{"id":99,"date":"2019-10-15T17:03:01","date_gmt":"2019-10-15T15:03:01","guid":{"rendered":"http:\/\/blog.remyblom.nl\/?p=99"},"modified":"2026-03-11T15:54:49","modified_gmt":"2026-03-11T14:54:49","slug":"random-parts-of-command-line-foo-that-make-your-life-really-easy-but-i-have-to-google-everytime-because-i-am-still-a-nix-n00b","status":"publish","type":"post","link":"https:\/\/blog.remyblom.nl\/?p=99","title":{"rendered":"Random parts of command line foo that make your life really easy but I have to google everytime because I am still a *nix n00b"},"content":{"rendered":"\n

Although I worked with Ubuntu for quite some years I still have to google some of the simpliest task, just because I hardly ever need them. The most simple examples being how to add a user to a group, or see how much space I have left on my disks…<\/p>\n\n\n\n

Instead of googling everything again and again, I am going to collect them in this post:<\/p>\n\n\n\n

Users<\/h2>\n\n\n\n

Add a user to a group:<\/p>\n\n\n\n

$ sudo usermod -aG sudo remy<\/code><\/pre>\n\n\n\n
To copy a user’s credentials from one machine to the other, on source machine:<\/p>\n\n\n\n
$ sudo getent shadow remy\n$ sudo cat \/home\/remy\/.ssh\/authorized_keys<\/code><\/pre>\n\n\n\n
On the target machine:<\/p>\n\n\n\n
$ sudo usermod -p 'HASH' remy\n$ sudo install -d -m 700 -o remy -g remy \/home\/remy\/.ssh\n$ echo 'PUBKEY' | tee -a \/home\/remy\/.ssh\/authorized_keys >\/dev\/null\n$ chown remy:remy \/home\/remy\/.ssh\/authorized_keys\n$ chmod 600 \/home\/remy\/.ssh\/authorized_keys<\/code><\/pre>\n\n\n\n
Diskspace<\/h2>\n\n\n\n
See how much space the subdirectories of your pwd<\/code> are taking up:<\/p>\n\n\n\n
$ du -sk *<\/code><\/pre>\n\n\n\n
Or when you want to look one level deeper, which comes in handy when I want to see which domains and subdomains I have in my \/var\/www\/vhosts<\/code> directory:<\/p>\n\n\n\n
$ du -kd 1 *<\/code><\/pre>\n\n\n\n
Prompt<\/h2>\n\n\n\n
# cool colored version:\ncoolcolor='\\033[33m' # with the 2nd 33 being the colorcode [30-37]\nnormal='\\033[0m'\nexport PS1=\"\\u@\\[$coolcolor\\]\\h\\[$normal\\]:\\w \\[$coolcolor\\]$\\[$normal\\] \"<\/code><\/pre>\n\n\n\n
OpenSSL<\/h2>\n\n\n\n
Generate new private key and certificate signing request:<\/p>\n\n\n\n
$ openssl req -out server.csr -new -newkey rsa:4096 -nodes -keyout private.key<\/code><\/pre>\n\n\n\n
Generate csr for existing private key:<\/p>\n\n\n\n
$ openssl req -out server.csr -key private.key -new<\/code><\/pre>\n\n\n\n
Check a certificate:<\/p>\n\n\n\n
$ openssl x509 -noout -text -in certificate.crt<\/code><\/pre>\n\n\n\n
Get the fingerprint of a certificate,  possible flags are -sha1<\/code> -sha256<\/code> or -md5<\/code>.<\/p>\n\n\n\n
$ openssl x509 -noout -fingerprint -sha1 -in certificate.crt<\/code><\/pre>\n\n\n\n
Remember: transporting .csr of .crt can be done in the clear without any fear, they are useless without the corresponding private.key<\/p>\n\n\n\n
Generate Diffie-Hellman parameters: (takes a long time)<\/p>\n\n\n\n
$ openssl dhparam -out dhparam.pem 4096<\/code><\/pre>\n\n\n\n
Check an SSL connection:<\/p>\n\n\n\n
$ openssl s_client -connect www.example.com:443<\/code><\/pre>\n\n\n\n
Create a pfx or pkcs#12 file that contains both private key and certificate and is password protected:<\/p>\n\n\n\n
$ openssl pkcs12 -export -out key_and_cert.pfx -inkey privkey.pem -in fullchain.pem<\/code><\/pre>\n\n\n\n
To check the content of a pkcs12 file:<\/p>\n\n\n\n
$ openssl pkcs12 -info -in key_and_cert.pfx<\/code><\/pre>\n\n\n\n
More useful stuff on openssl-commands<\/a><\/p>\n\n\n\n
SSH keys<\/h2>\n\n\n\n
Generate Ed25519 key pair:<\/p>\n\n\n\n
$ ssh-keygen -o -a 100 -t ed25519 -f ~\/.ssh\/id_ed25519 -C \"foo@bar.com\"<\/code><\/pre>\n\n\n\n
Although I prefer ed25519, you might want old fashion rsa keys:<\/p>\n\n\n\n
$ ssh-keygen -t rsa -b 4096 -f ~\/.ssh\/id_rsa -C \"foo@bar.com\"<\/code><\/pre>\n\n\n\n
To add your key(s) to your server, use this nifty little tool:<\/p>\n\n\n\n
$ ssh-copy-id user@host<\/code><\/pre>\n\n\n\n
Or when you just want to add one specific key:<\/p>\n\n\n\n
$ ssh-copy-id -i ~\/.ssh\/id_rsa user@host<\/code><\/pre>\n\n\n\n
Add one file to the other<\/h2>\n\n\n\n
Okay, this is like basic stuff, but getting it wrong can be painful, so to append file1 to file2:<\/p>\n\n\n\n
$ cat file1 >> file2<\/code><\/pre>\n\n\n\n
Compressing and decompressing files<\/h2>\n\n\n\n
Creating a simple zip from a directory:<\/p>\n\n\n\n
$ zip -r filename.zip \/path\/to\/directory<\/code><\/pre>\n\n\n\n
Unzip it with:<\/p>\n\n\n\n
$ unzip filename.zip<\/code><\/pre>\n\n\n\n
Or you want to password protect it?<\/p>\n\n\n\n
$ zip -e filename.zip \/path\/to\/directory<\/code><\/pre>\n\n\n\n
Since the encryption used by zip is weak, use 7z instead:<\/p>\n\n\n\n
$ 7z a -p filename.7z \/path\/to\/directory<\/code><\/pre>\n\n\n\n
Lots of archive on the net will be .tar.gz<\/code> which you extract with:<\/p>\n\n\n\n
$ tar -xf archive.tar.gz<\/code><\/pre>\n\n\n\n
Reboot server tonight<\/h2>\n\n\n\n
Sometimes I want to reboot a machine but keep the impact from the downtime as low as possible, so I schedule the reboot at 06:00 in the morning, hoping the number of users currently using any of its services is close to 0 and in the case something went wrong, I can fix it when at the office at 09:00 (This does indeed imply that we are okay with the 3 hours downtime)<\/p>\n\n\n\n
$ sudo at 06:00\nwarning: commands will be executed using \/bin\/sh\nat> \/sbin reboot\n[ctrl-d]<\/code><\/pre>\n\n\n\n
You can check the queue of scheduled jobs with:<\/p>\n\n\n\n
$ sudo atq\n1\tTue Jan 14 10:00:00 2020 a root<\/code><\/pre>\n\n\n\n
And remove a job with:<\/p>\n\n\n\n
$ sudo atrm 1<\/code><\/pre>\n\n\n\n
Send a test mail <\/h2>\n\n\n\n
$ mail -s \"TEST!\" remy.blom@hku.nl < \/dev\/null<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
Although I worked with Ubuntu for quite some years I still have to google some of the simpliest task, just because I hardly ever need them. The most simple examples being how to add a user to a group, or see how much space I have left on my disks… Instead of googling everything again … <\/p>\n
Continue reading “Random parts of command line foo that make your life really easy but I have to google everytime because I am still a *nix n00b”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[14,2],"tags":[],"class_list":["post-99","post","type-post","status-publish","format-standard","hentry","category-snippets","category-vps"],"_links":{"self":[{"href":"https:\/\/blog.remyblom.nl\/index.php?rest_route=\/wp\/v2\/posts\/99","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.remyblom.nl\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.remyblom.nl\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.remyblom.nl\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.remyblom.nl\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=99"}],"version-history":[{"count":20,"href":"https:\/\/blog.remyblom.nl\/index.php?rest_route=\/wp\/v2\/posts\/99\/revisions"}],"predecessor-version":[{"id":392,"href":"https:\/\/blog.remyblom.nl\/index.php?rest_route=\/wp\/v2\/posts\/99\/revisions\/392"}],"wp:attachment":[{"href":"https:\/\/blog.remyblom.nl\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=99"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.remyblom.nl\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=99"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.remyblom.nl\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=99"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}