SSH & DevOps Crash Course Snippets

ssh.md

SSH Cheat Sheet

Login via SSH with password (LOCAL SERVER)

$ ssh brad@192.168.1.29

Create folder, file, install Apache (Just messing around)

$ mkdir test

$ cd test

$ touch hello.txt

$ sudo apt-get install apache2

Generate Keys (Local Machine)

$ ssh-keygen

ssh-keygen -f ~/my-key -t ecdsa -b 521

-f is the file name and where to store

-t is algorithm you choose

-b byte, default 2048

Add Key to server in one command

> cat ~/.ssh/id_rsa.pub | ssh brad@192.168.1.29 "mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >> ~/.ssh/authorized_keys

Another way to add key to server !

ssh-copy-id -i ~/.ssh/my-key user@host

Create & copy a file to the server using SCP

$ touch test.txt $ scp ~/test.txt brad@192.168.1.29:~

DIGITAL OCEAN

Create account->create droplet

Create Keys For Droplet (id_rsa_do)

$ ssh-keygen -t rsa

Add Key When Creating Droplet

Try logging in

$ ssh root@doserver

If it doesn't work

$ ssh-add ~/.ssh/id_rsa_do (or whatever name you used)

Login should now work

$ ssh root@doserver

Update packages

$ sudo apt update

$ sudo apt upgrade

Create new user with sudo

$ adduser brad

$ id brad

$ usermod -aG sudo brad

$ id brad

Login as brad

> ssh brad@doserver

We need to add the key to brads .ssh on the server, log back in as root

$ ssh root@doserver

$ cd /home/brad

$ mkdir .ssh

$ cd .ssh

$ touch authorized_keys

> sudo nano authorized_keys (paste in the id_rsa_do.pub key, exit and log in as brad)

Disable root password login

$ sudo nano /etc/ssh/sshd_config

Set the following

PermitRootLogin no

PasswordAuthentication no

Reload sshd service

$ sudo systemctl reload sshd

Change owner of /home/brad/* to brad

$ sudo chown -R brad:brad /home/brad

May need to set permission

$ chmod 700 /home/brad/.ssh

Install Apache and visit ip

$ sudo apt install apache2 -y

Github

Generate Github Key(On Server)

$ ssh-keygen -t rsa (id_rsa_github or whatever you want)

Add new key

$ ssh-add /home/brad/.ssh/id_rsa_github

If you get a message about auth agent, run this and try again

$ eval `ssh-agent -s`

Clone repo

$ git clone git@github.com:bradtraversy/react_otka_auth.git

Install Node

$ curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -

$ sudo apt-get install -y nodejs

Install Dependencies

$ npm install

Start Dev Server and visit ip:3000

$ npm start

Build Out React App

$ npm run build

Move static build to web server root

$ sudo mv -v /home/brad/react_otka_auth/build/* /var/www/html

Change timezone

sudo timedatectl set-timezone Asia/Ho_Chi_Minh

timedatectl list-timezones

See disk space

df -x squashfs --total

df -BM

Xac dinh process ton nhieu RAM nhat

ps aux --sort:rss

Thong ke theo MB

ps aux --sort:rss | awk 'NR>1 {$6=int($6/1024)"M";}{ print;}'

Su dung top/htop

Sau do nhan Shift + M (M la Memory !!!)

Để xác định tiến trình (Process/Thread) đang đọc ghi ổ cứng nhiều nhất

iotop

Kiểm tra băng thông Server

vnstat -l -i <Network interface card>

show nics

netstat -i

Xác định IP và ứng dụng ngốn nhiều băng thông nhất

nethogs

Cac ip ket noi den Server

netstat -ant | grep -v LISTEN | awk '{print $5}' | cut -d":" -f1 | sort | uniq -c | sort -rn

Ket noi hien tai dang duoc thiet lap

netstat -ant | grep ESTABLISH | awk '{print $5}' | cut -d":" -f1 | sort | uniq -c | sort -rn | more

Xác định Process của kết nối mạng đang được thiết lập

ss -p4n

Bash cd vao thu muc sau khi tao

– add this to file ~/.bashrc:

function mkdircd () { mkdir -p "$@" && eval cd ""$$#""; }

– Close terminal and reopen (or source ~/.bashrc), next time it will get:

$ mkdircd /tmp/test1/test2/test3/test4

Measure response time

curl -o /dev/null -s -w 'Establish Connection: %{time_connect}s\nTTFB: %{time_starttransfer}s\nTotal: %{time_total}s\n'  https://www.google.com