Managing a cluster of servers, I would like to notified when a server is started. How to make the Linux servers email me or other admins automatically after they are started? I did this by adding a crontab entry on each servers like @reboot date | mailx -S smtp=smtp://smtp.example.com -s “`hostname` started” -r zma@example.com zma@example.com
Read more
Tag: SSH
How to make Linux automatically reboot after a kernel panic?
Posted onAfter a kernel panic, it is impossible to remotely connect to the Linux server to reboot it by SSH. How to make the panic kernel automatically reboot itself? Linux kernel has a nice feature that reboots itself after a timeout when a kernel panic happened. Usually, it is disabled by default. To turn it on,
Read more
Basic iptables configuration for Linux
Posted onWhat is a good basic iptables config? Basic rules needed: Allow incoming TCP to 22 for SSH but blocks all others. Allow outgoing TCP/UDP connections. You may consider using the following rules as a start: for tables in iptables ip6tables ; do # Flush existing rules $tables -F # Default policy $tables -P INPUT DROP
Read more
How to log connections hitting certain rules in iptables on Linux?
Posted onHow to log connections hitting certain rules in iptables on Linux? Like the one that are dropped because of too frequently creating SSH connections. You can create a new chain named LOGNDROP that log the connections and drop them, then pass the connection to be redirected to the LOGNDROP chain. $tables -N LOGNDROP # Connections
Read more
How to use iptables to limit rates new SSH incoming connections from each IP on Linux?
Posted onHow to use iptables to limit rates new SSH incoming connections from each IP on Linux? For example, at most 6 SSH connection attempts every 60 seconds. You may use these rules (skip the first one, if you have set the basic rules): for tables in iptables ip6tables ; do # Allow established inbound connections
Read more
How to kick off a user on a Linux box?
Posted onI want to kick off a user such as “bob” on a Linux box which I managed remotely. How to do this? bob may log on the Linux box by various ways: Log on the screen on the Linux box (locally) with a X server. Log on remotely by a ssh shell. Log on by
Read more
Fixing “Remote Host Identification Has Changed” Error When SSH to a Server
Posted onIf you encounter an error message like the one below when attempting to SSH to a server: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has
Read more
How to unlock a locked SSH terminal accidentally by ctrl-s on Linux?
Posted onI find I sometimes lock the SSH terminal accidentally by ctrl-s on Linux. How to unlock/unfreeze it? Ctrl-s: lock the SSH terminal. Ctrl-q: unlock the SSH terminal.
Setting up a VPN over SSH
Posted onSSH tunnel and port forwarding is great and convenient to use. But is it possible to set up a VPN like connection over SSH? If you are on Linux or Mac, you can use sshuttle: https://github.com/apenwarr/sshuttle If you are on Windows, you can use ProxyCap: http://www.proxycap.com/index.html Both are great software.
Git branching tutorial
Posted onGood tutorials on git branching. The “Git Branching” chapter of Pro Git book is the best one that I ever seen: http://git-scm.com/book/en/Git-Branching It deserve the time to study the whole chapter. If you are working with a git server, this chapter is especially useful: http://git-scm.com/book/en/Git-Branching-Remote-Branches
Running Chrome over SSH tunnel
Posted onHow to run Chrome on remote host over a SSH tunnel? This way, I can access resource that can only be accessed inside the remote host’s network. Running Chrome over a SSH tunnel is much easier than running Firefox over SSH from a Linux host: First, ssh to the remote host with -X option: ssh
Read more
How to improve ssh/scp performance on Linux?
Posted onssh/scp are convenient and handy tools on Linux. Is is possible to further improve its speed/performance? Please check this post for how to improve ssh/scp performance: https://www.systutorials.com/5450/improving-sshscp-performance-by-choosing-ciphers/
Direct multi-hop ssh connection
Posted onHow to use multi-hop ssh connection without needs to ssh multiple times? As a example, you are connecting to server.example.com through proxy.example.com from laptop.example.com as follows: laptop —-> proxy —-> server 2 possible methods: Method 1: Use the similar method as in Directly SSH to hosts using internal IPs through the gateway. Add this to
Read more
Directly SSH to hosts using internal IPs through the gateway
Posted onWe have many hosts with internal IPs like 10.0.3.* behind a gateway, say gateway.example.org. The hosts with internal IP connect to the Internet through the gateway. How to directly SSH to hosts using internal IPs through the gateway? Here is the solution: Directly SSH to Hosts with LAN IPs Through the Gateway
Rsync with non-standard ssh ports
Posted onThis problem appears when I try to rsync directories with hosts inside a cluster used NAT for forwarding ports to internal nodes. Hence, the ssh port for internal nodes are not the default 22. So, how to use rsync with the non-standard ssh ports? The -e options of rsync play the trick very well. For
Read more
How to use different keys for different git servers?
Posted onI have access to different git servers. I have several keys for these servers. How to use different keys for different git servers? Use the .ssh/config file to specify different configuration for different SSH servers used by git: For example: Host git.example.org Port 22111 IdentityFile ~/.ssh/id_rsa.git.example.org Host code.example.org Port 22 IdentityFile ~/.ssh/id_rsa.code.example.org which specifies the
Read more
Shared hosting services with SSH enabled
Posted onWhich shared hosting services have SSH enabled? SSH is a great tool for management and development. Lots shared hosting services support SSH. Here is a non-complete list: Dreamhost SSH on dreamhost: http://wiki.dreamhost.com/Enabling_Shell_Access BlueHost SSH on BlueHost: http://my.bluehost.com/cgi/help/180 GoDaddy SSH on GoDaddy: http://support.godaddy.com/help/article/4942 HostGator SSH on HostGator: http://support.hostgator.com/articles/hosting-guide/lets-get-started/how-do-i-get-and-use-ssh-access HostMonster SSH on HostMonster: http://my.hostmonster.com/cgi/help/180 ServerGrove SSH on
Read more
How to save PuTTY profiles/sessions?
Posted onPuTTY is a great SSH client on Windows. However, how to save it’s profiles/sessions that I saved so that I can migrate my settings from one machine to another? PuTTY saves its settings in the registry of Windows. You can find it in the registry editor by run regedit under: HKEY_CURRENT_USERSoftwareSimonTatham You can save your
Read more
How to spawn a background process in a bash script
Posted onFor example, I want to spawn many ssh background processes in one bash script: for i in `cat ./all-hosts` do ssh $i “ifconfig | grep Link” done Simply adding a & to the ssh commands does not work. Here is the script that works: for i in `cat ./all-hosts` do ssh $i “ifconfig | grep
Read more
Force Linux to reboot
Posted onHow to force Linux to reboot when the reboot command does not work. Enable the use of the magic SysRq option: # echo 1 > /proc/sys/kernel/sysrq Reboot the machine: # echo b > /proc/sysrq-trigger Even if you could not log on the system but sshd is working, you can force the Linux to reboot by:
Read more