Commands

From Halfface
Revision as of 20:07, 25 October 2016 by Ekaanbj (talk | contribs) (→‎putty)
Jump to navigation Jump to search

ab

apache benchmarking

ab -n 50 https://www.halfface.se/photos/
ab -n 1000 -c 10 https://www.halfface.se/wiki/index.php/Halfface

abcde

Rip cd.

abcde

agrep

Aproximate grep. 3 differences from andreas

agrep -3 andreas /var/log/messages

alternatives

alternatives --set mta /usr/sbin/sendmail.postfix

antiword

antiword bad.doc > pure.txt

arecord

List soundcards.

arecord -l

Chose source.

alsamixer

Create mp3 from source.

arecord -f cd -d 5 -t raw | lame -x -r - out.mp3

base64

 base64 -d /tmp/html | elinks --dump | less -ISRM

bonnie++

Report performance on disk.

bonnie++ -u 0:0

On machine running out of disk

sudo bonnie++ -d ./ -s 400 -r 200 -u root

boot

Booting singe user mode.

kernel ... single

bootchart

Analyze startup times.

bootgraph

How to use.

Kernel later than 2.6.28
kernel option initcall_debug
dmesg | /usr/src/linux-headers-2.6.28-11-generic/scripts/bootgraph.pl > /tmp/bootgraph.svg

bzip2

Extract keep original

bzip2 -dk /compressed_file.bz2 and extract standard out via tar.

Extract bunzip2 file and extract via tar from standard out.

bzip2 -c /compressed_file.bz2 | tar -xivf -

cdrecord

Blank cd/dvd rw

cdrecord -v gracetime=2 dev=/dev/cdrom -eject blank=all -force

chattr/lsattr

Set extendet attributes of files.

# Lock file for most activities.
chattr +i file
# Unlock file
chattr -i file
# recursive lsattr looking for imutable.
lsattr -aR -- .//. 2>/dev/null | sed -rn '/i.+\.\/\/\./s/\.\/\///p'

chmod

Sticky bit on directory. Only owners of files are able to delete.

chmod 1755 /file.
-rwxr-xr-t

GUID on file. binaries started will have the group set to the defined group.

chmod 2755 /file
-rwxr-sr-x

SUID on file.

chmod 4755 /file
-rwsr-xr-x

chntpw

# Change windows passwords offline
mkdir /mnt/disk ; mount /dev/sd1 /mnt/disk; cd /mnt/disk/Windows/System32/config
# List local users.
chntpw -l SAM
# clear password on user.
chntpw -u Administrator SAM

chvt

From a script change to a virtual interface and connect script to that terminal. chvt 3 exec < /dev/tty3 > /dev/tty3

cacafire

View some fire in ascii.

clean

Clean file from comments and blank lines.

sed '/ *#/d; /^ *$/d'

codepage

Change codepage of file.

convmv -f cp850 -t iso-8859-1 --notest *
convmv -f utf8 -t iso8859-1 -r --notest *
convmv -f iso8859-1 -t en_US.UTF-8 -r --notest .

Change codepage of file.

iconv --from-code=ISO-8859-15 --to-code=UTF-8 document.csv > document_iconv.csv

column

Create nice column. Use tab as delimiter.

column -t -s $'\t' /file.tsv

convert

Convert Image to 8 bit grey with threshold for white.

for tif in *.tif; do convert -depth 8 -white-threshold 70% ${tif} ${tif%%.*}.png;done

Resize image

convert -resize 25% -gamma 1.5 2011-08-03_11-09-43.jpg 2011-08-03_11-09-43_new.jpg

Multipage pdf.

convert -adjoin -page A4 -compress jpeg Infineon1.tif Infineon2.tif Infineon.pdf

Prepare photos for printing.

convert -rotate 90 -gamma 1.5 -resize 25% -compress jpeg -quality 80 -adjoin -page A4 * print.pdf

Resize change aspect.

convert Slide1.PNG -resize 1920x1080\! slide01.png

animated gif

convert -delay 100 -loop 0 *.jpg animation.gif

Create multipage pdf of photos.

convert -resize 25% -adjoin -page A4 -rotate 90 -compress jpeg *.jpg test.pdf ; pdfjam test.pdf --no-landscape --frame true --nup 2x2 --suffix 4up --outfile /temp/photos/Alva/test_2x2.pdf

Addition of images.

 convert 1.png 3.png -append montage.png

cpio

Copy wanted partitions.

#!/bin/bash
ssh root@192.168.2.148 "(cd /boot/ ; find ./ -xdev -depth -print0 | cpio -o -0Hnewc )" | (cd /mnt/sysimage/boot ; cpio -idvuma )
ssh root@192.168.2.148 "(cd / ; find ./ -xdev -depth -print0 | cpio -o -0Hnewc)" | (cd /mnt/sysimage ; cpio -idvuma )
# -o copy out mode.
# -0 terminated by null character.
# -Hnewc som storing format.
# -i extract copy in mode.
# -d make directories.
# -v verbose.
# -V print dot.
# -u replace all files.
# -m preserve modification time.
# -a preserve access time.

crontab/cron

crontab.

* * * * *  command to be executed
- - - - -
| | | | |
| | | | +----- day of week (0 - 6) (Sunday=0)
| | | +------- month (1 - 12)
| | +--------- day of month (1 - 31)
| +----------- hour (0 - 23)
+------------- min (0 - 59)
0 Sunday
1 Monday
2 Tuesday
3 Wednesday
4 Thursday
5 Friday
6 Saturday
@reboot "run command at reboot"

Run command every 10 minutes.

*/10 * * * * command

Run command at 12:00 and 24:00 hours.

00 0,12 * * *      command

Run command between 8-17 every 2 hours.

0 8-17/2 * * * /path/command
0 8,10,12,14,16 * * * /path/command

Start program under crontab.

#!/bin/bash
COMMAND="screen -L -d -m ping www.dn.se"
if [ "$(ps -ef | grep -i ping | grep -v grep)" ]
then
  echo "\"${COMMAND}\" already running."
else
  echo "Starting \"${COMMAND}\"."
  cd /tmp
  ${COMMAND}
fi

cut

Cuf everything from field 5.

cut -f5- -d ' '

curl

Get http return code.

curl --connect-timeout 3 --max-time 9 -ksL -w '%{http_code}\n' 'http://www.dn.se' -o /dev/null

get external ip.

curl ifconfig.me 

get external ip and all related browser information.

curl ifconfig.me/all 

Alternative address for domain.

curl -sk --resolve www.halfface.se:80:127.0.0.1 http://www.halfface.se

Get header / mime type

curl -I http://url.se

post file

curl -X POST -d @myfilename http://user:pass@myhost/hudson/job/_jobName_/postBuildResult

date

Get date in requested format.

date '+%Y-%m-%d %H:%M'
date +%Y-%m-%d-%H%M

date 033121422003.55

Mon Mar 31 21:42:55 PST 2003
date MMDDhhmmCCYY.ss

Whats the date in 1000 years. Or any other increment.

date --date="+1000 years" +%C%y-%m-%d
date --date="-2 hour" +%C%y-%m-%d\ %H:%M
TZ=CEST date --date="-2 hour" +%C%y-%m-%d\ %H:%M

What is the time in other timezone given in unixtime/epoch.

TZ=GMT date -d '@1345064585'
Wed Aug 15 21:03:05 GMT 2012

Unix time.

date +%s

db2

Empty catalog remove node

for DB2 in $(db2 list node directory | grep "Node name" | awk '{print $4}') ; do db2 uncatalog node $DB2;done

Empty catalog remove db

for DB2 in $(db2 list db directory | grep "Database name" | awk '{print $4}') ; do db2 uncatalog db $DB2;done
  1. Load db2 environment.
. /home/db2/sqllib/db2profile
  1. Connect to database.
db2 connect to ${database_name} user ${user} using ${password}
  1. Test query.
SELECT service_level, fixpack_num, bld_level FROM TABLE (sysproc.env_get_inst_info()) as A;
  1. System Database Directory
db2 list db directory
  1. Node Directory
db2 list node directory
  1. setup directory
db2 "catalog tcpip node db2datan remote 1.2.3.4 server 5000"
db2 "catalog db db2datadb as db2datadb at node db2datan"
  1. Drop connection.
db2 terminate

dbus-monitor

dbus-monitor   # Monitor activity on the dbus to see what system and sessions are doing.

dd

output your microphone to a remote computer's speaker

dd if=/dev/dsp | ssh -c arcfour -C username@host dd of=/dev/dsp

Add 2GB to disk image.

dd if=/dev/zero of=/system_image.img bs=1M oflag=append conv=notrunc count=2000

dd with progress bar.

pv -ptre /install/backup/machine/raspberry/ipcenter_view.img | sudo dd of=/dev/mmcblk0 bs=1M

dd to position on disk

dd of=/dev/disk1 if=/dev/urandom obs=500000 seek=1 bs=1MB count=1 conv=notrunc

dhclient

[root@wall sysconfig]# cat /etc/dhclient.conf

interface "eth0" {
         prepend domain-name-servers 127.0.0.1;
         supersede domain-name "bltprojektering.se";
}

diff

sdiff <(echo -e 'hej\nda\nvi\nses\ni\nmorgon') <(echo -e 'hej\ndå\nvi\nSES\ni\nmorgon')

which files differ between servers.

rsync -nrlptDqv --delete --exclude napsjb/server/naps/tmp/ /opt/ongame/ 10.6.21.11:/opt/ongame | less
-n dry run.
-r recursive
-l copy symlinks av symlinks.
-p preserve permission
-t preserve tims.
-D --device --special. Keep special files.
-q quiet
-v verbose

dig

  1. Get all dns information about host.
dig any www.halfface.se
  1. Trace dns lookups from root dns. Use 8.8.8.8 for lookups.
dig +trace @8.8.8.8 www.halfface.se
  1. Recursive lookup.
dig -tAXFR halfface.se
  1. backward resolve
dig -x 89.253.75.84

digitemp

digitemp_DS9097 -c /etc/.digitemprc -t0

disk

disk usage

baobab

foremost

recover deleted files.

disown

Disconnect process(pid) so that is survives a logout.

disown %2

display

Change resolution

xrandr --output LVDS --mode 1280x800
xrandr --output default --mode 1280x1024

Query graphics card capabilities.

xrandr -q

Change dpi

xrandr --dpi 138/eDP1

duplicity

Encrypted backups over rsync

dmidecode

List memory banks

sudo dmidecode -t 17

dnf

install skip if not exist

sudo dnf install --setopt=strict=0 $(sort -u /temp/other_machine_rpm)

dvgrab

Capture dv material

dvgrab -f dv2 -i -showstatus -s 0 -timestamp California-2

e2fsck

Scan for bad blocks.

e2fsck -ycv /dev/VolGroup00/LogVol00

edid/ddc

startx -- -logverbose 5.
The EDID information turns up in /var/log/Xorg.0.log.

enca

detect and convert encoding of text files. (codepage utf)

enca -L none /temp/locale2

encryption

Simple encryption decryption with gnupg.

gpg -c --force-mdc /temp/shadow
echo "$(gpg -qd /temp/shadow.gpg)"

etckeeper

Keep your /etc/ directory under git revision control.

What has happened.

git log -p /etc/resolv.conf

ethtool

show-features

ethtool -k
generic-segmentation-offload = gso
tcp-segmentation-offload     = tso

exiftool

Change meta data for files, exif, jpg, mp3...

fdupes

Find duplicate files.

fdupes -r /home

ffmpeg

ffmpeg

ffmpeg -y -deinterlace -aspect 16:9 -author "Andreas Bjorklund" -title "Tanzania" -year 2007 -i Tanzania.m2t -acodec mp3 -vcodec mpeg4 -b 3000k -s 720x540 test.avi

Create swf/flv from mpeg2 stream

ffmpeg -deinterlace -i VTS_01_1.VOB -ab 56 -ar 22050 -b 500000 -r 15 -s 360x288  sisyfos.swf

Create horse movie.

ffmpeg -deinterlace -i /temp/VTS_01_1.VOB -ab 100 -ar 22050 -b 1200000 -r 25 -s 360x288 3horses.swf

Cut video from command prompt.

ffmpeg -i video.avi -vcodec copy -acodec copy -ss 00:00:00 -t 00:00:04 trimmed_video.avi

Record desktop.

ffmpeg -f alsa -ac 2 -i pulse -f x11grab -r 5 -s 1920x1080 -i :0.0 -acodec pcm_s16le -vcodec libx264 -threads 0 -y output.mkv
ffmpeg -f x11grab -s $(xrandr | grep \*+|awk '{print $1}') -r 25 -i :0.0 -sameq /tmp/out.mpg

Change container.

 ffmpeg -i film.mov -vcodec copy -acodec copy film.mp4

Transcode to h264 aac

ffmpeg -i original.avi -vcodec libx264 -acodec aac -strict experimental new_file.mp4

Transcode mp3 to ogg vorbis

for file in *.mp3;   do ffmpeg -i "${file}" -acodec libvorbis "${file/%mp3/ogg}";done

Take photo

ffmpeg -f video4linux2 -s 1280x720 -i /dev/video0 -f image2 snapshot.jpg

Take a photo from a video steam every 10 seconds.

ffmpeg -i video.mp4 -r 0.1 -f image2 %03dandreas.jpg

Take a photo every 1 put it in a file.

ffmpeg -y -i http://balcony.halfface.se:8080 -r 1 -f image2 -update 1 stream_image.jpg -probesize 5e+07

find

Find exluding directory.

find . -wholename '/var/' -prune -o -ls

Find in only files.

find /opt/ongame/ -type f -exec grep --color=always -r '10\.7\.' /dev/null {} \;

Find text file in directoy execpt directory. Grep for text in that file and show it with colours in less.

find /opt/ongame/ -wholename '/opt/ongame/napsjb/server/naps/tmp' -prune -o -type f -exec grep --color=always -r '/fraud' /dev/null {} \; | less -SR

Find excluding several directories.

find / -type d \( -path /proc -o -path /dev -o -path /net \) -prune -o -gid 1002 -exec chgrp -h 1001 {} \;

Find excluding svn.

find . -path '*/.svn' -prune -o -type f -print

Searches for files modified up to 4 days ago.

find ./ -type f -mtime -4

Searches for files modified between certain dates. Here for files older than 30 days but younger than 60 (penultimate month).

find ./ -type f -mtime -60 ! -mtime -30
sudo find . -newermt "2014-10-19 09:30" ! -newermt "2014-10-19 09:35"

findmnt

view the mount tree

findmnt

flash

When firefox is complaining about outdated flash plugin

rm pluginreg.dat

fmt

Join lines

ifconfig -a | fmt -w 300

forward traffic

service x11
{
        disable = no
        socket_type = stream
        protocol = tcp
        wait = no
        user = root
        server = /usr/bin/nc
        server_args = 172.28.37.152 6000
}

free

You have 15956MB physical ram. 9033MB is used by applications. 6922MB is free.

free -m
             total       used       free     shared    buffers     cached
Mem:         15956      15755        200          0        300       6421
-/+ buffers/cache:       9033       6922
Swap:        19998       2405      17593

free new

Total memory 8076624k and 5169152 being used.

             total        used        free      shared  buff/cache   available
Mem:        8076624     2536328     1069132      284152     4471164     5169152
Swap:       7815164     2809244     5005920

Memory usage from /proc/zoneinfo and /proc/meminfo

awk -v low=$(grep low /proc/zoneinfo | awk '{k+=$2}END{print k}')  '{a[$1]=$2} END{print a["MemFree:"]+a["Active(file):"]+a["Inactive(file):"]+a["SReclaimable:"]-(12*low);}' /proc/meminfo
5168456

fstab

Use ram for some logfiles.

none             /var/log/              tmpfs   defauls,noatime,size=10%                 0       0
none             /tmp/                  tmpfs   defauls,noatime,size=10%                 0       0
none             /var/tmp/              tmpfs   defauls,noatime,size=10%                 0       0
none             /var/spool/            tmpfs   defauls,noatime,size=10%                 0       0

fswebcam

Capture photo.

fswebcam -r 1920x1080 --jpeg 85 -D 1 --quiet --no-banner shot.jpg
fswebcam -d /dev/video0 -i 0 -r 2592x1944 -p YUYV /net/10.111.222.1/storage/temp/logitech.jpg

genisoimage

genisoimage -o nuc.iso nuc

gphoto2

Capture photo from the command line linux.

gphoto2 --camera='Canon EOS 40D (PTP mode)' --port=usb: --capture-image-and-download

graphviz

Create graph.

dot -Tps /flow -o /tmp/flow.ps

grep

Colorize grep output.

grep --color=always -r '10\.7\.' /opt/ongame/

Show non comment lines ending with a blank.

find . -name '*.properties' -exec grep --color=always -E '^[^#].*\ $' {} \; | less -SR

grep ipaddress from message file.

sudo grep DHCP /var/log/messages | grep -oir --color=always '192\.168\.[0-9]*\.[0-9]*' | sort -u
grep -E '([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))'

grep ipaddress from file

grep -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'

grep for tab

grep 10.199.2.1$'\t' /etc/hosts

grep from word containing regex space separated.

grep -oE '\S*regex\S*' /file

gsettings

Emulate 3 button mouse
gsettings set org.gnome.settings-daemon.peripherals.mouse middle-button-enabled true

gsync

Install gsync

git clone https://github.com/iwonbigbro/gsync.git
cd gsync/
sudo python setup.py install

Download data.

gsync -u -r -t -v --progress --delete -l -s drive://motion/ /temp/motion2/

gzip

Compress a stream.

find . | gzip -9 > /tmp/file_list.gz

gscan2pdf

Scan and ocr pdf dokuments

Handbrake

Compress dvd

  1. Rip dvd.
sudo vobcopy -o /storage/temp/ -v -x -l
  1. compress video.
HandBrakeCLI -e x264 -Z Normal -i source.vob -o destination.mkv -a 2 -r 25 -E faac -f mkv -d -S 600 --crop 0:0:0:0
  1. Create film for android.
HandBrakeCLI -i 01.Alla.Vi.Barn.I.Bullerbyn.1986.SWEDiSH.vob -o 01.Alla.Vi.Barn.I.Bullerbyn.1986.SWEDiSH.mp4 -x level=30:bframes=0:cabac=0:ref=1:vbv-maxrate=1500:vbv-bufsize=2000:analyse=all:me=umh:no-fast-pskip=1 -e x264 --vb 300 -E faac --ab 128 --maxWidth 320 -2 -T -d
  1. Compress.
SOURCE=/ssd/temp ; DESTINATION=/temp ; for FILM in $(cd ${SOURCE}; ls *.mov | sed 's/\.mov$//g'); do HandBrakeCLI -e x264 -q 20 -B 160 -i ${SOURCE}/${FILM}.mov -o ${DESTINATION}/${FILM}.mp4 ;done
  1. High profile
HandBrakeCLI -i DVD -o ~/Movies/movie.mp4  -e x264 -q 20.0 -a 1 -E faac -B 160 -6 dpl2 -R Auto -D 0.0 -f mp4 --strict-anamorphic -m -x ref=2:bframes=2:subme=6:mixed-refs=0:weightb=0:8x8dct=0:trellis=0

htmldoc

Convert html document to pdf

htmldoc --webpage -f php_html_doc.pdf /home/andreasbj/php_manual_en.html 2>/tmp/htmldoc

hunspell

hunspell -d sv_SE swedish.txt

hydra

Password checking.

hydra -l root -P /etc/passwdknown -t 5 192.168.29.62 ssh2

ifconfig

Configure network.

ifconfig eth0 192.168.0.1 netmask 255.255.255.0 up

ip address alias

ifconfig eth0:0 192.168.1.2 

Network configuration Full config.

echo -e "options timeout:1 attempts:1
domain halfface.se
nameserver 84.246.88.10
nameserver 84.246.88.20" > /etc/resolv.conf
ifconfig eth0 89.253.75.84 netmask 255.255.255.224 up
route add default gw 89.253.75.65 eth0

Vip on loopback /etc/sysconfig/network-scripts/ifcfg-lo:ipdbm

DEVICE=lo:ipdbm
IPADDR=192.168.122.2
NETMASK=255.255.255.255
NETWORK=192.168.122.0
ONBOOT=yes

ilo

log in to ilo

env -u LANG ssh -v Ongame@10.1.1.94

restart ilo

reset map1

start system

start system1

iostat

iostat -xtc 5

ip

Add vlan 23

ip link add link eno1 name eno1.23 type vlan id 23

View vlan protocol

ip -d link show eno1.23

Configure vlan

ip addr add 10.151.23.101/24 brd 10.151.23.255 dev eno1.23
ip link set dev eno1.23 up

create default route

ip route add default via 192.168.1.254

show routing

ip route show

Add static route

ip route add 10.10.20.0/24 via 192.168.50.100 dev eth0

Remove static route.

ip route del 10.10.20.0/24

which outgoing interfaces are available.

ip r l| awk '/src/{print $9}'

Which route is used for ip.

ip route get 192.168.122.252

route subnet over interface.

sudo ip route add 145.251.242.0/24 dev tun0

Show ipaddress on interface tun0

ip address show tun0

vlan tag interface.

ip link add link eth0 name eth0.8 type vlan id 8

set ip on interface.

ip addr add 192.168.50.5 dev eth1

remove ip address.

ip addr del 192.168.50.5/24 dev eth1

enable interface

ip link set eth1 up

ipcalc

ipcalc -n 192.121.85.96/27 -m

iperf

start server on client A.

iperf -s

start measure from the other host. Limit bandwidth to 10k.

iperf -c 10.20.30.40 --bandwidth 10K

ipmitool

What is the power consumtion of dell server.

ipmitool -I lanplus -H 127.0.0.1 -U root -P calvin delloem powermonitor

iptables

Show iptables OUTPUT, PREROUTING and POSTROUTING

iptables --table nat --list --exact --verbose --numeric --line-number

Dnat to localhost.

iptables -t nat -I PREROUTING --source 131.115.115.53 -p tcp --dport 22 -j REDIRECT --to-ports 222
iptables -t nat -I OUTPUT --source 131.115.115.53 --destination 127.0.0.1 -p tcp --dport 22 -j REDIRECT --to-ports 222

Flush all rules.

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

Block

iptables -A OUTPUT -p tcp -d 131.115.248.82 --dport 8080 -j DROP
iptables -A OUTPUT -p tcp -d 131.115.248.82 --dport 8080 -j REJECT

Block outgoing mail

iptables -A OUTPUT -p tcp --dport 25 -o $INTERFACE -j REJECT

Block all traffic except ssh in/out log to syslog.

iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
iptables -A INPUT -m tcp -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -m tcp -p tcp --sport 22 -j ACCEPT 
iptables -A INPUT -m state --state NEW -m tcp -p tcp -j LOG --log-level info --log-prefix "dropped-in"
iptables -A OUTPUT -m tcp -p tcp --dport 22 -j ACCEPT 
iptables -A OUTPUT -m tcp -p tcp --sport 22 -j ACCEPT 
iptables -A OUTPUT -m state --state NEW -m tcp -p tcp -j LOG --log-level info --log-prefix "dropped-out"

irc

Close private messages

/window close

Close public messages

/window close

Close a query

/q

jmtpfs

Mount disk

jmtpfs /mnt/mtp

Umount disk

fusermount -u /mnt/mtp

john

Test performance

john -test

Recover passwords with password list.

john -wordlist:password.lst passfile.txt

journalctl

View log from last day.

journalctl --since yesterday

List all units.

systemctl list-unit-files

jpegtran

# to lossless cut a file.
jpegtran -crop 700x400+2150+1500 2012-05-19_20-39-35.jpg > /photos/Sweden/2012/2012-05-19/2012-05-19_20-39-35.jpg
# Rotate counter clockwise.
jpegtran  -copy all -rotate 270 2012-08-18_15-06-43.jpg > 2012-08-18_15-06-43_270.jpg

jq

how many stores are actually in there:

$ cat file.json | jq 'length'
1134

retrieves the “name” field of each element of the input array.

cat file.json | jq '.[] | .name'
"Graz"
"Baden"
"Zürich"
...

Give us first store.

jq '.[0]'

Select specific fields

jq '.[] | {eta: .eta, ticketID: .ticketID}'

Select specific files shortended.

jq '.[] | {eta, ticketID}'

keyboard

keymaps 
dumpkeys
loadkeys sv-latin1
loadkeys us
setxkbmap en
setxkbmap -layout se -variant nodeadkeys

reset corrupt keyboard after using vmware.

setxkbmap

kill

suspend/resume a jobb.

# kill -STOP PID
# kill -CONT PID

kpartx

# Create device files from disk image.
sudo kpartx -av disk_image.raw 
add map loop0p1 (252:2): 0 3082240 linear /dev/loop0 2048
add map loop0p2 (252:3): 0 17887232 linear /dev/loop0 3084288
# Mount device files.
sudo mount /dev/mapper/loop0p2 /mnt
#Unmount what you mounted and remove the device mapping:
sudo umount /mnt
sudo kpartx -d disk_image.raw

lastb

Show failed ssh logins.

lastb

locale

To show 24 hour format.

LC_ALL=C

localectl

Change keyboard.

localectl list-keymaps
localectl set-keymap se-nodeadkeys
localectl set-x11-keymap se-nodeadkeys

lock

locking keyboard under linux.

lock-keyboard-for-baby

logging

bash create log.

#!/bin/bash
exec > /logfile

alternative

exec 2>/tmp/log

Read logs on system.

tail -f $(lsof | grep log$ |awk '{ print $NF }' | sort -u |xargs)

losetup

Create loopback devices for partitions in image

losetup -P /dev/loop2 harddrive.img

ls

ls -la --time-style="+%Y-%m-%d %H:%M:%S" *.3gp

List processes in epoch date

( cd /proc; ls -rtd --full-time --time-style=+%s [0123456789]*; )

List memory modules.

lshw -C memory

lshw

Is cpu 32 or 64bit.

lshw -class processor

lsof

List recurivly all process that have a path open.

lsof +D /apps/

mail

command line mail with changed from

echo message | mail -s Subject -r from@inter.net reciever@inter.net

command line mail with changed from with attachment

echo message | mail -s Subject -r from@inter.net -a /attach.ment reciever@inter.net

man

man correct caracters.

LANG=C man passwd

man clean for output to file.

man [manual] | col -b > file.txt

mbr

backup mbr.

# dd if=/dev/sdX of=/temp/sdx-mbr bs=512 count=1

restore mbr

# dd if=/temp/sdx-mbr of=/dev/sdX bs=446 count=1

mkfs

Create fat32 file system.

mkfs.vfat -F 32 /dev/sdc1

mogrify

Resize, crop... a file. Removes original.

mogrify -resize 800 *.jpg

mount

Mount a temporary ram partit

mount -t tmpfs tmpfs /mnt -o size=1024

Mount a cift filesystem and change ower on mountpoint.

mount.cifs -o credentials=/home/user/cifs.credentials,gid=1004,uid=1004 //server/c$ /mnt/cifs

Disallow normal user to ps. If not belonging to gid 1001.

  • /etc/fstab
proc                    /proc                   proc    defaults,hidepid=2,gid=1001        0 0

movgrab

List available formats

movgrab -T http://youtu.be/ucivXRBrP_0

Get version listed.

movgrab -f mp4:1920x1080 http://www.youtube.com/v/ucivXRBrP_0

mplayer

mplayer in ascii mode.

mplayer -monitoraspect 4:3 -vo aa LinaFreestyler.avi

mplayer on second soundcard.

mplayer -ao oss:/dev/dsp *.mp3
mplayer -ao alsa:device=hw=0.0 *.mp3

Or, to specify a non-default (secondary) device either of the following commands can be used.

mplayer -ao oss:/dev/dsp1 *.mp3
mplayer -ao alsa:device=hw=1.0 *.mp3

play from v4l

mplayer -tv device=/dev/video:driver=v4l:input=1:width=640:height=480:norm=ntsc:adevice=/dev/dsp tv://1 -zoom -aspect 4:3
mplayer -fps 15 tv:// -tv driver=v4l2:width=640:height=480:device=/dev/video0play hdv material.
mplayer -monitoraspect 16:9 -vf pp=lb

play dvd image.

mplayer dvd://1 -dvd-device DVD.iso

play h264 webcam

mplayer -fps 24 tv:// -tv driver=v4l2:width=1920:height=1080:device=/dev/video0:outfmt=0x34363248 -aspect 16:10 -fs

play mjpeg webcam

mplayer -fps 24 tv:// -tv driver=v4l2:outfmt=mjpeg:width=1920:height=1080:device=/dev/video0 -aspect 16:10 -fs

play mp3 in different speed keep pitch.

mplayer -speed 1.5 -af scaletempo /mp3/music.mp3
# list chapters.
mplayer dvd://1 -dvd-device /dev/sr0 -identify -novideo -nosound 
# dump chapters.
mplayer -dvd-device /dev/sr0 dvd://3 -dumpstream -dumpfile 3.vob

MP4Box

Combine mp4 files

MP4Box -add file1.mp4 -add file2.mp4 output.mp4

mtr

ping and traceroute combined.

mtr -rc 10 www.googe.com
  1. Generate report.
mtr --report --report-cycles 10 www.google.com > google_net_report.txt

mutt

Put the followin in .muttrc to change From.

set realname="Joe User"
set from="user@host"
set use_from=yes

command line mail with attachment

mutt -s subject -a syslogs.tar.gz admin@domain.org < /dev/null

Change sender from command line.

export EMAIL=address@inter.net && mutt -s "Subject Test" anden@halfface.se < /dev/null
echo "Test message" | mutt -s "Subject test" -e "set realname=\"Real Name\"" -e "set from=\"anden@halfface.se\"" -e "set use_from=yes" anden@halfface.se

Change envolope from

export REPLYTO=email@inter.net
export EMAIL=email@inter.net
echo "email@inter.net testing" | mutt -e "set envelope_from=yes" email@inter.net -a /tmp/attachment

oneliner

export EMAIL=email@inter.net;export REPLYTO="${EMAIL}";echo "email@inter.net testing" | mutt -e "set envelope_from=yes" email@inter.net -a /tmp/attachment 
export EMAIL=email@inter.net;export REPLYTO="${EMAIL}";echo "${EMAIL} testing on ${HOSTNAME}" | mutt -e "set envelope_from=yes" -s "${EMAIL} testing on ${HOSTNAME}" "${EMAIL}"

Dont trigger out of Out Of Office reply.

echo "email@inter.net testing" | mutt -e "unignore list-id" email@inter.net

nc (netcat)

  • Check communication.

listen on port 3333.

nc -l 3333

talk to port 3333.

nc 192.168.0.1 3333
  • Transfer data.

Cat file, calculate size listen on port 3333.

cat backup.iso | pv -b | nc -l 3333

Receive file.

nc 192.168.0.1 3333 | pv -b > backup.iso
  • Setup telnet server
nc -L -l -p1234 -d -e cmd.exe
  • Test connection.
nc -w2 -znv 10.1.22.31 7222
  • tunnel

On the server, we open a listener on the TCP port 6667 which will forward data to UDP port 53 of a specified IP. If you want to do DNS forwarding like me, you can take the first nameserver's IP you will find in /etc/resolv.conf - in this example, this is 192.168.1.1. But first, we need to create a fifo. The fifo is necessary to have two-way communication between the two channels. A simple shell pipe would only communicate left process' standard output to right process' standard input.

mkfifo /tmp/fifo
nc -l -p 6667 < /tmp/fifo | nc -u 192.168.1.1 53 > /tmp/fifo
  • Dont eat up standard output.
nc -v --send-only --recv-only localhost 22

Talk to pop3 server over ssl.

nc --ssl mail.tele2.se 995

net

Start service via samba.

net rpc service start ipremote -I 172.17.255.99 -U 'domain/user%password'

netstat

Look at network connections. tcp/ip4.

netstat -4anpt

nmap

Scan for open ssh ports.

nmap -p 22 --open -sV 10.0.0.*
  1. Syn scan.
nmap -P0 -sS -p1023 www.halfface.se
  1. Ping scan.
nmap -sn -n 10.127.254.1-254
  1. Which chippers are allowed.
nmap --script ssl-enum-ciphers -p 465 www.halfface.se

nmcli

manage network from cli

http://fedoraproject.org/wiki/Networking/CLI

Connect to a configured connection by name

nmcli connection up WireLess

Disconnection by name

nmcli connection down Wireless

Connect to remembered network.

nmcli con up '[-_-] halfface 5' 

List available wireless networks.

nmcli device wifi list

Generate list of available wireless networks.

nmcli device wifi rescan

Creaete connection for wireless network.

nmcli device wifi connect Bredband password P4ssM0rd

List networks on specific interface.

nmcli device wifi list ifname wlp0s18f2u4

Disconnect network interface.

nmcli device disconnect wlp0s18f2u4

nohup

Start binary under nohup and tail log.

nohup ./run.sh & sleep 1 ; tail -1000f nohup.out

ntfs-3g

mount ntfs filesystem. read and write.

yum install fuse fuse-libs ntfs-3g
mount /dev/sda1 /media/c_drive -t ntfs-3g -r -o umask=0222,locale=en_US
mount /dev/sda1 /media/c_drive -t ntfs-3g -rw -o umask=0000,locale=en_US
fstab read and write.
/dev/sda3   /media/e_drive     ntfs-3g    ro,defaults,umask=0222 0 0
/dev/sda1   /media/c_drive     ntfs-3g    rw,defaults,umask=0000 0 0

numbers

series of numbers

bash:
echo {1..10}

nwipe (dban)

Wipe your disk

nwipe --nogui --nowait --autonuke /dev/sdb

omping

multicast ping

 omping -c10 10.111.222.118 10.111.222.121

pam_tally2

Configured here.

/etc/pam.d/password-auth:auth        required      pam_tally2.so file=/var/log/tallylog onerr=fail per_user deny=6 no_magic_root

What is status from account?

pam_tally2 --user=user1
Login           Failures Latest failure     From
user1             8    04/20/15 11:39:54  192.168.1.1

paste

Combine to files to one in multiple column. Replace tab with spaces.

paste /tmp/check_name_nagios /tmp/filename | column -t -s $'\t'

patch

Update release area Windows.

servicepack.exe -s:z:\w2k3

pcregrep

Multiline grep

pcregrep -M 'pattern: line1\nPattern lin2' /temp/files_*

pidof

which pids has a program stared. Find pid.

ping

Ping ipv6 loopback

ping6 ::1 -c1

Ping ipv6 broadcast

ping6 ff02::1%2 | cut -d\  -f4

pgrep

Grep any processlines including 1066

pgrep -lf 1066

pmap

Look at memory usage of process.

sudo pmap 2258

postfix

remove mails in queue.

mailq 2>&1 | grep ^[A-F0-9] | awk '{print $1}' | postsuper -d -

postgres

Connect to remote database:

export PGPASSWORD=password && psql --host=10.111.222.1 --port=5492 --username=user --no-password postgres

List databases.

SELECT datname FROM pg_database;

printscreen

import -window root test.png

/proc

  • /proc/meminfo

MemTotal — Total amount of physical RAM, in kilobytes.

MemFree — The amount of physical RAM, in kilobytes, left unused by the system.

Buffers — The amount of physical RAM, in kilobytes, used for file buffers.

Cached — The amount of physical RAM, in kilobytes, used as cache memory.

SwapCached — The amount of swap, in kilobytes, used as cache memory.

Active — The total amount of buffer or page cache memory, in kilobytes, that is in active use. This is memory that has been recently used and is usually not reclaimed for other purposes.

Inactive — The total amount of buffer or page cache memory, in kilobytes, that are free and available. This is memory that has not been recently used and can be reclaimed for other purposes.

HighTotal and HighFree — The total and free amount of memory, in kilobytes, that is not directly mapped into kernel space. The HighTotal value can vary based on the type of kernel used.

LowTotal and LowFree — The total and free amount of memory, in kilobytes, that is directly mapped into kernel space. The LowTotal value can vary based on the type of kernel used.

SwapTotal — The total amount of swap available, in kilobytes.

SwapFree — The total amount of swap free, in kilobytes.

Dirty — The total amount of memory, in kilobytes, waiting to be written back to the disk.

Writeback — The total amount of memory, in kilobytes, actively being written back to the disk.

Mapped — The total amount of memory, in kilobytes, which have been used to map devices, files, or libraries using the mmap command.

Slab — The total amount of memory, in kilobytes, used by the kernel to cache data structures for its own use.

Committed_AS — The total amount of memory, in kilobytes, estimated to complete the workload. This value represents the worst case scenario value, and also includes swap memory.

PageTables — The total amount of memory, in kilobytes, dedicated to the lowest page table level.

VMallocTotal — The total amount of memory, in kilobytes, of total allocated virtual address space.

VMallocUsed — The total amount of memory, in kilobytes, of used virtual address space.

VMallocChunk — The largest contiguous block of memory, in kilobytes, of available virtual address space.

HugePages_Total — The total number of hugepages for the system. The number is derived by dividing Hugepagesize by the megabytes set aside for hugepages specified in /proc/sys/vm/hugetlb_pool. This statistic only appears on the x86, Itanium, and AMD64 architectures.

HugePages_Free — The total number of hugepages available for the system. This statistic only appears on the x86, Itanium, and AMD64 architectures.

Hugepagesize — The size for each hugepages unit in kilobytes. By default, the value is 4096 KB on uniprocessor kernels for 32 bit architectures. For SMP, hugemem kernels, and AMD64, the default is 2048 KB. For Itanium architectures, the default is 262144 KB. This statistic only appears on the x86, Itanium, and AMD64 architectures.

ps

Process list in tree view.

ps axfww

Process sort by cpu usage.

ps auxwww --sort -%cpu | head

How long has process been running.

ps -p 1 -o etime=

Process list sorted after memory usage.

ps aux --sort=size

Process show memory usage... sort...

ps axo rss,%cpu,pid,euser,cmd | sort -nr | head -n 10 | less -ISRM

Process sort by mem usage.

ps auxwww --sort -rss | head

Processes sorted by time running.

ps -aux --sort -time

Processes sorted by time started

ps -auxwww --sort=start_time

pulseaudio

  1. Is pulseaudio running?
ps uxawww| grep -E pulseaudi[o]
  1. stop pulseaudio
pulseaudio -k
  1. start pulseaudio as found by ps | grep pulseaudio
/usr/bin/pulseaudio --start --log-target=syslog

putty

set up tunnel

putty -load blt.homeip.net -l bjorklun -pw password -L 19242:192.168.0.42:3389 blt.homeip.net

pv

throughput in pipe. speed.

pv
pv -cN

readpst

output pst file in separate files in out directory

readpst -S -o out/ outlook.pst

rename

Recursive lowercase to uppercase

for i in $(find * -depth); do (mv $i $(echo $i | sed 's%[^/][^/]*$%%')$(echo $i | sed 's!.*/!!' | tr [:upper:] [:lower:])); done

reposync

reposync -n -c /etc/yum/yum.conf -p /repos/centos6 -d -r base -r updates -r extras -r centosplus -r contrib
createrepo -g /repos/centos6/base/repodata/comps.xml /repos/centos6/base
createrepo /repos/centos6/updates
createrepo /repos/centos6/extras
createrepo /repos/centos6/centosplus

halfface -> sync repo. -d delete what is not on remote, -n only newest version, -p store here, -r which repos to sync

reposync -d -n -p /install/system/linux/fedora/24/repo/ -r updates -r fedora -r rpmfusion-free -r rpmfusion-free-updates -r rpmfusion-nonfree -r rpmfusion-nonfree-updates

halfface -> create repository

REPODIR=/install/system/linux/fedora/24/repo ; for REPO in $(cd $REPODIR; ls) ; do echo $REPO ; createrepo_c ${REPODIR}/${REPO} ;done

reboot

Hard reboot mean that shutdown scripts will not run and machine reboot immediately without syncing hard disk drives, shutdown applications etc.
echo 1 > /proc/sys/kernel/sysrq
echo b > /proc/sysrq-trigger
This commands enable sysrq and after this call fast reboot. If you want to force shutdown machine try this.

Force shutdown

echo 1 > /proc/sys/kernel/sysrq 
echo o > /proc/sysrq-trigger

rfcomm

list usb devices

hcitool scan

What properties does the device have.

sdptool browse 00:0D:B5:30:07:79

connect bluetooth device virtual servial.

rfcomm bind /dev/rfcomm0 00:0D:B5:30:07:79 1

rkhunter

Run rkhunter full scan no keypresses needed

sudo rkhunter --checkall --skip-keypress -x

Update database

sudo rkhunter --propupd

route

The route to a network is behind 10.111.222.7

route add -net 10.111.223.0 netmask 255.255.255.0 gw 10.111.222.7

Add default route

route add default gw 192.168.122.1

Permanent route under redhat

/etc/sysconfig/static-routes
any net 198.18.129.0/24 gw 10.240.175.12

/etc/sysconfig/network-scripts/route-eth1

1.2.3.4/23 via 1.2.3.1

rpm

List capabilities on which this package depends. Point to rpm.

rpm -q -R -p freenx-server-0.7.3-27.fc17.x86_64.rpm

install src.rpm

rpmbuild --rebuild alien-6.51-1.src.rpm
rpm -i /usr/src/redhat/RPMS/x86_64/alien-6.51-1.rpm

List contents of rpm.

rpm -qlp myfile.rpm

List information about non installed rpm.

rpm -qip foo.rpm

Extract contents of rpm.

rpm2cpio *.rpm | cpio -i --make-directories

Which version of rpm is installed. /etc/rpm/macros ~/.rpmmacros

%_query_all_fmt         %%{name}-%%{version}-%%{release}.%%{arch}

list architecture

rpm -qa --qf "%{n}-%{v}-%{r}.%{arch}\n"

List only name of installed rpms.

rpm -qa --qf "%{NAME}\n"

Extract rpms in subdirectories.

for RPM in $(ls *|sed 's_\.rpm$__g');do echo $RPM; mkdir $RPM; rpm2cpio $RPM.rpm | (cd $RPM && cpio -i --make-directories);done

Verify content of rpm

rpm -V package
# What does those cryptic letters mean from rpm -V:
S file Size differs
M Mode differs (includes permissions and file type)
5 MD5 sum differs
D Device major/minor number mismatch
L readlink(2) path mismatch
U User ownership differs
G Group ownership differs
T mTime differs

Reinstall rpm

rpm -iv --replacepkgs package.rpm

Dependencies of rpm

rpm -qpR {.rpm-file}
rpm -qR {package-name}

rsync

Syncronize folders. Delete non existing files on remote host. Compress.

rsync --delete -az -e ssh bjorklun@semco.homeip.net:/install/program/windows/

Syncronize files over ssh on port 2222. Show progress. Syncronize even empty directories.

rsync -Pae 'ssh -p 2222' localhost:/opt/techops/bin/ /opt/techops/bin/

Run rsync in both ends but transfer data with normal user.

sudo rsync -aP /tmp/andreas/ andreasbj@localhost:/tmp/andreas2/ --rsync-path='sudo rsync'

rsync with limit of 8 MB/s.

rsync -aP --bwlimit=8000 /source/ /destination/

rsync excluding directory

rsync -r --exclude=.svn /source/ /destination/

rsync including selinux information.

rsync -aPX /source /destination

rsync don't keep links. Copy files referenced.

rsync -rLP /source/ /destination

Record which files to sync.

rsync -r -ptgo --delete -P --size-only -n www.halfface.se:/mp3/ /mp3/ -n | tee /temp/mp3_$(date +%Y-%m-%d)_diff.txt

sar

Old sar information.

sar -f /var/log/sa/sa25 -s 00:00:00 -e 23:59:00

load average.

sar -q -f /var/log/sa/sa25 -s 00:00:00 -e 23:59:00

All information.

sar -A -f /var/log/sa/sa25 -s 00:00:00 -e 23:59:00

View network statistics.

LANG=c sar -n DEV | grep eth0

realtime summary.

sar 4 5

search&replace

perl

grep -rsl '10.6.4.102' * | xargs perl -pi -e 's/10.6.4.102/10.6.4.103/'

sed

find . -type f -exec sed -i 's/string1/string2/g' {} \;

Grep for regexp starting with CN= and stop at first occurrence of ,. not greedy

grep -oE 'CN=[^,]*,'

setfacl

Add rwx permission for user_name recursivly from /directory

setfacl -Rm u:user_name:rwx /directory

shred

Recurse remove dir

find /tmp/secret -type f -exec shred {} \;

shuf

Pick random line in file.

shuf -n1 /file

sms

Mail to sms gateway.

tele2
07XXXXXXXX@sms.tele2.se
Comviq
467xxxxxxxx@sms.comviq.se
Europolitan
4670xxxxxxx@europolitan.se

snmptrap

# send more than one string.
snmptrap -v 2c -Ci -u user -c community localhost "" .1.3.6.1.4.1.5089.1.0.1 1 s "This is the first string" 2 s "This is the second string"
snmptrap -v 2c -Ci -u user -c community localhost  .1.3.6.1.4.1.5089.1.0.1 1 s "This is the first string" 2 s "This is the second string"
snmptrap -v 2c -c xxxxxxx localhost  .1.3.6.1.4.1.5089.1.0.1 .1.3.6.1.4.1.5089.2.0.999 s "Hej Hej"

snmptrapd

# Enable logfile. /etc/sysconfig/snmptrapd
OPTIONS="-Lf /var/log/snmptrapd.log"
# Disable authorization and put in logfile. /etc/snmp/snmptrapd.conf
disableAuthorization yes
authCommunity log public

snmpwalk

Get information from an oid.

snmpwalk -v 1 -c public snmp.device.net .1.3.6.1.4.1.2021.84

Do tcpdump while running.

tcpdump -i eth0 -n -s0 -v host snmp.device.net and port snmp

sort

Sort ip address.

sort -t. +0n -1 +1n -2 +2n -3 +3n -4
sort -t . -k 1,1n -k 2,2n -k 3,3n -k 4,4n

sort on fift column

sort -t, -k5n,5 /tmp/gfp

Get a list of configured ip for a set of hosts. Sort on domain then hostname

pdsh ^/host_list 'ip route get 8.8.8.8 | awk "NR==1 {print \$NF}"' | sort -t . -k 2 -k 1

Sort on first column only.

sort -n -k 1,1

spawn

Encode wav to ogg in parallel.

 # ls -1 *.wav | while read ; do echo "oggenc -q6 \"$REPLY\"" ; done | spawn -j4

split

Devide file into parts containing 100 lines.

split -l 100 create_updated_2013-10-29_sort_created_ci_id_name.txt --numeric-suffixes --suffix-length=3 Cleanup.

Devide file in 10 parts. Suffix length 4.

split -n 10 -a 3 bigfile.tar.gz

sqlplus64

Connect to oracle database.

sqlplus64 user/password@hostname

Connect to oracle database non standard port.

sqlplus64 -L user/password@"(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=10.111.222.1)(PORT=1523))(CONNECT_DATA=(SID=SIDDATABASE)))"

Connect to oracle database non standard port as sysadm.

sqlplus64 -L user/password@"(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=10.111.222.1)(PORT=1523))(CONNECT_DATA=(SID=SIDDATABASE)))" AS SYSDBA

View databases. You can think of a mysql "database" as a schema/user in Oracle. If you have the privileges, you can query the DBA_USERS view to see the list of schemas.

SELECT DISTINCT OWNER FROM ALL_OBJECTS;

Name of database.

SELECT NAME FROM v$database;

ssh

Automated login on a user basis via ssh.

ssh-keygen -t dsa                    Generate personal ssh keys.
cat id_dsa.pub >> authorized_keys   Copy your personal ssh key to all machines.
chmod 644 ~/.ssh/authorized_keys    Verify correct access on files.
ssh andreasbj@www.halfface.se "cat >> ~/.ssh/authorized_keys" <  /home/andreasbj/.ssh/id_dsa.pub

Copy public key to authorized_keys

ssh-copy-id user@host

Tunnel

sudo ssh -nNTx -R 2222:localhost:22 andreasbj@www.halfface.se

Reverse tunnel.

ssh -D \*:666 www.halfface.se
ssh -N ipmon10.ny1.ip-soft.net -L43389:ippc01.ongame.ip-soft.net:3389
-n	Dont take console. Good for background.
-N	Do not execute a remote command
-T	Disable pseudo-tty allocation.
-x	Disables X11 forwarding.
-R port:host:hostport
sudo ssh -N -L 2222:www.halfface.se:22 www.halfface.se
sudo ssh -nNTx -R 2222:www.halfface.se:22 www.halfface.se
sudo ssh -nNTx -R 443:satellite.ongame.com:443 root@10.0.254.30 # Tunnel 443 over ssh from remote host via local host.

Open tunnel on remote host. Start remote proxy server forwarding to internal network.

ssh remotehost -R remoteport:localhost:localport "ssh -D 9050 localhost:remoteport"

Multiple reverse tunnel controled by autossh. (-M)Control port,(-f)background, (-N) no remote command, reverse tunnel (-R)

autossh -M 41000 -f -N -R 0.0.0.0:8001:192.168.1.10:80 -R 0.0.0.0:8002:192.168.1.20:80 user@remotehost

reverse tunnel bound to all interfaces

The config has to allow to bind to * interface. /etc/ssh/sshd_config GatewayPorts yes

sudo ssh -i ${HOME}/.ssh/id_dsa -N -R \*:2222:localhost:22 ${USER}@www.halfface.se

Create an ssh tunnel link

https://help.ubuntu.com/community/SSH_VPN
echo 1 > /proc/sys/net/ipv4/ip_forward
vim /etc/ssh/sshd_config  PermitTunnel=yes
sudo ssh -NTCf -w 0:0 1.2.3.4
sudo ssh -v -w any:any www.halfface.se
###
local:
ip link set tun0 up
ip addr add 169.254.0.1/32 peer 169.254.0.2 dev tun0
ip route add 192.168.0/24 via 169.254.0.2
remote:
ip link set tun1 up
ip addr add 169.254.0.2/32 peer 169.254.0.1 dev tun1
arp -sD 169.254.0.2 eth1 pub
### Change default gateway. In this case, 192.168.0.1 is Machine B's current default gateway; it is the gateway on Network B that provides internet connectivity
ip route add 1.2.3.4/32 via 192.168.0.1
ip route replace default via 10.0.0.1

Limit ssh access with pam_access

/etc/security/access.conf

Proxycommand without nc

Host server1 10.0.1.1
 Hostname 10.0.1.1
 ProxyCommand ssh -q -x jumphost -W %h:22

mount filesystem over ssh

sshfs name@server:/path/to/folder /path/to/mount/point

ssh over ipv6 via 2 network interface.

ssh -6 fe80::1ec1:deff:fecb:6ce%2

ssh options

None interactive. Dont ask for password.

-o BatchMode=yes

Accept all keys.

-o StrictHostKeyChecking=no

jail

/etc/sshd/sshd_config

Match group mychroot ChrootDirectory /jail/ X11Forwarding no AllowTcpForwarding no

sshd debug

/etc/sysconfig/sshd

OPTIONS="-ddd"

sshuttle

create a network route over ssh.

sshuttle -D -r user@remotehost:2222 192.168.1.0/24

stat

View file permissions only.

stat -c "%a %n" /usr/bin/bash

Copy permissions from one location to another.

rpm -qlp package.rpm | while read FILE ; do echo chmod $(stat -c "%a" $FILE) \"$FILE\";done > /tmp/copy_permissions.sh

systemctl

init 3

systemctl isolate multi-user.target
systemctl set-default multi-user.target

init 5

systemctl isolate graphical.target
systemctl set-default graphical.target

When you have made changes to /etc/systemd/system/*.service

systemctl daemon-reload

Talk

Talks swedish.

espeak -v swedish -f /tmp/file

tar

Make a backup of a directory or disk.

server: tar -cpsf - $dir | pv -b | nc -l 3333
client: nc server 3333 | pv -b | tar -xpst -

Inline tar archive.

awk '/^__ARCHIVE_FOLLOWS__/ { print NR + 1; exit 0; }' $0
tail -n $0 > archive.tar # tail -n +347 Filename

tcpdump

dump trafic information, -e Print the link-level header on each dump line, -vvv verbose.

tcpdump -e -vvv port 21

dump all trafic to and from machine. -w write to file, -s0 size of package, host to listen from.

time tcpdump -w ssl_dump -s0 host test.x30.webservices.itsfogo.com

dump all trafic into files of max 100MB. 270MB in reality.

tcpdump -w snoop -s0 -C 100000000

dump all trafic. compress logfiles. Create 10 files which are 10 MB big. Dont convert numbers to names. Dont truncate frames create logfile with this name.

tcpdump -z gzip -i wlan0 -C 10 -W 10 -n -s0 -w /tmp/tcpdump.log

Which machines send a syn packet.

sudo tcpdump -nn -i eth0 'tcp[13] = 2'

Show information about all traffic on interface.

tcpdump -s0 -i eth1 -vv

Show information about communication over port 514

tcpdump -Xni any port 514

listen on port 1023 for incoming trafic. disable local subnets.

sudo tcpdump -n -i eth0 tcp and dst host 172.17.17.6 and not src net 172.17.17.0/24 and not src net 158.0.0.0/8 and 'port 1023'

listen after torrent traffic.

sudo tcpdump -Xni any portrange 6882-6999

View content of http trafic

sudo tcpdump -i any -A -s 1500 dst 89.253.75.84 and port 80

View post in utf-8 format.

sudo tcpdump -lnp -i any -A -s 1500 dst 89.253.75.84 and port 80 -w - | tr -t '[^[:print:]]' ''

Get cookie

tcpdump -i lo -A -l dst port 8000 |     grep "^Cookie: "
To create cookie for curl: https://xiix.wordpress.com/2006/03/23/mozillafirefox-cookie-format/

tcptraceroute

tcptraceroute -n -q 1 192.168.0.1 -p 22

tftp

# Download test.file
tftp -v 172.17.17.6 -c get test.file
# Upload file.
tftp -v 172.17.17.6 -c put /tmp/test.put test.put
# Enable upload file in in.tftpd
/etc/xinetd.d/tftp
server_args        = -c -s /var/lib/tftpboot

top derivates

apachetop
dnstop
iftop
latencytop

tibco

show permissions.

help permissions

Create user

create user surveillance "Surveillance user" password=surveillance

Grant user permission to view all

grant admin user=surveillance view-all

time

Time in a loop.

{ time sleep 2 >> ${LOG} ; } 2>> ${LOG}

How long did a command take

TIME=$( { /usr/bin/time -f "%e" sleep 1.5 ;} 2>&1 ) ; echo $TIME

timeout

limit waiting for a period.

timeout 2s sleep 100

tnef

List content of winmail.dat. Remove options to extract to current dir.

tnef -t -f winmail.dat

touch

touch -am 0910120003    Give a new access time on a file 0910120003MMDDhhmmyy

linux

touch -t 197102162324 *

tput

No line wraps

tput rmam

Line wraps

tput smam

invisible cursor

tput civis

visible cursor

tput cnorm

reset is a good command to reset shell

reset

tr

translate capital to lower letter.

tr '[:upper:]' '[:lower:]'

trickle

Speed limit for download

rsync -ae "trickle -d 80 ssh" user@host:/src/ /dst/

Speed limit for upload.

rsync -ae "trickle -u 80 ssh" user@host:/src/ /dst/

Limit wget to 64kbit upload and download.

trickle -d 64 -u 64 wget "https://www.halfface.se/file.txt"

tune2fs

tune2fs -m 0 /dev/sdb1

udevadm

Monitor udev events.

udevadm monitor

udr

rsync over udp.

udr -a 57621 -b 57631 rsync -rP host.inter.net:/source/ /destination/

unetbootin

Boot iso image from usb memory.

upower

# Powerstatus of the system. battery charge.
upower --dump

useradd

useradd --uid 666 --gid 666 --comment 'devil' devil && echo 'devil:VerySecretPassword' | chpasswd

v4l2

Video player

qv4l2

List available formatats and resolutions.

v4l2-ctl --list-formats-ext

List available formats

v4l2-ctl --list-formats

Set camera to h264

v4l2-ctl --set-fmt-video=width=800,height=448,pixelformat=1

Set framerate.

v4l2-ctl --set-parm=30

List video parameters

v4l2-ctl --get-fmt-video

List video output

v4l2-ctl --all

vi

:set ignorecase
:set list        show all keys.
:set nolist      show their representative.

vmstat

top over time.

vmstat -n 5

Description:

r=procs waiting for cpu time.
b=procs in sleep mode.
swpd=virtual memory in use in swap.
free=memory free.
buff=memory used by buffers
cache=memory used as cache.
si=swap in.
so=swap out.
bi=io block in.
bo=io block out.
in=interups
cs=contex switching.
us=cpu user space
sy=cpu system usage to serve.
id=cpu idle
wa=cpu waiting for input output. iowait.
st=cpu time stolen from a virtual machine
procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu-----
 r  b   swpd   free   buff  cache   si   so    bi    bo   in   cs us sy id wa st
 2  1 814984 167992  26820 999460    0    0     1     0 2467 5088  2  2 95  1  0   
 0  0 814984 168100  26820 999540    0    0     2   150 2467 5026  1  2 97  0  0

wget

wget -r -nH -np --cut-dirs=1 --no-check-certificate -U Mozilla --user={uname} --password={pwd} https://my-host/my-webdav-dir/my-dir-in-webdav

wget to standard output.

wget --no-check-certificate -S -O- http://inter.net

whois

# When does a domain expire.
whois -h whois.iana.org sivberg.se

wireshark

find packet
packet details
string

wodim

Burning disks.

wodim -scanbus    # Scan scsi bus for burners.
wodim --devices   # Discover basic information.
wodim -checkdrive # Information about burner.
wodim -tao speed=0 dev=/dev/sr0 -v -data /temp/files/                      # Burn disk containing structure from /temp/files/
wodim -eject  -tao speed=0 dev=/dev/scd0 -v -data /my/directory/image.iso   # Burn image to disc.

openssl

Grab the public key.

openssl s_client -connect www.halfface.se:443 </dev/null 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'

What does the ssl cert look like.

echo | openssl s_client -connect www.sslsite.com:443 | openssl x509 -noout -startdate -enddate -subject -issuer -nameopt RFC2253,sep_comma_plus_space

Connect to ssl server

echo hello | openssl s_client -connect www.halfface.se:8140

Connect to ssl server -cipher NULL,LOW

echo hello | openssl s_client -connect www.halfface.se:8140

Connect with openssl v3

openssl s_client -ssl3 -connect ipmon01.dupont:443

Connect with low security cipher

echo X | openssl s_client -cipher NULL,LOW -connect www.halfface.se:8140

PEM convert to DER

openconnect x509 -inform PEM -in /file.pem -outform DER file.der

p12 to cer

openssl pkcs12 -in infile.p12 -out outfile.cer -nodes

Extract p12 password protected keys in

openssl pkcs12 -in /file.p12 -passin file:/password -nokey -nodes -out /file.nokeys

Encrypt file

openssl aes-256-cbc -a -salt -in file -out file,encoded -passin file:passfile

Decrypte file

openssl aes-256-cbc -d -a -salt -in file -out file,encoded -passin file:passfile

Install new root ca

# Change to the directory:
cd /etc/pki/tls/certs
# Next download the College root certificate:
wget https://icca2.ic.ac.uk/certenroll/ic-root.crt
# Convert the certificate to PEM format:
openssl x509 -inform der -in ic-root.crt -out ic-root.pem
# Create a link with the certificate hash:
ln -s ic-root.pem `openssl x509 -hash -noout -in ic-root.pem`.0
# Create sha256 base64 encoded hash
openssl dgst -binary -sha256 | openssl base64
# Verify root ca.
openssl verify -CApath /etc/pki/tls/certs ic-inter-root.pem
icrootca.cer: OK

The server certificate is the first certificate returned, and will be PEM formatted. The CA certificate is the final certificate returned, and is also PEM formatted.

openssl': echo | openssl s_client -connect www.sslsite.com:443 -showcerts

Check ca store files.

find . -name '*.pem' | while read PEM ; do echo '###' ${PEM} '###';ls -la "${PEM}" ; set -x ; curl --cacert "${PEM}" https://site.test.net/index.htm.

Verify pop3 connectivity.

openssl s_client -crlf -connect mail.tele2.se:110 -starttls pop3
USER yiming
PASS foobar
LIST – lists the messages available in the user’s account, returning a status message and list with each row containing a message number and the size of that message in bytes
STAT – returns a status message, the number of messages in the mailbox, and the size of the mailbox in bytes
RETR [message_num] – returns the message identified by the message number, which is the same as the message number shown in the LIST command output
TOP [message_num] [n] – returns the top n lines of the message denoted by message number.
QUIT command will end the session.

xargs

locate case insensetive, regular expression. xargs string to replace imput. Print output to standard error.

locate -ir ".*\.crt$" | xargs -I '{}' -t cp {} /temp/ssl/

Do something on everything from standard input.

ls -la | xargs -i% echo '# beginning #' % '# end of line #'

xdotool

When you have to move your mouse but you dont want to push it.

xdotool mousemove_relative -- -1 -1
xdotool mousemove_relative 1 1

Send ab to window.

xdotool search --onlyvisible --name freerdp key a key b

xinput

# List xinputs.
xinput list
# List properties.
xinput list-props "Logitech Unifying Device. Wireless PID:400e"
# Middle button emulation.
xinput set-prop "Logitech Unifying Device. Wireless PID:400e" "Evdev Middle Button Emulation" 1

xset

Disable screen saver

xset -dpms ; xset s noblank ;xset s off

zip

Zip directory exclude files .svn directory.

zip -r /temp/ssl.zip . -x ".svn/*"

List contents of zip archive.

unzip -l archive.zip

zdump

View information from timezone tz.

zdump -v /etc/localtime