Posts

Showing posts from March, 2013

Run one command on many Linux servers, install pssh, works on Mac

sudo easy_install pipsudo pip install psshCreate a file with the list of servers you want to control, call it servers or something similarpssh -h servers "date"Put your ssh pub key up to all of thempssh -h servers -i "echo 'ssh-rsa AA...whme@myfqdn' >> /home/user/.ssh/authorized_keys" Taken: http://kaspergrubbe.dk/2012/using-pssh-for-executing-parallel-ssh-commands/

Note: csshX is very nice if you want to see all terminals at once as you type, more later

github and multiple accounts, git keeps asking for password

Taken: http://net.tutsplus.com/tutorials/tools-and-tips/how-to-work-with-github-and-multiple-accounts/
ssh-keygen -t rsa -C "me@mycompany.com" -f ~/.ssh/id_rsa_mycompanyssh-add ~/.ssh/id_rsa_mycompanyAdd below to ~/.ssh/configgit clone git@github-mycompany:mycompany/myrepo.gitHost github-mycompany   HostName github.com   User git   IdentityFile ~/.ssh/id_rsa_mycompany

Generate gpg keys, upload to server, pull from server, from CLI

gpg --gen-keygpg --list-keysgpg --keyserver pgp.mit.edu --send-keys '62E49F5A'that funky number is listed in the output of "list-keys", just look carefullyyour funky number will be uniqueshould be 8 digits long and hexgpg --keyserver pgp.mit.edu --search-keys 'youremail@yahoo.com'gpg --keyserver pgp.mit.edu --search-keys 'yourgirl@yahoo.com'gpg --keyserver pgp.mit.edu --recv-keys 1F3B6ACAGet her key with the ID you saw in previous stepUse keys to encrypt contentCan be encrypted for multiple people in one go, and only those listed can open the result

Searching with an LDAP filter

Set the dn you wish to search throughe.g., ou=Employees,dc=mycompaniesdomain,dc=comSet the filtere.g., (&(objectclass=inetorgperson)(uid=myfirstname.mylastname))inetorgperson is an LDAP standard "object", btw, there are a bunch of others Btw: one can also -- quick and dirty -- dump the whole LDAP db to a ldif file, and do a text search on that.

Simple Ruby email out localhost:25, no OpenSSL::SSL::SSLError, no tlsconnect error

Notes:
This skips the common OpenSSL::SSL::SSLError / tlscommon errors somehow, see below for error output.DON'T use pony's "smtp" hash option, it has the same problem. Notice it is missing here! Steps:
gem install ponytake below code put in ~/bin/mail_test.rbtweak for your environmentchmod +x ~/bin/mail_test.rb 
https://github.com/pcharlesleddy/misc/blob/master/mail_test.rb

#!/usr/bin/ruby

require 'rubygems'
require 'pony'

mystring = "a\nb\nc"

Pony.mail(:to => 'abc@efg.org', :from => 'me@example.com', :subject => 'Test mail script', :body => 'Hello there.', :attachments => {"mail_test.txt" => File.read("/home/me/bin/mail_test.rb"), "mystring.txt" => mystring})


Common, irritating tlscommon error:
/usr/lib/ruby/1.8/openssl/ssl-internal.rb:123:in `post_connection_check': hostname was not match with the server certificate (OpenSSL::SSL::SSLError) from /usr/lib/rvm/gems…

Generate IAM certs for users on AWS

openssl genrsa 1024 > username-env-pk.pempk stands for private keyopenssl req -new -x509 -nodes -sha1 -days 365 -key username-env-pk.pem -outform PEM > username-env-cert.pemlasts for 365Paste username-env-cert.pem in to the AWS Signing Certificates area for that userGive user both username-env-pk.pem and username-env-cert.pem, and wish them luck

Redirect all command output, stdin/stderr, to a file on Linux

puppet agent --test --noop >/var/tmp/puppet_noop_20130315 2>&1

Notes: The 2>&1 redirects stderr to where stdin pointsstdin points to the console by default unless you change thathere stdin is redirected to a file under /var/tmp

vagrant on aws

vagrant plugin install vagrant-awsvagrant box add aws001 https://github.com/mitchellh/vagrant-aws/raw/master/dummy.boxvagrant initAdapt below and put in the "Vagrantfile" filevagrant up --provider=awsvagrant sshvagrant destroyVagrant.configure("2") do |config|   config.vm.box = "aws001"
  config.vm.provider :aws do |aws|     aws.access_key_id = "<your_aws_key_id>"     aws.secret_access_key = "<your_aws_secret>"     aws.keypair_name = "<your_keypair_name>"     aws.ssh_private_key_path = "/home/<you>/.ssh/<your_keypair_name>.pem"
    aws.region = "eu-west-1"     aws.ami = "ami-01080b75"     aws.ssh_username = "ubuntu"   end end

2G swap file

dd if=/dev/zero of=/swapfile bs=1M count=2048mkswap /swapfileswapon /swapfile

Get provisioned public key for AWS EC2 instance via curl

curl http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key

Specify ssh key when using rsync

WARNING: don't use ~ and don't use double quotes.rsync -av -e 'ssh -i /home/me/.ssh/id_rsa_other' root@logging.gumby.com:/remotedir/ /localdir/Also, some alternative port:rsync -av -e 'ssh -p 2221' root@logging.gumby.com:/remotedir/ /localdir/

Build rpm of monit 5.5

Download https://github.com/pcharlesleddy/misc/blob/master/monit.specchange "_topdir" to match your local system.cd into what you set _topdir tomkdir -p {BUILD,RPMS,SOURCES,SPECS,SRPMS,tmp}Download monit-5.5.tar.gz file and put it in the SOURCES directoryPut monit.spec in the SPECS directoryrpmbuild -v -bb --clean SPECS/monit.specyum -y install rpmdevtoolsOutput should mention where the rpm ended uprpm -qlp on the rpm file to see what's in it Gory details: http://fedoraproject.org/wiki/How_to_create_an_RPM_package

Notes
"%spec -q" means be "quiet" when untarring, not that interesting, but people use it a lot