oneliners.html

This is a short collection of my one line linux commands, scripts and knowledge that I find myself re-learning because I only use it on a few rare occasions per year.

CR then LF

As we all know \n is the line terminator of choice for Linux and other unix based systems but in certain protocols a \r\n is required by the specification. Oftentimes an \n will be accepted but in some cases (Microsoft Exchange and BincIMAP, I am talking to you) one is required to send a \r (CR) followed by an \n (LF). In a terminal under X you may press <Ctrl>+V followed by <Enter>, this will send the \r and to send the \n simply press enter again! Some tools may have the ability to send CRLF, openssl for example has a -crlf switch.

$ netcat mailserver.mydomain.com
220 mailserver.mydomain.com Microsoft ESMTP MAIL Service ready
EHLO bengreen.eu^M
250-mailserver.mydomain.com Hello [192.168.0.28]
250-SIZE
250-PIPELINING
250-XRDST
250 XSHADOW
QUIT^M
221 2.0.0 Service closing transmission channel

The ^m in red is the terminal telling me about my <Ctrl>-V keycode.

$ openssl s_client -host 192.168.0.2 -port 25 -crlf -starttls smtp
...SNIP...

I am sure you can work out the bit in the SNIP section, dear reader. Reference: http://www.computerdefense.org/2007/11/netcat-and-lf-vs-crlf/.

Authorising yourself to a remote server

I often have to do this and I like to do it simply. This assumes you have already generated an RSA key in .ssh and that .ssh exists on your remote server.

cat .ssh/id_rsa.pub | ssh root@192.168.0.2 'cat >> \
.ssh/authorized_keys'

Need to generate an RSA key? no problem!

ssh-keygen -t rsa -b 2048

Kill some processes by name

I have spamd running on a machine that really should have more RAM or fewer processes running, it is quite heavily loaded for its spec. Anyway, I did not want to kill the spamd parent process, only the children once per day when they stop responding and use too much RAM.

ps ax | grep 'spamd child' | \
sed -n 's/ *\([0-9]*\) *. *. *[0-9]*:[0-9]* spamd child/\1/p' | \
xargs -I {} echo kill {}

Simple and quick... tabs might cause a problem here but that is a quick exercise for the reader.

SSH Fingerprint from command line

You know when you login to a box and it asks you to check that the supplied fingerprint matches? Well, for the first time how do you know? if all that is confusing, I mean this:

$ ssh ben@192.168.52.232
The authenticity of host '192.168.52.232 (192.168.52.232)' can't be established.
ECDSA key fingerprint is SHA256:/y0X50w2hzMk1DOCufOWKqN+IysZG90WC2DLcLiYrcE.
Are you sure you want to continue connecting (yes/no)?

On the machine you were trying to connect to you can verify this hash...

$ ssh-keygen -lf /etc/ssh/ssh_host_ecdsa_key.pub
256 SHA256:/y0X50w2hzMk1DOCufOWKqN+IysZG90WC2DLcLiYrcE /etc/ssh/ssh_host_ecdsa_key.pub (ECDSA)

If you have an old version of ssh on your machine you might see this:

$ ssh-keygen -lf /etc/ssh/ssh_host_ecdsa_key.pub
256 a2:d4:4f:81:46:a6:64:30:af:be:cc:72:15:a0:9a:7b /etc/ssh/ssh_host_ecdsa_key.pub (ECDSA)

Solution: upgrade! Or you could use the command line option on the newer version of ssh to show the old MD5 representation rather than the base64 SHA256 hash.

$ ssh -o FingerprintHash=md5 ben@192.168.52.232
The authenticity of host '192.168.52.232 (192.168.52.232)' can't be established.
ECDSA key fingerprint is MD5:a2:d4:4f:81:46:a6:64:30:af:be:cc:72:15:a0:9a:7b.
Are you sure you want to continue connecting (yes/no)?

Finally, you can also try the -E switch on your new version of openssh:

$ ssh-keygen -E md5 -lf /etc/ssh/ssh_host_ecdsa_key.pub
or
$ ssh-keygen -E sha256 -lf /etc/ssh/ssh_host_ecdsa_key.pub

References

• MOTD and Banner Messages
• Hash Visualisation
• StackOverflow Question
• HowTo