Thursday, September 17, 2015

mdadm software RAID


Great instructions at:


http://www.ducea.com/2009/03/08/mdadm-cheat-sheet/


though after the sfdisk part re-install GRUB on the new disk

sudo grub-install /dev/sdX # Example: sudo grub-install /dev/sda
found at
https://help.ubuntu.com/community/Grub2/Installing


someting still not right, won't boot from new disk. new instructions on Grub.
http://lists.us.dell.com/pipermail/linux-poweredge/2003-July/008898.html



No comments:

Friday, May 29, 2015

wifi notes

Enable WiFi, but disable networking.

List available interfaces
sudo airmon-ng

Start monitor mode, assuming wlan0 appears above, substitute alternatives
sudo airmon-ng start wlan0

See what's going on, scanning not saving, note channel, ssid and APs MAC
sudo airodump-ng mon0

fix channel 11, AP mac 00:, and save to a file called SSID (change the name):
sudo airodump-ng -c 11 --bssid 00:00:00:00:00:00 -w SSID mon0

crack WEP key, with only one AP in the file, it'll be selected as target, substitute pcap names
aircrack-ng SSID*.cap

decrypt the pcap, substitute key and AP's MAC
airdecap-ng -w Key-from-crack -b 00:00:00:00:00:00 SSID-##.cap

view the content with foremost or chaosreader
No comments:

Tuesday, May 26, 2015

tunnel and mount a cifs/samba share

mountpoint Z:

mkdir Z

set-up Local listener tunnel, 9445 is my choice, my-fileserver is the hostname on the remote network,  445 is the actual SMB listener number port, files.network.org, is my ssh entry to the remote network. -f Fork/background listener, N no command.

ssh -L 9445:my-fileserver:445 -fN files.network.org

Mount CIFS type, localhost is this machine, /files/ is the share on the remote file server, Z is my mountpoint. remoteuser is the user on the file server, uid i can't remember, noperm means don't locally worry about permissions, port should be the tunnel choice above.

sudo mount -t cifs //localhost/files/ Z/ -o username=remoteuser,uid=5000,rw,noperm,port=9445

No comments:

Sunday, February 2, 2014

Here strings, three less-than-signs

something i just learned about: the here string, rather than echo pipe to command, it is quicker.


flatmac:~ peter$ a="london 43 smog cafes thames uk"
flatmac:~ peter$ read City Value Bad Good Positive Country <<< $a
flatmac:~ peter$ echo $City
london
flatmac:~ peter$ echo $Good
cafes
flatmac:~ peter$ echo $Country
uk


...or if the delimiter is different, this also works though I need to find out how the IFS assignment and read command work together.
flatmac:record peter$ a="london|43|smog|nice shops|river thames|uk"
flatmac:record peter$ IFS='|' read City Value Bad Good Positive Country <<< "$a"
flatmac:record peter$ echo $Positive
river thames
flatmac:record peter$ echo $City
london



No comments:

Monday, January 27, 2014

sudo for a new user

1. Don't edit /etc/sudoers

when it has this line:
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL


use this to add the user to sudo:
sudo usermod -a -G sudo peter

-a means additional group for this user.
-G is the group. Uppercase may be excessive, should check if lower will do.
No comments:

leading zero, base 8

value too great for base (error token is XX)

When processing strings to numbers, eg, date +%S gives seconds, the output of "08", "09", will cause errors when used in an expression, because they are treated as base 8 (octal).

For example 60 - 08 will error as above. Nos 00 to 07 are also octal, but of course don't error and are the same as decimal, and 10 is treated as decimal 10. Only numbers with leading zero are octal. This string to number bug has caught some excellent shell script authors I know, usually when processing the output of date to do maths on dates and times. These scripts usually go wrong around August and September.

Tell BASH this is decimal with 10# prefix, 60 - 10#08

eg; wait until the next minute tick with:

sSec=$(date +%S); sWait=$(( 60 - 10#$sSec )); echo ${sSec} ${sWait}; sleep ${sWait}; date

sSec will be 08
sWait becomes 60-10#08, or 52 second sleep.
No comments:

Thursday, January 16, 2014

Reverse tunnel ssh

This example is creating inward routing to a network which at a
network level allows only outbound. Using four hosts, an appliance,
admin console (alanis), general purpose machine (smallfry) and a
workstation. Alanis creates the reverse tunnel with smallfry,
forwaring any traffic arriving at smallfry:2022, to appliance:22.

ssh -R 0:2022:localhost:22 peter@smallfry.dyndns.org

-R reverse tunnel
0 is the interface on smallfry, zero or * means any
:2022 is the listening port to bind on smallfry
:localhost replays the traffic to alanis' internal interface, it could
be any IP alanis can talk to
:22 is the interface to forward to on the destination machine
peter@smallfry.dyndns.org is the account and public name of the second machine.

-f -N (fork, no command) are also useful parameters to create the
tunnel and not create a command session or wait.

The diagram shows 192.168.2.7 as an applicance with a 22 listener.
ssh -R 0:2022:192.168.2.7:22 peter@smallfry.dyndns.org

The workstation issues a connection to smallfry:2022
or
ssh smallfry -p 2022

Green is the reverse tunnel, the secure network creates an inward path.
Black is tunnelled.

The item *:2022 in netstat -l (below) is the listener bound.

The smallfry device will only bind its network side, as opposed to
localhost side if GatewayPorts is yes in sshd_config. Otherwise it
will bind localhost:2022.

peter@alanis:~$ ssh -R 0:2022:localhost:22 peter@smallfry.dyndns.org
peter@smallfry.dyndns.org's password:
Linux smallfry 3.6.11+ #538 PREEMPT Fri Aug 30 20:42:08 BST 2013 armv6l

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Thu Jan 16 01:12:08 2014 from static-77-257-227-57.rcmdpa.myisp.net
peter@smallfry ~ $ netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:3128 *:* LISTEN
tcp 0 0 localhost:4700 *:* LISTEN
tcp 0 0 *:afpovertcp *:* LISTEN
tcp 0 0 *:2022 *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
udp 0 0 smallfry.home:ntp *:*
udp 0 0 localhost:ntp *:*
udp 0 0 *:ntp *:*
udp 0 0 *:36284 *:*
udp 0 0 *:38369 *:*
udp 0 0 *:mdns *:*
udp 0 0 *:icpv2 *:*
udp 0 0 *:bootpc *:*
udp 0 0 *:10855 *:*
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 2753
/var/run/dbus/system_bus_socket
unix 2 [ ACC ] SEQPACKET LISTENING 481 /run/udev/control
unix 2 [ ACC ] STREAM LISTENING 2791
/var/run/avahi-daemon/socket
peter@smallfry ~ $

peter@smallfry ~ $ grep Gate /etc/ssh/sshd_config
GatewayPorts yes
peter@smallfry ~ $
No comments:
Subscribe to: Posts (Atom)