Table of Contents


Server Alive Interval

Add these lines to .ssh/config:

Host *
ServerAliveInterval 120

Port Forwarding

Accessing a host behind a firewall.

This command will port-forward port 8443 on localhost to port 443 on "host-behind-firewall".

ssh -f -N -L 8443:host-behind-firewall:443 user@accessible-host

Connecting two hosts via workstation

Commands executed on workstation:

Reverse port-forwarding" on workstation (traffic from server-one sent to workstation)

ssh -R 2222:localhost:3333 user@server-one

Port-forwarding on workstation (traffic sent to local port 3333 sent to server-two on port 22)

ssh -L 3333:server-two:22 user@server-two

Now executing this on server-one will forward the connection to server-two:

ssh localhost -p 2222

GNU screen

Starting and re-attaching

Start screen with 'screen' or:

screen -S <SessionName>

Re-attach to a session with:

screen -R <SessionName>

Re-attach to a still-attached-to session with:

screen -dr <SessionName>

This will de-attach the session from whoever was connected previously. Great feature for recovering after network disconnection.

Multi-display-mode (attach to a detached session). Only works with same system-user.

screen -x <SessionName>

Store all of the buffer contents to file by pressing Ctrl + A and then ':' (colon) to get to command mode, then:

hardcopy -h <filename>


Note: TMUX shares many keybindings with GNU screen.

tmux can be started from the command-line and used interactively - or you can create a script that will do the initial steps for you.


  • C - b % - split screen, panes created side-by-side.
  • C - b " - split screen, panes above and below each other.
  • C - b d - detach from session.
  • C - b SPACE - Change the pane layout, switches between five different modes.
  • C - b ! - Move current pane to new window.
  • C - b (up/down/left/right) - change the size of the active pane
  • C - [ - start "copy-mode" quit with ESC (or q if using VI keyboard layout). Use default Emacs or VI key-bindings to copy text. Copying text will also exit copy-mode.
  • C - ] - paste the copied text


Use C - b : (colon) to enter commands that change TMUX behaviour.

  • C - b : setw synchronize-panes - Synchronize input on all tmux panes
  • C - b : select-layout tiled - tile panes on current window.
  • C - b : split-window -h - split screen, panes created side-by-side.
  • C - b : split-window -v - split screen, panes created above and below each other.
  • C - b : list-keys - list all current keybindings


Please note:

  • the session-name (indicated by the -s option) must be unique for each script you run (at the same time).
  • run the 'select-window tiled' every three panes or so when creating many (more than ~5) panes.

Example connecting to the web-servers in a tiled panes layout with input synchronization on all panes.

tmux start-server
tmux new-session  -d -s PRODWEB 'ssh -t prod-web-01'
tmux split-window    -t PRODWEB 'ssh -t prod-web-02'
tmux split-window    -t PRODWEB 'ssh -t prod-web-03'
tmux select-layout tiled
tmux split-window    -t PRODWEB 'ssh -t prod-web-04'
tmux split-window    -t PRODWEB 'ssh -t prod-web-05'
tmux split-window    -t PRODWEB 'ssh -t prod-web-06'
tmux select-layout tiled
tmux split-window    -t PRODWEB 'ssh -t prod-web-07'
tmux split-window    -t PRODWEB 'ssh -t prod-web-08'
tmux select-layout tiled
tmux set-window-option synchronize-panes on
tmux -2 attach-session -t PRODWEB

Script that will start tmux with tiled panes, each pane using SSH to connect to a host and reconnect a screen session.

tmux start-server
tmux new-session  -d -s DATABASE_HOSTS 'ssh -t prod-projectX-db01 screen -S DBWork -dr'
tmux split-window -t DATABASE_HOSTS 'ssh -t prod-projectX-db02 screen -S DBWork -dr'
tmux split-window -t DATABASE_HOSTS 'ssh -t prod-projectX-db03 screen -S DBWork -dr'
tmux split-window -t DATABASE_HOSTS 'ssh -t prod-projectX-db04 screen -S DBWork -dr'
tmux select-layout tiled
tmux -2 attach-session -t DATABASE_HOSTS

Nested tmux

Use the prefix key-binding twice to have the commands reach the nested tmux when running tmux-in-tmux.

  • CTRL-B CTRL-B l - to switch to that last window inside tmux-in-tmux.



To do a quick scan of a remote host, use:

nmap -sT host

You can also do "sweep" scans by telling nmap a range of IPs to scan which can be a great way of determining what IPs are being used by what hosts. For instance:

nmap -sP '192.168.0.*'

Another option is to use the -sV option, which will attempt to obtain version numbers for applications on any open ports:

sudo nmap -sV remote.host.com

FIN scan

The Nmap FIN scan comes in handy in such circumstances. The standard use of a FIN packet is to terminate the TCP connection — typically after the data transfer is complete. Instead of a SYN packet, Nmap initiates a FIN scan by using a FIN packet. Since there is no earlier communication between the scanning host and the target host, the target responds with an RST packet to reset the connection. However, by doing so, it reveals its presence. A FIN scan is initiated using a command like:

nmap -sF

OS detection

With so many different operating systems and versions around, it is really interesting how Nmap detects the operating system of a target in a very short time. Let us study the OS detection command in detail. Table 1 shows a sample output that’s running an OS detection command against a target PC with an Intel Ethernet card, while running Windows XP SP3.

sudo nmap -O -v -oversiondetect.txt


Scan port 22 on LAN network.

sudo /path/to/bin/masscan -p22


Interact (ping will work) with LAN IPs and use 'arp' to identify HW address.


This will list IPs, type and MAC address.



Download and install

wget -O - http://install.perlbrew.pl | bash

Source the environment variable to "enable" perlbrew.

source ~/perl5/perlbrew/etc/bashrc


  • perlbrew available - List all available (installable) Perl versions.
  • perlbrew install perl-5.22.1 - Install Perl version 5.22.1.
  • perlbrew use perl-5.22.1 - enable Perl version 5.22.1.
  • perlbrew use - show which Perl version is being used currently.
  • perlbrew list - see which versions of Perl are installed.
  • perlbrew switch perl-5.16.0 - switch to version 5.16.0 of Perl.
  • perlbrew exec perl myprogram.pl - test "myprogram.pl" on all (perlbrew-) installed versions of Perl.

Inline replace

Test with:

perl -pe 's/123/456/' test.txt

Actual inline replace with:

perl -i -pe 's/123/456/' test.txt

Extract text between markers

Here show when grebbing a certificate from file.

perl -ne 'print if /-----BEGIN PGP PUBLIC KEY BLOCK-----/../-----END PGP PUBLIC KEY BLOCK-----/' FILE

/etc/shadow encryption

SHA512, e.g. "\(6\)"

perl -e 'print crypt("PASSWORD","\$6\$SALT\$") . "\n"'

GNU Utils


Find files modified after YYYY-MM-DD

find -newermt YYYY-MM-DD -type f

GPG - Gnu Privacy Guard

Installation on Linux


sudo apt install gnupg


sudo yum install gnupg


Download gpg4win from here: https://gnupg.org/download/index.html

Install gpg4win using the graphical installer.

Getting GnuPG, creating a key-pair and transmitting the public key. **

After successful installation you can start a command-prompt and type:

gpg --gen-key

This will start the key-pair generation process. Just choose the default "DSA/ElGamal" algorithm and 2048 bits for key length.

You will be prompted for name, comment and email-address. I think you can type in whatever bogus information you want - unless you actually want to use it for email using a keys-server as people will search for your name on the server. The comment field is to distinguish between different personal keys - you can have one "home", one for "work" etc.

Pass phrase

The program should ask for a pass-phrase (this just means multiple passwords separated by space).

Choose something good that you will not forget (or keep it in a password database).

Examples: "George Washington, president 1789", "Home of the Brave, March 1931" or "Blue Suede Shoes, 1956, Presley". It can be whatever sentence you want.

The web-site gives these hints regarding a good pass-phrase:

  • it is long
  • it has special (non alphanumeric) characters,
  • it is something special (not a name),
  • it is very hard to guess (so NOT names, birth dates, phone numbers, number of a credit card/checking account, names and number of children, …)


Export the private key using:

gpg --export > public.key

The public.key file is for public use. This is the file you can send to me so I can encrypt the data with it knowing that only the holder of the private key (and pass-phrase) can decrypt it.


I will then import the key using:

gpg --import <filename>


And encrypt the data with:

gpg --encrypt FirstnameLastnameIdentifier > data.gpg


After you've received the file you can decrypt it like this;

gpg --decrypt data.gpg > data.txt

Type in you pass-phrase and that should be it!



This file that controls which IPs are allowed to relay via the server:


Adding ranged - it does not understand netmasks - as far as I understand.


Run this to regenerate the /etc/tcp.smtp.cdb

qmailctl cdb

djbdns - tinydns

Install DJBDNS package. (Perhaps 'dbndns' - DJBDNS with added patches - will work even better/have more options than default djbdns?)

sudo aptitude install djbdns

Create required users.

sudo adduser --system --no-create-home --disabled-login --group tinydns
sudo adduser --system --no-create-home --disabled-login --group dnslog

Create the default tinydns configuration.

sudo mkdir -p /etc/sv
sudo tinydns-conf tinydns dnslog /etc/sv/tinydns __IP_ADDRESS__

Start the tinydns service.

sudo update-service --add /etc/sv/tinydns

Edit data file.

sudo nano -w /etc/service/tinydns/root/data

Sample data file:

# Domain: domain2.tld

# Second domain - DNS hosted from domain1.tld


T - match messages to TAG ;d - Set all marked messages to be deleted. The ';' is the tag-prefix,

  • 'd' is used for the delete operation. Also 's' is the save operation.

$ - Expunge deleted messages without restarting Mutt.


Use strace to bind to a process and see what OS operation is performs.

Exit with CTRL-C.

Use strace to check what process 22094 is doing limit output to 80 chars per line.

strace -s 80 -p 22094

Use strace to check what process 22094 is doing, limit output to 80 chars per line.

strace -s 80 -p 22094


Add webserver certificate to locate certificate store

Note Debian/Ubuntu specific!

sudo su -c "echo -n \
| openssl s_client -showcerts -connect HTTPS_WEB_SERVER:443 2>/dev/null \
>> /etc/ssl/certs/ca-certificates.crt"

Get public IP address

Here using DynDNS.org:

curl -s checkip.dyndns.org | sed -e 's/.*Current IP Address: //' -e 's/<.*$//'


Change hostname

hostnamectl set-hostname new-hostname

Author: Rói á Torkilsheyggi

Created: 2016-10-11 Tue 01:03

Emacs 24.5.1 (Org mode 8.2.10)