Cheat Sheets
Agile
Containers
DevOps Automation
DevOps Linux
DevOps Services
Glib Examples
Go Examples
Javascript Examples
Languages
Network
PHP Examples
Python Examples
Scripting
Security
Solutions
Virtualization
Windows
visual-ops
Apache
CouchDB
Couchbase
ElasticSearch
Eureka
F5
GlusterFS
Hadoop
Java
Kafka
MongoDB
MySQL
NFS
Nodejs
PgBouncer
Postgres
RabbitMQ
Redis
Squid
Tomcat
Webserver
Zookeeper
etcd
htaccess
htaccess Checker
memcached
nginx
sqlite
zuul
AWS - CLI
AWS - Cost
Deis
EC2 API Tools
ESX
Flynn
Heroku
Juju
KVM
LXC
LXD
OpenNebula
OpenStack
OpenVZ
VM Tuning
Vagrant
Vagrantfile
VirtualBox
Xen
heroku
systemd
vSphere
PyGI GStreamer
PyGI GTK Tutorial
PyGI GnomeKeyring
PyGI GtkStatusIcon
PyGObject API
Python Sockets
Python Syntax
Python re.match
Python re.sub
Python simplehttpserver
Python subprocess
Ansible
Bower
Chef
Gerrit
Git
Hubot - Howto
IT-Ops
Jenkins
Maven
Mcollective
Monitoring
Packaging
Puppet
Puppet - Hiera
Puppet - Iterating
Splunk
cfengine
salt
saltstack
CSS
Dev-Misc
GCC
GraphQL
JSON Schema
JSON
Java Debugging
Javascript
Linting
Linux HTML Widgets
Markdown
PHP
Perl
Perl Regex
Python
Regex Overview
Regex101
Ruby
Ruby Bundler
Ruby Regex
SVG Attributes
SVG Elements
Syndication
XHTML
XML 1.0
XML 1.1
XPath
XSD
XSLT 2.0
YAML
autotools
gdb
rvm
Go Channels
Go Goroutines
Go Interfaces
Go Regex
Go Struct
PHP Arrays
PHP curl_setopt
PHP date
PHP explode
PHP implode
PHP ini_set
PHP preg_match
PHP preg_replace
PHP str_replace
PHP stripos
PHP strpos
PHP strripos
PHP strrpos
PHP ternary operator
PHP unserialize
APIs
Bash
Bash Associative Array
Bash Functions
Bash Regex
Color Distance
Shell Problems
Shell-Scripting
awk
packages.json
sed
DBUS
DKMS
DRBD
Debian
Debugging
Filesystem
GPG
IPMI
Kernel Tracing
LVM
Linux Insides
Linux-Commands
Linux-HA
Linux-Networking
Linux-Sysadmin
Linux-Virtualization
Mail
Package Management
Packaging
Partitioning
Quota
RAID
SSH
Solaris
SysRq
Sysctl - Net
UEFI Install
ffmpeg
jq
screen-vs-tmux
sssd
systemd
ulimit
vi
vi - Advanced
Glib
Glib GRegex
Glib Testing
Glib XDG Migration
Docker
Helm
Openshift
kubernetes
rkt
Availability Data
Free Tier Compilation
SaaS Dev Tools
Solutions Automation
Solutions Monitoring
Solutions NoSQL
Solutions Virtualization
Status Pages
BGP
EIGRP
GLBP
HSRP
IEEE 802.11 WLAN
IEEE 802.1X
IPsec
IPv4 Multicast
IPv6
IS-IS
OSPF
VRRP
netsh
registry
wmic
Agile Roles
Depth of Kanban
Kanban - Kaizen
Scrum
Scrumban
Semantic Services
Team of Teams
Neighbourhood Network
netstat Dendrogram
netstat Force Graph
netstat Services
AppArmor
HTTPS
Incident Handling
Nmap
OpenSSL
Package Vulnerabilities
SELinux
SIEM
SSL-Certificates
Secure REST APIs
Security Auditing
Security-News-Feeds
Session Mgmt
Unhide Processes
Dependency Test
Javascript Singleton
Javascript strptime
Javascript toggle visibility
Javascript void0
Nodejs Compatibility
Nodejs Express
React
React JSX
React PropTypes
React Tutorial
Todo MVC

SSH Cheat Sheet

OpenSSH Commands

Copy Keys
ssh-copy-id [-i keyfile] [email protected]
100% non-interactive SSH: What parameters to use to avoid any interaction.
ssh -i my_priv_key -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no 
-o PreferredAuthentications=publickey [email protected] -n "/bin/ls"
Using SSH Agent
eval $(ssh-agent)		# Start agent on demand

ssh-add -l                      # List keys
ssh-add	                        # Add default key
ssh-add ~/.ssh/id_rsa           # Add specific key
ssh-add -t 3600 ~/.ssh/id_rsa   # Add with timeout
ssh-add -D                      # Drop keys

ssh -A ...			# Enforce agent forwarding
Transparent Multi-Hop
ssh host1 -A -t host2 -A -t host3 ...
How to use a SOCKS Proxy On the client start proxy by
ssh -D <port> <remote host>
Extract Public Key from Private Key Use ssh-keygen
ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub

ssh_config

Read the authorized_keys HowTo to learn about syntax and options...

Per Host Keys

Host example.com
IdentityFile ~/.ssh/example.com_id_rsa

Agent Forwarding

Agent Forwarding explained with pictures! Configured in /etc/ssh_config with

Host *
ForwardAgent yes

Multiplexing Connections

This is done using a "ControlMaster". This means the first SSH sessions connection will be used for all following ones saving you the connection overhead. Note: when you kill the first connection, all connections will die! Also the first connection won't terminate even if you request it to.

Create ~/.ssh/tmp before using below snippet

ControlMaster auto
ControlPath /home/<user name>/.ssh/tmp/%h_%p_%r

If you are using such an SSH configuration and want a real new connection add "-S" to the ssh invocation.

Use Gateway/Jumphost

This can be achieved using ProxyCommand:

Host unreachable_host
  ProxyCommand ssh gateway_host exec nc %h %p

Automatic Jump Host Proxying

Host <your jump host>
  ForwardAgent yes
  Hostname <your jump host>
  User <your user name on jump host>

# Note the server list can have wild cards, e.g. "webserver-* database*"
Host <server list>
  ForwardAgent yes
  User <your user name on all these hosts>
  ProxyCommand ssh -q <your jump host> nc -q0 %h 22

Automatic Port Knocking

Host myserver
   User myuser
   Host myserver.com
   ProxyCommand bash -c '/usr/bin/knock %h 1000 2000 3000 4000; sleep 1; exec /bin/nc %h %p'

Troubleshooting

Pseudo-terminal will not be allocated...

This happens when piping shell commands through SSH. Try adding "-T" or "-t -t" when doing sudo.

Misc

Port Knocking

Setup server:

apt-get install knockd iptables-persistent

# Change sequence numbers in /etc/knockd.conf
# Default is sequence    = 7000,8000,9000

# set START_KNOCKD=1 in /etc/default/knockd

service knockd start

Use from client

knock <server> <sequence>

e.g.

knock example.com 7000 8000 9000

"Secret" Hot Keys

SSH Escape Key: Pressing "~?" (directly following a newline) gives a menu for escape sequences:

Supported escape sequences:
  ~.  - terminate connection (and any multiplexed sessions)
  ~B  - send a BREAK to the remote system
  ~C  - open a command line
  ~R  - Request rekey (SSH protocol 2 only)
  ~^Z - suspend ssh
  ~#  - list forwarded connections
  ~&  - background ssh (when waiting for connections to terminate)
  ~?  - this message
  ~~  - send the escape character by typing it twice
(Note that escapes are only recognized immediately after newline.)

SSHFS

To mount a remote home dir

 sshfs [email protected]: /mnt/home/user/

Unmount again with

fuserumount -u /mnt/home/user
Comment on Disqus