Command-Line Baubles

Table of Contents

1 Intro

I started using Linux in spring 2019 for a class. I bought a used 2015 T450s for $200, since I hated using a VM on my aging Windows laptop. I also wanted to just build everything on Linux to begin with so I didn't have to deal with any cross-platform weirdness when developing on Windows.

Since then I've accumulated a lot of helpful bits, some of which are easily forgotten. This document is meant to collect all of that information in an easily accessible place.

2 Useful Commands

3 SSH

SSH stands for (s)ecure (sh)ell. From the Wikipedia article:

The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution.

The application of SSH I'll be addressing here will mostly be remote login, but I strongly encourage reading more about SSH and its applications in the above-linked Wikipedia article.

Since it is a cryptographic protocol, it uses user-generated cryptographic keys to authenticate the user and communicate securely. These keys are referred to colloquially as SSH keys.

3.1 Setting up an SSH Host Alias

Sometimes you have that server you work on that you ssh into with its ip address or a really long domain. Typing ssh uname@some.long.url every time you need to log in is really annoying. What if I told you that you can just type in ssh obnoxious and ssh into the server? Sound appealing? then read further:

  1. So, to begin with, we're going to be editing ~/.ssh/config. We're going to add an entry to this file, so before starting, run touch ~/.ssh/config to ensure that the file exists.

  2. Open the file in your editor of choice, then add the below to the file. Substitute in the information that is proper for your situation. 

    Host obnoxious
    User uname
    HostName some.long.string
  3. Now try it out! Type ssh [name] on the command line, and it should immediately give you a password prompt. For example, if I were to log into the above, I'd type in ssh obnoxious.

Enjoy your (almost) effortless login!

3.2 Setting Up SSH Login for a Server

The theme of these ssh-based instructions is one thing: nobody likes typing long strings. Even if your password is short, wouldn't you like to skip typing it entirely? Not having to type a password at every login also means that you can have a stronger password.

These instructions can go two ways. If you set up a host alias above, then your command will look slightly different. I'll include notes about the few differences for those with a host alias under the relevant steps.

  1. First, we're going to generate an SSH keypair for the server. You use the following command: 

    ssh-keygen -t ed25519
    • Its goign to ask you for a location to save the key. You can just press enter to accept ~/.ssh/id_ed25519, or type in a full file path to what file you want to store it in (for example, /home/uname/.ssh/key_name).

  2. Okay, cool. We have your key, so we need to tell your server that it should accept logins that present this key. We're going to be using ssh-copy-id, which is installed by default many Linux distributions. If it's not installed on yours, your distribution's package manager likely has it. I personally believe its worth the install.

    You're going to type the following command: 

    ssh-copy-id -n -i ~/.ssh/key_name uname@domain

    The -n flag here means that we're doing a dry run. I advise doing a dry run so you can confirm you're adding the right key and that the command doesn't have any syntax issues. The -i flag means we're providing the file path to the identityfile we want to use, and uname@domain is the pair of the username and domain you'd use to ssh into this server normally. Note that this string is different if you have an alias set up. You sould use your alias instead of the username@domain string.

  3. Now run the command again, but remove -n. The keys will be installed onto your server, and you should be able to type 

    ssh (obnoxious|uname@domain)

    and login without typing a password.

3.3 Deep Dive: ~/.ssh/config

The SSH config file, usually located at ~/.ssh/config, is the file that holds definitions for SSH aliases and provides a means to configure certain options. Many of these options are vastly helpful for interacting with remote servers.

This will not be an exhaustive list of the options available, but rather an explanation of the options I have found the most useful. If you want to learn more about the many options, I suggest visiting this link, or just typing man ssh to view the ssh manpage on your local machine.

3.3.1 Primer: ssh-agent

The ssh-agent is a helper that keeps track of a user's identity keys and passphrases. It uses these to faciliate login to servers. By default, all keys kept under ~/.ssh/ are added to the agent, but you can use the ssh-add command to add the key to the agent manually.

3.3.2 Host

The friendly name for a server you're wanting to create an alias for. It's required to be the first line when you're creating a new alias entry. There are several options that need to be associated with an alias entry, which I will describe in this section. Here is an example alias entry for usage reference: 

Host obnoxious
    User uname
    HostName some.long.string
    IdentityFile ~/.ssh/id_ed25519
    IdentitiesOnly yes
    ForwardAgent yes
    ProxyJump another_server
  1. User

    The username you log into a server with.

  2. HostName

    The IP address or URL of the server you're wanting to log into.

  3. IdentityFile

    The path to the identity key that should be used to log into the server with.

  4. IdentitiesOnly

    Binary option. When turned on, makes ssh only use the identity keys configured in the config file, even if ssh-agent offers more identities.

  5. ForwardAgent

    Binary option. When turned on, it passes your local machine's ssh-agent to the server you're logged into. This is especially useful when you don't want to leave sensitive keys on the server you're working with. It is also more convenient in some cases. For instance: when you forward your local ssh-agent, you don't have to create a separate key on each remote machine you log into to use SSH with your remote git repositories.

  6. ProxyJump

    The alias (or uname@domain pair) of the server you want to log into first before trying to SSH into the server specified in the host alias entry. You can also do a proxy jump with the -J flag on the command line. An example of that: 

    ssh -J <jump server> <remote server>

    Note that ProxyJump reqires OpenSSH version >= 7.5 and for jump servers to support port forwarding. Most modern machines fit this criteria, but just keep that in your back pocket to help with troubleshooting if you ever have issues.

3.3.3 AddKeysToAgent

This binary option turns on/off automatic adding of keys to the ssh-agent. Place this at the top of your config file or under a wild card alias entry.

3.3.4 Wild Card Usage

Note that you can add alias entries in the ssh config file where you can apply options to every remote machine you log into. Be careful when using this catch-all host alias, as some options are inadvisable to apply to every machine (for instance, forwarding your ssh-agent). This is what the alias looks like: 

Host *
    AddKeysToAgent yes

4 Git

4.1 Git Crash Course

TBD

4.2 Using SSH with Multiple GitHub Accounts on One Machine

  1. Get SSH key working in your GitHub account. I would recommend the guide here.

  2. Now that you have one GitHub account set up through SSH, you should see something in your config (see it by running less ~/.ssh/config) that roughly looks like: 

    Host github.com
    HostName github.com
    User git
    IdentityFile ~/.ssh/some_key
  3. Create another ssh key for your second account, and add it to the corresponding GitHub account. Just create the key and add the public key to your account. All the extra steps are not necessary, and may overwrite the current GitHub entry in your config. I haven't confirmed this, though, so feel free to proceed at your own discretion.

  4. With the two GitHub accounts with two different IdentityFiles, create another entry to ~/.ssh/config. It should roughly look like this: 

    # Account 1
Host github.com-one
    HostName: github.com
    User git
    IdentityFile ~/.ssh/some_key

# Account 2
Host github.com-two
    HostName github.com
    User git
    IdentityFile ~/.ssh/other_key

    The strings I added after github.com (-one and -two respectively) will be appended to all the @github.com links that you use in order to clone or push to GitHub.

4.2.1 Things to keep in mind

Because you changed the "host" part of your GitHub ssh aliases, this means you need to take some extra steps and precautions in some places.

When cloning, make sure you append whatever thing you added to the host line to your clone commands. For example, here's a command using the first account in the example ssh aliases above: 

git clone git@github.com-one:username/repository.git

BEFORE YOU PUSH: This is SUPER IMPORTANT. If you have a global default GitHub account, it will push with that account by default each time. This is why you must run these commands to configure any existing or freshly cloned repos to use the correct account: 

git config user.name "yourusername"
git config user.email "someemail@provider.com"

You can also directly edit the ./.git/config file under the top level folder of your repo. Commands are easier though. Might be something worth making a bash alias or two for if you do it a lot!

5 Docker Commands

Added for the people in classes at NEU using Docker. I see you, and I see your (possible) struggle. I've struggled alongside you, I promise. 

# Get a bash shell from a running container
docker exec -it <process name> bash

# List all processes and their names
docker ps -a

# Run the docker image and don't attach tty
docker run -i --name <container name> <image name>

# Stop all docker processes
docker stop $(docker ps -a -q)

# Clean up all images without containers.
docker image prune -a

# List all images
docker images

# Remove an container associated with imageid
docker rm [imageid]

# Remove all stopped containers
docker container prune

# Create a docker container from an .xz archive.
xzcat <image> | docker load
docker load < some_image.tar.xz

6 Misc

6.1 tar/xz

Alright. So hopefully you know about tar and xz, but if you don't, I'll inform you:

  • Tar is an archiving utility. It collects many files to be archived together in what is called a tarball. Its name comes from "tape archive"
  • XZ is a lossless compression algorithm. XZ Utils is the set of tools accompanying it.

Do note that xz has its own set of command line utilities (the aforementioned XZ Utils) that can be used for single files, but not directories.

6.1.1 To compress a directory with tar and xz

tar -c -I 'xz -9 -T0' -f name-of-archive.tar.xz name-of-directory/
  • -c create a new archive
  • -I=COMMAND filter data through COMMAND. Lets you provide the compression program to use. The tool must accept -d (for decompression)
  • -f Name of the file to output the archive to

You can also use the -J option to invoke xz compression instead of -I, but do note you will have to pass the options to xz with XZ_OPT instead. -v is just verbose output.

6.1.2 XZ and Environment Variables

There's two environment variables with xz: XZ_DEFAULTS and XZ_OPT. XZ_DEFAULTS is for a system-wide configuration, while XZ_OPT is meant for passing options to xz when run by a script or tool (such as tar). You use XZ_OPT like this: 

XZ_OPT='-9' tar -cvJf mywebsite.backup.tar.xz /var/www/html/

Author: Genoveva Fossas

Created: 2023-03-04 Sat 14:39