cyborgworkshop.org

Another great feature of openssh is that you can use it as a SOCKS proxy to tunnel traffic between hosts. This is very handy when you need to test an internet connection that is outside of your corporate network. In fact, I leave ssh accessable on my web hosting account just for this reason. When I need to test something from outside of work, I just ssh to my webserver and use it as an internet proxy. This is another one liner.

ssh -D 8080 $USER@$HOST

and then just configure your application (firefox, gaim, etc) to use a SOCKS 5 proxy on IP 127.0.0.1 and port 8080. I encourage SOCKS 5 because DNS requests can be sent over the socks connection whereas SOCKS 4 uses your local DNS. The implications are for you to figure out

When you absolutely, positively have to kill every mother fu need to have X windows access to a remote system, I suggest using SSH. If you can ssh to a host, you can run any X application and have it display on your desktop. A situation where I use this all the time is when I need to run sun console admin on a remote host. You’ll need to make sure that X forwarding is enabled in the remote nodes sshd_config

X11Forwarding Yes

and then connect to that host with a -X flag

ssh -X $USER@$HOST

Done and done. You can run any x program now from firefox to xeyes.

Rsync has to be one of my favorite tools. It’s cross platform (a windows variant even exists) and it’s saved my bacon more times then I can count. rsync is designed, as the name somewhat implies, to synchronize file(s) across different hosts or directories. It handles permissions, ownerships, crazy file names and is a very complete tool. Two scenarios that I use rsync for a lot are syncing up my mp3 player and moving directories from one unix server to another. To sync two local directories (mp3 player example) I run the following

rsync -auv $SOURCE/*.mp3 $DEST

Pretty straight forward. rsync -a(keep permissions and ownership) -u(update files that already exist on the $DEST) -v(show me lots of output)

Taking that one step further, rsync can use ssh to move files between nodes. When using ssh, rsync is intelligent enough to move only the bits of the file that have changed. So if you have a 10 meg file that you want to sync but have only changed 1k of data on that file, rsync will move that 1k of data and then reassemble the file on the remote end to include those changes. Really really slick little program. You can move data between hosts like so

rsync -auv $SOURCE $USER@$HOST:$DEST

Again, pretty easy to understand. All we added was $USER@$HOST and a colon. Now files on $SOURCE will be copied over to $DEST using ssh as use $USER. I use this fairly frequently to upgrade my wordpress install when a new update comes out.

Probably the command that I use first more then any other command when I log into a new system is ‘w’. w wraps up the uptime command, loadavg, who and date into one nice little package. It’s on most linux and solaris machines and gives you an immediate picture of the box you’re on. It’s not very granular, but it sure is handy when you just need to get your bearings.

w

SUID permissions means that, when a file is executed, that file runs with the permissions of the user or group that the file is owned by. For example, a file that is owned by root and has the suid bit set will execute as root, even when run by a user other then root. This can be useful at times, but usually it’s a bad idea. It’s good practice to crawl your filesystems periodically and look for files that have the suid bit set, it can sometimes be an indicator of foul play. You can do that using the find command like so

find / -perm -u+s -print

Have fun, be safe.