Category Archives: UNIX & Linux
Too good to #0002
Show and update the comment in an SSH private key ssh-agent in Gitlab CI/CD Define SSH_KEY as a “file” in Gitlab CI/CD variables and SSH_PASSPHRASE as a regular variable If libcrypto errors on execution, make sure SSH_KEY has an additional … Continue reading
Too good to #0001
Set X11 keyboard layout manually and temporarily (e.g. in i3 if I need to test exotic window managers for my users) Speaking of which, set keyboard layout permanently in Gnome Check if Gnome Screensaver is active (I use this for … Continue reading
IPv6 Privacy Stable Addressing Roundup
“Okay, let’s see whether we can reach your Macbook externally via IPv6. What’s the address?” Sure, let’s have a look. $ ifconfig … inet6 2a03:2260:a:b:8aa:22bf:7190:ef36 prefixlen 64 autoconf secured inet6 2a03:2260:a:b:b962:5127:c7ec:d2df prefixlen 64 autoconf temporary … Everybody knows that one … Continue reading
Debian /boot old kernel images
So I was looking at yet another failed apt-get upgrade because /boot was full. After my initial whining on Twitter, I immediately received a hint towards /etc/apt/apt.conf.d/01autoremove-kernels, which gets generated from /etc/kernel/postinst.d/apt-auto-removal after the installation of new kernel images. The … Continue reading
How expiration dates in the shadow file really work
tl;dr: Accounts expire as soon as UTC reaches the expiration date. In today‘s installment of my classic shame-inducing series “UNIX basics for UNIX professionals”, I want to talk about account (and password) expiration in /etc/shadow on Linux. The expiration time … Continue reading
SSH firewall bypass roundup
So my SSH workflow has reached a turning point, where I’m going to clean up my ~/.ssh/config. Some entries had been used to leverage corporate firewall and proxy setups for accessing external SSH servers from internal networks. These are being … Continue reading
CentOS 7 on MD-RAID 1
Figuring this out took me quite a bit of time. In the end, I approached the starter of this hilariously useless CentOS mailing list thread, who assured me that indeed he had found a way to configure MD-RAID in the … Continue reading
What does the slash in crontab(5) actually do?
That’s a bit of a stupid question. Of course you know what the slash in crontab(5) does, everyone knows what it does. I sure know what it does, because I’ve been a UNIX and Linux guy for almost 20 years. … Continue reading
OpenSSH connection multiplexing
The Challenge I was in touch with a developer the other day who used SSH to programmatically connect to a remote machine where he would start some kind of processing job. Unfortunately, he was in trouble when he wanted to … Continue reading
Using the SSH agent from daemon processes
One of my more recent installations, the BackupPC server I wrote about earlier, needs full access as the user root to his clients in order to retrieve the backups. Here’s how I implemented authentication on this machine. BackupPC runs as … Continue reading