SSH Swiss army knife

May 4, 2011 4 comments

SSH aka secure shell is Swiss army knife. Its astonishing how ssh can do wide variety of things from remote login to tunneling. In this tutorial im going to write about different things we can do with SSH.

It can do many more things but i will discuss

1. Remote login

2. Password less login

3. Remote command execution

4. Xorg Forwarding

5. File Transfer (SCP)

6. Remote File system mount (SSHFS )

Lets dive into the awesome world of SSH 🙂

Before we start , we need to have a ssh client and ssh server to connect to.Just install them from your favorite distribution’s repo

Remote Login:

The most common use of ssh is remote login, and i strongly believe ssh is the only widely used and secure way of remote login.

Lets see the commands,

consider we want to login into a remote server(my-ssh-server.com) running ssh-server ( default port for ssh is 22)

ssh user@my-ssh-server.com

If the ssh server is running on a different port we can specify the port number using -p option

ssh user@my-ssh-server.com -p 2222

In the above example, a connection will be made on port 2222 on my-ssh-server.com.

Generally ssh asks for user credentials, a username and password to login you in.

Imagine what happens if you have to manage a bunch of computers with different passwords.Its difficult to remember passwords for all of them.For this purpose we have a nice option in ssh called password less login

Password Less login:

To enable password less login you need to have private/public key pair on your local system.Public and private will be in your ~/.ssh/ directory. If not, create a pair using the command

ssh-keygen -t rsa

Also the ssh server should be configured to allow password less login.Which can be done by uncommenting or adding the following two lines to the configuration file(/etc/ssh/sshd_conf).

RSAAuthentication yes
PubKeyAuthentication yes

and then restart the server.

/etc/init.d/sshd restart

The command will prompt you for a location to save the keys and a pass-phrase.

 Generating public/private rsa key pair.

Enter file in which to save the key (/home/imran/.ssh/id_rsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /home/imran/.ssh/id_rsa.

Your public key has been saved in /home/imran/.ssh/id_rsa.pub.

If we use the default directory, pair of files will be created in ~/.ssh directory.

This comes handy if you are trying to automate something on remote system.

Now we have a key pair. we need to append the contents of the public file .pub file to the remote server’s authorized keys. This can be done with the following command

ssh-copy-id -i ~/.ssh/id_rsa.pub user@my-ssh-server.com

This will prompt you for the login password for user. once authenticated it copies the keyfile to ~/.ssh/authorized_keys2 or ~/.ssh/authorized_keys and fixes the permissions if necessary.

That’s it. you are ready to login without typing password.

Remote command execution:

The thing that i like most in ssh is provision for remote command execution. This feature becomes more powerful when used with password less login

If you want to run a command in my-ssh-server.com, you could use the following command

ssh user@my-ssh-server.com ‘ ps aux | grep sshd ‘

you can run any command by putting them in quotations(‘command’ )

X11 Forwarding:

X11 forwarding lets you run graphical user interface programs remotely. It forwards the GUI from remote system to your system.But one requirement is ForwardX11 should be enabled in sshd configuration file.

The command to forward X11 is:

ssh -X user@my-ssh-server.com

then invoke your GUI programs as you will do in local system.

File Transfer (SCP)

How about transferring a file from remote system to remote or vice versa ?

Its simple

from current logged in system to remote system

scp file-name1 file-name2 user@my-ssh-server.com:/destination/directory

This command will copy files file-name1 and file-name2 to the remote server in /destination/directory.

from remote system to presently logged in system.

scp user@my-ssh-server.com:~/file-name1 .

This command will copy file file-name1 from user’s home directory on my-ssh-server.com to the current directory of the user.

You can even copy folders using -r switch of scp

scp -r directory-name user@my-ssh-server.com .

What if you want to copy from one remoter server to another remoter server ?

its simple

scp user@server1.com:~/file user@server2.com:~/file1

This command will copy file from server1.com to server2.com

Remote File system mount (SSHFS )

We can even mount the remote file system, a partition on our local system.It can be done with the help of a tool called SSHFS secure shell file System. Of course you need to install it on your system. Once sshfs is installed you can mount remote file system using command

sshfs user@my-ssh-server.com:/mnt/media /media/remotedirectory

This command will mount /mnt/media from my-ssh-server to your local directory /media/remotedirectory.From now, its like a local file system. you can create, modify and delete files and folders. cool isn’t it ?

Advertisement
Categories: Linux, Security

Commands to check hardware

April 7, 2011 2 comments

The cool thing about linux is, everything in linux is a file. Hard disk, compact disk, memory, virtually anything is a file.

Dig the right files and you will get right info

dmidecode gives a detailed list of hardware info ( one awesome command). If you are looking something specific try grep.

You can find out your hardware such as:
* IPMI Device
* Type of memory and speed
* Chassis Information
* Temperature Probe
* Cooling Device
* Electrical Current Probe
* Processor and Memory Information
* Serial numbers
* BIOS version
* PCI / PCIe Slots and Speed
* Much more

General syntax is:

dmidecode –type {KEYWORD/NUMBER}

Keyword and numbers can be:

Keyword                   Number

──────────────────────────────

bios                    0, 13

system                1, 12, 15, 23, 32

baseboard          2, 10, 41

chassis               3

processor           4

memory              5, 6, 16, 17

cache                 7

connector            8

slot                     9

For BIOS info type

dmidecode –type bios

dmidecode –type 0

For Motherboard info type

dmidecode –type baseboard

For processor related info type

dmidecode –type processor

For Manufacturer,Model and serial number

dmidecode –type system

For more info dig into man page

man dmidecode

Specific commands

0. CPU specifications

cat /proc/cpuinfo

1. kernel info

uname -a

kernel version

uname -r

3. pci cards

cat /proc/pci

4. Memory(RAM) and swap information

cat /proc/meminfo

free -m

5.Hard drives partitions

fdisk -l

6. free/used drive space

df -h

7. Disk usage by current directory and all subdirectories

du | less

another command is du -sh /* to see top level directory wise disk usage

8. dmesg to view the kernel ring buffer (error messages)

dmesg | less

dmesg | egrep ‘(SCSI|scsi0|ide0|hda|sda|serio|mice|eth0|eth1)’

9.some other commands

lspci ( lists pci device)
lsusb ( lists usb device)

Categories: Linux