LinuxCommand

• Troubleshooting ssh

listening on 0.0.0.0 port 10222.

• EXPECT spawn ssh ProxyCmd

exp_cmd="set timeout 10 
spawn ssh $login@$target_ip -p 22 -o \"ProxyCommand=ssh -p 22  root@$jump_ip -W %h:%p\";
expect \"password\"
"
expect -c "$exp_cmd" > $conf_log

• ssh ProxyCommand
  ProxyCommand ssh ssh_jump_host "nc %h %p"

─ One layer of encryption
═ Two layers of encryption
┏━━━━━━━━━━━━━━┓          ┏━━━━━━━━━━━━━┓          ┏━━━━━━━━━━━━━━━━━┓         
┃  SSH client  ┃══════════┃  Jump host  ┃──────────┃  Target server  ┃
┗━━━━━━━━━━━━━━┛          ┗━━━━━━━━━━━━━┛          ┗━━━━━━━━━━━━━━━━━┛



ssh liam@10.10.10.167 -p 22 -o ProxyCommand='ssh -p 22 root@192.168.234.4 -W %h:%p'

• SCP ProxyCmd
  ssh_rsa file,no password input

scp -o ProxyCommand="ssh $jump_host nc $host 22" $local_path host:$destination_path


scp  -o ProxyCommand="ssh -i /root/.ssh/ssh_rsa root@192.168.234.4 -W %h:%p" /tmp/file liam@10.10.10.166:root/file

• decrypt pwd

echo "74gwRasdClz9kjvw" | openssl enc -d -base64 -aes-256-ctr -nopad  \ 
      -nosalt -k "$(sha256sum "/root/.pki/cert.seed" |  \
      cut -d' ' -f1 | tr -d "\r\n")"

 openssl enc -e    "encrypt pwd"

• retrieve of CA certificate SHA1 fingerprint

keytool -printcert -file ca_cert.cer |  \
    egrep SHA1 | cut -d ':' -f 2-

• retrieve CA certificate Issuer

keytool -printcert -file ca_cert.cer | egrep Issuer \
    | cut -d ',' -f 2

• console print pfx certificate info

openssl pkcs12 -in $radius_ecc_pfx.pfx -clcerts -out  ecc_radius_cert.pem  -nokey

• calculate ipv6

res=“$(ipcalc -c -6 $ipv6_addr 2>/dev/null)"

• check status of radius database:

mysql -uradius —password=“xx” -e “USE radius;”

• initial radius database

mysql -uroot —password=‘xxx’ radius < radius_scripts_path/schema.sql 2>/dev/null

• remote command

ssh -o TCPKeepAlive=yes -o ConnectTimeout=30 -o StrictHostKeyChecking=no \
     -i /root/.ssh/konw id_rsa 192.168.234.2 "vim-cmd vmsvc/power.on vmid”