Managing a cluster of servers, I would like to notified when a server is started. How to make the Linux servers email me or other admins automatically after they are started? I did this by adding a crontab entry on each servers like @reboot date | mailx -S smtp=smtp://smtp.example.com -s “`hostname` started” -r zma@example.com zma@example.com…
After a kernel panic, it is impossible to remotely connect to the Linux server to reboot it by SSH. How to make the panic kernel automatically reboot itself? Linux kernel has a nice feature that reboots itself after a timeout when a kernel panic happened. Usually, it is disabled by default. To turn it on,…
What is a good basic iptables config? Basic rules needed: Allow incoming TCP to 22 for SSH but blocks all others. Allow outgoing TCP/UDP connections. You may consider using the following rules as a start: for tables in iptables ip6tables ; do # Flush existing rules $tables -F # Default policy $tables -P INPUT DROP…
How to log connections hitting certain rules in iptables on Linux? Like the one that are dropped because of too frequently creating SSH connections. You can create a new chain named LOGNDROP that log the connections and drop them, then pass the connection to be redirected to the LOGNDROP chain. $tables -N LOGNDROP # Connections…
How to use iptables to limit rates new SSH incoming connections from each IP on Linux? For example, at most 6 SSH connection attempts every 60 seconds. You may use these rules (skip the first one, if you have set the basic rules): for tables in iptables ip6tables ; do # Allow established inbound connections…
I want to kick off a user such as “bob” on a Linux box which I managed remotely. How to do this? bob may log on the Linux box by various ways: Log on the screen on the Linux box (locally) with a X server. Log on remotely by a ssh shell. Log on by…
If you encounter an error message like the one below when attempting to SSH to a server: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has…
I find I sometimes lock the SSH terminal accidentally by ctrl-s on Linux. How to unlock/unfreeze it? Ctrl-s: lock the SSH terminal. Ctrl-q: unlock the SSH terminal.
SSH tunnel and port forwarding is great and convenient to use. But is it possible to set up a VPN like connection over SSH? If you are on Linux or Mac, you can use sshuttle: https://github.com/apenwarr/sshuttle If you are on Windows, you can use ProxyCap: http://www.proxycap.com/index.html Both are great software.
Good tutorials on git branching. The “Git Branching” chapter of Pro Git book is the best one that I ever seen: http://git-scm.com/book/en/Git-Branching It deserve the time to study the whole chapter. If you are working with a git server, this chapter is especially useful: http://git-scm.com/book/en/Git-Branching-Remote-Branches
How to run Chrome on remote host over a SSH tunnel? This way, I can access resource that can only be accessed inside the remote host’s network. Running Chrome over a SSH tunnel is much easier than running Firefox over SSH from a Linux host: First, ssh to the remote host with -X option: ssh…
How to use multi-hop ssh connection without needs to ssh multiple times? As a example, you are connecting to server.example.com through proxy.example.com from laptop.example.com as follows: laptop —-> proxy —-> server 2 possible methods: Method 1: Use the similar method as in Directly SSH to hosts using internal IPs through the gateway. Add this to…
ssh/scp are convenient and handy tools on Linux. Is is possible to further improve its speed/performance? Please check this post for how to improve ssh/scp performance: https://www.systutorials.com/5450/improving-sshscp-performance-by-choosing-ciphers/
We have many hosts with internal IPs like 10.0.3.* behind a gateway, say gateway.example.org. The hosts with internal IP connect to the Internet through the gateway. How to directly SSH to hosts using internal IPs through the gateway? Here is the solution: Directly SSH to Hosts with LAN IPs Through the Gateway
This problem appears when I try to rsync directories with hosts inside a cluster used NAT for forwarding ports to internal nodes. Hence, the ssh port for internal nodes are not the default 22. So, how to use rsync with the non-standard ssh ports? The -e options of rsync play the trick very well. For…
I have access to different git servers. I have several keys for these servers. How to use different keys for different git servers? Use the .ssh/config file to specify different configuration for different SSH servers used by git: For example: Host git.example.org Port 22111 IdentityFile ~/.ssh/id_rsa.git.example.org Host code.example.org Port 22 IdentityFile ~/.ssh/id_rsa.code.example.org which specifies the…
Which shared hosting services have SSH enabled? SSH is a great tool for management and development. Lots shared hosting services support SSH. Here is a non-complete list: Dreamhost SSH on dreamhost: http://wiki.dreamhost.com/Enabling_Shell_Access BlueHost SSH on BlueHost: http://my.bluehost.com/cgi/help/180 GoDaddy SSH on GoDaddy: http://support.godaddy.com/help/article/4942 HostGator SSH on HostGator: http://support.hostgator.com/articles/hosting-guide/lets-get-started/how-do-i-get-and-use-ssh-access HostMonster SSH on HostMonster: http://my.hostmonster.com/cgi/help/180 ServerGrove SSH on…
PuTTY is a great SSH client on Windows. However, how to save it’s profiles/sessions that I saved so that I can migrate my settings from one machine to another? PuTTY saves its settings in the registry of Windows. You can find it in the registry editor by run regedit under: HKEY_CURRENT_USERSoftwareSimonTatham You can save your…
For example, I want to spawn many ssh background processes in one bash script: for i in `cat ./all-hosts` do ssh $i “ifconfig | grep Link” done Simply adding a & to the ssh commands does not work. Here is the script that works: for i in `cat ./all-hosts` do ssh $i “ifconfig | grep…
How to force Linux to reboot when the reboot command does not work. Enable the use of the magic SysRq option: # echo 1 > /proc/sys/kernel/sysrq Reboot the machine: # echo b > /proc/sysrq-trigger Even if you could not log on the system but sshd is working, you can force the Linux to reboot by:…