESTINATION}/${FILM}.mp4 ;done
- High profile
HandBrakeCLI -i DVD -o ~/Movies/movie.mp4 -e x264 -q 20.0 -a 1 -E faac -B 160 -6 dpl2 -R Auto -D 0.0 -f mp4 --strict-anamorphic -m -x ref=2:bframes=2:subme=6:mixed-refs=0:weightb=0:8x8dct=0:trellis=0
hostnamectl
hostnamectl set-hostname rocky_8_1
htmldoc
Convert html document to pdf
htmldoc --webpage -f php_html_doc.pdf /home/andreasbj/php_manual_en.html 2>/tmp/htmldoc
hunspell
hunspell -d sv_SE swedish.txt
hydra
Password checking.
hydra -l root -P /etc/passwdknown -t 5 192.168.29.62 ssh2
ifconfig
Configure network.
ifconfig eth0 192.168.0.1 netmask 255.255.255.0 up
ip address alias
ifconfig eth0:0 192.168.1.2 netmask 255.255.255.0
Network configuration Full config.
echo -e "options timeout:1 attempts:1 domain halfface.se nameserver 84.246.88.10 nameserver 84.246.88.20" > /etc/resolv.conf ifconfig eth0 89.253.75.84 netmask 255.255.255.224 up route add default gw 89.253.75.65 eth0
Vip on loopback /etc/sysconfig/network-scripts/ifcfg-lo:ipdbm
DEVICE=lo:ipdbm IPADDR=192.168.122.2 NETMASK=255.255.255.255 NETWORK=192.168.122.0 ONBOOT=yes
Setting up multiple addresses. ifcfg-eth0-range0
TYPE=Ethernet IPADDR_START=192.168.122.3 IPADDR_END=192.168.122.15
ifcfg-eth0
DEVICE=eth0 BOOTPROTO=static ONBOOT=yes TYPE=Ethernet IPADDR=10.111.222.2 NETMASK=255.255.255.0 GATEWAY=10.111.222.1 DNS1=10.111.222.253 DNS2=10.111.222.254 DOMAIN="halfface.se subdomain.halfface.se"
ilo
log in to ilo
env -u LANG ssh -v Ongame@10.1.1.94
restart ilo
reset map1
start system
start system1
install
Crete directory
install -d --mode=755 --owner=user --group=group /apps/IP/IPim/var/log
Create empty file
install -o 0664 -o user -g group /dev/null ${ALFRESCO_DIR}/logs/catalina.out
inotifywathc
Se what access /dev/random
inotifywatch -v -t 60 /dev/random
inxi
inventory report.
inxi -Frmxx
iostat
iostat -xtc 5 -x extended statistics. -t print time for each report. -c display the cpu utalization report. -y Omit first report with statistics since the system boot
iostat -xty 5 1 dm-3
Linux 2.6.32-573.7.1.el6.x86_64 (rb-netstorage02.int.redbridge.se) 12/30/2021 _x86_64_ (12 CPU) 12/30/2021 11:47:42 AM avg-cpu: %user %nice %system %iowait %steal %idle 0.12 0.00 2.01 4.23 0.00 93.65 Device: rrqm/s wrqm/s r/s w/s rsec/s wsec/s avgrq-sz avgqu-sz await svctm %util dm-3 0.00 0.00 5806.20 0.00 1485056.00 0.00 255.77 1.54 0.27 0.17 97.44
# Explained. rrqm/s The number of read requests merged per second that were queued to the device. wrqm/s The number of write requests merged per second that were queued to the device. r/s The number of read requests that were issued to the device per second. w/s The number of write requests that were issued to the device per second. rsec/s The number of sectors read from the device per second. wsec/s The number of sectors written to the device per second. avgrq-sz The average size (in sectors) of the requests that were issued to the device. avgqu-sz The average queue length of the requests that were issued to the device. await The average time (in milliseconds) for I/O requests issued to the device to be served. This includes the time spent by the requests in queue and the time spent servicing them. svctm The average service time (in milliseconds) for I/O requests that were issued to the device. Warning! Do not trust this field any more. This field will be removed in a future sysstat version. %util Percentage of elapsed time during which I/O requests were issued to the device (bandwidth utilization for the device). Device saturation occurs when this value is close to 100%.
ip
Add vlan 23
ip link add link eno1 name eno1.23 type vlan id 23
View vlan protocol
ip -d link show eno1.23
Configure vlan
ip addr add 10.151.23.101/24 brd 10.151.23.255 dev eno1.23 ip link set dev eno1.23 up
create default route
ip route add default via 192.168.1.254
show routing
ip route show
more info
ip route show table all
Add static route
ip route add 10.10.20.0/24 via 192.168.50.100 dev eth0
Remove static route.
ip route del 10.10.20.0/24
which outgoing interfaces are available.
ip r l| awk '/src/{print $9}'
Which route is used for ip.
ip route get 192.168.122.252
route subnet over interface.
sudo ip route add 145.251.242.0/24 dev tun0
Show ipaddress on interface tun0
ip address show tun0
vlan tag interface.
ip link add link eth0 name eth0.8 type vlan id 8
set ip on interface.
ip addr add 192.168.50.5 dev eth1
set secondary ip on interface
ip addr add 192.168.1.2/24 dev eth0
remove ip address.
ip addr del 192.168.50.5/24 dev eth1
enable interface
ip link set eth1 up
disable interface
ip link set eth1 down
list arp entries.
ip neigh show
local routing table
ip route list table local
rule base routing. List rules
ip rule show
show multicast networks
ip maddr show
Disable traffic to an ipaddress.
ip route add blackhole 10.151.19.151
ipcalc
ipcalc -n 192.121.85.96/27 -m
iperf
start server on client A.
iperf -s
start measure from the other host. Limit bandwidth to 10k.
iperf -c 10.20.30.40 --bandwidth 10K
Multicast test.
On the listener side: # iperf -s -u -B 224.1.1.1 -i 1 On sender % iperf -c 224.1.1.1 -u -T 32 -t 3 -i 1
ipmitool
What is the power consumtion of dell server.
ipmitool -I lanplus -H 127.0.0.1 -U root -P calvin delloem powermonitor
iptables
Show iptables OUTPUT, PREROUTING and POSTROUTING
iptables --table nat --list --exact --verbose --numeric --line-number
Show config
iptables -L -t nat -n
Dnat to localhost.
iptables -t nat -I PREROUTING --source 131.115.115.53 -p tcp --dport 22 -j REDIRECT --to-ports 222 iptables -t nat -I OUTPUT --source 131.115.115.53 --destination 127.0.0.1 -p tcp --dport 22 -j REDIRECT --to-ports 222
Flush all rules.
iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT
Block
iptables -A OUTPUT -p tcp -d 131.115.248.82 --dport 8080 -j DROP iptables -A OUTPUT -p tcp -d 131.115.248.82 --dport 8080 -j REJECT
Block outgoing mail
iptables -A OUTPUT -p tcp --dport 25 -o $INTERFACE -j REJECT
Block all traffic except ssh in/out log to syslog.
iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP iptables -A INPUT -m tcp -p tcp --dport 22 -j ACCEPT iptables -A INPUT -m tcp -p tcp --sport 22 -j ACCEPT iptables -A INPUT -m state --state NEW -m tcp -p tcp -j LOG --log-level info --log-prefix "dropped-in" iptables -A OUTPUT -m tcp -p tcp --dport 22 -j ACCEPT iptables -A OUTPUT -m tcp -p tcp --sport 22 -j ACCEPT iptables -A OUTPUT -m state --state NEW -m tcp -p tcp -j LOG --log-level info --log-prefix "dropped-out"
Block traffic on certain port.
iptables -A INPUT -p tcp --dport 7009 -j REJECT
Fake source
iptables -t nat -A POSTROUTING -d "${DST}" -p udp --dport 162 -j SNAT --to "${SRC}" &>/dev/null # Remove the current rules iptables -t nat -D POSTROUTING -d "${DST}" -p udp --dport 162 -j SNAT --to "${SRC}"
redirect ip
Send traffic destined for one ip and port to another ip and port.
iptables -t nat -A OUTPUT -p tcp -d 146.213.6.7 --dport 1023 -j DNAT --to-destination 10.199.150.111:1023 iptables -t nat -A OUTPUT -p icmp -d 146.213.6.7 -j DNAT --to-destination 10.199.150.111
allow trafic from subnet
iptables -A INPUT -s 172.16.27.0/24 -j ACCEPT
allow ssh from all
iptables -A INPUT -p tcp -dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -p tcp -dport 22 -m conntrack --ctstate ESTABLISHED -j ACCEPT
or
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A OUTPUT -p tcp -m tcp --dport 22 -j ACCEPT
find which rule is blocking by removing one at a time. Better way is to enable logging
iptables -L -n --line-numbers iptables -D <line-number>
List rules from OUTPUT chain with line number
iptables -t filter -L OUTPUT --line-numbers -n
Add rule to specific row number
iptables -I OUTPUT $ROW_NUMBER -d 54.72.175.186/32 -p tcp -m tcp --dport 443 -j ACCEPT
irc
Close private messages
/window close
Close public messages
/window close
Close a query
/q
jmtpfs
Mount disk
jmtpfs /mnt/mtp
Umount disk
fusermount -u /mnt/mtp
john
Test performance
john -test
Recover passwords with password list.
john -wordlist:password.lst passfile.txt
journalctl
View log from last day.
journalctl --since yesterday
List all units.
systemctl list-unit-files
Current disk usage.
journalctl --disk-usage
Show only certain error level. (err crit)
journalctl -p err
List boots
journalctl --list-boots
Show events between two time stamps.
journalctl --since "2017-01-23 05:56:42" --until "2017-01-23 07:56:42"
show entries for one unit.
journalctl -u openvpn-server@server journalctl -u sshd -f
iptables logs
journalctl -k -f | grep -i iptables
persistent logging
Enable persistent logging in systemd-journald. grep journal /usr/lib/tmpfiles.d/systemd.conf. Install syslog instead.
mkdir /var/log/journal chmod 2755 /var/log/journal chown root:systemd-journal /var/log/journal killall -USR1 systemd-journald
jpegtran
# to lossless cut a file. jpegtran -crop 700x400+2150+1500 2012-05-19_20-39-35.jpg > /photos/Sweden/2012/2012-05-19/2012-05-19_20-39-35.jpg # Rotate counter clockwise. jpegtran -copy all -rotate 270 2012-08-18_15-06-43.jpg > 2012-08-18_15-06-43_270.jpg
jq
how many stores are actually in there:
$ cat file.json | jq 'length' 1134
retrieves the “name” field of each element of the input array.
cat file.json | jq '.[] | .name' "Graz" "Baden" "Zürich" ...
Give us first store.
jq '.[0]'
Select specific fields
jq '.[] | {eta: .eta, ticketID: .ticketID}'
Select specific files shortended.
jq '.[] | {eta, ticketID}'
url encode a string.
jq -sRr @uri <<< "${IPRADAR_SERVICE}" | sed 's/%0A$//g'
Pick extra_vars under results in raw format.
jq -r '.results[]|.extra_vars'
Select array name based on content.
jq -r '.[]|select(.name=="the name you want to print")'==
Display keys
jq 'keys'
Select specific key
jq -r '. | {all}'
kdump
Change action to dump memory.
/etc/kdump.conf
Reload config.
systemctl restart kdump
keyboard
keymaps dumpkeys loadkeys sv-latin1 loadkeys us setxkbmap en setxkbmap -layout se -variant nodeadkeys
reset corrupt keyboard after using vmware.
setxkbmap
kill
suspend/resume a jobb.
# kill -STOP PID # kill -CONT PID
kpartx
# Create device files from disk image. sudo kpartx -av disk_image.raw add map loop0p1 (252:2): 0 3082240 linear /dev/loop0 2048 add map loop0p2 (252:3): 0 17887232 linear /dev/loop0 3084288 # Mount device files. sudo mount /dev/mapper/loop0p2 /mnt #Unmount what you mounted and remove the device mapping: sudo umount /mnt sudo kpartx -d disk_image.raw
lastb
Show failed ssh logins.
lastb
less
Toggle line wrap
- -> S
tail with less. CTRL + c = scroll around. SHIFT + f = to tail again.
less +F -B /tmp/tmp
lftp
lftp -u user,password $ftp_server
ln
Create link even if it exists.
ln -sfT /destination link
locale
To show 24 hour format.
LC_ALL=C
localectl
Change keyboard.
localectl list-keymaps localectl set-keymap se-nodeadkeys localectl set-x11-keymap se-nodeadkeys
lock
locking keyboard under linux.
lock-keyboard-for-baby
logging
bash create log.
#!/bin/bash exec > /logfile
alternative
exec 2>/tmp/log
Read logs on system.
tail -f $(lsof | grep log$ |awk '{ print $NF }' | sort -u |xargs)
logrotate
Test dry run logrotate file. -d=debug -f=force
logrotate -d -f /etc/logrotate.conf
Force logrotate in verbose mode.
logrotate -v -f /etc/logrotate.conf
Create logrotate config entry.
# Configure log rotation. cat << EOF > /etc/logrotate.d/ipmonperfj_cleanupdaemon /apps/IPsoft/IPmonPerfJ/logs/cleanupdaemon.log { copytruncate size 100M rotate 60 compress missingok olddir old } EOF
Disable logrotate. Look for file extension to ignore.
man logrotate.conf, you can read find tabooext Ex. mv /etc/logrotate.d/mysql{,.rpmsave}
losetup
Create loopback devices for partitions in image
losetup -P /dev/loop2 harddrive.img
ls
ls -la --time-style="+%Y-%m-%d %H:%M:%S" *.3gp
List processes in epoch date
( cd /proc; ls -rtd --full-time --time-style=+%s [0123456789]*; )
lshw
List memory modules
lshw -C memory
Is cpu 32 or 64bit.
lshw -class processor
lsof
List recurivly all process that have a path open.
lsof +D /apps/
which ports has a process opened?
lsof -Pan -p 13354 -i
which process listen to port
lsof -i :443
command line mail with changed from
echo message | mail -s Subject -r from@inter.net reciever@inter.net
command line mail with changed from with attachment
echo message | mail -s Subject -r from@inter.net -a /attach.ment reciever@inter.net
man
man correct caracters.
LANG=C man passwd
man clean for output to file.
man [manual] | col -b > file.txt
mbr
backup mbr.
# dd if=/dev/sdX of=/temp/sdx-mbr bs=512 count=1
restore mbr
# dd if=/temp/sdx-mbr of=/dev/sdX bs=446 count=1
mdadm
Add disk that was lost
mdadm /dev/md125 -a /dev/vda1
minimodem
Transmit file via audio.
minimodem -t 200
Recieve file via audio
minimodem -r 200
mkfs
Create fat32 file system.
mkfs.vfat -F 32 /dev/sdc1
mogrify
Resize, crop... a file. Removes original.
mogrify -resize 800 *.jpg
mount
Mount a temporary ram partit
mount -t tmpfs tmpfs /mnt -o size=1024
Mount a cift filesystem and change ower on mountpoint.
mount.cifs -o credentials=/home/user/cifs.credentials,gid=1004,uid=1004 //server/c$ /mnt/cifs
Disallow normal user to ps. If not belonging to gid 1001.
- /etc/fstab
proc /proc proc defaults,hidepid=2,gid=1001 0 0
movgrab
List available formats
movgrab -T http://youtu.be/ucivXRBrP_0
Get version listed.
movgrab -f mp4:1920x1080 http://www.youtube.com/v/ucivXRBrP_0
mplayer
mplayer in ascii mode.
mplayer -monitoraspect 4:3 -vo aa LinaFreestyler.avi mplayer -vo aa -monitorpixelaspect 0.5 *.mp4
mplayer on second soundcard.
mplayer -ao oss:/dev/dsp *.mp3 mplayer -ao alsa:device=hw=0.0 *.mp3
Or, to specify a non-default (secondary) device either of the following commands can be used.
mplayer -ao oss:/dev/dsp1 *.mp3 mplayer -ao alsa:device=hw=1.0 *.mp3
play from v4l
mplayer -tv device=/dev/video:driver=v4l:input=1:width=640:height=480:norm=ntsc:adevice=/dev/dsp tv://1 -zoom -aspect 4:3 mplayer -fps 15 tv:// -tv driver=v4l2:width=640:height=480:device=/dev/video0play hdv material. mplayer -monitoraspect 16:9 -vf pp=lb
play dvd image.
mplayer dvd://1 -dvd-device DVD.iso
play h264 webcam
mplayer -fps 24 tv:// -tv driver=v4l2:width=1920:height=1080:device=/dev/video0:outfmt=0x34363248 -aspect 16:10 -fs
play mjpeg webcam
mplayer -fps 24 tv:// -tv driver=v4l2:outfmt=mjpeg:width=1920:height=1080:device=/dev/video0 -aspect 16:10 -fs
play mp3 in different speed keep pitch.
mplayer -speed 1.5 -af scaletempo /mp3/music.mp3 # list chapters. mplayer dvd://1 -dvd-device /dev/sr0 -identify -novideo -nosound # dump chapters. mplayer -dvd-device /dev/sr0 dvd://3 -dumpstream -dumpfile 3.vob
MP4Box
Combine mp4 files
MP4Box -add file1.mp4 -add file2.mp4 output.mp4
mpstat
top like output of system usage
mpstat 5 5
mtr
ping and traceroute combined.
mtr -rc 10 8.8.8.8
mutt
Put the followin in .muttrc to change From.
set realname="Joe User" set from="user@host" set use_from=yes
command line mail with attachment
mutt -s subject -a syslogs.tar.gz admin@domain.org < /dev/null
Change sender from command line.
export EMAIL=address@inter.net && mutt -s "Subject Test" anden@halfface.se < /dev/null echo "Test message" | mutt -s "Subject test" -e "set realname=\"Real Name\"" -e "set from=\"anden@halfface.se\"" -e "set use_from=yes" anden@halfface.se
Change envolope from
export REPLYTO=email@inter.net export EMAIL=email@inter.net echo "email@inter.net testing" | mutt -e "set envelope_from=yes" email@inter.net -a /tmp/attachment
oneliner
export EMAIL=email@inter.net;export REPLYTO="${EMAIL}";echo "email@inter.net testing" | mutt -e "set envelope_from=yes" email@inter.net -a /tmp/attachment export EMAIL=email@inter.net;export REPLYTO="${EMAIL}";echo "${EMAIL} testing on ${HOSTNAME}" | mutt -e "set envelope_from=yes" -s "${EMAIL} testing on ${HOSTNAME}" "${EMAIL}"
Dont trigger out of Out Of Office reply.
echo "email@inter.net testing" | mutt -e "unignore list-id" email@inter.net
multilog
split standard output to logfiles. In this case keep specific size. t means to prepend a TAI timestamp on each line. 10000B. 5 logfiles. tai64nlocal program simply reads stdin and replaces TAI timestamps with human-readable ones. http://blog.teksol.info/pages/daemontools/best-practices. Compress rotated logfiles.
mkdir /tmp/myapp ; ./myapp | multilog t s10000 n5 '!tai64nlocal' '!gzip' /tmp/myapp 2>&1
nc (netcat)
Check communication.
listen on port 3333.
nc -kl 3333
talk to port 3333.
nc 192.168.0.1 3333
Transfer data
Cat file, calculate size listen on port 3333.
cat backup.iso | pv -b | nc -l 3333
Receive file.
nc 192.168.0.1 3333 | pv -b > backup.iso
Setup telnet server
nc -L -l -p1234 -d -e cmd.exe
Test connection.
nc -w2 -znv 10.1.22.31 7222
tunnel
On the server, we open a listener on the TCP port 6667 which will forward data to UDP port 53 of a specified IP. If you want to do DNS forwarding like me, you can take the first nameserver's IP you will find in /etc/resolv.conf - in this example, this is 192.168.1.1. But first, we need to create a fifo. The fifo is necessary to have two-way communication between the two channels. A simple shell pipe would only communicate left process' standard output to right process' standard input.
mkfifo /tmp/fifo nc -l -p 6667 < /tmp/fifo | nc -u 192.168.1.1 53 > /tmp/fifo
Dont eat up standard output.
nc -v --send-only --recv-only localhost 22
Talk to pop3 server over ssl.
nc --ssl mail.tele2.se 995
Talk to web server
URL_SSL=halfface.se ; echo -e "HEAD / HTTP/1.1\nHost: ${URL_SSL}\n\n" | nc --ssl ${URL_SSL} 443 echo -e 'GET /users/password/new HTTP/1.1\r\nHost: localhost\r\nConnection: Close\r\n\r\n' | nc localhost 80 | head
To overcome problems with nc closing connection too fast.
(echo -en 'GET / HTTP/1.1\r\nHost: 172.30.156.15\r\nConnection: close\r\n\r\n'; sleep .1) | nc 172.30.156.15 80 | head -30 nc --no-shutdown -v 172.30.156.15 80 <<<$(echo -en 'GET / HTTP/1.1\r\nHost: 172.30.156.15\r\nConnection: close\r\n\r\n')
ncdu
disk usage. Stay in one filesystem.
ncdu -x /
net
Start service via samba.
net rpc service start ipremote -I 172.17.255.99 -U 'domain/user%password'
netstat
Look at network connections. tcp/ip4.
netstat -4anpt
Look at multicast groups
netstat -g
What does it mean?=
ESTABLISHED The socket has an established connection. SYN_SENT The socket is actively attempting to establish a connection. SYN_RECV A connection request has been received from the network. FIN_WAIT1 The socket is closed, and the connection is shutting down. FIN_WAIT2 Connection is closed, and the socket is waiting for a shutdown from the remote end. TIME_WAIT The socket is waiting after close to handle packets still in the network. CLOSE The socket is not being used. CLOSE_WAIT The remote end has shut down, waiting for the socket to close. LAST_ACK The remote end has shut down, and the socket is closed. Waiting for acknowledgement. LISTEN The socket is listening for incoming connections. Such sockets are not included in the output unless you specify the --listening (-l) or --all (-a) option. CLOSING Both sockets are shut down but we still don't have all our data sent. UNKNOWN The state of the socket is unknown.
statistics
netstat -s netstat -s | retransmit
nmap
Scan for open ssh ports.
nmap -p 22 --open -sV 10.0.0.*
- Syn scan.
nmap -P0 -sS -p1023 www.halfface.se
- Ping scan. Do not resolve.
nmap -sn -n 10.127.254.1-254
- Which chippers are allowed.
nmap --script ssl-enum-ciphers -p 465 www.halfface.se
- arp scan.
nmap -PR 192.168.0.0/24
- which kex_algorithms server_host_key_algorithms encryption_algorithms compression_algorithms
nmap --script ssh2-enum-algos -sV -p 22 ssh.server.inter.net
Which manufacturer.
nmap -sn 10.111.222.0/24
nmcli
List connections
nmcli con
manage network from cli
http://fedoraproject.org/wiki/Networking/CLI
Connect to a configured connection by name
nmcli connection up WireLess
Disconnection by name
nmcli connection down Wireless
Connect to remembered network.
nmcli con up '[-_-] halfface 5'
List available wireless networks.
nmcli device wifi list
Generate list of available wireless networks.
nmcli device wifi rescan
Creaete connection for wireless network.
nmcli device wifi connect Bredband password P4ssM0rd
List networks on specific interface.
nmcli device wifi list ifname wlp0s18f2u4
Disconnect network interface.
nmcli device disconnect wlp0s18f2u4
Manually setup interface.
nmcli con add con-name "static-ens32" ifname ens32 type ethernet ip4 xxx.xxx.120.44/24 gw4 xxx.xxx.120.1 nmcli con mod "static-ens32" ipv4.dns "xxx.xxx.120.1,8.8.8.8" nmcli con up "static-ens32" iface ens32
setup interface manually
list devices.
nmcli device status
list connections.
nmcli connection show
delete connection
nmcli con delete "Wired connection 1"
add connection with static ip.
nmcli con add con-name ens224 ifname ens224 type ethernet ip4 172.30.109.16/24
show properties for connection
nmcli dev show ens224
set dns server
nmcli connection modify enp1s0 ipv4.dns "10.111.222.2,8.8.8.8"
edit
nmcli con edit $connection print all
autostart
nmcli connection modify IFNAME connection.autoconnect yes|no
nohup
Start binary under nohup and tail log.
nohup ./run.sh & sleep 1 ; tail -1000f nohup.out
Start process and log to specified file.
nohup daemon > /path/daemon.log &
nping
nping -c 1 --tcp -p 80 www.halfface.se
ntfs-3g
mount ntfs filesystem. read and write.
yum install fuse fuse-libs ntfs-3g mount /dev/sda1 /media/c_drive -t ntfs-3g -r -o umask=0222,locale=en_US mount /dev/sda1 /media/c_drive -t ntfs-3g -rw -o umask=0000,locale=en_US fstab read and write. /dev/sda3 /media/e_drive ntfs-3g ro,defaults,umask=0222 0 0 /dev/sda1 /media/c_drive ntfs-3g rw,defaults,umask=0000 0 0
Create ntfs partition.
fdisk 7 mkfs.ntfs /dev/sdx1
numbers
series of numbers
bash: echo {1..10}
numfmt
iec=accept optional single letter suffix. No output suffix. Remove B from input.
numfmt --from=iec --to=none --suffix=B 8.7KB
nwipe (dban)
Wipe your disk
nwipe --nogui --nowait --autonuke /dev/sdb
omping
multicast ping
omping -c10 10.111.222.118 10.111.222.121
openssl
Grab the public key.
openssl s_client -connect www.halfface.se:443 </dev/null 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'
What does the ssl cert look like.
HOST=www.halfface.se ; PORT=443 ; echo | openssl s_client -connect ${HOST}:${PORT} -servername ${HOST}| openssl x509 -ext subjectAltName -noout -startdate -enddate -subject -issuer -nameopt RFC2253,sep_comma_plus_space
What does crl look like. (Certificate Revocation List)
openssl crl -inform PEM -text -noout -in crl.pem
Connect to ssl server
echo hello | openssl s_client -connect www.halfface.se:8140
Connect to ssl server -cipher NULL,LOW
echo hello | openssl s_client -connect www.halfface.se:8140
Connect with openssl v3
openssl s_client -ssl3 -connect ipmon01.dupont:443
Connect with low security cipher
echo X | openssl s_client -cipher NULL,LOW -connect www.halfface.se:8140
PEM convert to DER
openssl x509 -inform PEM -in /file.pem -outform DER file.der
p12 to cer
openssl pkcs12 -in infile.p12 -out outfile.cer -nodes
pfx to pem
Complete file.
openssl pkcs12 -in filename.pfx -out cert.pem -nodes
Get private cert. The remove password
openssl pkcs12 -in filename.pfx -nocerts -out key.pem openssl rsa -in key.pem -out server.key
Get public cert.
openssl pkcs12 -in filename.pfx -clcerts -nokeys -out cert.pem
Extract p12 password protected keys in
openssl pkcs12 -in /file.p12 -passin file:/password -nokey -nodes -out /file.nokeys
Encrypt file
openssl aes-256-cbc -a -salt -in file -out file,encoded -passin file:passfile
Decrypte file
openssl aes-256-cbc -d -a -salt -in file -out file,encoded -passin file:passfile
Install new root ca
# Change to the directory: cd /etc/pki/tls/certs # Next download the College root certificate: wget https://icca2.ic.ac.uk/certenroll/ic-root.crt # Convert the certificate to PEM format: openssl x509 -inform der -in ic-root.crt -out ic-root.pem # Create a link with the certificate hash: ln -s ic-root.pem `openssl x509 -hash -noout -in ic-root.pem`.0 # Create sha256 base64 encoded hash openssl dgst -binary -sha256 | openssl base64 # Verify root ca. openssl verify -CApath /etc/pki/tls/certs ic-inter-root.pem icrootca.cer: OK
The server certificate is the first certificate returned, and will be PEM formatted. The CA certificate is the final certificate returned, and is also PEM formatted.
openssl': echo | openssl s_client -connect www.sslsite.com:443 -showcerts
Check ca store files.
find . -name '*.pem' | while read PEM ; do echo '###' ${PEM} '###';ls -la "${PEM}" ; set -x ; curl --cacert "${PEM}" https://site.test.net/index.htm.
Verify pop3 connectivity.
openssl s_client -crlf -connect mail.tele2.se:110 -starttls pop3 USER yiming PASS foobar LIST – lists the messages available in the user’s account, returning a status message and list with each row containing a message number and the size of that message in bytes STAT – returns a status message, the number of messages in the mailbox, and the size of the mailbox in bytes RETR [message_num] – returns the message identified by the message number, which is the same as the message number shown in the LIST command output TOP [message_num] [n] – returns the top n lines of the message denoted by message number. QUIT command will end the session.
Create wildcard self signed certificate.
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout wildcard.test.internal.zone.key -out wildcard.test.internal.zone.crt Common Name (eg, your name or your server's hostname) []:*.test.internal.zone
Verify certificate chain
openssl verify -CAfile Thawte_Primary_Root_CA.pem -untrusted thawte_SSL_CA_G2.cer www.halfface.se.pem
Look at certificate chain.
openssl s_client -connect www.halfface.se:443 CONNECTED(00000003) depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 verify return:1 depth=0 CN = www.halfface.se verify return:1 --- Certificate chain 0 s:CN = www.halfface.se i:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 1 s:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 i:O = Digital Signature Trust Co., CN = DST Root CA X3 ---
Verify chain.
openssl s_client -showcerts -verify 5 -connect www.halfface.se:443 < /dev/null 2>&1
Connect to smtp server via ssl.
openssl s_client -connect www.halfface.se:25 -starttls smtp
compare two certifactes
Compare the use case for the certificate.
sdiff <(openssl x509 -in server.crt -noout -issuer -subject -enddate -purpose) <(openssl x509 -in uc_activemq.crt -noout -issuer -subject -enddate -purpose)| less
create a csr
openssl req -new -sha256 -nodes -out www.halfface.se.csr -newkey rsa:2048 -keyout www.halfface.se.key -config <( cat <<-EOF [req] default_bits = 2048 prompt = no default_md = sha256 req_extensions = req_ext distinguished_name = dn [ dn ] O=Organisation: halfface C=SE ST=Stockholm L=Stockholm CN = www.halfface.se [ req_ext ] subjectAltName = @alt_names [ alt_names ] DNS.1 = halfface.se DNS.2 = ldap.halfface.se DNS.3 = mqtt.halfface.se EOF )
csr information
openssl req -noout -text -in file.csr | grep -vE ' [0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:'
confirm that public private and csr match
# For your SSL certificate: CERT_PUBLIC=$(ls *.crt) echo $(openssl x509 -noout -modulus -in "${CERT_PUBLIC}" | openssl md5 | awk '{print $2}'),"${CERT_PUBLIC}",public cert. # For your RSA private key: CERT_PRIVATE=$(ls *.key) echo $(openssl rsa -noout -modulus -in "${CERT_PRIVATE}" | openssl md5 | awk '{print $2}'),"${CERT_PRIVATE}",private key # For your CSR: CERT_CSR=$(ls *.csr) echo $(openssl req -noout -modulus -in "${CERT_CSR}" | openssl md5 | awk '{print $2}'),"${CERT_CSR}",certificate signing request
connect with ca private and public key
openssl s_client -CAfile ca.pem -cert public.crt -key private.key -connect 10.12.118.184:1023 -tls1_2
create a ca
Create ca and certificates.
# Create folder structure. mkdir /root/ca/ mkdir /root/ca/certs/ mkdir /root/ca/crl/ mkdir /root/ca/newcerts/ mkdir /root/ca/private/ mkdir /root/ca/requests/ touch /root/ca/index.txt echo 1000 > /root/ca/serial chmod 600 /root/ca # Create private key for the CA certificate. pass phrase: $(pwgen 15) cd /root/ca/ openssl genrsa -aes256 -out private/cakey.pem 4096 # Create a public certificate for the CA. openssl req -new -x509 -key /root/ca/private/cakey.pem -out cacert.pem -days 36525
Country Name (2 letter code) [AU]:SE State or Province Name (full name) [Some-State]:Stockholm Locality Name (eg, city) []:Stockholm Organization Name (eg, company) [Internet Widgits Pty Ltd]:Company Organizational Unit Name (eg, section) []:Company Common Name (e.g. server FQDN or YOUR name) []:Certificate Authority Email Address []:anden@halfface.se
# Copy system openssl.cnf to /root/ca dir. Then change dir in config. vim openssl.cnf [ CA_default ] dir = /root/ca # Where everything is kept
Create signed certificate keypair
cd requests/ # Create csr openssl req -new -newkey rsa:2048 -nodes -keyout <client>.key -out <client>.csr -config ../openssl.cnf # Issue certificate for csr. openssl ca -in <client>.csr -out <client>.crt -config ../openssl.cnf -days 36525
talk http via openssl
openssl s_client -crlf -quiet -connect www.halfface.se:443 <<EOF GET / HTTP/2.0 Host: www.halfface.se EOF
look at cert
openssl asn1parse -in rb-ca.crt.2021-02-28
performance testing
openssl speed -evp aes-256-ecb
confirm that ca is correct
echo | openssl s_client -CAfile Sectigo_RSA_Domain_Validation_Secure_Server_CA.pem -no-CAfile -no-CApath -tls1_2 -connect 172.30.32.141:5044 2>&1 | grep Verification Verification: OK
openssl s_server
Setup server listening as http server.
openssl s_server -status_verbose -HTTP -cert uc-psql06.int.redbridge.se.crt -key uc-psql06.int.redbridge.se.key
Setup https server listening on https on port 4433 providing complete chain
openssl s_server -status_verbose -HTTP -cert halfface.se.pem -cert_chain halfface.se.intermediate.pem -key halfface.se.key -accept 4433
othername:<unsupported>
You will have to locate the "OCTET STRING" line just below the "OBJECT :X509v3 Subject Alternative Name" line then strpars
# print section offset via openssl asn1parse -in yourcert.pem # parse otherName from "OCTET STRING" <offset> is the value in the beginning of the line. openssl asn1parse -in yourcert.pem -strparse <offset>
Another way of seeing same data is through
openssl asn1parse -in /tmp/tmp -dump -strictpem
pactl
Pulse Audio cli tool. List output devices.
pactl list short sinks
Set default output device
pactl set-default-sink $i
List where applications send output.
pactl list short sink-inputs
Move application to other output device.
pactl move-sink-input $applicaiton $sink
pam
Troubleshooting pam.
/etc/syslog.conf # Get debugging data. *.debug /var/log/debug.log
Create logfile and restart *syslog.
touch /var/log/debug.log service syslog restart
Put pam in debug mode.
touch /etc/pam_debug
OR you can enable debugging only for the modules you're interested in by adding "debug" to the end of the relevant lines in /etc/pam.d/system-auth or the other /etc/pam.d/* files:
login auth required pam_unix.so debug
Debugging is found in /var/log/debug.log.
pam_tally2
Configured here.
/etc/pam.d/password-auth:auth required pam_tally2.so file=/var/log/tallylog onerr=fail per_user deny=6 no_magic_root
What is status from account?
pam_tally2 --user=user1 Login Failures Latest failure From user1 8 04/20/15 11:39:54 192.168.1.1
parallel
Run command 10 times in parallel.
seq 10 | parallel -n0 echo "Hello, World"
Run command 10 times in parallel dryrun.
seq 10 | parallel --dry-run -n0 echo "Hello, World"
Compress logfiles in parallel.
parallel gzip ::: *.log
paste
Combine to files to one in multiple column. Replace tab with spaces.
paste /tmp/check_name_nagios /tmp/filename | column -t -s $'\t'
patch
Update release area Windows.
servicepack.exe -s:z:\w2k3
pcregrep
Multiline grep
pcregrep -M 'pattern: line1\nPattern lin2' /temp/files_*
pdftotext
grab text from pdf document.
pdftotext document.pdf
pidof
which pids has a program stared. Find pid.
ping
Ping ipv6 loopback
ping6 ::1 -c1
Ping ipv6 broadcast
ping6 ff02::1%2 | cut -d\ -f4
Ping short output
ping -w1 -q -c1 -i10 localhost | grep received PING=$(ping -w1 -q -c1 -i10 google.com 2>&1) ; RTT=$( grep rtt <<<"${PING}" | awk -F/ '{print $6}') ; RECEIVED=$(grep received <<<"${PING}") ; echo $RECEIVED, rtt=${RTT}
Ping to discover mtu. 1460, 1450. When reply increase with 2. when found highest value increase with 28 to get mtu.
ping -M do -s 1472 123.45.56.78
pip
which versions of django exist
pip install pylibmc
which versions are install
pip list
which files does pip package provide.
pip show -f $package
Uppgrade package.
pip install $package --upgrade
where your own packages might end up
/usr/local/lib/python3.9 /usr/lib/python2.7/site-packages/
pgrep
Grep any processlines including 1066
pgrep -lf 1066
pmap
Look at memory usage of process.
sudo pmap 2258
postfix
remove mails in queue.
mailq | grep ^[A-F0-9] | awk '{print $1}' | postsuper -d -
list mails in queue
mailq | grep "^[A-F0-9]"
Get mails in better output to better decide what to do with mails.
mailq | grep -v -- "-Queue ID-" | sed 's/^$/\x0/g' | tr -d '\n' | sed 's/\x0/\n/g'
Remove stuck emails.
postsuper -d ALL deferred
List email
postcat -q E55692442F
Read mail
postcat -vq [message-id]
printscreen
import -window root test.png
Gnome copy graphics to paste buffer. Copy selected portion of screen.
gnome-screenshot -a
/proc
- /proc/meminfo
MemTotal — Total amount of physical RAM, in kilobytes.
MemFree — The amount of physical RAM, in kilobytes, left unused by the system.
Buffers — The amount of physical RAM, in kilobytes, used for file buffers.
Cached — The amount of physical RAM, in kilobytes, used as cache memory.
SwapCached — The amount of swap, in kilobytes, used as cache memory.
Active — The total amount of buffer or page cache memory, in kilobytes, that is in active use. This is memory that has been recently used and is usually not reclaimed for other purposes.
Inactive — The total amount of buffer or page cache memory, in kilobytes, that are free and available. This is memory that has not been recently used and can be reclaimed for other purposes.
HighTotal and HighFree — The total and free amount of memory, in kilobytes, that is not directly mapped into kernel space. The HighTotal value can vary based on the type of kernel used.
LowTotal and LowFree — The total and free amount of memory, in kilobytes, that is directly mapped into kernel space. The LowTotal value can vary based on the type of kernel used.
SwapTotal — The total amount of swap available, in kilobytes.
SwapFree — The total amount of swap free, in kilobytes.
Dirty — The total amount of memory, in kilobytes, waiting to be written back to the disk.
Writeback — The total amount of memory, in kilobytes, actively being written back to the disk.
Mapped — The total amount of memory, in kilobytes, which have been used to map devices, files, or libraries using the mmap command.
Slab — The total amount of memory, in kilobytes, used by the kernel to cache data structures for its own use.
Committed_AS — The total amount of memory, in kilobytes, estimated to complete the workload. This value represents the worst case scenario value, and also includes swap memory.
PageTables — The total amount of memory, in kilobytes, dedicated to the lowest page table level.
VMallocTotal — The total amount of memory, in kilobytes, of total allocated virtual address space.
VMallocUsed — The total amount of memory, in kilobytes, of used virtual address space.
VMallocChunk — The largest contiguous block of memory, in kilobytes, of available virtual address space.
HugePages_Total — The total number of hugepages for the system. The number is derived by dividing Hugepagesize by the megabytes set aside for hugepages specified in /proc/sys/vm/hugetlb_pool. This statistic only appears on the x86, Itanium, and AMD64 architectures.
HugePages_Free — The total number of hugepages available for the system. This statistic only appears on the x86, Itanium, and AMD64 architectures.
Hugepagesize — The size for each hugepages unit in kilobytes. By default, the value is 4096 KB on uniprocessor kernels for 32 bit architectures. For SMP, hugemem kernels, and AMD64, the default is 2048 KB. For Itanium architectures, the default is 262144 KB. This statistic only appears on the x86, Itanium, and AMD64 architectures.
ps
Process list in tree view.
ps axfww
Process sort by cpu usage.
ps auxwww --sort -%cpu | head
How long has process been running.
ps -p 1 -o etime=
Process list sorted after memory usage.
ps aux --sort=size
Process show memory usage... sort...
ps axo rss,%cpu,pid,euser,cmd | sort -nr | head -n 10 | less -ISRM
Process sort by mem usage.
ps auxwww --sort -rss | head
Processes sorted by time running.
ps aux --sort -time
Processes sorted by time started
ps -auxwww --sort=start_time
ps showing threads.
ps -efL
How long has process been running.
echo -n $(( ($(date +%s) - $( stat -c%X /proc/$(pgrep -f [a]ctivemq.jar))) / 3600 ))
ps long usernames
ps axo user:20,pid,pcpu,pmem,vsz,rss,tty,stat,start,time,comm
pstack
print a stack trace of a running process
pulseaudio
- Is pulseaudio running?
ps uxawww| grep -E pulseaudi[o]
- stop pulseaudio
pulseaudio -k
- start pulseaudio as found by ps | grep pulseaudio
/usr/bin/pulseaudio --start --log-target=syslog
putty
Always setup stay alive.
connection -> keepalive -> 60
set up tunnel
putty -load blt.homeip.net -l bjorklun -pw password -L 19242:192.168.0.42:3389 blt.homeip.net
putty without taking tty.
plink -load www.halfface.se -l user_name -pw password -R *:3389:localhost:3389 -2 -4 -N
reverse tunnel. Connect remote host 3400 to machine running putty localhost:3389.
connection -> ssh -> tunnels -> "Source Port" = 3400 -> destination = localhost:3389 -> remote.
pv
throughput in pipe. speed.
pv pv -cN
make a dd and limit througput to 20MB/s.
dd if=${HOST}.qcow2 bs=4k conv=noerror,sync | pv -L 20M | dd of=${HOST}.dd_noerror.qcow2
pwgen
Create less complicated password.
pwgen -sy 15 -r \'\"\^\(\)\`\~\;\[\]\{\}\,
qalculate
qalc > 40 euro to SEK 40 * euro = approx. SEK 417.36
readpst
output pst file in separate files in out directory
readpst -S -o out/ outlook.pst
reboot
Hard reboot mean that shutdown scripts will not run and machine reboot immediately without syncing hard disk drives, shutdown applications etc. This commands enable sysrq and after this call fast reboot. echo 1 > /proc/sys/kernel/sysrq echo b > /proc/sysrq-trigger
Force shutdown
echo 1 > /proc/sys/kernel/sysrq echo o > /proc/sysrq-trigger
rename
Recursive lowercase to uppercase
for i in $(find * -depth); do (mv $i $(echo $i | sed 's%[^/][^/]*$%%')$(echo $i | sed 's!.*/!!' | tr [:upper:] [:lower:])); done
reposync
reposync -n -c /etc/yum/yum.conf -p /repos/centos6 -d -r base -r updates -r extras -r centosplus -r contrib createrepo -g /repos/centos6/base/repodata/comps.xml /repos/centos6/base createrepo /repos/centos6/updates createrepo /repos/centos6/extras createrepo /repos/centos6/centosplus
halfface -> sync repo. -d delete what is not on remote, -n only newest version, -p store here, -r which repos to sync
reposync -d -n -p /install/system/linux/fedora/24/repo/ -r updates -r fedora -r rpmfusion-free -r rpmfusion-free-updates -r rpmfusion-nonfree -r rpmfusion-nonfree-updates
halfface -> create repository
REPODIR=/install/system/linux/fedora/24/repo ; for REPO in $(cd $REPODIR; ls) ; do echo $REPO ; createrepo_c ${REPODIR}/${REPO} ;done
reptyr
Reparent a running program to a new terminal. (move tty)
rfcomm
list usb devices
hcitool scan
What properties does the device have.
sdptool browse 00:0D:B5:30:07:79
connect bluetooth device virtual servial.
rfcomm bind /dev/rfcomm0 00:0D:B5:30:07:79 1
rkhunter
Run rkhunter full scan no keypresses needed
sudo rkhunter --checkall --skip-keypress -x
Update database
sudo rkhunter --propupd
rotatelogs
Write standard output to logfile. Rotate at 100M. Keep 3 files.
your_script.sh | rotatelogs -n3 /var/log/your.log 100M
route
The route to a network is behind 10.111.222.7
route add -net 10.111.223.0 netmask 255.255.255.0 gw 10.111.222.7
Add default route
route add default gw 192.168.122.1
Permanent route under redhat
/etc/sysconfig/static-routes any net 198.18.129.0/24 gw 10.240.175.12
/etc/sysconfig/network-scripts/route-eth1
1.2.3.4/23 via 1.2.3.1
Drop packages to ip.
route add -host 192.168.1.51 reject
Remove reject rule.
route del -host 192.168.1.51 reject
Remove route
route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0 10.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 eth0 0.0.0.0 192.168.122.1 0.0.0.0 UG 0 0 0 eth0 route del -net 10.0.0.0 gw 0.0.0.0 netmask 255.0.0.0 dev eth0
rpm
install src.rpm
rpmbuild --rebuild alien-6.51-1.src.rpm rpm -i /usr/src/redhat/RPMS/x86_64/alien-6.51-1.rpm
List contents of rpm.
rpm -qlp myfile.rpm
Extract single file from rpm.
rpm2cpio package.rpm | cpio -idv ./search_path_to_file_from_listing_above.txt
List information about non installed rpm.
rpm -qip foo.rpm
Extract contents of rpm.
rpm2cpio *.rpm | cpio -i --make-directories
Which version of rpm is installed.
/etc/rpm/macros ~/.rpmmacros
%_query_all_fmt %%{name}-%%{version}-%%{release}.%%{arch}
list architecture
rpm -qa --qf "%{n}-%{v}-%{r}.%{arch}\n"
List only name of installed rpms.
rpm -qa --qf "%{NAME}\n"
Extract rpms in subdirectories.
for RPM in $(ls *|sed 's_\.rpm$__g');do echo $RPM; mkdir $RPM; rpm2cpio $RPM.rpm | (cd $RPM && cpio -i --make-directories);done
Verify content of rpm
rpm -V package # What does those cryptic letters mean from rpm -V: S file Size differs M Mode differs (includes permissions and file type) 5 MD5 sum differs D Device major/minor number mismatch L readlink(2) path mismatch U User ownership differs G Group ownership differs T mTime differs
Reinstall rpm
rpm -iv --replacepkgs package.rpm
Dependencies of rpm
rpm -qpR ${rpm} rpm -qR ${packagename} rpm -qp mypackage.rpm --provides rpm -qp mypackage.rpm --requires
Rebuild rpm database.
\rm /var/lib/rpm/__db* rpm --rebuilddb
Update minor release.
yum --releasever=6.11 update sl-release yum clean all yum update
Downgrade rpm.
rpm -Uvh --oldpackage /tmp/app.x86_64.rpm
Which rpm:s are required by rpm. Can be used to install rpm on machine without access to yum repo.
PKG=openssh-server ; yum install --downloadonly --installroot=/tmp/$PKG-installroot --releasever=7 --downloaddir=/tmp/$PKG $PKG
CVE:s fixed by rpm
rpm -qi --changelog openssh-server | grep -i CVE
rsync
Syncronize folders. Delete non existing files on remote host. Compress.
rsync --delete -az -e ssh bjorklun@semco.homeip.net:/install/program/windows/
Syncronize files over ssh on port 2222. Show progress. Syncronize even empty directories.
rsync -Pae 'ssh -p 2222' localhost:/opt/techops/bin/ /opt/techops/bin/
rsync with total progress bar.
rsync -a --info=progress2 /dir1/ /dir2/
Run rsync in both ends but transfer data with normal user.
sudo rsync -aP /tmp/andreas/ andreasbj@localhost:/tmp/andreas2/ --rsync-path='sudo rsync'
rsync with limit of 8 MB/s.
rsync -aP --bwlimit=8000 /source/ /destination/
rsync excluding directory
rsync -r --exclude=.svn /source/ /destination/
rsync including selinux information. Preserve hard links.
rsync -aPXH /source /destination
rsync don't keep links. Copy files referenced.
rsync -rLP /source/ /destination
Record which files to sync.
rsync -r -ptgo --delete -P --size-only -n www.halfface.se:/mp3/ /mp3/ -n | tee /temp/mp3_$(date +%Y-%m-%d)_diff.txt
Rsync new files.
rsync -RDa0P --files-from=<(find /sourcedir -mtime -7 -print0) . /targetdir/
rsync ignore existing files.
rsync -P --ignore-existing /source/* /destination/ -n
rsync excluding directories matching pattern.
SOURCE=/apps/IPsoft/IP400 ; DESTINATION=/apps/IPsoft/IP400.$(date '+%Y-%m-%d_%H-%M-%S') ; rsync -aP "${SOURCE}"/ "${DESTINATION}"/ --exclude-from=<(cd "${SOURCE}" ; find -type d -name log | sed -e 's|./||')
Sync files partially.
rsync -avz --partial --inplace
which files differ between hosts.
rsync -nrlptDqv --delete --exclude napsjb/server/naps/tmp/ /opt/ongame/ 10.6.21.11:/opt/ongame | less -n dry run. -r recursive -l copy symlinks av symlinks. -p preserve permission -t preserve tims. -D --device --special. Keep special files. -q quiet -v verbose
sar
Old sar information.
sar -f /var/log/sa/sa25 -s 00:00:00 -e 23:59:00
load average.
sar -q -f /var/log/sa/sa25 -s 00:00:00 -e 23:59:00
All information.
sar -A -f /var/log/sa/sa25 -s 00:00:00 -e 23:59:00
View network statistics.
LANG=c sar -n DEV | grep eth0
realtime summary.
sar 4 5
script
Run command under shell even if it does not exist.
script -q -f -c "commands or scripts to run"
Run session under screen in script.
screen -dm bash -c 'script --timing=script1.tm script1.out'
Replay script recorded file
scriptreplay --timing script1.tm --typescript script1.out
scp
Limit to 1.2MB/s.
scp -l 10240 Rocky-8.5-x86_64-minimal.iso halfface.se:/temp/
search&replace
perl
grep -rsl '10.6.4.102' * | xargs perl -pi -e 's/10.6.4.102/10.6.4.103/'
sed
find . -type f -exec sed -i 's/string1/string2/g' {} \;
Grep for regexp starting with CN= and stop at first occurrence of ,. not greedy
grep -oE 'CN=[^,]*,'
setfacl
Add rwx permission for user_name recursivly from /directory
setfacl -Rm u:user_name:rwx /directory
Remove acl:s
setfacl -bn foobar
shred
Recurse remove dir
find /tmp/secret -type f -exec shred {} \;
shuf
Pick random line in file.
shuf -n1 /file
sms
Mail to sms gateway.
tele2 07XXXXXXXX@sms.tele2.se
Comviq 467xxxxxxxx@sms.comviq.se
Europolitan 4670xxxxxxx@europolitan.se
snmptrap
# send more than one string. snmptrap -v 2c -Ci -u user -c community localhost "" .1.3.6.1.4.1.5089.1.0.1 1 s "This is the first string" 2 s "This is the second string" snmptrap -v 2c -Ci -u user -c community localhost .1.3.6.1.4.1.5089.1.0.1 1 s "This is the first string" 2 s "This is the second string" snmptrap -v 2c -c xxxxxxx localhost .1.3.6.1.4.1.5089.1.0.1 .1.3.6.1.4.1.5089.2.0.999 s "Hej Hej"
Simple trap
snmptrap -v 1 -c public localhost 0 0
snmptrapd
# Enable logfile. /etc/sysconfig/snmptrapd OPTIONS="-Lf /var/log/snmptrapd.log" # Disable authorization and put in logfile. /etc/snmp/snmptrapd.conf disableAuthorization yes authCommunity log public
snmpwalk
Get information from an oid.
snmpwalk -v 1 -c public snmp.device.net .1.3.6.1.4.1.2021.84
Do tcpdump while running.
tcpdump -i eth0 -n -s0 -v host snmp.device.net and port snmp
socat
Create a tunnel between localhost 2222 to remote host 2222
socat TCP-LISTEN:2222,fork TCP:10.111.222.2:2222 socat TCP-LISTEN:22,fork,bind=127.0.0.1 TCP:192.168.0.15:5900
Create tunnel via systemctl Create file similar to this. /etc/systemd/system/socat_win.service
[Service] ExecStart=/usr/bin/socat TCP-LISTEN:3389,fork TCP:192.168.122.204:3389
Enable new file.
systemctl daemon-reload
Start new daemon
systemctl start socat_win
sort
Sort ip address.
sort -t. +0n -1 +1n -2 +2n -3 +3n -4 sort -t . -k 1,1n -k 2,2n -k 3,3n -k 4,4n
sort on fift column
sort -t, -k5n,5 /tmp/gfp
Get a list of configured ip for a set of hosts. Sort on domain then hostname
pdsh ^/host_list 'ip route get 8.8.8.8 | awk "NR==1 {print \$NF}"' | sort -t . -k 2 -k 1
Sort on first column only.
sort -n -k 1,1
spawn
Encode wav to ogg in parallel.
# ls -1 *.wav | while read ; do echo "oggenc -q6 \"$REPLY\"" ; done | spawn -j4
split
Devide file into parts containing 100 lines.
split -l 100 create_updated_2013-10-29_sort_created_ci_id_name.txt --numeric-suffixes --suffix-length=3 Cleanup.
Devide file in 10 parts. Suffix length 4.
split -n 10 -a 3 bigfile.tar.gz
sqlite
Is db broken?
sqlite3 mydata.db "PRAGMA integrity_check"
recover db
sqlite3 mydata.db ".dump" | sqlite3 new.db
Show databases
sqlite> .databases main: /var/lib/tuptime/tuptime.db
List tables
sqlite> .tables tuptime
Run sql command
sqlite> select * from tuptime; 1544984636|2387765.42|-1|0|0.0|Linux-4.19.8-200.fc28.x86_64-x86_64-with-fedora-28-Twenty_Eight
exit|quit
.quit
ss
List all connections.
ss -an
List processes and which port they listen too. Grep process.
ss -tulpn | grep 5405
ssh
ssh-keygen
Without prompts.
yes | ssh-keygen -N >/dev/null
Automated login on a user basis via ssh.
ssh-keygen -t dsa Generate personal ssh keys. cat id_dsa.pub >> authorized_keys Copy your personal ssh key to all machines. chmod 644 ~/.ssh/authorized_keys Verify correct access on files. ssh andreasbj@www.halfface.se "cat >> ~/.ssh/authorized_keys" < /home/andreasbj/.ssh/id_dsa.pub
Remove pass phrase
ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]
Copy public key to authorized_keys
ssh-copy-id user@host
List supported ciphers
ssh -Q cipher
List supported MACs
ssh -Q mac
List supported public key type
ssh -Q key
List supported key exchange algorithms
ssh -Q kex
List supported ciphers, macs and kexalgorithms.
sshd -T | grep "\(ciphers\|macs\|kexalgorithms\)"
Run command each time you login via ssh.
$HOME/.ssh/rc
Tunnel
sudo ssh -nNTx -R 2222:localhost:22 andreasbj@www.halfface.se
Reverse tunnel.
ssh -D \*:666 www.halfface.se ssh -N ipmon10.ny1.ip-soft.net -L43389:ippc01.ongame.ip-soft.net:3389 -n Dont take console. Good for background. -N Do not execute a remote command -T Disable pseudo-tty allocation. -x Disables X11 forwarding. -R port:host:hostport sudo ssh -N -L 2222:www.halfface.se:22 www.halfface.se sudo ssh -nNTx -R 2222:www.halfface.se:22 www.halfface.se sudo ssh -nNTx -R 443:satellite.ongame.com:443 root@10.0.254.30 # Tunnel 443 over ssh from remote host via local host.
Open tunnel on remote host. Start remote proxy server forwarding to internal network.
ssh remotehost -R remoteport:localhost:localport "ssh -D 9050 localhost:remoteport"
Multiple reverse tunnel controled by autossh. (-M)Control port,(-f)background, (-N) no remote command, reverse tunnel (-R)
autossh -M 41000 -f -N -R 0.0.0.0:8001:192.168.1.10:80 -R 0.0.0.0:8002:192.168.1.20:80 user@remotehost
reverse tunnel bound to all interfaces
The config has to allow to bind to * interface. /etc/ssh/sshd_config GatewayPorts yes
sudo ssh -i ${HOME}/.ssh/id_dsa -N -R \*:2222:localhost:22 ${USER}@www.halfface.se
Create an ssh tunnel link
https://help.ubuntu.com/community/SSH_VPN echo 1 > /proc/sys/net/ipv4/ip_forward vim /etc/ssh/sshd_config PermitTunnel=yes sudo ssh -NTCf -w 0:0 1.2.3.4 sudo ssh -v -w any:any www.halfface.se ### local: ip link set tun0 up ip addr add 169.254.0.1/32 peer 169.254.0.2 dev tun0 ip route add 192.168.0/24 via 169.254.0.2 remote: ip link set tun1 up ip addr add 169.254.0.2/32 peer 169.254.0.1 dev tun1 arp -sD 169.254.0.2 eth1 pub ### Change default gateway. In this case, 192.168.0.1 is Machine B's current default gateway; it is the gateway on Network B that provides internet connectivity ip route add 1.2.3.4/32 via 192.168.0.1 ip route replace default via 10.0.0.1
Limit ssh access with pam_access
/etc/security/access.conf
Proxycommand without nc
Host server1 Hostname 10.0.1.1 ProxyCommand ssh -q -x jumphost -W %h:22
ssh over ipv6 via 2 network interface.
ssh -6 fe80::1ec1:deff:fecb:6ce%2
ssh options
None interactive. Dont ask for password.
-o BatchMode=yes
Accept all keys.
-o StrictHostKeyChecking=no
brow.sh
browser in terminal window.
ssh brow.sh
jail
/etc/sshd/sshd_config
Match group mychroot ChrootDirectory /jail/ X11Forwarding no AllowTcpForwarding no
sshd debug
Start deamon once in debug mode and put output to your console.
/etc/sysconfig/sshd OPTIONS="-ddd"
Kill of sshd which is listening for new connections. Start sshd with the following command. Debug level can bee changed.
/usr/sbin/sshd -De -o LogLevel=DEBUG3
ssh multiple jumps one cli
Jump through host1.net to get to host2.net
ssh -t host1.net ssh -t host2
Jump through host1.net to host2.net and bring port 8080 with you.
ssh -t host1.net -L 8080:localhost:8080 ssh -t host2.net -L 8080:localhost:8080
ssh force password login
ssh -o StrictHostKeyChecking=no -o ControlPath=none -o ControlMaster=no -o PubkeyAuthentication=no user@host
sshfs mount filesystem over ssh
sshfs name@server:/path/to/folder /path/to/mount/point
sshpass
ssh with password provided on the command line.
sshpass -p P@ssW0rd ssh -t -o ControlPath=none -o PreferredAuthentications=password -o PubkeyAuthentication=no -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=Error user@localhost hostname
sshuttle
create a network route over ssh.
sshuttle -D -r user@remotehost:2222 192.168.1.0/24
stat
View file permissions only.
stat -c "%a %n" /usr/bin/bash Access - the last time the file was read Modify - the last time the file was modified (content has been modified) Change - the last time meta data of the file was changed (e.g. permissions)
Copy permissions from one location to another.
rpm -qlp package.rpm | while read FILE ; do echo chmod $(stat -c "%a" $FILE) \"$FILE\";done > /tmp/copy_permissions.sh
strace
File open activity.
strace -e open -f ls -la /temp/
File open activity under directory.
strace -e open -P /temp/ -f ls -la /temp/
More file activity.
strace -e trace=file -p 1234 strace -e trace=desc -p 1234
Trace network activity.
sudo strace -f -e trace=network -p 1476 # 1024 long strings. sudo strace -s 1024 -f -e trace=network -p 1476 # strace follow process with matching regex. strace -f -e poll,select,connect,recvfrom,sendto -p $(pgrep -f login-sync.xml) # trace nework activity strace -f -e trace=network -s 1000000 nc localhost 3333
Memory usage
sudo strace -f -e trace=memory -p $(pgrep -f firefox)
What is taking time
[root@util01 abjorklund]# strace -f -c -p 9657 % time seconds usecs/call calls errors syscall ------ ----------- ----------- --------- --------- ---------------- 88.11 11.614155 1644 7065 1565 futex 9.94 1.310794 16183 81 73 restart_syscall 1.86 0.245018 86 2850 recvfrom 0.05 0.006784 30 228 poll 0.03 0.004006 2 1838 sendto 0.00 0.000271 1 253 sched_yield 0.00 0.000134 12 11 mmap 0.00 0.000107 0 5176 ioctl 0.00 0.000026 0 148 148 stat 0.00 0.000000 0 1 read 0.00 0.000000 0 254 write 0.00 0.000000 0 44 mprotect 0.00 0.000000 0 1 rt_sigreturn ------ ----------- ----------- --------- --------- ---------------- 100.00 13.181295 17950 1786 total
strace multiple processes
strace -s 1024 -f -o /tmp/strace $(pidof Process_name | sed 's/\([0-9]*\)/-p \1/g')
strace to hex output. Convert to utf8.
strace -xx -f -o/tmp/strace -s0 echo bajskorv cat /tmp/strace | while read -r line; do printf "%b\n" "$line" ; done
sudo
Enable sudo logging
sed -i "$(( $(grep -n ^Defaults /etc/sudoers | tail -1 | awk -F: '{print $1}') + 1 ))iDefaults log_output\nDefaults log_input" /etc/sudoers
Command above adds the following to /etc/sudoers
Defaults log_output Defaults log_input
List sudo-io logs.
sudoreplay -l
Search for string in logs.
zgrep search_string $(find /var/log/sudo-io/ -type f)
Replay session. Max wait 1s. 5 times the speed.
sudoreplay -m1 -s5 000002
Replay session including stdin
sudo sudoreplay -m1 -s5 -f stdin,stdout,stderr,ttyin,ttyout 000001
Which rules apply to user
sudo -l -U username
swapon/swapof
Free swap
(swapoff -a; swapon -a) & watch free -m
sysbench
cpu test.
sysbench cpu --cpu-max-prime=20000 --threads=32 run | grep "events per second"
ram test
sysbench memory --threads=32 run | grep sec
disk test
RAM_TWO=$(( $(grep MemTotal /proc/meminfo | awk '{print $2}') * 2 ))kb sysbench fileio --file-total-size=${RAM_TWO} prepare > /dev/null sysbench fileio --file-total-size=${RAM_TWO} --file-test-mode=rndrw --time=300 --max-requests=0 run|grep -E ' read, | written, ' sysbench fileio --file-total-size=${RAM_TWO} cleanup > /dev/null
sysctl
Rename machine.
sysctl kernel.hostname=ipmonxx.${CLIENT}.ip-soft.net
Set tcp keepalive
$ sysctl -a | grep tcp_keepalive net.ipv4.tcp_keepalive_time = 1800 net.ipv4.tcp_keepalive_probes = 9 net.ipv4.tcp_keepalive_intvl = 75 sudo sysctl -w net.ipv4.tcp_keepalive_time=60 net.ipv4.tcp_keepalive_probes=3 net.ipv4.tcp_keepalive_intvl=10 net.ipv4.tcp_keepalive_time = 60 net.ipv4.tcp_keepalive_probes = 3 net.ipv4.tcp_keepalive_intvl = 10
systemctl
init 3
systemctl isolate multi-user.target systemctl set-default multi-user.target
init 5
systemctl isolate graphical.target systemctl set-default graphical.target
When you have made changes to /etc/systemd/system/*.service
systemctl daemon-reload
List all units
systemctl list-unit-files
List units with problems
systemctl list-units --failed
create service
cd /etc/systemd/system ; vim $service.service ; systemctl daemon-reload
[Unit] Description=Set laptop brightness After=multi-user.target [Service] Type=forking ExecStart=/bin/sh -c 'echo 1000 > /sys/class/backlight/intel_backlight/brightness' [Install] WantedBy=default.target
Add groups to processes started by services script
[Service] SupplementaryGroups=33 518
strace process started by systemctl
strace -f -o /tmp/strace.log -s 2048 -p 1 & systemctl restart httpd.service
systemd-analyze
What takes time at startup.
systemd-analyze plot > /tmp/systemd-analyze-plot.svg ; chrome /tmp/systemd-analyze-plot.svg
systemd-resolved
resolvectl status
clear cache.
sudo systemd-resolve --flush-caches
Look at stats.
systemd-resolve --statistics
restart daemon to apply settings
systemctl daemon-reload systemctl restart systemd-networkd systemctl restart systemd-resolved
tail
Tail from line number 21.
tail -n +21 /file
talk
Talks swedish.
espeak -v swedish -f /tmp/file
tar
Make a backup of a directory or disk.
server: tar -cpsf - $dir | pv -b | nc -l 3333 client: nc server 3333 | pv -b | tar -xpst -
Inline tar archive.
awk '/^__ARCHIVE_FOLLOWS__/ { print NR + 1; exit 0; }' $0 tail -n $0 > archive.tar # tail -n +347 Filename
Backup dir but exclude files within
tar zcf /tmp/backup_$(date '+%Y-%m-%d_%H-%M-%S').tar.gz /apps/app --exclude=/apps/app/var/* --exclude=/apps/app/logs/*
extract files remove 5 path element components.
tar xf archive.tar --strip-components 5
extract to other directory.
tar -xzf bar.tar.gz -C foo
extract files excluding path.
tar xf $file.tar.gz --transform='s/.*\///'
tcpdump
dump trafic information, -e Print the link-level header on each dump line, -vvv verbose.
tcpdump -e -vvv port 21
dump all trafic to and from machine. -w write to file, -s0 size of package, host to listen from.
time tcpdump -w ssl_dump -s0 host test.x30.webservices.itsfogo.com
dump all trafic into files of max 100MB. 270MB in reality.
tcpdump -w snoop -s0 -C 100000000
dump all trafic. compress logfiles. Create 10 files which are 10 MB big. Dont convert numbers to names. Dont truncate frames create logfile with this name.
tcpdump -z gzip -i wlan0 -C 10 -W 10 -n -s0 -w /tmp/tcpdump.log
Which machines send a syn packet.
sudo tcpdump -nn -i eth0 'tcp[13] = 2'
Show information about all traffic on interface.
tcpdump -s0 -i eth1 -vv
Show information about communication over port 514
tcpdump -Xni any port 514
listen on port 1023 for incoming trafic. disable local subnets.
sudo tcpdump -n -i eth0 tcp and dst host 172.17.17.6 and not src net 172.17.17.0/24 and not src net 158.0.0.0/8 and 'port 1023'
listen after torrent traffic.
sudo tcpdump -Xni any portrange 6882-6999
View content of http trafic
sudo tcpdump -i any -A -s 1500 dst 89.253.75.84 and port 80
View post in utf-8 format.
sudo tcpdump -lnp -i any -A -s 1500 dst 89.253.75.84 and port 80 -w - | tr -t '[^[:print:]]' ''
Get cookie
tcpdump -i lo -A -l dst port 8000 | grep "^Cookie: " To create cookie for curl: https://xiix.wordpress.com/2006/03/23/mozillafirefox-cookie-format/
Look at traffic from specific ip
tcpdump -n -i any -n host 198.18.130.9
Eavesdrop password
tcpdump -i any -A -s0 port 8030 | grep Authorization:
flags
tcpdump -enni eth0 host 172.30.142.11 port 5432
F - FIN S - SYN R - RST P - PSH U - URG E - ECN Echo W - ECN Cwnd Reduced . - ACK only
tcptraceroute
tcptraceroute -n -q 1 192.168.0.1 -p 22
teamdctl
teamdctl team0 state view -v
telnet
Look at world map. a - z zoom.
telnet mapscii.me
testssl
test ssl certificate
testssl www.halfface.se
tftp
# Download test.file tftp -v 172.17.17.6 -c get test.file # Upload file. tftp -v 172.17.17.6 -c put /tmp/test.put test.put # Enable upload file in in.tftpd /etc/xinetd.d/tftp server_args = -c -s /var/lib/tftpboot
tibco
show permissions.
help permissions
Create user
create user surveillance "Surveillance user" password=surveillance
Grant user permission to view all
grant admin user=surveillance view-all
time
Time in a loop.
{ time sleep 2 >> ${LOG} ; } 2>> ${LOG}
How long did a command take
TIME=$( { /usr/bin/time -f "%e" sleep 1.5 ;} 2>&1 ) ; echo $TIME
Built in time command. 3 decimals in seconds.
TIMEFORMAT='%3R'; time ( sleep 61.22222 )
timedatectl
Show info how clock is synced.
timedatectl timesync-status
timeout
limit waiting for a period.
timeout 2s sleep 100
Run function under timeout
export -f my_function ; timeout 1 bash -c 'my_function options'
Run loop for some time then exit.
timeout 172800 bash -c -- 'while true ; do echo $(TZ=UTC date "+%Y-%m-%d %H:%M:%S %Z") $(ping -w1 -q -c1 -i10 192.168.10.120 | grep received) ; sleep 1 ; done| tee /tmp/ping_192.168.10.120.log'
tnef
List content of winmail.dat. Remove options to extract to current dir.
tnef -t -f winmail.dat
toilet
Generate graphics text similar to banner.
toilet -F gay -f mono12 "Some Funky Text"
tor
Select outgoing country. https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 Set country in:
torrc
One or several exit countries.
ExitNodes {us} ExitNodes {kr},{ru},{sy},{cn}
test exit node
ifconfig.me
top
Top batch mode run one iteration
top -bn1
top derivates
apachetop dnstop iftop latencytop glances
touch
touch -am 0910120003 Give a new access time on a file 0910120003MMDDhhmmyy
linux
touch -t 197102162324 *
tput
No line wraps
tput rmam
Line wraps
tput smam
invisible cursor
tput civis
visible cursor
tput cnorm
reset is a good command to reset shell
reset
tr
translate capital to lower letter.
tr '[:upper:]' '[:lower:]'
null character to new line
tr '\000' '\n' < /proc/3575/environ
trickle
Speed limit for download
rsync -ae "trickle -d 80 ssh" user@host:/src/ /dst/
Speed limit for upload.
rsync -ae "trickle -u 80 ssh" user@host:/src/ /dst/
Limit wget to 64kbit upload and download.
trickle -d 64 -u 64 wget "https://www.halfface.se/file.txt"
tune2fs(tunefs)
tune2fs -m 0 /dev/sdb1
type
What kind of command do we use. builtin or some file?
type ls
udevadm
Monitor udev events.
udevadm monitor
udevadm info --query=all --name=sda
look at values for disk. Can be used to locate san source.
udr
rsync over udp.
udr -a 57621 -b 57631 rsync -rP host.inter.net:/source/ /destination/
ulimt
Look at current limits for logged in user.
ulimit -a
Look at limits for process with pid 12345.
cat /proc/12345/limits
unetbootin
Boot iso image from usb memory.
upower
# Powerstatus of the system. battery charge. upower --dump
urldecode/urlencode
Encode
perl -pe's/([^-_.~A-Za-z0-9])/sprintf("%%%02X", ord($1))/seg' echo 1212341234== | jq -sRr @uri
Decode
perl -pe 's/%([0-9a-f]{2})/sprintf("%s", pack("H2",$1))/eig'
useradd
useradd --uid 666 --gid 666 --comment 'devil' devil && echo 'devil:VerySecretPassword' | chpasswd
v4l2
Video player
qv4l2
List available formatats and resolutions.
v4l2-ctl --list-formats-ext
List available formats
v4l2-ctl --list-formats
Set camera to h264
v4l2-ctl --set-fmt-video=width=800,height=448,pixelformat=1
Set framerate.
v4l2-ctl --set-parm=30
List video parameters
v4l2-ctl --get-fmt-video
List video output
v4l2-ctl --all
Disable autofocus
v4l2-ctl --verbose --set-ctrl=focus_auto=0 v4l2-ctl --verbose --set-ctrl=focus_absolute=0
version of linux
cat /etc/os-release
vi
:set ignorecase :set list show all keys. :set nolist show their representative.
wipefs
wipefs -a /dev/sdc
vmstat
top over time.
vmstat -n 5
Description:
r=procs waiting for cpu time. b=procs in sleep mode. swpd=virtual memory in use in swap. free=memory free. buff=memory used by buffers cache=memory used as cache. si=swap in. so=swap out. bi=io block in. bo=io block out. in=interups cs=contex switching. us=cpu user space sy=cpu system usage to serve. id=cpu idle wa=cpu waiting for input output. iowait. st=cpu time stolen from a virtual machine
procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu----- r b swpd free buff cache si so bi bo in cs us sy id wa st 2 1 814984 167992 26820 999460 0 0 1 0 2467 5088 2 2 95 1 0 0 0 814984 168100 26820 999540 0 0 2 150 2467 5026 1 2 97 0 0
wget
wget -r -nH -np --cut-dirs=1 --no-check-certificate -U Mozilla --user={uname} --password={pwd} https://my-host/my-webdav-dir/my-dir-in-webdav
wget to standard output.
wget --no-check-certificate -S -O- http://inter.net
Special heather
wget 'http://halfface.se' --header='Cookie: has_js=1'
Mirror
wget 'https://halfface.se/test' -r -l 3 --convert-links -o log --html-extension
whois
# When does a domain expire. whois -h whois.iana.org sivberg.se # which ipranges does an ipaddress belong too. In this case looking at google. whois -h whois.radb.net -- "-i origin $(whois -s -h whois.radb.net 172.217.26.68 | grep ^origin | awk '{print $2}' | tail -1)" | grep ^route | awk '{print $2}' # Who to find address range for site. host www.facebook.com whois 157.240.194.35 | grep CIDR
wireshark
find packet packet details string
ssl decryption
export SSLKEYLOGFILE=/tmp/sslkeylog ; curl -sv -d "blablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablablabla" https://www.halfface.se wireshark. Edit - Preferences - Protocols - TLS - (Pre) -master-Secret log file.
tshark
cli version
tshark -V -r $dump.pcap
wodim
Burning disks.
wodim -scanbus # Scan scsi bus for burners. wodim --devices # Discover basic information. wodim -checkdrive # Information about burner. wodim -tao speed=0 dev=/dev/sr0 -v -data /temp/files/ # Burn disk containing structure from /temp/files/ wodim -eject -tao speed=0 dev=/dev/scd0 -v -data /my/directory/image.iso # Burn image to disc.
write
Send message to someone via tty.
who | grep user
write message end with CTRL + d
write abjorklund pts/2
xargs
locate case insensetive, regular expression. xargs string to replace imput. Print output to standard error.
locate -ir ".*\.crt$" | xargs -I '{}' -t cp {} /temp/ssl/
Do something on everything from standard input.
ls -la | xargs -i% echo '# beginning #' % '# end of line #'
split several lines into groups.
for i in {00..99} ; do echo $i, ; done | xargs -L 20
xdotool
When you have to move your mouse but you dont want to push it.
xdotool mousemove_relative -- -1 -1 xdotool mousemove_relative 1 1
Send ab to window.
xdotool search --onlyvisible --name freerdp key a key b
xfs
xfs_repair -L /dev/mapper/vg00-root
xinput
# List xinputs. xinput list # List properties. xinput list-props "Logitech Unifying Device. Wireless PID:400e" # Middle button emulation. xinput set-prop "Logitech Unifying Device. Wireless PID:400e" "Evdev Middle Button Emulation" 1 xinput set-prop 12 "libinput Middle Emulation Enabled" 1
xkill
Kill xorg process with id 0xb6ffa0
xkill -id 0xb6ffa0
List x applictions
xwininfo
Get recursive list of x applications.
xwininfo -root -tree
xmllint
prettify xml
xmllint --format -
xset
Disable screen saver
xset -dpms ; xset s noblank ;xset s off
Disable repeat
xset r off
Enable repeat
xset r on
xxd
Hex to binary
xxd -r -p hex.txt output.bin
Hex to binary in pipe
echo "$HEX" | xxd -r -p -
yum
download src rpm
yumdownloader --source net-snmp
Reinstall default repos.
yum reinstall yum-conf-sl6x-1-2
This will give you a directory with all rpm:s that are required to install rpm.
PKG=openssh-server ; yum install --downloadonly --installroot=/tmp/$PKG-installroot --releasever=6 --downloaddir=/tmp/$PKG $PKG
broken repos
yum install bareos-client --disablerepo=* --enablerepo=bareos
search for different versions
yum --showduplicates search percona-xtrabackup
zip
Zip directory exclude files .svn directory.
zip -r /temp/ssl.zip . -x ".svn/*"
List contents of zip archive.
unzip -l archive.zip
Unzip single file
unzip file.zip file/you/want/to/extract/the_file.txt
zdump
View information from timezone tz.
zdump -v /etc/localtime
Change timezone on host
ln -sfT ../usr/share/zoneinfo/Europe/Stockholm localtime
zfs
Get sync
zfs get sync datapool/netstorage/dog/prod NAME PROPERTY VALUE SOURCE datapool/netstorage/dog/prod sync standard default
set sync
zfs set sync=disabled datapool/netstorage/dog/prod
List snapshots(can take time)
zfs list -t snapshot
List snapshots for one mount point.
zfs list -r -t snapshot -o name,creation datapool/netstorage/bro/prod
Displays the detailed health status
zpool status
List datasets
zfs list
Create dataset
zfs create datapool/netstorage/media
zdb
display zpool debugging and consistency information
zdb -d dataset
zpool list
Lists the given pools along with a health status and space usage.
iostat
Get iostat with values since last second.
zpool iostat are -y 1 -l