Howto

Show directory contents sorted by modification date and time

When the SSH agent is running, the ssh-add command can be used to load a SSH key. The SSH agent then will request a password when needed, and load the key details in memory. Adding the SSH key just requires the path to the private key. ssh-add ~/.ssh/id_ed25519 When the key is loaded, use the -l or -L option to show the identities that the SSH agent has. ssh-add -l

Introduction Systemd has a range of security features to help securing services running on your system. That is the good part. The big challenge with so many features is that it is hard to find out which ones you could or should apply, without breaking a service. That is why we started working on hardening profiles. The hardening profiles are pre-defined templates that are documented and tested against a default installation of a piece of software.

Elevating permissions

To remove any trailing whitespace from a file, we can use sed. By using in-place editing -i, sed can be provided with a search-and-replace action to filter out whitespace at the end of each line. By replacing it with nothing, it will effectively be removed. sed -i 's/[[:space:]]*$//' mytextfile.txt Explanation -i = inline file edit s/ = search [[:space:]]*$ = search one or more occurences of whitespace just before the end of the line // = No text, so any occurences of the whitespace will be emptied The [[:space:]] is called a character class and refers to space characters.

To insert a line at the beginning of a file, we can use sed to achieve this task. By using in-place editing -i, we can instruct sed to make a change to an existing file. The next step is to tell sed what to change or insert and at what place. sed -i '1i # New first line' mytextfile.txt Explanation -i = inline file edit 1i = insert at first line # New first line = Text to add

The systemctl command has multiple options to show the memory usage. With the status subcommand followed by the service, it will show the basics, including memory usage. To retrieve the information that easier to parse, then use show followed by --property=MemoryCurrent and the service name. Usage The status output will include memory usage. systemctl status nginx ● nginx.service - A high performance web server and a reverse proxy server Loaded: loaded (/lib/systemd/system/nginx.

The systemctl command can be used to show all settings of an unit, such as a service. To display the full list of applicable settings, use the show subcommand followed by the unit name. Besides the settings, the output will also include actual runtime information, such as memory usage, when the unit was started, etc. Usage Just provide the unit file to see all available information. # systemctl show nginx.service Type=forking Restart=no PIDFile=/run/nginx.

The systemctl command can show settings of a systemd unit, such as a service. It can also assist in overriding these settings by using the edit subcommand followed by the unit name. This will open the editor that is configured on the system and create the override file. Usage Run the edit command with the unit, and the editor like vim or nano will show up. ### Editing /etc/systemd/system/nginx.service.d/override.conf ### Anything between here and the comment below will become the new contents of the file [Service] ProtectSystem=strict ReadWritePaths=/run /var/log/nginx ### Lines below this comment will be discarded <snip> Important: Do not remove the comments and only insert or change between the specified comment lines.

Introduction Nginx is still a popular web server and powering a part of the web. Wouldn’t it be great if we could secure it a little bit more? In this article we use the security features to secure systemd units and services and apply it to nginx. If you are not familiar yet with the unit settings of systemd, then this document would be a good introduction into the subject.

The control group of a process can be retrieved from the /proc directory. We only need to know the PID of the process, which can be found using ps or pidof. Usage If we know that our PID is 1234, then showing the cgroup is as easy as using cat to see the contents of the ‘cgroup’ file. cat /proc/1234/cgroup To see the cgroup for the nginx process (or one of them), we could something like this.

The ps command can show the control group of a process using the -o option, followed by the right column names. Usage To show processes and the control group, we can filter the output columns. # ps -e -o pid,cgroup:64,args PID CGROUP COMMAND 1 0::/init.scope /lib/systemd/systemd --system --deserialize 58 2 - [kthreadd] 3 - [rcu_gp] <snip> 576 - [xprtiod] 634 0::/system.slice/dbus.service @dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only 640 0::/system.slice/networkd-dispatcher.service /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers 645 - [nfsiod] 653 0::/system.

The timedatectl command can show the time, time zone information, and its status. Add the timesync-status subcommand to see synchronization details. Usage Use timedatectl with the timesync-status command to see the actual status. Under normal conditions, the leap should show ’normal'. # timedatectl timesync-status Server: 185.125.190.56 (ntp.ubuntu.com) Poll interval: 34min 8s (min: 32s; max 34min 8s) Leap: normal Version: 4 Stratum: 2 Reference: 4FF33C32 Precision: 1us (-25) Root distance: 762us (max: 5s) Offset: +882us Delay: 15.

The agent forwarding feature in SSH allows using your local SSH agent to be reached through an existing SSH connection. This way you don’t have to store copies of your private keys on intermediate systems to use them for authentication. While SSH agent forward simplifies things, it also introduces a new risk related to Unix domain socket. If a user on the intermediate system can access the related socket, then it may abuse this connection back to the SSH agent to authenticate on your behalf.

The ssh-agent command is started manually using eval $(ssh-agent). This will initiate the SSH agent and make it available for clients, such as ssh, to use it. To confirm that the agent is running is by looking at the SSH_AUTH_SOCK environment variable. Automatic start of SSH agent Gnome Keyring SSH Agent When using Gnome, it typically comes with its SSH agent as part of Keyring. This will automatically load any files in ~/.

The ssh-agent command starts the SSH agent, a helper utility to store private keys when using public key authentication. The ssh-agent process is usually started at the the beginning of a login session and then can be connected to by a SSH client. Clients can detect the environment variable named SSH_AUTH_SOCK. Related settings on the client IdentityAgent

Disable usage of SSH agent identities

Querying pacman

Killing processes with a filter

Disable check for host authenticity

Use an escape sequence to terminate a connection that is stuck

Remove a passphrase from existing SSH key

How to see the available SSH keys in the OpenSSH authentication agent

Zombies…

Killing zombies, for fun?

Search for PID and process name

Retrieve PIDs for a service

Stop a process by searching for its name

Show your local IP address

Query the IP address of your internet connection

Show the active DNS server

Find the files that are writable

Managing packages

Show disk usage by files and directories

Show hidden files

Show files bigger or smaller than a specified size

Show when the last modification was made within a directory

Show used and free disk space

Show used and free disk space

Find symbolic links pointing to a directory

Compare two directories, find their differences and what they have in common

The command-line or terminal is a great place to be productive! We collect one-liners that we used ourselves to solve an issue and are worth sharing. From daily commands up to more exotic one-time tasks, this is the place where they are stored. When we have enough to group them, the page will be split into multiple categories.

Show number of open connections per protocol

Show start time of a process

Show uptime of the system

Show actual bandwidth usage

Clear DNS cache using resolvectl

Show TCP connection statistics

Show CPU details

Physical RAM is used to store information. Linux divides this RAM into smaller chunks, named memory pages. When there is no more normal memory available, the Linux kernel might need to temporarily store information aside. This is called paging or swap space. During the process of paging, memory pages will be moved from the RAM to the disk. This way memory is freed up for active processes, while older information is temporarily stored on the disk.

No network packet will remain hidden

Find the Linux distribution name and version

All hardware exposed

Show memory details

Learn how to purge data before deleting a file

Find out when a file was initially created

With many commands available on Linux, the number of options and remembering them can be overwhelming. This collection of Linux cheat sheets is intended as a reference for common tools and how to use them. With the included examples, it is also an easy way to learn about the options that they have to offer.

Archiving all the data

No more networking secrets

Show network link statistics to discover errors or dropped packets

Show network table to discover the default gateway

Show which process is listening to a port

Show open file information

Show open network ports such as TCP and UDP

Reveal all those sockets

Query DNS to reveal the TTL value of a DNS record.

Query tools like dpkg to show installed packages

Show installed package on the most common Linux distributions

Retrieve USB device information using lsusb

Query the available hard disk(s)

More in-depth information about the available hard disks

Show BIOS information using dmidecode

Find out who is using up that disk space

Introduction Systemd is a system and service manager for Linux. For many Linux distributions it replaced the existing SysV init system, modernizing how services are started and monitored. Some basics about systemd: Author: Lennart Poettering First release: 2010 First adopter: Fedora Linux Common usage by major Linux distributions: 2015 Learn more: What is systemd? Systemd units To monitor and manage services on a system using systemd, unit files are used. These text-based files define what to run or do, relevant conditions, and any applicable dependencies.

Leverage the du command to find the biggest directories

Show all masked units

Perform smarter queries when requesting information from journalctl

Disable a service or specific unit with systemctl

Start and enable a unit with one command

Show failed systemd units with systemctl

Learn to search and to find

Make a new friend?

Learn how to use curl to test if your web server is properly caching static files

Control those processes and timers

Query the journal and find the needle

Learn how to define the Expires header in nginx to improve the caching of static assets.

Download files and troubleshoot issues faster with curl

Parse files quicker with smarter expressions

How to display the configured hosts by filtering out the server_name entries

Nginx is flexible when it comes to what should be logged in the access.log. With the combination of a map and if-statement, this can be achieved very easily!" Log only some events by HTTP status Creating a map using $status The $status variable contains the HTTP status code that is normally returned to each request. We can leverage this status code to set a so-called boolean (true/false, or 1/0). Let’s define first the map and use the HTTP status.

SSH or Secure Shell is a popular protocol for doing system administration on Linux systems. Sometimes you may need to know what version you are running to know if some specific configuration options are available. In this article we have a look at the available options. Local OpenSSH version The easiest way to find the installed OpenSSH version is using the ssh -V command. This works when being logged in to the system itself.

Rnr The first tool to cover is called rnr and is written in Rust. It can be downloaded on GitHub where also some good examples can be found on how to use the tool. Let’s try it out on a directory that we have with Markdown files. Due to a conversion, the file names include a date. As this is no longer needed, we want to strip out the date and only get the bit after the third hyphen.

Sometimes you might want to check if an account on the system has a password set. One of the reasons is to disable those, so you can enforce that only SSH authentication might be used, for example. There are a few ways to see if a password is set. Using the passwd command The first command that comes to mind is using the passwd command. Normally you would use that to change your password, but it can actually also reveal useful details about existing accounts.

After migrating this blog to Hugo we performed some optimization steps to ensure it is as quick as possible. Pages are slim and small in size, but still can be compressed. Normally we would do this on the end of the web server, by enabling dynamic compression. So each time a client requested a compressed page, the web server would compress is and send over the data. This time we turned things around.

Troubleshoot and monitor all processes