IT notes

pip upgrade

Upgrade using: pip list --outdated --format=freeze | grep -v '^\-e' | cut -d = -f 1 | xargs -n1 pip3 install --upgrade --user

gpg: selecting card failed: Operation not supported by device

If using a yubikey and getting this: gpg: selecting card failed: Operation not supported by device gpg: OpenPGP card not available: Operation not supported by device Add to ~/.gnupg/scdaemon.conf disable-ccid To debug you could use: reader-port Yubico Yubi debug-all debug-level guru disable-ccid log-file /tmp/scd.log

Pipenv Pyinstaller

Create a basic hello world using flask: mkdir /tmp/project cd /tmp/project Create app.py: from flask import Flask app = Flask(__name__) @app.route("/") def hello(): return 'Hello World!' if __name__ == '__main__': app.run(host='0.0.0.0') Instal flask:  pipenv install flask test the app: pipenv shell python app.py Install pyinstaller: pipenv install pyinstaller Create the requirements.txt: pipenv run pip freeze > requirements.txt Create the binary:  pyinstaller --onefile app.

ZFS encryption

Create an encrypted file system: zfs create -o encryption=on -o keyformat=passphrase -o keylocation=prompt tank/test-enc Check encryption: $ zfs get encryption tank/test-enc NAME PROPERTY VALUE SOURCE tank/test-enc encryption aes-256-gcm - Check status: zfs get -p encryption,keystatus,keyformat,keylocation,encryptionroot

ssh comment

Create a new pair of ssh keys RSA with a custom comment: ssh-keygen -C "monkey" -t rsa -b 4096 -o -a 100 -f /tmp/monkey

fdesetup

To remove a user from the login screen when booting and login from the first time: sudo fdesetup remove -user monkey The user will not be listed any more in the login screen, but you will need first logging with a user that can decrypt the disk and then switch to your user. Note this will not delete or remove the user account

ssh only password

When using ssh if you only need to use password (no keys): ssh -o PreferredAuthentications=password -o PubkeyAuthentication=no <host>

yumdownloader

To download rpms for using them in an offline environment, install first yumdownloader: yum install yum-utils Create a directory to store the rpm's: mkdir /tmp/rpms Download the rpms: yumdownloader --destdir=/tmp/rpms --resolve MariaDB-server galera-4 MariaDB-client MariaDB-shared MariaDB-backup MariaDB-common

psql

To install PostgreSQL client on macOS: brew doctor brew update brew install libpq Test: $ psql -V psql (PostgreSQL) 13.2

Flush DNS

To flush DNS on macOS: sudo killall -HUP mDNSResponder;sudo killall mDNSResponderHelper;sudo dscacheutil -flushcache

Centos Disable Ipv6

Edit file /etc/default/grub and add ipv6.disable=1, example: # cat /etc/default/grub GRUB_TIMEOUT=5 GRUB_DEFAULT=saved GRUB_DISABLE_SUBMENU=true GRUB_TERMINAL_OUTPUT="console" GRUB_CMDLINE_LINUX="ipv6.disable=1 crashkernel=auto rhgb quiet" GRUB_DISABLE_RECOVERY="true" Then regenerate and reboot: grub2-mkconfig -o /boot/grub2/grub.cfg And reboot Using sysctl (no need to reboot), append below lines in /etc/sysctl.conf: net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 Then run: sysctl -p

storj

Setup up and configure your jail, then create user storj: pw useradd -n storj -m Clone and get and install latest version: git clone -b v1.14.7 https://github.com/storj/storj.git storj cd storj go install -race -v storj.io/storj/cmd/... Create a dir to contanin the identity and storage: mkdir /mnt/storj chown -R storj:storj /mnt/storj In the main host create the file system to be used in the jail: zfs create tank/storj Create fstat.

libx265

To reduce/compress a video size you could use: ffmpeg -i input.mov -vcodec libx265 -crf 28 output.mp4 Be aware that libx265 is not supported in many players so you can always fallback to H.264: ffmpeg -i input.mov output.mp4 https://unix.stackexchange.com/questions/28803/how-can-i-reduce-a-videos-size-with-ffmpeg

favicon

Create a favicon from a .png using imagemagick convert: convert favicon.png -define icon:auto-resize=64,48,32,16 favicon.ico

Import large dump

To import a large dump (~300GB) you could do: Split your file first: csplit -s -ftable dump.sql "/-- Table structure for table/" {999} You could also use the pattern {*} but you need the gcsplit: pkg install coreutils BSD csplit don’t support {*} Then try: gcsplit -s -ftable dump.sql "/-- Table structure for table/" {*} Create small INSERT chunks: gsplit -a 3 -d -n l/200 table05 x_ l/N split into N files without splitting lines/records

Delete in chunks

To delete a big/huge table in chunks, you could create this store procedure, but the performance at the end depends of how good/normalized is your database (indexes): A stored procedure is a prepared SQL code that you can save, so the code can be reused over and over again. Such procedures are stored in the database data dictionary. Connect to the database and select the database: mysql> \u my_database Database changed To list stored procedures

Bypass AllowTcpForwarding

To bypass AllowTcpForwarding no try using socat and nc: socat TCP-LISTEN:<local port>,reuseaddr,fork "EXEC:ssh <server> nc localhost <remote port>" For example from your desktop run: socat TCP-LISTEN:8080,reuseaddr,fork "EXEC:ssh 1.2.3.4 nc 10.0.0.1 3000" This will listen on local port 8080 connect via ssh to 1.2.3.4 and use nc to connect 10.0.1.1:3000

rust strip

To build && strip a binary use: RUSTFLAGS='-C link-arg=-s' cargo build --release strip removes or modifies the symbol table attached to the output of the assembler and link editor. This is useful to save space after a program has been debugged and to limit dynamically bound symbols.

sed append

To append a line using sed that works on macOS: sed -e '/^telegraf_enab.*/a\'$'\n''telegraf_user="root"' If need to do it in multiple files, you could use find:  find . -name "rc.conf" -exec sed -i '' -e '/^telegraf_enab.*/a\'$'\n''telegraf_user="root"' {} \; https://stackoverflow.com/a/48406504/1135424

Fat16

When trying to update a bios from an USB pen, probably you will need FAT16 or FAT32, to do this from macOS try: diskutil partitiondisk /dev/disk3 1 MBR "MS-DOS FAT16" "NONAME" 0B /dev/disk3 - disk device to be partitioned, found with ‘diskutil list’ 1 - number of partitions, optional, but if given must match MBR - partition Scheme (eg, DOS=MBR, Mac=GPT) MS-DOS FAT16 - partition type (or fat32) * NONAME - partition name 0B - partition size (0B=maximum) Then: