[cli] Find out the public IP in the command line
You may find out your IP using commands like ifconfig, but if your computer is behind a firewall, that is not the IP that the world sees. Here’s a quick how-to to find out what your external IP is.
First, let’s create an alias: (link)
alias getip="wget -q -O - http://whatismyip.com/automation/n09230945.asp"Next time when you need the public IP of your computer, just type getip in the command line and hit enter.
The above command gets the IP from http://whatismyip.com/automation/n09230945.asp (just copy and paste this URL to your location bar and hit enter, and see what it does!). The “-q” is to suppress verbose information (quiet mode) and “-O -” causes the output to be written to STDOUT.
You may use dyndns.org too to find out the IP, but in this case you may need some trimming: substitute the text within the code above by the following:
wget http://checkip.dyndns.org/ -O - -o /dev/null | cut -d: -f 2 | cut -d\< -f 1
A few words about various flags above:
The output of the first command (everything before the first pipe) is
<code><html><head><title>Current IP Check</title></head><body>Current IP Address: xxx.xxx.xx.xx</body></html>
(the actual IP address is masked by x).
The “-o /dev/null“ part redirects the STDERR of wget to /dev/null. The “-d :” option in first “cut” tells it to use colon (:) to be used as the delimiter and “-f 2” causes it to print second of the delimited fields. Similarly, the flags of the second “cut” cause it to use “<” as the delimiter for the piped output from the first “cut” and choose the first of the delimited fields.
UPDATE: Another one using curl [link]. You may again change the quoted text within the alias above by the following:
curl --connect-timeout 3 http://www.whatismyip.org/
[network] Port forwarding via SSH
Let’s say you have physical access to your home computer h.com and your work computer w.com and besides that you work on a remote server r.com. Let’s also assume that the usernames are huser, wuser and ruser, respectively.
There may be various accessibility scenarios, but let’s just assume that you can access the remote servers from both home and work computers, but you cannot access home computer from work directly and vice versa. A possible solution to have all the computers accessible is forward a port on the remote machine to the local port 22 (we are interested in ssh connection only, at least for the time being!).
Forwarding remote port:
So at home before you leave for work, forward port 2222 of r.com to port 22 of local machine h.com
$ ssh ruser@r.com -R 22:localhost:2222
Type in localhost as it is! It creates a secure socket from remote machine’s port 2222 to local machine’s port 22, meaning the ssh traffic coming to port 2222 of r.com will be forwarded to port 22 of h.com.
When you get to work, first ssh to the remote machine from your work computer:
$ ssh ruser@r.com.
You can then access the files at your home while you are still on h.com by simply doing
$ ssh huser@r.com -p 2222 (you’ll be asked for the password for your home computer). The flag -p stands for port.
Now, before you leave your work, forward port 22 of w.com to another port (say, 2223) of r.com using the above method. At home, you first ssh to r.com; and the using
$ ssh wuser@r.com -p 2223 (you’ll be asked for the password for the work computer),
you may access files on your work computer.
Forwarding local port:
I don’t know how I can best use it yet, but anyway, here is how to do it along with one “possible” use of it. Let’s say from your home computer you cannot ssh to r2.com, another remote server, but you can from r.com. In order to connect to r2.com form home, the most obvious way is to connect to r.com from h.com first, and then to r2.com. You have to do this for every new ssh connection r2.com from h.com. But if you forward an available local port (say, 2224) to port 22 of r2.com via r.com, it'll be a lot easier. Issue the following command while you are on h.com:
$ ssh ruser@r.com -L 2224:r2.com:22.
This will enable you to connect to r2.com from h.com by using
$ ssh r2user@localhost -p 2224
in another terminal on the home computer (r2user is the username for r2.com).
File copying between those computers also becomes a breeze:
$ scp -P 2224 file_to_be_copied r2user@localhost:/desired_dir/copied_file
(notice the capital P).
N.B. (1) In order to check if a port (say, 2225) is available on the locahost, try
$ nc localhost 2225,
(2) Needless to say, you must have sshd running on the machines that you want to connect to via ssh.
[printer] Configure CUPS based printers
CUPS = Common UNIX Printing System
In order to search for the CUPS based printers connected to the computer (directly or via a network), use this command in the terminal:
lpstat -a
or type in the address field of a browser:
http://localhost:631/printers.
The following file controls the cups configurations:
/etc/cups/cupsd.conf.
Make sure you configure the file as follows:
1. Tell cupsd to listen broadcasts. This can be done by turning Browsing on
Browsing On.
2. Tell cupsd to listen broadcasts from other than local network as well.
BrowseOrder deny,allow.
BrowseAllow ALL
[ssh] SSH login to remote server without password
If you’re using OpenSSH to connect to remote Linux machine, then this may come as bliss. This is based on public key authentication — (1) create a key-pair — a private and a public one, and then (2) save the public key in the authorized_keys file in the remote machine. Next time when you login using SSH to the remote server from the local machine where you have saved the private key, you won’t have to enter the password! Isn’t it cool? OK, now let’s get down to business, shall we?
Step 0: Make sure the RSA and public key authentication methods are enabled (which are in general enabled by default) in /etc/ssh/sshd_config on the remote machine — it should look like the following:
RSAAuthentication yes
PubkeyAuthentication yes
and then reload the configuration if you had to modify it
$ sudo /etc/init.d/ssh reloadYou need the administrative rights for the above.
.
Step 1: Use the command ssh-keygen to create the key pair:
$ ssh-keygen -t rsa Save the key to the default location, viz. ~/.ssh/id_rsa. When you hit enter, it’ll ask you for a passphrase — leave it empty (see warning below). You need to hit enter once more to confirm it.
Now if you go to ~/.ssh directory, you’ll see that two new files are created: id_rsa (your private key — don’t lose it or give it to somebody else!) and the public key, id_rsa.pub.
.
Step 2: We need to append the public key to the authorized_keys file or save the key as a new file with the name authorized_keysX (where X is a number to avoid conflict) in ~/.ssh directory on the remote machine. We’ll use the fancy vi trick that we saw earlier:
$ vi scp://remoteuser@remote.machine.com//home/remoteuser/.ssh/authorized_keysEnter your password when you’re asked. Once the vi window opens up, go to the end of the file (hit Shift+G) and then append the public key file
:r id_rsa.pubassuming you’re still in the ~/.ssh directory on the local machine. Next, save the file and exit.
Note: you may also use
$ ssh-copy-id remoteuser@remote.machine.comto automatically put the ID in the desired place.
Now you are all set to login to the remote machine using ssh without a password!
.
WARNING: The big security concern and a work-around (still being lazy!)
The ease of this method has a very strong downside: if the local machine is compromised the attacker will waltz onto the remote machine. A way out of this is to protect your private key with a non-empty passphrase. That also means every time the machine requires access to the private key (i.e., every time you login to the remote machine where you saved your public key), you have to enter the passphrase. What’s the use of this hoopla then — you may ask. Well, when there is a wish there is a way too — by committing the key to theĀ local system’s `memory’ so that you type the passphrase once and only once for the whole session.
OK. Let’s first change password to a non-empty string, shall we?
$ ssh-keygen -pIt’ll ask for the location of the key. Then you’ll have to enter a passphrase and verify it (don’t leave this empty this time).
Next make the system remember your key:
$ ssh-addIt’ll ask for the passphrase (in order to ‘unlock’ your private key) and then for the whole session you won’t need any password/passphrase to login to the remote machine.
.
[Network] Fix wired network connection
Wireless problems often baffle me — so let’s postpone that for another post; right now we’ll focus on the wired network problems which is less common than the other one!
While using Ubuntu based systems, I often found that network manager just got into the way whenever I wanted to fix an internet connection. So, first thing to do is to kill the associated processes (kill -9) after you find the process ID by using top or htop (if installed). Or you can totally get rid of these packages (usually network-manager, network-manager-gnome in Gnome or knetworkmanager in KDE).
Then, edit /etc/network/interfaces file (you need to precede it by sudo) so that the lines for wired interface (usually eth0 — find this by issuing sudo ifconfig , first) look like the following:
auto eth0
iface eth0 inet dhcp
again assuming that we want to have a DHCP based connecton (which is the case most of the time and it’s, ofcourse, easier to fix!).
Then restart the network connection by issuing the following command:
sudo /etc/init.d/networking restart
And then bring eth0 first down, then up using
sudo ifdown eth0; sudo ifup eth0
This should be the first step toward troubleshooting the wired internet connection. The things starts getting just better if these steps fail ……well, let’s leave that for another post.
1 comment