SRE – Systems/Network

Category: Linux

  • Open bash session into a docker container

    Once a docker container is started, it’s always hard to get access into and see what’s happening inside. As a workaround, the easiest way to understand what’s happening in a container is to get a CLI on it and investigate. Since version 1.3, you can easily open a bash session into a running container by…

  • openssl/pyOpenSSL – “SSL23_GET_SERVER_HELLO:tlsv1 alert internal error”

    You’re getting this annoying error message again and again when trying to fetch certificate and/or establish a connection to your website using openssl: 139647967614624:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error:s23_clnt.c:769: This issue is well known in several openssl versions, and a bug has been addressed for Ubuntu repositories: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1475228 For now, there’s a simple workaround that works…

  • Configure VLan interface (with alias)

    If you want to isolate multiple networks, you can use VLAN (Virtual LAN). On most of the switches, you can configure VLAN to handle tagged packets and be able to send them to a specific port by isolating it. A VLAN is assigned a specific id that can be any number between 1 and 4096.…

  • Perform git commands with a specific ssh key

    It’s sometimes necessary to execute one git command with a special SSH key rather that the one you’re running with (for example on a remote console). This can be easily done by using such command: ssh-agent bash -c ‘ssh-add /home/myuser/.ssh/github.key; git pull [email protected]:MYPROJECT/myproject.git’

  • Aggregate results from command line on a specific field (e.g. netstat per IP)

    To aggregate results from a command line and count number of results for each field, you can combine multiple tools like awk, cut, uniq and sort to obtain the expected results. For example, if you want to retrieve count of connections opened per IP onto your server, just run: netstat -ntu | tail -n +3…

  • Generate SHA-512 hash on command-line with Python

    Need to generate the hash for a password? No need to use an online generator, totally insecure for your passwords … This simple command will ask you which string you want to hash and will return you the result after pressing “Enter” key! python -c “import crypt, getpass, pwd; print crypt.crypt(raw_input(), ‘\$6\ Besoin de générer…

  • Define the MTU size for current network

    To limit the fragmentation of packets and optimize your network, it can be necessary to find the best MTU size to set up on your interface. In order to find this best value, you can use a simple ping command. We’re first trying with a MTU size of 1500 bytes: $ ping -M do -s…

  • Set up RamFS or TmpFS on Linux

    In the most modern Linux systems, you will find memory-based file systems to make access to disk storage much faster by allocating some RAM space on a disk mount point. But this means that this disk area will be ephemeral and won’t exist anymore after a system reboot. You should never use it for storing…

  • How to install NodeJS from sources in a specific directory

    First of all, you need to update repositories, and make sure you have all the needed packages ready and installed: sudo apt-get update sudo apt-get install build-essential openssl libssl-dev pkg-config Then, you can retrieve the sources from the official NodeJS website by downloading the “Source Code” (here, it’s version 5.0.0): sudo mkdir /opt/node/ cd /opt/node/…

  • Apache – Proxy some URLs to another server

    In Apache, if you want to forward some requests matching a regex to another server, you can use the rule ProxyPassMatch. Here is an example that is matching URL like: /admin/anything /list/any number/info /manage/any number and redirect it to https://my-hidden-domain.com:26000 ProxyPreserveHost On ProxyRequests Off ProxyPassMatch ^/(admin/.*@.*|list/[0-9]*/info|manage/[0-9]*)$ https://my-hidden-domain.com:26000/$1 You can then define any rule you want…