Tag Archives: linux

One-line to add public ssh key to authorized keys file on remote system

Sometimes I feel like Linux hasn’t been accepted publicly because people are concerned about getting their public ssh key appended to the authorized_keys file on the servers they are trying to administer. They think they have to scp it over, then ssh in, and finally append it to the correct file.

It’s such a shame because it can easily be accomplished with this one command.

ssh me@somespecialserver.local “cat >> ~/.ssh/authorized_keys” < ~/.ssh/id_rsa.pub

This executes the cat command on the remote server and takes the input from the local ~/.ssh/id_rsa.pub file.

If you don’t have an id_rsa.pub file, run the following command and follow the instructions.

ssh-keygen -t rsa

Once you’re authorized, you wont have to type a password to log on to that server anymore. However, you will still need it for sudo commands.

Use MRTG to graph traffic

So there you are, sitting there watching TV and looking at the blinking lights on your router.

Suddenly you think, “Man, if only there were a way I could record how many octets have flown across each managed interface. Then I could record those same numbers at a later time to determine the average traffic rate during that time-span.”

Luckily there is a simple tool called MRTG or Multi Router Traffic Grapher that will do just that.

First, you have to prepare the device(s) you want to monitor.

Whatever the device is, it needs to have SNMP capability. If it doesn’t, stop here because the rest of this tutorial will produce less than desirable results.

Set the SNMP read-only community string to something complicated. You can always copy and paste. Make sure SNMP is enabled and you should be good to go.

Now install MRTG.

Lets pretend you are on a Debian-based system and can install it from a repository.

sudo apt-get install mrtg

Now, you need to make sure the /etc/mrtg.conf file is owned by the user that will run the cronjob.

sudo chown user-name /etc/mrtg.conf

The config file itself can be quite cumbersome to edit by hand.

Good thing you wont have to. A special tool called cfgmaker is included to make the process easier.

Open up a blank text document that you can prepare this command in and save it for later modification.

Paste this in there:

cfgmaker –global ‘WorkDir: /var/www/mrtg’  \
–global ‘Options[_]: bits’ \
–show-op-down \
–no-down \
–noreversedns \
–zero-speed=100000000 \
–subdirs=HOSTNAME \
–output ‘/etc/mrtg.cfg’ \
–community=somecomplexcommunitystring \
192.168.xxx.1 \
192.168.xxx.2 \
192.168.xxx.3 \
192.168.xxx.4 \

(Each option is explained at the end of this post.)

Modify the last lines with IP addresses of devices that you want to pull information from.

Then copy all of it and paste it into a terminal. Save the text file for later in case you want to add a device and need to generate a new configuration. Each time it runs, it overwrites the previous file. If you need to remove a device, just pull it from the list and rerun the commands.

The commands should run successfully without and error. If there is an error, it is generally because it cannot communicate with your device using SNMP.

A quick way to verify that SNMP is giving information is with the following command. [SNMP must be installed (sudo apt-get install snmp)].

snmpwalk -v 2c -c communitystring xxx.xxx.xxx.xxx(device IP)

This should start spitting out a bunch of information. If it doesn’t, you either can’t communicate with your device, or SNMP isn’t enabled on it.

If everything ran without error, you should have an /etc/mrtg.conf file that’s ready to go. Make sure the same user that is going to run the program has rights to the /var/www/mrtg  as well. This is where all of the html pages and images will be created.

sudo mkdir /var/www/mrtg

sudo chown user-name /var/www/mrtg

Everything should be ready to go. Now you can add an entry to the user’s crontab for MRTG to run every 5 minutes.

crontab -e -u user-name

Choose an editor if you have to. Nano is easiest. Paste the following line in. Then save and quit.

*/5 * * * * env LANG=C /usr/bin/mrtg

After 5 minutes, you should start to see files in /var/www/mrtg.

If you don’t see anything, there is probably a permission error. Run the command manually to see what errors come back and adjust the permissions on the problem directories.

env LANG=C /usr/bin/mrtg

Once, you see html and png files, you are ready to rock. It will take at least two runs for statistics since it it measuring the difference in octet counters.

These files are obviously best viewed with a browser. They are just basic html files so a web server doesn’t need much configuration to serve them. Just set the home directory to /var/www/mrtg and make yourself a nice little index.html page that links to the interesting interfaces.

The WorkDir option tells it where the html and image files will be created.

The –global ‘Options[_]: bits’ option uses bits instead of bytes. All link-speeds are measured in bits, and file-sizes are generally measured in bytes.

The –show-op-down option tells it to include interfaces that are operationally down. That way, if an interface comes online, cfgmaker doesn’t need to be executed again.
The –no-down option covers more than operationally down. All interfaces will be graphed regardless of their status.
The –noreversedns option tells it not to bother with attempting a reverse look-up of the IP addresses of your network equipment.
The –zero-speed=100000000 option tells it to assume the speed is 100mbit/s if the device returns a rate of 0.
The –subdirs=HOSTNAME option determines how the html and image files will be organized. Each device will have it’s own folder based on it’s hostname or IP address if no hostname is given.
The –output ‘/etc/mrtg.cfg’ option tells it where to save the mrtg config file. This is the default location mrtg checks when it is ran.
The –community=somecomplexcommunitystring option tells it what SNMP community string to use when attempting to contact the device.

All of the options are available here. http://oss.oetiker.ch/mrtg/doc/cfgmaker.en.html

Here are a couple example shots. They are both from a relatively fresh install. One is from an access point running dd-wrt and one is from a firewall running pfSense.


Using wget to grab multiple files over ftp using multiple connections

Lets say you have a nice Linux server with a nice connection you want to grab a whole bunch of files from an FTP server using multiple connections to utilize all of the available bandwidth. Graphical based utilities are the work of the devil, so we can use wget.

First change to your directory that you want to download all of the files to.

cd  /drive/with/lots/o/storage

Here is a nice wget command that you can spawn multiple instances of to get the job done:
wget -r -nc -b ftp://example.com/somedirectory/full/of/recursive/files/ –ftp-user=user –ftp-password=password

The -r tells wget to recursively download so it grabs everything in that directory and beneath it.

The -nc tells wget to skip a file if it already exists locally to prevent all of your instances from replacing the same file over and over.

The -b tells wget to work in the background and send output to a log file. This is necessary to run 20 instances at once.

The –ftp-user= and –ftp-password= are only required if the FTP server doesn’t allow anonymous access.

Just run the command as many times as you want for the desired number of threads.

A quick killall wget will put all of the action to a halt if the fun is getting out of control.