3 Steps to Perform SSH Login Without Password Using ssh-keygen & ssh-copy-id. Mycli. Python-keepassx — keepassx 0.1.0 documentation. KeePassX is a cross platform password manager. However, KeePassX is a desktop GUI application. That's where python-keepassx comes in. By using python-keepassx, you can access your passwords using a command line interface to KeePassX. You can also use the python library directly in your own python applications. Python-keepassx: simple, command line interface to your passwords. $ kp get github Password: title: GitHub username: jamesls url: notes: Password has been copied to clipboard. See the Getting Started Guide to start using python-keepassx now. What is this project and why should I care? Keepassx is a great password manager. What's a Password Manager?
We use things that require passwords. If you're following password best practices, you should not be using the same password for more than one site. That's where a password manager comes into play. I've never hard of KeePassx, what is it? KeePassX is a password manager. FreeCross platformOpen source Yes. SSH Can Do That? Productivity Tips for Working with Remote Servers | Smylers. SSH has many features which are helpful when working regularly with files on remote servers; together they can give a vast increase in productivity over the bare use of SSH. If you regularly use SSH, it’s worth spending a little time learning about these and configuring your environment to make your life easier. This has been presented at presented at Yapc Europe 2011 in Riga and the Floss UK Spring 2012 Conference in Edinburgh. If you’d like me to come and talk about this at your user group or workplace, please get in touch. Multiple Connections Often it’s useful to have multiple connections to the same server, for example to edit a file, run some file-system commands, and view a log file all in different terminal windows.
Fortunately OpenSSH has a feature which makes it much snappier to get another terminal on a server you’re already connected to: connection sharing. ControlMaster auto ControlPath /tmp/ssh_mux_%h_%p_%r What About Windows Users? Copying Files Repeated Connections $ ssh www2. MySQL SSH Tunnel mit autossh » Debian Root. MySQL SSH Tunnel mit autossh Warum ein SSH Tunnel eine gute Wahl ist um von einem Remote Client auf einen MySQL Server zuzugreifen habe ich in diesem Artikel beschrieben. Jetzt möchte ich zeigen wir man einen dauerhaften SSH Tunnel erstellt und ihn aufrecht erhält.
Zum Monitoring des Tunnels kommt autossh zum Einsatz und die Authentifizieren geschieht per PublicKey. Das System ist bei mir seit ca. 1 Monat im Einsatz und läuft seit dem Start problemlos. Auf beiden Servern wird ein unprivilegierter User für SSH Tunnel angelegt. In diesem Beispiel werden die folgenden beiden Server:Webserver (Alice) Alice ist der Initiator des Tunnels und möchte den MySQL Server auf Bob benutzen. MySQL Server (Bob) Dieser MySQL Server soll unter dem Port 3307 von Alice aus dauerhaft erreichbar sein.
MySQL Server auf Bob Auf Bob wird ein neuer User angelegt und der sshd so konfiguriert das dieser User sich per PublicKey Authentication anmelden kann. Webserver auf Alice Entfernen eines SSH Tunnels Auf Alice: Http - What is the cURL command-line syntax to do a POST request? The Debian Administrator's Handbook. Debian 10 Edition 1 Copyright © 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 Raphaël Hertzog Copyright © 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015 Roland Mas Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 Freexian SARL ISBN: 979-10-91414-19-7 (English paperback) ISBN: 979-10-91414-20-3 (English ebook) This book is available under the terms of two licenses compatible with the Debian Free Software Guidelines.
Creative Commons License Notice: This book is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. GNU General Public License Notice: This book is free documentation: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This book is published under a free license because we want everybody to benefit from it. Abstract. Cooking Infrastructure by Chef. Chef is a configuration management and automation platform from Chef. Chef helps you describe your infrastructure with code. Because your infrastructure is managed with code, it can be automated, tested and reproduced with ease. [fig:cheflogo] Chef is a configuration management tool written in Ruby and Erlang. It uses a pure-Ruby, domain-specific language (DSL) for writing system configuration <<recipes>>.
The user writes <<recipes>> that describe how Chef manages server applications (such as Apache, MySQL, or Hadoop) and how they are to be configured. Traditionally, Chef is used to manage GNU/Linux but later versions support running on Windows as well. What are the core principles? Idempotence A recipe can run multiple times on the same system and the results will always be identical. Thick Clients, Thin Server Chef does as much work as possible on the node and as little as possible on the server. Order Matters Why you should use Chef? There are several reasons for using Chef: Summary ! !. ! ... Rsync hack to bounce files between two unconnected servers. LuRsT/hr. Defining host aliases in your SSH config - makandropedia.
Scrap the SCP. How to copy data fast using pigz and nc « Intermediate SQL. Have you ever heard that the speed of the system is determined by its slowest component ? I am made painfully aware of that every time I do data migrations. I.e. it doesn’t matter if you have 64 core systems with 100+ Gb of memory on either end if the majority of time is spent waiting for data to trickle across a slow 1 Gb network link.
Watching data trickle for hours, while the rest of the system is doing nothing is a pretty frustrating experience. But limitations breed creativity … so lately, I’ve been experimenting with several different copy techniques to see if there is any way transfer speed can be improved, perhaps using some of the idle capacity to speed things up. Here is the short summary of my experiments (transferring 16Gb ORACLE data file across the WAN), which I summarized as a “speed and effect comparison” table. And here is the longer explanation if you are really interested Copying data using SCP > scp /u02/databases/mydb/data_file-1.dbf remote_host:/u02/databases/mydb Yes.
Installing Nginx With PHP5 (And PHP-FPM) And MySQL Support (LEMP) On Debian Wheezy. Version 1.0 Author: Falko Timme <ft [at] falkotimme [dot] com> Follow me on Twitter Last edited 05/27/2013 Nginx (pronounced "engine x") is a free, open-source, high-performance HTTP server. Nginx is known for its stability, rich feature set, simple configuration, and low resource consumption. This tutorial shows how you can install Nginx on a Debian Wheezy server with PHP5 support (through PHP-FPM ) and MySQL support (LEMP = L inux + nginx (pronounced " e ngine x") + M ySQL + P HP) .
I do not issue any guarantee that this will work for you! 1 Preliminary Note In this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100 . 2 Installing MySQL 5 In order to install MySQL, we run apt-get install mysql-server mysql-client You will be asked to provide a password for the MySQL root user - this password is valid for the user root@localhost as well as root@server1.example.com , so we don't have to specify a MySQL root password manually later on: 3 Installing Nginx.
Linux Disable Core Dumps. Only software developers legitimately need to access core files and none of my production web server requires a core dump. How do I disable core dumps on Debian / CentOS / RHEL / Fedora Linux to save large amounts of disk space? A core dump file is the memory image of an executable program when it was terminated by the operating system due to various error behavior. To disable core dumps for all users, open /etc/security/limits.conf, enter: # vi /etc/security/limits.conf Make sure the following config directive exists: * hard core 0 Save and close the file. Once a hard limit is set in /etc/security/limits.conf, the user cannot increase that limit within his own session.
Add fs.suid_dumpable = 0 to /etc/sysctl.conf file: # echo 'fs.suid_dumpable = 0' >> /etc/sysctl.conf # sysctl -p This will make sure that core dumps can never be made by setuid programs. 5 simple ways to troubleshoot using Strace. 2008-06-10 I keep being surprised how few people are aware of all the things they can use strace for. It's always one of the first debug tools I pull out, because it's usually available on the Linux systems I run, and it can be used to troubleshoot such a wide variety of problems. Strace is quite simply a tool that traces the execution of system calls. In its simplest form it can trace the execution of a binary from start to end, and output a line of text with the name of the system call, the arguments and the return value for every system call over the lifetime of the process.
But it can do a lot more: It can filter based on the specific system call or groups of system callsIt can profile the use of system calls by tallying up the number of times a specific system call is used, and the time taken, and the number of successes and errors.It traces signals sent to the process.It can attach to any running process by pid.
If you've used other Unix systems, this is similar to "truss". Ah. Software >> sslsniff. Some History This tool was originally written to demonstrate and exploit IE's vulnerabilityto a specific "basicConstraints" man-in-the-middle attack. While Microsoft has since fixed the vulnerability that allowed leaf certificates to act as signing certificates, this tool is still occasionally useful for other purposes. It is designed to MITM all SSL connections on a LAN, and dynamically generates certs for the domains that are being accessed on the fly. The new certificates are constructed in a certificate chain that is signed by any certificate that you provide. The New Scoop Version 0.6 has been significantly updated to additionally support the null-prefix attacks that I demonstrated at BlackHat 09 and Defcon 17.
Sslsniff has also been updated to support the OCSP attacks that I published at Blackhat 09 and Defcon 17, thus making the revocation of null-prefix certificates very difficult. Sslsniff is useful for deploying other vulnerabilities as well. Installing sslsniff Running sslsniff. Find & Replace across multiple files in linux | Rushi's Ramblings. Here’s the post on my new blog – Below is an older version of the post: I was trying to find a solution todo a find & replace across multiple files which was purely command line based.
There are plenty of scripts out there which will accomplish this but I needed a single line command. After some google searches and some experimentation I came up with this snippet. find . -name "*.php" -print | xargs sed -i 's/foo/bar/g' It looks a bit complicated but its quite simple. Find . This pretty much covers the core of the find & replace command. Resources: Like this: Like Loading... Jamie's PS1 collection, and how to customize your bash prompt / Jamie Wilkinson. Sed - An Introduction and Tutorial. Last modified: Mon Dec 2 16:50:13 2019 Table of Contents Note - You can click on the table of contents sections to jump to that section. Then click on the section header of any section to jump back to the table of contents. Copyright 1994, 1995 Bruce Barnett and General Electric Company Copyright 2001,2005,2007,2011,2013 Bruce Barnett All rights reserved You are allowed to print copies of this tutorial for your personal use, and link to this page, but you are not allowed to make electronic copies, or redistribute this tutorial in any form without permission.
Original version written in 1994 and published in the Sun Observer Introduction to Sed How to use sed, a special editor for modifying files automatically. There are a few programs that are the real workhorse in the UNIX toolbox. One way to think of this is that the old, "classic" version was the basis of GNU, FreeBSD and Solaris verisons of sed. The Awful Truth about sed Sed is the ultimate stream editor. Anyhow, sed is a marvelous utility. . Swap. Dieser Artikel wurde für die folgenden Ubuntu-Versionen getestet: Dieser Artikel ist größtenteils für alle Ubuntu-Versionen gültig. Zum Verständnis dieses Artikels sind folgende Seiten hilfreich: Linux (wie auch so gut wie alle anderen Betriebssysteme) versucht, die Betriebssystemkomponenten, aktuell benötigte Programmdaten etc. möglichst komplett im RAM (Arbeitsspeicher) zu halten, da der Zugriff auf das RAM deutlich schneller ist als auf Datenträger wie Festplatte, CD, USB-Stick usw.
Nun kann es aber vorkommen, dass das komplette RAM voll ist, weil z.B. (sehr) viele Programme gleichzeitig geöffnet sind. An dieser Stelle beginnt der Linux-Kernel, RAM frei zu machen, indem er Teile der im RAM gespeicherten Daten auf die Festplatte schreibt. Werden die Daten wieder benötigt, so werden diese wieder ins RAM geladen und andere im Moment nicht benötigte Daten werden in den Swap geschrieben. Swapgröße Swap anlegen Swap-Partition nachträglich erstellen Achtung! /dev/xxxx none swap sw 0 0 ausführen. How to: Editor VIM als Entwicklungsumgebung nutzen. Der Begriff VIM steht für Vi IMproved und gilt als Erweiterung für den vi-Editor auf UNIX-Systemen. Auf modernen Systemen wie den Linux-Derivaten Ubuntu, Debian und Co. oder auch Mac OS X sind die beiden Editoren aber praktisch identisch.
Das heißt beim Aufrufen des Befehls: vi index.html | vim index.html öffnet sich dasselbe Fenster. Das resultiert daher, weil der vi-Editor seine Einstellungen aus den VIM-Configs holt. VIM: die Grundlagen Doch genug von der Theorie. Vim dateiname.dateiendung öffnet, wird diese Datei automatisch im Normalmodus geöffnet. Es gibt aber auch andere Standardbefehle, wie das Durchsuchen nach einem Begriff. Hier müsst ihr aufpassen, denn das Durchsuchen ist case-sensitive, das heißt es wird zwischen Groß- und Kleinschreibung unterschieden. Die beiden oberen Befehle sind besonders günstig, wenn man zum Beispiel schnelles Bugfixing am Live-Server betreiben möchte. Der Einfügemodus von VIM Das Bearbeiten von Dateien ist natürlich auch möglich. :w :q :! :wq. Xorg - Disable gdm in Ubuntu 10.04? - Server Fault.
Setting up public key authentication over SSH. January 18, 2006 Every time I want to setup public key authentication over SSH, I have to look it up, and I've never found a simple guide, so here's mine. Generate key on local machine ssh-keygen -t rsa It will ask you for a password but you can leave it blank. Note you could also pick -t dsa if you prefer. Ensure that the remote server has a .ssh directory Make sure the server your connecting to has a .ssh directory in your home directory. Copy your local public key to the remote server If your remote server doesn't have a file called ~/.ssh/authorized_keys2 then we can create it. Scp ~/.ssh/id_rsa.pub remote.server.com:.ssh/authorized_keys2 Now ssh to the remote server Now you can ssh to the remote server without entering your password. Security Now keep in mind that all someone needs to login to the remote server, is the file on your local machine ~/.ssh/id_rsa, so make sure it is secure.
Related Entries 36 people found this page useful, what do you think? Trackbacks Comments Thanks a million Nav.