ssh -i localkey -L local_port:localhost:remote_port user@ip I had to look this up again. I haven’t had to use this in a while, maybe five years? I also wanted multiple ports forwarded, and that works like ssh -i localkey -L local_port:localhost:remote_port -L local_port:localhost:remote_port user@ip And… jenkins host inside remote VPC: ssh -i catalyst -L 8080:localhost:18080 centos@bastion-host-ip…
Continue ReadingI was just handed a new revised Amazon Machine Image to employ, a fully-compliant corporate beast intended to facilitate keeping servers secure. I have extensive experience stripping builds for security purposes. The Solaris OS I worked with at Fidelity had stripped out all the graphical pieces integral to Solaris at that time, and paid SUN…
Continue ReadingThis script will be re-written in python with test coverage in the next several months. For an ad hoc tool, though, to create POC and raw methods, bash rocks.
Continue ReadingSo far git submodules are working for centralized code that repeats in use across repos and even organizations, and doesn’t change much. But one thing I run into constantly is where the code is for a repo I’ve just cloned that has a submodule, and even new repos as we re-architect some of our builds….
Continue ReadingI’m finding one of the commands I run while debugging certificate generation and tweaks is: openssl x509 -in -text This displays the complete content of a cert, allowing looking inside to verify alt_names, etc, and verify that the generated certificate then works. — doug
Continue ReadingI run into this about every tenth day. Just enough off the pace of memorization to look it up when a switch misfires… ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub Just in case. A lot of the work I’m doing today, and the last few days, is re-working id_rsa and other secret retrieval from vault, grabbing…
Continue ReadingI had copied a section of text from a pdf. When I pasted it into an email I got: insurance against loss or damage by fire, including an extended coverage endorsement, for all buildings and personal property which comprise the Property. Owner agrees to maintain property liability insurance in full force and effect during the…
Continue Readingfind the large files through a filesytem cd [some directory] du -ak | sort -nr | more search for a specific string through recursively, returning context and server if the string is found… for i in `du -ak | egrep -v \.svn | awk ‘{ print $2 }’` do if [[ `grep…
Continue ReadingI love the cygwin shell. It makes windows marginally useful as a sysadmin platform. It's one of the first tools I add to a base windows install. I go to Cygwin setup.exe, down load it and run it. I download first without installing. Create a local package directory (I use 20120518_cygwin…
Continue ReadingThis is a replacement for remote command execution on servers via ssh. It has some serious security advantages – it is never a shell, for example. In managing five environments and over 1400 servers and 92 applications, tools are key. The install and configuration is at https://fedorahosted.org/func. Once installed, you can verify that you…
Continue Reading