From 97e0c3b9a5806ae3e99e89fca1f9c8421e6aa03b Mon Sep 17 00:00:00 2001 From: Hira Barton Date: Fri, 8 Aug 2025 09:46:00 +0000 Subject: [PATCH] Add ssh --- ssh.md | 497 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 497 insertions(+) create mode 100644 ssh.md diff --git a/ssh.md b/ssh.md new file mode 100644 index 0000000..f7a0b39 --- /dev/null +++ b/ssh.md @@ -0,0 +1,497 @@ +# root.whispers — Linux Commands Cheatsheet +> AlmaLinux 9 / RHEL 9 family and Ubuntu 22.04 tested. Some commands vary by distro. Read before you run. + +--- + +## Table of Contents +- [System Basics](#system-basics) +- [Users & Groups](#users--groups) +- [Permissions & Modes](#permissions--modes) +- [ACLs](#acls) +- [Files, Search & Text](#files-search--text) +- [Processes & Services](#processes--services) +- [Time & NTP](#time--ntp) +- [Networking](#networking) +- [SSH (Client & Server)](#ssh-client--server) +- [Firewall](#firewall) +- [Packages (RPM & Debian)](#packages-rpm--debian) +- [Disks, Filesystems & Mounting](#disks-filesystems--mounting) +- [LVM / VDO / Stratis](#lvm--vdo--stratis) +- [Logging](#logging) +- [Scheduling (cron / at)](#scheduling-cron--at) +- [Containers (Podman & Docker)](#containers-podman--docker) +- [Git Essentials](#git-essentials) +- [Security Quick Checks](#security-quick-checks) +- [Misc Snippets](#misc-snippets) + +--- + +## System Basics +```sh +hostnamectl # Hostname / chassis / OS info +lsb_release -a # Distro info (Debian/Ubuntu) +cat /etc/os-release # Generic OS info +uname -a # Kernel +uptime -p # Pretty uptime +whoami && who && last -n 5 # User/session audit +free -h # Memory +vmstat 1 # Quick CPU/mem view +df -hT # Disks with FS types +lsblk -f # Block devices with labels/UUIDs +``` + +--- + +## Users & Groups +```sh +# Key files +/etc/passwd # User accounts +/etc/group # Groups +/etc/shadow # Password hashes +/etc/login.defs # Defaults for new users +/etc/skel # Skeleton for new home dirs +/etc/security/pwquality.conf # Password complexity rules + +# Users +useradd +useradd -r # System account +passwd # Set/change password +echo "user:pass" | chpasswd # Batch update passwords + +id # Show uid/gids +userdel +userdel -r # Remove and delete $HOME + +# Groups +groupadd +groupdel +usermod -a -G # Add user to group +gpasswd -a # Alternative add +gpasswd -d # Remove from group + +# Lock / unlock user (account) +passwd -l # Lock +passwd -u # Unlock + +# Shell +chsh -s /bin/bash # Change login shell +usermod -s /sbin/nologin # Disable interactive logins +usermod -s /bin/false # Drop immediately on login + +# Sudo +usermod -a -G sudo # Debian/Ubuntu +usermod -a -G wheel # RHEL/CentOS/Fedora + +# Password aging +chage -m MIN -M MAX -W WARN -I INACT -E EXPIRE +``` + +--- + +## Permissions & Modes +```sh +ls -l tmp # List perms +chmod g-w tmp # Remove write (group) +chmod a-r tmp # Remove read (others) +chmod u+rw file # Add rw (user) +chmod u+x file # Add execute (user) +chmod a+rwx path # rwx for all + +# SetUID / SetGID / Sticky +chmod u+s file # SetUID on executable +chmod g+s file_or_dir # SetGID on file/dir +chmod +t dir # Sticky bit on dir (only owner can delete) +chmod -t dir # Remove sticky + +# chown / chgrp +chown -R user path +chgrp -R group path +``` + +--- + +## ACLs +```sh +setfacl -m u:USER:rwx PATH +setfacl -m g:GROUP:r PATH +setfacl -Rm g:GROUP:r PATH # Recursive +setfacl -x g:GROUP PATH # Remove entry +setfacl -b PATH # Remove all ACLs +getfacl PATH # Show ACLs +``` + +--- + +## Files, Search & Text +```sh +# Existence tests +test -f FILE && echo "file exists" +test -d DIR && echo "dir exists" + +# Find / grep +find . -type f -mtime -1 +grep -Rni --color "pattern" . +grep -E "foo|bar" file +grep -c "pattern" file # Count matches + +# sed / awk +sed -n '1,120p' file # Show lines 1..120 +awk '{print $1,$2}' file + +# Sorting / uniq +sort -nr file +uniq file + +# Copy/move including dotfiles +# Zsh +setopt glob_dots; mv Foo/* Bar/; unsetopt glob_dots +# Bash +shopt -s dotglob; mv Foo/* Bar/; shopt -u dotglob + +# rsync +rsync -avh --progress SRC/ DST/ + +# Checksums +sha256sum file +echo " file" | sha256sum -c +``` + +--- + +## Processes & Services +```sh +# Processes +ps -ef | grep +ps -ef --sort=-%cpu | head -10 +ps -ef --sort=-%mem | head -10 +pgrep # PIDs by name +pkill # Kill by name +kill ; kill -9 # SIGTERM, SIGKILL +killall -s 9 # Force kill all by name +top -H -p # Threads view +pstree # Tree view +strace -f -p # Syscalls (careful) +perf top # Hot functions + +# systemd +systemctl status/start/stop/restart NAME.service +systemctl reload NAME.service +systemctl enable/disable NAME.service +systemctl mask/unmask NAME.service +systemctl list-units --type=service --no-pager | grep -i term +systemctl --all +``` + +--- + +## Time & NTP +```sh +timedatectl # Show time settings +timedatectl list-timezones +timedatectl set-timezone Europe/Stockholm +timedatectl set-time '2025-08-08 20:15:50' +timedatectl set-ntp true + +# Chrony (RHEL family) +dnf install -y chrony ntpstat +systemctl enable --now chronyd +ntpstat +chronyc sources -v +vi /etc/chrony.conf && systemctl restart chronyd +chronyc makestep +``` + +--- + +## Networking +```sh +ip a # Addresses +ip r # Routes +ss -tulpn # Listening sockets +lsof -i :443 # Who bound 443 +nc -zv host 1-1024 # Quick port sweep +curl -I https://example.com # HEAD request +dig +short A example.com # Just the answers +traceroute example.com + +# tcpdump +tcpdump -i eth0 -nn port 53 -vv + +# View & sort sizes +du -h ~ | sort -nr +``` + +--- + +## SSH (Client & Server) +```sh +# Client quality-of-life +ssh -J jumpbox user@target +ssh -o StrictHostKeyChecking=accept-new host +scp -3 user1@host1:/p user2@host2:/p + +# ~/.ssh/config +# --- +# Host prod +# HostName 203.0.113.10 +# User ubuntu +# IdentityFile ~/.ssh/id_ed25519 +# ForwardAgent no + +# Keys +ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -C "comment" +ssh-copy-id USER@HOST -i ~/.ssh/id_ed25519.pub + +# Server (/etc/ssh/sshd_config) +# Client keepalive +ClientAliveInterval 600 +ClientAliveCountMax 1 +# Disable root login +PermitRootLogin no +# Disable empty passwords +PermitEmptyPasswords no +# Allow only certain users +AllowUsers user1 user2 +# Change port +Port 2222 +# Reload +# systemctl restart sshd +``` + +--- + +## Firewall +```sh +# firewalld (RHEL family) +firewall-cmd --list-all +firewall-cmd --get-active-zones +firewall-cmd --zone=public --list-all +firewall-cmd --get-services +firewall-cmd --add-service=http --permanent +firewall-cmd --add-port=8080/tcp --permanent +firewall-cmd --reload +firewall-cmd --runtime-to-permanent + +# iptables (legacy) +iptables -L +iptables -F + +# nftables +nft list ruleset +``` + +--- + +## Packages (RPM & Debian) +```sh +# RHEL / Fedora +dnf install PACKAGE +dnf remove PACKAGE +rpm -qa # List installed +rpm -qi PACKAGE # Info +rpm -qc PACKAGE # Config files +rpm -qf /path/to/file # What pkg owns this file? +rpm -ihv PACKAGE.rpm # Install local rpm +cat /etc/redhat-release +yum update # Minor updates +yum upgrade # Full upgrade + +# Debian / Ubuntu +apt update && apt list --upgradable +apt install PACKAGE +apt remove PACKAGE +dpkg -S /usr/bin/foo # What pkg owns file +apt-cache policy PACKAGE # Candidate version/source +cat /var/log/apt/history.log +``` + +--- + +## Disks, Filesystems & Mounting +```sh +lsblk +blkid +fdisk -l /dev/sda +df -hT + +# Quick single-partition + format (ext4) +fdisk /dev/sdx # g|o, n (defaults), w +mkfs.ext4 /dev/sdx1 +mkdir -p /data && mount /dev/sdx1 /data + +# Labels & mounts +e2label /dev/sdx1 DATA_VOL +mount -L DATA_VOL /data +echo "UUID=$(blkid -s UUID -o value /dev/sdx1) /data ext4 defaults 0 0" >> /etc/fstab +mount -a + +# Integrity +e2fsck -f /dev/sdx1 + +# Loop ISO +mount -o loop file.iso /mnt/iso +``` + +--- + +## LVM / VDO / Stratis +```sh +# LVM +pvcreate /dev/sdb1 +vgcreate vg0 /dev/sdb1 +lvcreate -n lvdata -L 50G vg0 +mkfs.ext4 /dev/vg0/lvdata +mount /dev/vg0/lvdata /data + +lvextend -l +100%FREE /dev/vg0/lvdata +resize2fs /dev/vg0/lvdata + +lvremove vg0/lvdata && vgremove vg0 && pvremove /dev/sdb1 + +# VDO (RHEL 9+ note: requires correct packages) +lvcreate --type vdo -n vdotank -L 100G -V 300G vg0 +lvs -o lv_name,vdo_compression,vdo_deduplication +vdostats --human-readable +lvchange --compression y /dev/vg0/vdotank + +# Stratis +dnf install -y stratis-cli stratisd +systemctl enable --now stratisd +stratis pool create pool0 /dev/sdb +stratis filesystem create pool0 fs0 +mount /dev/stratis/pool0/fs0 /stratis +``` + +--- + +## Logging +```sh +# Classic logs (RHEL) +/var/log/boot +/var/log/messages +/var/log/secure +/var/log/cron +/var/log/maillog +/var/log/chronyd +# Debian/Ubuntu auth +/var/log/auth.log + +# journald +journalctl -b -1 # Previous boot +journalctl -u ssh --since "2h" +journalctl -xe # Errors with context +journalctl -k -f # Kernel (follow) + +# Persistent journal +vi /etc/systemd/journald.conf # Storage=persistent +mkdir -p /var/log/journal +systemctl restart systemd-journald +journalctl --flush +``` + +--- + +## Scheduling (cron / at) +```sh +# Access control +echo USER >> /etc/cron.allow +echo ALL >> /etc/cron.deny + +crontab -e # Edit current user +crontab -e -u # Edit other user +crontab -l # List + +# at +echo "echo hi" | at now + 1 hour +systemctl enable --now atd +echo USER >> /etc/at.allow +echo ALL >> /etc/at.deny +``` + +--- + +## Containers (Podman & Docker) +```sh +# Podman +dnf install -y podman +podman info +podman images && podman ps -a +podman run -dt --name web -p 8080:80 docker.io/library/nginx:alpine +podman exec -it web /bin/sh +podman logs -f web +podman rm -a -f + +# Generate systemd unit for rootless container +podman generate systemd --new --files --name web +loginctl enable-linger +systemctl --user enable --now container-web.service + +# Docker parity +docker images && docker ps -a +docker run -dt --name web -p 8080:80 nginx:alpine +docker exec -it web /bin/sh +docker logs -f web +docker compose up -d +docker compose logs -f +``` + +--- + +## Git Essentials +```sh +git config --local user.name "Your Name" +git config --local user.email "you@example.com" + +git switch -c fix/thing +git add -A && git commit -m "message" +git pull --rebase origin main +git push + +git stash push -m "wip: foo" && git stash list +git reflog # Recover lost refs +git reset --soft HEAD~1 # Undo last commit keep changes +git reset --hard HEAD~1 # Dangerous: drop changes +git push --force # Use sparingly +git commit --amend --reset-author +``` + +--- + +## Security Quick Checks +```sh +sudo -l # What can current user sudo? +getcap -r / 2>/dev/null | grep cap_ # Files with caps +stat -c "%a %n" * # Numeric perms +sha256sum FILE # Hash +``` + +--- + +## Misc Snippets +```sh +# Nice / renice +nice -n 10 command +renice -n 19 -p + +# Generate password +tr -dc 'A-Za-z0-9'