Tuesday, November 28, 2017

SSH Login without password

If you want to access a remote terminal without being required to type your password, you have to do the following:


ssh-keygen
You can accept all the default
This will create a file with a public key under your $HOME directory

$HOME/.ssh/id_rsa.pub
this look as following :
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDgDnpDHO5U/Ba8xKZezlm7OpwbV0WBvJXelshOO2LZJxZCI8h5QRlbjYws5Gy+oxuNftQHliXFFfHJlFtRk4xo27JkdeYmrI33qHjDSZ4fWx4RJA1HODBqcmscisMrv4D8ELdP0pFXkL8+GM8l2bxu8U1HS2yuC//33mxn7auo2GJUr1vOGzsLtp7qS/kdLqf2Vo4YG6MtNmEw8Y+tlbSe0zO0uRR7sTj9aq+YM+KtLU2xxzzffsiAMqlxXnZd6c/PmVsJ/1d1ypk3Xrx69R7OlTB5rWApqB/eK9Mc53uCqUhFrzkKWWNyoP3/jEwJGJTfpuhL4gYmJtKdAl3RuXl4EB

Then, in order to enable ssh to a remote host without being required to type a password, you just have to add this public key to the remote host :

Type: 
ssh-copy-id -i ~/.ssh/id_rsa.pub remote-host
like for ex 
ssh-copy-id -i ~/.ssh/id_rsa.pub root@qtvr-els003 

This will automatically append your public key into the remote file (but this is something you can do manually as well) 

[root@qtvr-els0003 ~]# cat ~/.ssh/authorized_keys
# HEADER: This file was autogenerated at Mon Oct 30 10:42:29 +0200 2017
# HEADER: by puppet.  While it can still be managed manually, it
# HEADER: is definitely not recommended.
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAuTtqxO/t+gebf+INEaBQwUmfckztextfJTBA3BstQifX6aqtnelgf9Mqu3OtjFhg3ddgErz2ft1aF6x/rF8Q0kzq8OR8ohmZrIPW+ZjxbOc9uvW1sniChCJFCtua+Hmm84zlIHwwwM0nK1jzBazVJ/zQR4jtY3V9F/sIVGTxowgiSNlszveeWWs0EN6xc5Uh7vE4ZICoXMKEkNhb30k9WZ0H2sNALzAghgmjSUv7CK/fGZ1UHG0Kh6z7J9aensCOHEKS5carGBFjrtfCI/ArCxwwwwqMg/ukJ8fWd2ekVNwKrm+J0iCVBlZ9pA6wV2BkJF77ZBlfPlW6q5T7r8Q23kJ2M5w== root@tlvmanager.tlv.lpnet.com
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDgDnpDHO5U/Ba8xKZezlm7OpwbV0WBvJXelshOO2LZJxZCI8h5QRlbjYws5Gy+oxuNftQHliXFFfHJlFtRk4xo27JkdeYmrI33qHjDSZ4fWx4RJA1HODBqcmscisMrv4D8ELdP0pFXkL8+GM8l2bxu8U1HS2yuC//33mxn7auo2GJUr1vOGzsLtp7qS/kdLqf2Vo4YG6MtNmEw8Y+tlbSe0zO0uRR7sTj9aq+YM+KtLU2xxzzffsiAMqlxXnZd6c/PmVsJ/1d1ypk3Xrx69R7OlTB5rWApqB/eK9Mc53uCqUhFrzkKWWNyoP3/jEwJGJTfpuhL4gYmJtKdAl3RuXl4EB


For MAC OS User: 
I found this link for installing the ssh-copy-id command, which was missing from my laptop: 

https://stackoverflow.com/questions/25655450/how-do-you-install-ssh-copy-id-on-a-mac

Basically, download the code from here and make it accessible for all users: 

sudo curl https://raw.githubusercontent.com/beautifulcode/ssh-copy-id-for-OSX/master/ssh-copy-id.sh -o /usr/local/bin/ssh-copy-id sudo chmod +x /usr/local/bin/ssh-copy-id

Thursday, July 20, 2017

Socat - a Simple Tcp Proxy

In order to setup a simple TCP proxy, I've used the following :

yum install socat

socat TCP4-LISTEN:2003,fork TCP4:app.graphite.lpdomain.com:2003


This listen to port 2003 and send everything to the remote server app.graphite.lpdomain.com , to remote port 2003

I've done that in order to be able to send metric value to a remote graphite server that was not accessible from my server.
In order to send value to graphite , I've used the following :


echo Centralized.service.sandbox.test3   1234  `date +%s --date='30 minutes ago'` | nc -v my-proxy-server 2003


BTW, I was also suggested to use nc command, but it appears that this proxy tool is more primitive and doesn't support multiple connection apparently :

mkfifo backpipe
nc -k -l 2003    <backpipe | nc app.graphite.lpdomain.com 2003  1>backpipe