====== Linux ======
https://fmhy.net/file-tools#p2p-file-transfer free stuff on internet \\
https://www.youtube.com/watch?v=n3CWYPGjVns - настройка окружения \\
https://rclone.org/ - софт копирования\\
https://github.com/unixhostpro/ssh-login-notification - telegram notification
Sites:
* https://www.linuxfromscratch.org/lfs/view/stable/ - linux from scratch
* https://explainshell.com/explain?cmd=+ssh+-q+gp-vpn-public+nc+-q0+10.59.0.74+22 - explain cmd shell
* https://cheat.sh/btrfs https://roadmap.sh/
Best soft recomend for use
* https://micro-editor.github.io/ -
curl https://getmic.ro | bash && sudo mv ./micro /usr/bin
mkdir -p ~/.config/micro/
echo '{ "clipboard": "terminal" }' > ~/.config/micro/settings.json
**python**
sudo update-alternatives --install /usr/bin/python python /usr/bin/python3 1
alias python='/usr/bin/python3.4'
python -m pip install --upgrade yt-dlp
python -m pip install --upgrade youtube-dl
python3 -m pip install --upgrade git+https://github.com/yt-dlp/yt-dlp.git@release
apt install aria2
grep ^Package /var/lib/apt/lists/*_Packages |grep microsoft | awk '{print $2}'| sort -u # show packages from repository
Get info
# INXI sudo apt install inxi
inxi -Fazy
# NOFETCH
sudo add-apt-repository ppa:dawidd0811/neofetch
sudo apt update
sudo apt install neofetch
#mount info
grep btrfs /proc/self/mountinfo
#write activity
fatrace -t -f W
alias dud='du -x --max-depth=1|sort -rn|awk -F / -v c=159 '\''NR==1{t=$1} NR>1{r=int($1/t*c+.5); b="\033[1;31m"; for (i=0; i1{r=int($1/t*c+.5); b="\033[1;31m"; for (i=0; i
Watch for directory
CMD='echo '$(date +"%y%m%d %H:%M:%S")' - $(date +"%d %H:%M:%S") $(sudo du -d 0 -h /media/add300gb/postgres)' && watch -n 5 $CMD
Find large files
find ./ -type f -printf '%s %p\n' | sort -nr | head -10
sudo du -a ./ 2>/dev/null | sort -n -r | head -n 10
alias ducks='du -cks * | sort -rn | head -n 10'
# dto delete files in ~/.cache directory that are have not been accessed in 100 days
find ~/.cache/ -type f -atime +100 -delete
# Download magnet
aria2c -d ~/Downloads --seed-time=0 "magnet:?xt=urn:btih:248D0A1CD08284299DE78D5C1ED359BB46717D8C"
* Подготовка к экзамену [[https://computingforgeeks.com/centos-released-centos-8-new-features/|ссылка на официальные книги]]
* https://training.linuxfoundation.org/certification/linux-foundation-certified-sysadmin-lfcs/
===== Linux полезное =====
* https://habr.com/ru/post/553000/ - полезные утилиты
* hard reset ++Hard reset by keyboard|
The Magic SysRq keys.
Press and hold both the Alt key and the PrtSc|SysRq key, and while keeping them pressed down, tap the following key sequence,
leaving approximately one second between each key press…:
R, E, I, S, U, B.
mnemonic “Reboot Even If System Utterly Broken.”
unRaw — приказывает вернуть управление системой клавиатуре.
tErminate — посылает сигнал SIGTERM всем процессам, чем производится попытка безопасного завершения всех процессов с сохранением данных, исключение составляет лишь процесс init.
kIll — посылает сигнал SIGKILL всем процессам, которые не смогли быть закрыты ранее, также за исключением процесса init — все остальные процессы будут уничтожены и не сохраненные данные будут утеряны.
Sync — переписывает всё из кэша на жесткий диск, происходит синхронизация, что уменьшает возможность повреждения данных.
Unmount — перемонтирует все файловые системы в режим только для чтения — после использования этого ключа вы можете перезагружать систему нажатием Alt + SysRq + B без ущерба для системы.
reBoot — собственно команда перезагрузки системы. Если воспользоваться этим ключом без использования предыдущих, система перезагрузится в жестком режиме.
++
* learn learning обучение redhat https://rhtapps.redhat.com/assessment/?intcmp=701f20000012ngPAAQ
* linux certification https://ru.wikipedia.org/wiki/Linux_Professional_Institute_Certification
===== Linux графика =====
* https://www.youtube.com/watch?v=WKKTzPYP18k - графика в linux
===== Linux hardware =====
* https://linux-hardware.org/?view=howto
* Block device drivers https://web.archive.org/web/20120308183408/http://free-electrons.com/doc/block_drivers.pdf
* ssd raid 4 https://larryjordan.com/articles/maximize-performance-with-an-ssd-raid/
===== Linux smartmontolls smartd smart =====
* precompiled version ci https://builds.smartmontools.org/
===== Linux настройка =====
* configuring https://www.youtube.com/watch?v=IE5y2_S8S8U&t=66s HomeLab Services Tour Late 2021 - What am I Self-Hosting in my HomeLab?
* config conf https://www.youtube.com/watch?v=f5jNJDaztqk What's On My Home Server? Storage, OS, Media, Provisioning, Automation
===== Linux remote management удаленное управление =====
* https://meshcentral.com/info/
===== Linux active directory миграция =====
* univention перевод active directory
===== Linux HTOP =====
* htop understand in pics - https://hackaday.com/2020/01/30/understand-linux-htop-visually/
===== Linux.rustdesk =====
* https://rustdesk.com/docs/en/self-host/rustdesk-server-oss/docker/
* https://teletype.in/@dobriydenis/rustdesk#ocPM
* https://geek-speak.ru/forums/topic/%D1%80%D0%B0%D0%B7%D0%B2%D0%BE%D1%80%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%B5%D0%BC-%D1%81%D0%BE%D0%B1%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D0%B9-rustdesk-%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80-2/
===== Linux.manjaro =====
* [[linux:manjaro|Manjaro]]
===== Linux.network tools =====
* https://linuxhint.com/install-netstat-debian-11/
* https://linuxhint.com/ifconfig_debian/
dpkg -S filename
apt-file search /usr/include/cairo/cairo.h
apt install net-tools # - {netstat, ifconfig, iwconfig, route, iptunnel, arp}
apt install iproute2 # - {ss, ip, iw, ip r, ip tunnel, ip n}
apt install procps # - {ps,top}
===== Linux.boot grub uefi =====
* https://www.youtube.com/watch?v=XpFsMB6FoOs - linux boot video
* https://archived.forum.manjaro.org/t/using-livecd-v17-0-1-and-above-as-grub-to-boot-os-with-broken-bootloader/24916 manjaro
* https://wiki.manjaro.org/index.php/GRUB/Restore_the_GRUB_Bootloader
===== Linux.Network =====
# Capture only new connection - https://serverfault.com/questions/798745/tcpdump-capture-new-connections-only
# The following will capture both TCP-SYN and SYN-ACK packets.
tcpdump -i "tcp[tcpflags] & (tcp-syn) !=0"
#The following will only capture TCP-SYN packets.
tcpdump -i "tcp[tcpflags] & (tcp-syn) !=0 and tcp[tcpflags] & (tcp-ack) =0"
#The reason is, SYN-ACK packets include both the SYN and ACK flags. The first filter only looked for the presence of a SYN flag.
#If you want to filter on inbound only, add the -Q in option.
tcpdump -i -Q in "tcp[tcpflags] & (tcp-syn) !=0 and tcp[tcpflags] & (tcp-ack) =0"
# filter Monitor HTTP Request and Response Headers
tcpdump -i -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
#https://netosec.com/buff-hackthebox-writeup/
nmap -p- -A -T4 bot.ip2u.ru # scan remote host
# searchsploit for search exploits
# -- full scan target_host to file output_file
nmap -p- -sS -sU -sV -O -A --reason --script=default,discovery,vuln,version,exploit,safe --script-timeout=2m --max-retries=3 --min-rate=1000 --max-rate=10000 -T4 -oA output_file target_host
# This command includes the following options:
# -p-: Scan all 65535 ports.
# -sS: Perform a SYN scan (TCP).
# -sU: Perform a UDP scan.
# -sV: Probe open ports to determine service/version info.
# -O: Enable OS detection.
# -A: Enable advanced and aggressive options (equivalent to -sC -sV -O).
# --reason: Display the reason a port is set to a specific state.
# --script: Run various NSE scripts (default, discovery, vuln, version, exploit, safe).
# --script-timeout=2m: Set a 2-minute timeout for each script.
# --max-retries=3: Limit the number of retries for each port.
# --min-rate=1000: Send a minimum of 1000 packets per second.
# --max-rate=10000: Send a maximum of 10000 packets per second.
# -T4: Set the timing template to "aggressive" (higher is faster but less accurate).
# -oA: Output results in all formats (normal, XML, and grepable).
curl test benchmark performance network
curl -Lo /dev/null -skw "\ntime_connect: %{time_connect}s\ntime_namelookup: %{time_namelookup}s\ntime_pretransfer: %{time_pretransfer}\ntime_starttransfer: %{time_starttransfer}s\ntime_redirect: %{time_redirect}s\ntime_total: %{time_total}s\n\n" https://abs.twimg.com/responsive-web/client-web/main.ba59e0f5.js
time_connect: 0.109328s time_namelookup: 0.014423s time_pretransfer: 0.316707 time_starttransfer: 0.413606s time_redirect: 0.000000s time_total: 82.467500s
===== Linux.Network.Iptables =====
# PortKnocking - iptables limit
-I INPUT 3 -m state --state NEW -m tcp -p tcp --dport 22 -m recent --rcheck --seconds 30 --name SSH2 -j ACCEPT
-I INPUT 4 -m state --state NEW -m tcp -p tcp -m recent --name SSH2 --remove -j DROP
-I INPUT 5 -m state --state NEW -m tcp -p tcp --dport 9991 -m recent --rcheck --name SSH1 -j SSH-INPUTTWO
-I INPUT 6 -m state --state NEW -m tcp -p tcp -m recent --name SSH1 --remove -j DROP
-I INPUT 7 -m state --state NEW -m tcp -p tcp --dport 7777 -m recent --rcheck --name SSH0 -j SSH-INPUT
-I INPUT 8 -m state --state NEW -m tcp -p tcp -m recent --name SSH0 --remove -j DROP
-I INPUT 9 -m state --state NEW -m tcp -p tcp --dport 8881 -m recent --name SSH0 --set -j DROP
-A SSH-INPUT -m recent --name SSH1 --set -j DROP
-A SSH-INPUTTWO -m recent --name SSH2 --set -j DROP
-I INPUT 10 -m state --state NEW -m tcp -p tcp --dport 22 -j DROP
sudo iptables -I INPUT 3 -p tcp --dport 22 -m recent --name ssh --update --seconds 3600 --hitcount 8 -j logdrop
sudo iptables -I INPUT 4 -p tcp --dport 22 -m recent --name ssh --set
sudo iptables -I INPUT 5 -p tcp --dport 22 -m recent --name ssh ! --rcheck --seconds 15 --hitcount 2 -j REJECT
sudo iptables -I INPUT 6 -p tcp --dport 22 -j ACCEPT
# -- https://ipset.netfilter.org/iptables-extensions.man.html
echo -addr >/proc/net/xt_recent/DEFAULT
# логирование пакетов
sudo iptables -N logdrop
sudo iptables -A logdrop -m limit --limit 5/m --limit-burst 10 -j LOG
sudo iptables -A logdrop -j REJECT
# просмотри логировани пакетов
journalctl -k | grep "IN=.*OUT=.*" | less
====== Linux Console ======
If you are fine with setting the execute permissions for everyone on all folders:
chmod -R -x+X *
The -x removes execute permissions for all
The +X will add execute permissions for all, but only for directories.
See below for a solution that uses find to really not touch folders as requested.
===== Linux.Tmux =====
* Tmux [[https://gist.github.com/andreyvit/2921703|cheat sheet ]]
* https://leanpub.com/the-tao-of-tmux/read#prefix-key
* Buffers
C-b + [ - selection mode
C+space - selection start
R - rectangle mode
C-w - save to buff and cancel
C+b + + buffers manager
C+b + ]
===== Linux.Shell =====
* ZSH [[https://medium.com/@hjgraca/style-your-windows-terminal-and-wsl2-like-a-pro-9a2e1ad4c9d0|medium.com]][[https://medium.com/@shivam1/make-your-terminal-beautiful-and-fast-with-zsh-shell-and-powerlevel10k-6484461c6efb|install]][[https://gist.github.com/kevin-smets/8568070|Так ставим ZSH]],[[https://www.freecodecamp.org/news/jazz-up-your-zsh-terminal-in-seven-steps-a-visual-guide-e81a8fd59a38/|jazz_up]][[https://habr.com/ru/post/516004/|Делаем Linux терминал красивым и удобным]]
* Fonts [[https://github.com/tonsky/FiraCode/wiki#installing-font|FiraCode TTF]]
* https://scriptingosx.com/2019/06/moving-to-zsh/
===== VNC =====
Start on ssh session ssh -Y user@hostname ; export DISPLAY=:0 && /usr/lib/vino/vino-server
===== Cloud-Init=====
- Ubuntu Azure cloud - configure with iso [[https://github.com/benmaddison/hyperv-cloud-image|hyperv-cloud-image]], [[https://gist.github.com/smoser/635897f845f7cb56c0a7ac3018a4f476#file-check-dependencies|Step by step isntruction]]
===== Linux.Proxmox=====
- [[linux:proxmox|Linux proxmox]]
===== Network Boot =====
- [[https://netboot.xyz/|netboot.xyz]], [[https://blog.linuxserver.io/2019/12/16/netboot-xyz-docker-network-boot-server-pxe/|netboot-xyz-docker-network-boot-server-pxe]]
===== Ansible =====
* [[https://www.digitalocean.com/community/cheatsheets/how-to-use-ansible-cheat-sheet-guide| Ansible cheat sheet guide]]
* https://github.com/ansible/ansible-examples
===== Kubernetes =====
* https://www.youtube.com/watch?v=X48VuDVv0do
* https://www.youtube.com/watch?v=7bA0gTroJjw - need to learn right now
* https://artifacthub.io/ - hub of software
* https://sookocheff.com/post/kubernetes/understanding-kubernetes-networking-model/
* https://medium.com/google-cloud/understanding-kubernetes-networking-pods-7117dd28727
===== ISCSI =====
- https://www.informaticar.net/ubuntu-20-04-how-to-setup-iscsi-initiator/
sudo service open-iscsi status
sudo iscsiadm -m node --target iqn.2000-01.com.synology:RackStation.Target-5.fb2fa0d73e --login
sudo iscsiadm -m session -o show
sudo iscsiadm -m discovery -t sendtargets -p 10.59.1.150
===== NETWORK IFTOP SYNOLOGY =====
docker run -it --rm --net host janten/iftop -i bond0
===== SAMBA mount CIFS SHARE fstab =====
mount -t cifs //10.59.1.150/esb-smb /media/synology-esb-smb -o users,username=esb-user-1,password="PASSWORD",file_mode=0777,dir_mode=0777
mount.cifs -v -o rw,echo_interval=60,user=esb-user-1,dom=RACKSTATION,password=PASSWORD //10.59.1.150/esb-smb /media/synology-esb-smb
# /etc/fstab
//10.59.1.150/esb-smb /media/synology-esb-smb cifs users,rw,credentials=/etc/samba/sambacreds,x-gfs-show 0 0 2
mount -v /media/synology-esb-smb
umount -v /media/synology-esb-smb
/etc/sambacreds
---
username=esb-user-1
password=PASSWORD
domain=RACKSTATION
cd
echo username=esb-user-1 > /etc/sambacreds
echo password=PASSWORD >> /etc/sambacreds
echo domain=RACKSTATION >> /etc/sambacreds
chmod 600 /etc/sambacreds
chown root: /etc/samba/sambacreds
# check status
cat /proc/mounts