Thursday, June 9, 2022

Recent Questions - Unix & Linux Stack Exchange

Recent Questions - Unix & Linux Stack Exchange

`ssh-add -l` does not list the private key after it is loaded

Posted: 09 Jun 2022 03:08 PM PDT

I'm working on automation scripts and need to check if a private key is already loaded. Before loading the private key, ssh-add -l lists the public key associated with the private key. Then running ssh-add ~/.ssh/id_mykey and entering the password which loads the private key. Now if i run ssh-add -l it's still showing the same public key and no sign of the newly added private key (same output as before). So how to check if the private key was already loaded? I also tried ssh-add -L with no luck.

PS: The key is ED25519 with pub/private pair.

How to create from sources deb packages for different architectures

Posted: 09 Jun 2022 02:30 PM PDT

I have to install a software on some devices with debian package, it isn't available for their architectures on apt for debian (but it is available for other distibutions as e.g. ubuntu), and they aren't powerful enough to compile it on themselves. Considering that sources are available I want to use another machine to create an easily offline installable deb package. Is there a way (or better some automatic way with something like apt-build) to do this properly without messing with all dependencies manually?

Is there any benefit to partition the disk if only one partition is required?

Posted: 09 Jun 2022 01:38 PM PDT

I believe we could use the block device directly to do mkfs or create one partition through parted on linux and mkfs on top of the primary partition. However, I'm not sure if there is any recommendations on these two approaches or there is any trivial caveats on top of it. Any comment or suggestion is appreciated.

For my specific case, I just want to use the disk as data partition by itself and build xfs on that disk volume.

Linux thinks my 500GB hard drive is only 7.9GB

Posted: 09 Jun 2022 01:28 PM PDT

Problem: I have a 500GB hard drive, which Linux currently believes is only 7.9GB. Specifically, Linux thinks it's 16514064 sectors, which is the old CHS limit, so I assume something somewhere has decided the drive doesn't support LBA, although I have no idea why given the drive used to work fine, and I have another 500GB drive of the exact same model in the same machine which is working.

lsblk:

$ lsblk  NAME                                               MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINT  sda                                                  8:0    0 465.8G  0 disk    └─md127                                              9:127  0 465.6G  0 raid1     ├─hddraid                                        253:10   0 465.6G  0 crypt     └─md127p1                                        259:5    0 265.9G  0 part    sdb                                                  8:16   0   7.9G  0 disk    ...other drives

sudo dmesg | grep 'sd[ab]':

$ sudo dmesg | grep 'sd[ab]'  [   25.677445] sd 0:0:0:0: [sda] 976773168 512-byte logical blocks: (500 GB/466 GiB)  [   25.677459] sd 1:0:0:0: [sdb] Drive-managed SMR disk  [   25.677461] sd 0:0:0:0: [sda] Write Protect is off  [   25.677464] sd 1:0:0:0: [sdb] 16514064 512-byte logical blocks: (8.46 GB/7.87 GiB)  [   25.677465] sd 0:0:0:0: [sda] Mode Sense: 00 3a 00 00  [   25.677479] sd 1:0:0:0: [sdb] Write Protect is off  [   25.677481] sd 1:0:0:0: [sdb] Mode Sense: 00 3a 00 00  [   25.677485] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA  [   25.677503] sd 1:0:0:0: [sdb] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA  [   25.810898] sd 0:0:0:0: [sda] Attached SCSI disk  [   27.303158] sd 1:0:0:0: [sdb] Attached SCSI disk  [   27.340355] md: sdb does not have a valid v1.2 superblock, not importing!

Context, which may or may not be important: I have two identical 500GB hard drives in a RAID 1 md array, using the raw devices. I set up the RAID array on Debian Buster, and used it successfully for a few years. I have since done a clean install of Debian Bullseye. I didn't use the RAID array for a while after the clean install of Debian Bullseye, and just came to use it for the first time since installing Debian Bullseye, and it won't assemble, unsurprisingly given one of the drives is the wrong size.

How to change my password without current password or root access?

Posted: 09 Jun 2022 01:12 PM PDT

I changed my user password two months ago. Logged in. Machine has been up and running since. Now I forgot my new password and want to run a sudo command. 'passwd' wants my current password before doing anything. Note: I also don't have the root account password.

I'm logged in now, have access to all my files etc, so is there a way to skip giving my current password to 'passwd'? Is there some way I can update my password without the current one?

I know there's a way to get in by rebooting and fiddling with the bootup command, but I'd rather not lose all the work in progress I have up now.

Note: Arch Linux, icewm for 'desktop', no other users, just me.

gnome-boxes not installing on manjaro ARM

Posted: 09 Jun 2022 12:55 PM PDT

I have a raspberry pi 4 with 8GB of RAM. It runs Manjaro KDE ARM. I was recently trying to get gnome-boxes to try and run an IMG of Raspbian just for fun. However, when I installed with pamac, I saw this:

    Choose a provider for qemu:  1:  qemu-base     7.0.0-10  extra  2:  qemu-desktop  7.0.0-10  extra  3:  qemu-full     7.0.0-10  extra    Enter a number (default=1): 1    Warning: cannot resolve "edk2-ovmf", a dependency of "qemu-system-x86"  Warning: cannot resolve "seabios", a dependency of "qemu-system-x86"  Warning: cannot resolve "qemu-system-x86", a dependency of "qemu-base"  Warning: cannot resolve "qemu", a dependency of "gnome-boxes"  Error: Failed to prepare transaction:  could not satisfy dependencies:  - unable to satisfy dependency 'edk2-ovmf' required by qemu-system-x86  - unable to satisfy dependency 'seabios' required by qemu-system-x86  - unable to satisfy dependency 'qemu-system-x86' required by qemu-base  - unable to satisfy dependency 'qemu' required by gnome-boxes

I tried all 3 options, but all output the same error! How do I fix this? Thanks!

How to create filenames with incremental numeric suffix

Posted: 09 Jun 2022 01:18 PM PDT

I'm writing a shell script that automatically starts two scripts in order to record data for a research project I'm working on, and then when they are ended, it automatically creates a directory for the data and moves the data into the directory. The program creates a folder called "trials" (if one doesn't already exist) and checks in the trials folder for a folder named "trial$n", where n is an incrementing integer starting at 0. The idea is to make the name of the folder that is created increment by 1 every time the program is run. The entire program works fine except for the naming system. When I first wrote the code, it would work fine, but when I deleted folders "trial0...trial2", then next folder to be created would be "folder3", regardless of whether folders for trials 0 through 2 exist. This continued until folder "trial13" was created, and now the program simply overwrites "trial13" every time. Here's my code, the pertinent lines are 149:187

  1 #!/bin/bash    2 #-----------------------------------------------------------------------------    3 #The purpose of this script it to automate and streamline the data collection    4 #and analysis process for the touchless respitatory monitor. The script will    5 #prompt you for the paths of the themral camera executable    6 #(seek_viewer, usually in the libseek-thermal library), the path of the    7 #main python script (SingleThreadedFaceDetectionV6), and the path of    8 #removable media to which the files will be saved. It will then give you    9 #command prompts to guide you through the process and put a fully-formatted   10 #data folder in the removable media such that the folder is immediately   11 #compatable with the MATLAB script on PC.   12    13 #NOTE: Sometimes the thermal camera won't initialize properly and the program   14 #needs to be restarted until it works.   15    16 #Author:    Caleb Schreier   17 #Date:      7 June 2022   18 #OS:        Raspbian GNU/Linux 10 (buster)   19 #Kernel:    Linux 5.10.103-v7l+   20 #Architecture:  arm   21 #Python:    3.7   22 #Numpy:     1.22.4   23 #-----------------------------------------------------------------------------   24    25 #Import Settings   26 source launcherSettings.txt   27    28 #If setting don't exist, prompt user for settings   29 if [ "$remember" != "y" ];   30 then   31    32 echo   33 echo Please format paths as /folder/.../targetfolder   34 echo   35 echo Specify path to folder containing Thermal Camera Executable   36 echo \(libseek_viewer\)   37 echo   38    39 read -r thermalPath   40    41 echo   42 echo Specify path to folder containing Python Script    43 echo \(SingleThreadedFaceDetectionV6\)   44 echo   45    46 read -r opticalPath   47    48 echo   49 echo Specify path to which data should be saved   50 echo for flash drive, use /media/pi/DRIVENAME   51 echo   52    53 read -r mediaPath   54    55 echo   56 read -r -p "remember these settings? [y/n] " remember   57 echo   58    59 #Write settings to launcherSettings.txt   60 case "$remember" in   61     [yY][eE][sS]|[yY])   62         echo Saving to file...   63         echo "remember=y" | sudo tee launcherSettings.txt   64                 echo "opticalPath=$opticalPath" | sudo tee -a launcherSettings.txt   65                 echo "thermalPath=$thermalPath" | sudo tee -a launcherSettings.txt    66                 echo "mediaPath=$mediaPath" | sudo tee -a launcherSettings.txt   67    68         ;;   69     *)   70         echo "remember=n" | sudo tee launcherSettings.txt   71         echo Settings not remembered.   72         ;;   73 esac   74    75 else   76    77 #if settings already exist, ask user whether to keep them. if not, reprompt for new settings   78 echo   79 read -r -p "Keep stored settings? [y/n] " modify   80    81 if [ "$modify" != "y" ];   82 then   83    84 echo   85 echo Please format paths as /folder/.../targetfolder   86 echo   87 echo Specify path to folder containing Thermal Camera Executable   88 echo \(libseek_viewer\)   89 echo   90    91 read -r thermalPath   92    93 echo   94 echo Specify path to folder containing Python Script   95 echo \(SingleThreadedFaceDetectionV6\)   96 echo   97    98 read -r opticalPath   99   100 echo  101 echo Specify path to which data should be saved  102 echo for flash drive, use /media/pi/DRIVENAME  103 echo  104   105 read -r mediaPath  106   107 echo  108 read -r -p "remember these settings? [y/n] " remember  109 echo  110   111 case "$remember" in  112         [yY][eE][sS]|[yY])  113         echo Saving to file...  114                 echo "remember=y" | sudo tee launcherSettings.txt  115                 echo "opticalPath=$opticalPath" | sudo tee -a launcherSettings.txt  116                 echo "thermalPath=$thermalPath" | sudo tee -a launcherSettings.txt  117                 echo "mediaPath=$mediaPath" | sudo tee -a launcherSettings.txt  118                 ;;  119         *)  120         echo "remember=n" | sudo tee launcherSettings.txt  121                 echo Settings not remembered.  122                 ;;  123 esac  124   125   126 fi  127 fi  128   129 #initiate thermal camera  130 echo  131 echo Beginning thermal camera...  132 echo  133   134 x-terminal-emulator -e "cd $thermalPath; ./seek_viewer -m[file]"  135   136 #Initiate script for optical camera and analysis. Both this and the thermal camera  137 #program can be ended with CTRL + C  138 echo Beginning Python Script...  139 echo  140 echo Use CTRL + C to end script  141 echo  142   143 python $opticalPath/SingleThreadedFaceDetectionV6.py  144   145 wait  146   147 echo creating file structure...  148   149 sudo mkdir -v -p $mediaPath/trials  150   151 #make numbered trial folder at the smallest unused number  152 echo testing for unused directory name...  153   154 n=0  155 found=0  156   157 while [ $found -eq 0 ];  158 do  159     if test -d "$mediapath/trials/trial$n";  160   161     then  162   163         echo Folder \"trial$n\" is taken.  164   165         ((n+=1))  166   167     else   168   169         echo found free space at folder $n  170             #make subdirectories  171             sudo mkdir -v -p $mediaPath/trials/trial$n/Thermal  172         sudo mkdir -v -p $mediaPath/trials/trial$n/Optical  173             #move photos and trial data to respective directories (may take a while)  174         echo moving thermal photos...  175             sudo mv -i $thermalPath/*.jpeg $mediaPath/trials/trial$n/Thermal  176             sudo mv -i $thermalPath/oldImages/*.jpeg $mediaPath/trials/trial$n/Thermal  177         echo moving optical photos...  178             sudo mv -i $opticalPath/*.jpeg $mediaPath/trials/trial$n/Optical  179             echo moving metadata...  180             sudo mv -i $opticalPath/avgValues.txt $mediaPath/trials/trial$n  181             echo move complete. Rerun launcher.sh to take another trial or eject media to run MATLAB code on PC  182   183         found=1  184   185     fi  186   187 done  188   189 echo Filing data from trial under folder \"$mediapath/trials/trial$n\"

Reach host port from container when userland proxy is disabled

Posted: 09 Jun 2022 02:18 PM PDT

I have a container in a bridged network. It can reach the host without problem, and connect to every port on the host EXCEPT for ports that were published by other containers.

I have the userland proxy disabled, so I think it might have something to do with how docker sets up the iptable rules.

Is there a simple way to allow the container to reach ports published by other containers (running in different bridged networks)?

I would like to avoid putting both containers in the same network, or switching to host-networking.

Linux kernel keeps waking up HDD that was put to sleep via hdparm

Posted: 09 Jun 2022 01:35 PM PDT

I have a Seagate 2TB only for storage purpose, and as it's quite loud I put it to sleep unless I access the storage, using the command:

sudo hdparm -Y /dev/sda

When above is executed, the HDD goes to sleep, but after several minutes something wakes the HDD up and I cannot figure out what.

I checked the journal, and apparently every 10 minutes the following occurs right before the HDD wakes up again:

Jun 09 20:36:59 user0 kernel: ata2: SATA link up 6.0 Gbps (SStatus 133 SControl 300)  Jun 09 20:36:59 user0 kernel: ata2.00: ACPI cmd ef/10:06:00:00:00:00 (SET FEATURES) succeeded  Jun 09 20:36:59 user0 kernel: ata2.00: ACPI cmd f5/00:00:00:00:00:00 (SECURITY FREEZE LOCK) filtered out  Jun 09 20:36:59 user0 kernel: ata2.00: ACPI cmd b1/c1:00:00:00:00:00 (DEVICE CONFIGURATION OVERLAY) filtered out  Jun 09 20:37:02 user0 kernel: ata2.00: ACPI cmd ef/10:06:00:00:00:00 (SET FEATURES) succeeded  Jun 09 20:37:02 user0 kernel: ata2.00: ACPI cmd f5/00:00:00:00:00:00 (SECURITY FREEZE LOCK) filtered out  Jun 09 20:37:02 user0 kernel: ata2.00: ACPI cmd b1/c1:00:00:00:00:00 (DEVICE CONFIGURATION OVERLAY) filtered out  Jun 09 20:37:02 user0 kernel: ata2.00: configured for UDMA/133

What's causing this/how can I prevent this?

UPDATE. The above messages only appear if the HDD was put to sleep. Otherwise they don't recur in the journal.

why is my Makefile keeps recompilling when there is no change is done

Posted: 09 Jun 2022 01:44 PM PDT

I have a makefile which looks like this

all:    all_functions  all_functions:  a_functions.o b_functions.o c_functions.o d_functions.o main.o a.h b.h c.h d.h main.h         gcc -o program1 a_functions.o b_functions.o c_functions.o d_functions.o main.o  a_functions.o:  a_functions.c a.h        gcc -c -o a_functions.o a_functions.c  b_functions.o:  b_functions.c b.h        gcc -c -o b_functions.o b_functions.c  c_functions.o:  c_functions.c c.h        gcc -c -o c_functions.o c_functions.c  d_functions.o:  d_functions.c d.h        gcc -c -o d_functions.o d_functions.c  main.o: main.c main.h        gcc -c -o main.o main.c  clean:        rm *.o program1  install:        cp ./program1 "/usr/local/program1"  uninstall:        rm "/usr/local/program1"

I have used tabs instead of spacebar in my makefile But when I do make -f Makefile, makefile compiles and creates program1 everytime, even when the file exists and no changes were done. What is wrong with my makefile? I must see error message "make: Nothing to be done for.."

request update of the dhcp server

Posted: 09 Jun 2022 01:55 PM PDT

Here the use case:

Server A has hostname "server_a".

A user on server B can ping server A using its hostname:

ping server_a

Server A reboots and gets a new IP.

Now, a user on server B can no longer ping server A using its hostname, because "server_a" still maps to the deprecated IP.

Is there anything that can be done on either server A and server B to request DHCP to update the mapping?

How can I get the lsblk-devices that are NOT in use

Posted: 09 Jun 2022 02:07 PM PDT 

root@pve-virt-01:~# lsblk  NAME               MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT  sda                  8:0    0   250G  0 disk  ├─sda1               8:1    0  1007K  0 part  ├─sda2               8:2    0   512M  0 part /boot/efi  └─sda3               8:3    0 249.5G  0 part    ├─pve-swap       253:0    0     8G  0 lvm  [SWAP]    ├─pve-root       253:1    0  62.3G  0 lvm  /    ├─pve-data_tmeta 253:2    0   1.6G  0 lvm    │ └─pve-data     253:4    0   160G  0 lvm    └─pve-data_tdata 253:3    0   160G  0 lvm      └─pve-data     253:4    0   160G  0 lvm  sdb                  8:16   0    32G  0 disk  sdc                  8:32   0    32G  0 disk  sdd                  8:48   0    32G  0 disk  sde                  8:64   0    32G  0 disk

I just wanto see all devices that are not in use for lvm/zfs/ext4 whatever. Do you have something in mind howto archieve this? I wanna use it for a script so I can sgdisk all unused disk but that means I need to make sure I dont pick a used one.

I want to list all blk devices that are not in use.

Edit:

Output should be:

/dev/sdb  /dev/sdc  /dev/sdd  /dev/sde

How to use alias to a watch command which include another alias and some double and single quotes in the latter alias?

Posted: 09 Jun 2022 12:55 PM PDT

alias vov="scontrol -o show nodes | grep -e \"-lkeb\" -e \"-gpu\"| awk '{ printf(\"%-15s%-9s%-7s%-18s%-11s%-9s%s\n\", substr(\$1, 10), substr(\$4, 10), substr(\$5, 8), substr(\$9, 6), substr(substr(\$23, 12)/1024,0,5), substr(substr(\$24, 10)/1024,0,5), substr(\$38, 11))}' | awk '{printf(\"%-15s%-7s%-9s%-18s%-7s%-9s%50-s%2-s%9-s%9-s%9-s\n\", \$1, \$3, \$2, \$4, \$5, \$6, \"|\"\$7, \"|\", \$3-\$2, \$5-\$6, substr(\$4,length(\$4))-substr(\$7,length(\$7)))}' | awk '\$11 != 0' | awk 'BEGIN {print \"NodeName CPUTot CPUAlloc Gres MemTot MemAlloc AllocTres CPUAvail MemAvail GPUAvail CPU/GPU\"}{print \$0 FS \$9/\$11}'"

The above code works well when I write it to my .bashrc file.

watch "scontrol -o show nodes | grep -e \"-lkeb\" -e \"-gpu\"| awk '{ printf(\"%-15s%-9s%-7s%-18s%-11s%-9s%s\n\", substr(\$1, 10), substr(\$4, 10), substr(\$5, 8), substr(\$9, 6), substr(substr(\$23, 12)/1024,0,5), substr(substr(\$24, 10)/1024,0,5), substr(\$38, 11))}' | awk '{printf(\"%-15s%-7s%-9s%-18s%-7s%-9s%50-s%2-s%9-s%9-s%9-s\n\", \$1, \$3, \$2, \$4, \$5, \$6, \"|\"\$7, \"|\", \$3-\$2, \$5-\$6, substr(\$4,length(\$4))-substr(\$7,length(\$7)))}' | awk '\$11 != 0' | awk 'BEGIN {print \"NodeName CPUTot CPUAlloc Gres MemTot MemAlloc AllocTres CPUAvail MemAvail GPUAvail CPU/GPU\"}{print \$0 FS \$9/\$11}'"

The above code also works well when I paste it to my terminal (/bin/bash). Actually the code to be watched is just the vov.

But I met some issues:

  1. I can not use watch vov in my terminal (/bin/bash).
  2. I can not use alias to assign the second code (longer version) to another variable in my .bashrc.
  3. I can not use alias to assign watch vov (shorter version) to another variable in my .bashrc.

Can you help me to solve the 3 issues?

how query by column number with awk

Posted: 09 Jun 2022 12:55 PM PDT

I would like to get time difference by column number 2 delimited by , for below command. It works fine by default for the first column.

table:

20220505,12:00:12,user,dept  20220505,12:00:25,user,dept  20220505,12:00:32,user,dept

command:

awk -F: '{t=$1*3600+$2*60+$3} NR>1{printf( "%.6f\n", t-p)}{p=t}' inputfile

I tried: but failed to get correct result.

awk -F ',' $2 '{t=$1*3600+$2*60+$3} NR>1{printf( "%.6f\n", t-p)}{p=t}' inputfile

What is the difference between `cat EOF` and `cat EOT` and when should I use it?

Posted: 09 Jun 2022 02:03 PM PDT

I'm used to use cat > /path/to/file << EOF when I, in a bash script, printed more than one line into a file... I was checking old code of my company and I found the cat EOT instruction instead of the cat EOF I'm used to (please notice the T instead of the F at the end of it) and curiosity bit me.

I did a quick research and I only found this other question, but I think it was not related to what I wanted to know.

I did some tests with the following code:

password=hello  cat > ./hello.txt << EOT  authentication {      auth_type PASS      auth_pass $password    }  EOT

And I get the exact same output as when I use EOF instead of EOT. The output is, as expected:

root@test_VM:~# bash test.sh && cat hello.txt    authentication {      auth_type PASS      auth_pass hello    }

So the questions are:

  1. What are the differences between the use of EOT and EOF?
  2. When should I use one over the other?

find command gets killed when trying to work on thousands of files

Posted: 09 Jun 2022 12:56 PM PDT

I am trying to create PBF out of thousands of OSC changeset files using osmium tool. i have written a bash script for doing this task using jenkins.

  1. I am merging all osc files into one master osc files
  2. then applying that osc to pbf.

but i am facing issues when trying to merge large amount of osc files into master at once. using following command

osmium merge-changes -v -o $destination/all-"$execution_tag".osc.gz $(find $_osc -name '*.osc') --overwrite

but this command is being killed by os when its trying to work on large directory have more then 12k files.

i have many directories and sub-dir, where i am trying to recursively find all "*.osc" files, so times its so many files that i get bellow mentioned error from linux. what can be the best way to approach this issue?

is there any other way i can recursively find all files in dir and sub-dir?

[ 0:01] Opening output file...  [ 0:01] Reading change file contents...  ***/tmp/jenkins91826773077502863.sh: line 36: 329085 Killed                  osmium merge-changes -v -o $_osc_processor/all-"$execution_tag".osc.gz $(find $_osc -name '*.osc') --overwrite***  applying master osc change file to pbf ::

what can i do wrt to osmium or linux script to fix this issue?

i tried to replace find with blob search (//.osc) and it still got killed. Currently i am trying to run this command from parent directory having multiple sub directories with files, if i manually execute each sub directory it seems to work fine, is there a way, if i get certain path as input, i can search for all sub dir inside it, if sub dir exists then i run this command individually on each sub dir?

How to enable a non default OpenSSL Cipher Suite

Posted: 09 Jun 2022 02:07 PM PDT

I have an install of OpenSSL 1.1.1f as per Ubuntu 20.04 and I specifically want the TLS v1.2 suite TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 (ECDHE-ECDSA-AES128-CCM8) enabled.

TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 is available

How do I configured OpenSSL to allow the use of that cipher suite for other apps that use the OpenSSL install for TLS?

Details about my use case: I have a .NET(6) app, and .NET uses the present OpenSSL 1.1.1 or greater install as the underlying TLS provider on Linux. So afaik when that app uses OpenSSL, OpenSSL needs to be configured to allow for the CCM cipher suites.(it will use the openssl.cnf as per openssl version -d)

I see in the config section of the OpenSSL manual that the module I am interested configuring is ssl_conf, and so I created the following cnf:

openssl_conf = default_conf    [default_conf]  ssl_conf = ssl_sect    [ssl_sect]  system_default = system_default_sect    [system_default_sect]  CipherString = ECDHE-ECDSA-AES128-CCM8

but this doesn't allow the app to use TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8. When my TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 exclusive client tries to connect it gets a handshake 40 failure, as the app internally throws an 'Interop.OpenSsl.SslException' in System.Net.Security.dll

However, I confirmed this config file works because if I use the following cnf with instead TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 as the sole filter in the cipher string, then the app can exclusively use TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 and it works as expected (a ...GCM_SHA256 exclusive client can connect):

...  [system_default_sect]  CipherString = ECDHE-RSA-AES128-GCM-SHA256

How do I enable TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8?

And I am not sure how to confirm the enabling of CCM... I am expecting that when I run openssl ciphers -v (with no cipher string filter) that I will see CCM8 listed, just as TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is listed.

I read the Configuration section of this cook book: https://www.feistyduck.com/library/openssl-cookbook/online/openssl-command-line/configuration.html, but I think I need some experienced advice to explain why I cant just use CCM8.

Force password prompt to work in terminal instead of GUI

Posted: 09 Jun 2022 01:40 PM PDT

I am not sure what's causing this, but it's mildly frustrating.

I'm sshing into my machine (Ubuntu 21.10) and invoking a tilix session to my client machine. I trying to run an app (from within tilix remotely), I need to run which should prompt for a password. The machine is running a GUI (kded5), but that shouldn't matter. I'm ssh'ed into the machine. This app prompts for password in the GUI instead of in the terminal.

I've tried unsetting DISPLAY. I've tried setting SSH_ASKPASS_REQUIRE=never (used them separately and together). I've tried various other things but to no avail. Since I'm using kded5, the system alternatives is set to /usr/bin/kshaskpass. I haven't tried setting it to something else:

at 14:25:06 ❯ update-alternatives --display ssh-askpass  ssh-askpass - auto mode    link best version is /usr/bin/ksshaskpass    link currently points to /usr/bin/ksshaskpass    link ssh-askpass is /usr/bin/ssh-askpass    slave ssh-askpass.1.gz is /usr/share/man/man1/ssh-askpass.1.gz  /usr/bin/ksshaskpass - priority 35    slave ssh-askpass.1.gz: /usr/share/man/man1/ksshaskpass.1.gz  /usr/lib/ssh/x11-ssh-askpass - priority 10    slave ssh-askpass.1.gz: /usr/share/man/man1/x11-ssh-askpass.1x.gz

To be clear, what I want is simple... if I'm the terminal to the machine, use the terminal to prompt for passwords. If I'm in the GUI, use the GUI or at least point me in the direction on how to temporarily use terminal prompting if so desired.

TIA!

How do I read the output of the `usb-devices` command?

Posted: 09 Jun 2022 01:07 PM PDT

I'm trying to debug a USB issue on an Ubuntu 22.04. I've come across the usb-devices command. However I do not understand the output. I've read the man page, and it says:

The output of the script is similar to the usb/devices file available either under /proc/bus (if usbfs is mounted), or under /sys/kernel/debug (if debugfs is mounted there). The script is primarily intended to be used if the file is not available. In contrast to the usb/devices file, this script only lists active interfaces (those marked with a "*" in the usb/devices file) and their endpoints. Be advised that there can be differences in the way information is sorted, as well as in the format of the output.

However I am not able to find a clear guide on how to read the output of those files either. What follows is example output from a different machine:

T:  Bus=01 Lev=01 Prnt=01 Port=03 Cnt=01 Dev#=  3 Spd=1.5 MxCh= 0  D:  Ver= 2.00 Cls=00(>ifc ) Sub=00 Prot=00 MxPS= 8 #Cfgs=  1  P:  Vendor=045e ProdID=082c Rev=01.00  S:  Manufacturer=Microsoft  S:  Product=Microsoft Ergonomic Keyboard  S:  SerialNumber=601135501321  C:  #Ifs= 2 Cfg#= 1 Atr=a0 MxPwr=100mA  I:  If#= 0 Alt= 0 #EPs= 1 Cls=03(HID  ) Sub=01 Prot=01 Driver=usbhid  E:  Ad=81(I) Atr=03(Int.) MxPS=   8 Ivl=10ms  I:  If#= 1 Alt= 0 #EPs= 1 Cls=03(HID  ) Sub=00 Prot=00 Driver=usbhid  E:  Ad=82(I) Atr=03(Int.) MxPS=   8 Ivl=10ms

How do I read this? What do the initials mean? I can read the script itself, from vim $(which usb-devices), and that helps a little. For example, in the 1st line, It outputs:

T: Bus=01 Lev=01 Prnt=01 Port=03 Cnt=01 Dev#= 3 Spd=1.5 MxCh= 0

And in the code I can see that it refers comes from the line:

printf "\nT: Bus=%02i Lev=%02i Prnt=%02i Port=%02i Cnt=%02i Dev#=%3i Spd=%-3s MxCh=%2i\n" \ $busnum $level $parent $port $count $devnum $speed $maxchild

So from that I can see where $busnum and such come, but even then I don't see that the T in the beginning stands for.

Has 10 Gbps through Linux tc qdiscs ever been solved?

Posted: 09 Jun 2022 02:04 PM PDT

I'm trying to use tc to shape traffic on a system with 10 Gbps NICs and I find that I can't get anywhere near 10 Gbps through any qdisc. When I do:

tc qdisc add dev $ifc root handle 1: htb default ffff  tc class add dev $ifc parent 1:0 classid 1:1 htb rate 32Gbit  tc class add dev $ifc parent 1:1 classid 1:ffff htb rate 1Gbit ceil 16Gbit burst 1G cburst 1G

My throughput gets capped around 3 Gbps. I've tried variations with CBQ and HFSC. No matter what I do I can't seem to get around that.

Adding just the qdisc does not cause the problem (as I previously said). I've spent days reading everything I can find that mentions tc and qdisc and "10G". There seems to be a lot of mailing list activity 6-10 years ago (perhaps on the cusp as 10G became common, taking over from 1G) but no resolution. Am I missing something? Is it impossible to shape multiple gigabits/second on Linux?

Access and modify value of a key that contains dots on name in a JSON file from terminal / Change zoom level of Visual Studio Code from terminal

Posted: 09 Jun 2022 01:32 PM PDT

Thank you for any help that you could provide.

I am trying to create a bash script to modify the value of a key from the settings.json file from Visual Studio Code.

The key that I want to modify is window.zoomLevel. I have tried to read it by using jq: jq -r '.window.zoomLevel' settings.json, jq -r 'window.zoomLevel' settings.json, or jq -r '.zoomLevel' settings.json, but I am not able to and I even get compile errors. I created a copy of settings.json and changed the name of the variable to window_zoomLevel and I was able to successfully read it with the same code: jq -r '.window_zoomLevel' settings.json. How can I access that variable without modifying the json file?

As you can imagine, I don't know much about json structures, so please help me out.

This is how the file looks:

{      "security.workspace.trust.untrustedFiles": "open",      "launch": {          "configurations": [          {              "type": "bashdb",              "request": "launch",              "name": "Bash-Debug (hardcoded script name)",              "cwd": "${/.../...}",              "program": "$/.../....sh",              "args": []          }          ]      },      "kite.showWelcomeNotificationOnStartup": false,      "editor.fontSize": 10,      "files.autoSave": "afterDelay",      "screencastMode.fontSize": 20,      "scm.inputFontSize": 10,      "debug.console.fontSize": 10,      "terminal.integrated.fontSize": 10,      "markdown.preview.fontSize": 10,      "window.zoomLevel": -1.5,      "editor.mouseWheelZoom": true  }

How can I enable Samba 1 authentication for a single share?

Posted: 09 Jun 2022 02:04 PM PDT

I'm setting up an old network scanner on a debian machine but it uses smb1 for authentication using

ntlm auth = yes

under the global settings. I know smb1 it's unsecure so I'm guessing if there's the option to use that kind of authentication only for the share I use to receive scans from the machine. Is it possible? Thanks.

Microphone loopback on Linux

Posted: 09 Jun 2022 03:01 PM PDT

I am trying to do simple microphone loopback to immediately play to the speakers. I eventually got it working on one computer by running pacmd load-module module-loopback latency_msec=1. However, a few problems.

  • I could not replicate this on another machine.
  • This is a fairly technical process and the non-technical users I plan to provide this setup to may experience trouble if the system goes down for any reason.
  • There is a background microphone hiss, which would be nice to clean up using a program rather a very simple redirection.

How would I do this in Linux in a very simple, user-friendly way?

A few guides suggested using pavucontrol, but I could not get it working. This is because I do not know what to do on the last setup in "output devices". After a few days of trying, I assumed those guides were old and this process no longer works - but I may be wrong?

Who is setting my LS_COLORS?

Posted: 09 Jun 2022 01:14 PM PDT

I'm using the bash shell, and want to change some of my ls listing colors; I've noticed that this can be controlled using the LS_COLORS environment variable, which encodes terminal colors for various file and directory types and states.

Now, I have LS_COLORS set in my environment, but I don't remember / don't know who exactly sets it! I can't find any export LS_COLORS or even a mention of LS_COLORS in my .bashrc, .bash_login, etc.

So where is it set?

Note: I'm using a Debian-based distribution

How to disable broadcasting on an IP-less Linux NIC

Posted: 09 Jun 2022 01:00 PM PDT

Linux system with two NICs.

  1. eth0 connected to Co. LAN. DHCP configured. It is the main network connection.
  2. eth1 point-to-point connected to a network analyzer. No IP on this interface.
  3. Linux application sending L2 packets on eth1.
  4. The network analyzer gets the application packets PLUS all broadcasts arrived on eth0.

Question: How can I stop broadcasts being forwarded on eth1 ?

Config:

eth0 Link encap:Ethernet HWaddr 10:98:36:af:9c:0f  inet addr:192.168.x.xx Bcast:192.168.3.255 Mask:255.255.252.0 UP  BROADCAST RUNNING MULTICAST MTU:1500 Metric:1    eth1 Link encap:Ethernet HWaddr 10:98:36:af:9c:10  UP BROADCAST RUNNING MTU:1500 Metric:1

ip link:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00  2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000 link/ether 10:98:36:af:9c:0f brd ff:ff:ff:ff:ff:ff  3: eth1: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000 link/ether 10:98:36:af:9c:10 brd ff:ff:ff:ff:ff:ff

Linux script for file change email notification ( not inotify or any other utility)

Posted: 09 Jun 2022 02:04 PM PDT

I'm looking for linux script (not inotify tool or any other utilities ) which notifies me via email whenever file contents are changed. I have managed sample script via google, but i have to run it manually and it is not triggering any emails

[[ -z `find /path/to/file -mmin -60` ]]    if [ $? -eq 0 ]  then    echo -e " /path/to/file nothing has changed"  else    mail -s "/path/to/file has been changed" mailid  fi
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)