IT notes

Bypass AllowTcpForwarding

To bypass AllowTcpForwarding no try using socat and nc: socat TCP-LISTEN:<local port>,reuseaddr,fork "EXEC:ssh <server> nc localhost <remote port>" For example from your desktop run: socat TCP-LISTEN:8080,reuseaddr,fork "EXEC:ssh 1.2.3.4 nc 10.0.0.1 3000" This will listen on local port 8080 connect via ssh to 1.2.3.4 and use nc to connect 10.0.1.1:3000

rust strip

To build && strip a binary use: RUSTFLAGS='-C link-arg=-s' cargo build --release strip removes or modifies the symbol table attached to the output of the assembler and link editor. This is useful to save space after a program has been debugged and to limit dynamically bound symbols.

sed append

To append a line using sed that works on macOS: sed -e '/^telegraf_enab.*/a\'$'\n''telegraf_user="root"' If need to do it in multiple files, you could use find:  find . -name "rc.conf" -exec sed -i '' -e '/^telegraf_enab.*/a\'$'\n''telegraf_user="root"' {} \; https://stackoverflow.com/a/48406504/1135424

Fat16

When trying to update a bios from an USB pen, probably you will need FAT16 or FAT32, to do this from macOS try: diskutil partitiondisk /dev/disk3 1 MBR "MS-DOS FAT16" "NONAME" 0B /dev/disk3 - disk device to be partitioned, found with ‘diskutil list’ 1 - number of partitions, optional, but if given must match MBR - partition Scheme (eg, DOS=MBR, Mac=GPT) MS-DOS FAT16 - partition type (or fat32) * NONAME - partition name 0B - partition size (0B=maximum) Then:

VLC keep resized window size

To prevent VLC from resizing the window every time you open a new video: VLC -> Preferences -> Show All -> Interface/Main interface/macosx Uncheck the option Resize interface to the native video size

get the Primary IP

To get the primary IP in Linux: ip route get 1 | awk '{print $NF;exit}' In awk NF return the number of fields and by suffixing it with $ is like doing print $7 In macOS, to list all your interfaces: networksetup -listallhardwareports If want to get the IP assigned to the Wi-FI: ipconfig getifaddr $(networksetup -listallhardwareports | awk '/Hardware Port: Wi-Fi/{getline; print $2}')

redis over TLS

Using socat: brew install socat Create the tunnel: socat -v TCP-LISTEN:6379,fork,reuseaddr ssl:your.redis.example.com:6379 Use redis-cli as usual

removing the ^M character

In vim, to remove the ^M character you could do: :e ++ff=dos The :e ++ff=dos command tells Vim to read the file again, forcing dos file format. Vim will remove CRLF and LF-only line endings, leaving only the text of each line in the buffer. Then set filetype to unix: :set ff=unix And save the file: :x

Python quit unexpectedly macOS Catalina

When running something depending on OpenSSL you may get something like this on macOS 10.15.2: The output of the report: To fix: brew reinstall openssl Then: cd /usr/local/lib sudo ln -s /usr/local/opt/openssl/lib/libssl.dylib libssl.dylib sudo ln -s /usr/local/opt/openssl/lib/libcrypto.dylib libcrypto.dylib

postfix version

In Postfix there is no -v or --vesion, to find the version run: $ postconf mail_version

macOs catalina & python

Reinstall openssl: brew reinstall openssl And then: export DYLD_LIBRARY_PATH=/usr/local/opt/openssl/lib:$DYLD_LIBRARY_PATH Or create the link manually: cd /usr/local/lib sudo ln -s /usr/local/opt/openssl/lib/libssl.dylib libssl.dylib sudo ln -s /usr/local/opt/openssl/lib/libcrypto.dylib libcrypto.dylib Reinstall python: brew reinstall python Upgrade pip packages: pip install -U --user $(pip freeze | awk -F'[=]' '{print $1}')

Resume Tar

To resume a terminated pr If while extracting a file, the process gets terminated you may be available to resume it with: tar -xvkf file.tgz -k (x mode only) Do not overwrite existing files. In particular, if a file appears more than once in an archive, later copies will not overwrite earlier copies.

convert svg

Convert svg to png having transparent background: $ convert -background none -density 1200 in.svg out.png brew install imagemagick librsvg

extent

To resize an image and adjust it to fit a fixed canvas with transparent background: $ convert in.png \ -resize 128x128 \ -background none \ -gravity center \ -extent 128x128 \ out.png

mysql CRC32

If need to calculate the CRC32 of a string, using mysql: $ mysql -e "SELECT CRC32('127.0.0.1')" +--------------------+ | CRC32('127.0.0.1') | +--------------------+ | 3619153832 | +--------------------+

grep -H

To find path of a file containing a pattern: $ cd jails $ grep -H 34 */etc/ssh/sshd_config In this example the path of the files containing the number 34 will be printed.

online.net IPv6

Configure IPv6 using dhcp6c for servers from online.net: pkg install dhcp6 Transform the DUID into a binary file (needed for dhcp6c): echo <DUID> | awk '{ gsub(":"," "); printf "0: 0a 00 %s\n", $0 }' | xxd -r > /var/db/dhcp6c_duid Add this in /usr/local/etc/dhcp6c.conf: id-assoc pd { prefix-interface igb0 { }; }; id-assoc na { }; interface igb0 { send ia-pd 0; send ia-na 0; }; Add this to /etc/rc.

Start 2 XS SATA

To install FreeBSD using the rescue system on a Start-2-XS-SATA from online.net: #!/bin/sh -x USER=monkey PASSWORD=secret gpart destroy -F ada0 gpart create -s gpt ada0 gpart bootcode -b /boot/pmbr -p /boot/gptboot -i 1 ada0 gpart add -t freebsd-boot -l boot -s 128K ada0 gpart add -t freebsd-swap -l swap -s 4g ada0 gpart add -t freebsd-ufs -l root ada0 gpart set -a active ada0 newfs /dev/gpt/root mount /dev/gpt/root /mnt cd /tmp fetch http://ftp.

Prevent Mac to Sleep

To stop sleep entirely: sudo pmset -a disablesleep 1 To revert, allow sleep again: sudo pmset -a disablesleep 0 To display global power settings: pmset -g

sudo SSH_CONNECTION

When using ssh, if then doing something like sudo -i the environment vars are gone, to preserve modify your sudoers (/usr/local/etc/sudoers or /usr/local/etc/sudoers.d/devops) and add something like: Defaults env_keep += "SSH_TTY SSH_CONNECTION SSH_CLIENT" In this case, it will preserve your SSH environment vars.