scripts/README.md

Scripts

• Configure SSH connection helper (remote pc not server)
• Docker commands
• Remove every user R packages
• Setup Git SSH key
• Font ligature test
• QEMU cheat sheet
• Share internet between two Linux interfaces using connman
  • IP Host (eth1 has internet, eth0 is remote)
  • IP Remote
• Remove DRM from Adobe Digital Editions
  • Prerequisites
  • Setting up Calibre
  • Getting the DRM-free PDF
• Loop devices
• Install img.xz
• Raise Linux open files limits
• Verify a PGP Signature
  • Self-signed OpenSSL
    • interactive
    • non-interactive and 10 years expiration
• Bind to port 80 or 443

Configure SSH connection helper (remote pc not server)

In the file ~/.ssh/config

Host \$HOST_NAME
	HostName \$SERVER_IP
	Port \$SSH_PORT
	User \$USER_NAME
	IdentityFile ~/.ssh/\$SSH_KEY_NAME

Now you can just connect using ssh $HOST_NAME

Docker commands

# Remove every images
docker images --format='{{.ID}}' | xargs docker rmi
# Remove every containers
docker ps -a --format='{{.ID}}' | xargs docker stop | xargs docker rm
# Remove every volumes
docker volume ls --format='{{.Name}}' | xargs docker volume rm
# Remove every anonymous images (cached)
docker images --format='{{.Repository}};{{.Tag}};{{.ID}}' | grep '<none>;<none>' | cut -d ';' -f 3 | xargs docker rmi
# Get all used images tag in dir $PATH_ANALYSE
find $PATH_ANALYSE -name 'Dockerfile*' | while read file; do cat $file; echo ''; done | grep -e FROM | cut -d ' ' -f 2 | sed $'s/[^[:print:]\t]//g' | sort -u | xargs -n1 docker pull
# Calculate total docker images size
docker images --format {{.ID}} | xargs -n1 docker inspect | jq '.[0]["Size"]' | paste -sd + | bc | format_bytes_str

Remove every user R packages

my_packages = as.data.frame(installed.packages()[, c(1, 3:4)])
my_packages = my_packages[my_packages$Priority != 'base',]
for(lib in .libPaths()) lapply(my_packages$Package, remove.packages, lib = lib)

Setup Git SSH key

# Generate a SSH key pair
ssh-keygen -t rsa -b 4096 -o -a 100 -C 'email@example.com' -f ~/.ssh/$KEY_NAME
ssh-keygen -t ed25519 -a 100 -C 'email@example.com' -f ~/.ssh/$KEY_NAME
# Copy the public key to clipboard
cat ~/.ssh/$KEY_NAME.pub | xclip
# Paste the contents into a new SSH key holder in https://github.com/settings/keys
# Test if the key is working
ssh -T git@github.com
# Set the remote stream of a git repo
git remote set-url origin git@github.com:username/your-repository.git
# Add key to SSH config file (~/.ssh/config)
echo -e "\n\nHost github.com\n\tIdentityFile ~/.ssh/$KEY_NAME" >> ~/.ssh/config
cat KEY_FILE | ssh REMOTE 'cat >> ~/.ssh/authorized_keys'

Font ligature test

-> --> => ?. == ===
... >>- >=
!= ~> := .= // /* */
/= ~= WWW 0xFF <>
&& || >-> =>> |>
<!-- -->

QEMU cheat sheet

# Creating the disk image
qemu-img create -f qcow2 DISK_NAME.img 15G

# Starting the VM
qemu-system-x86_64 $DISK_NAME.img \
	-cdrom $CDROM_NAME.iso \
	-m $RAM_SIZE \
	-smp $NB_CORES \
	-name $VM_NAME &

Share internet between two Linux interfaces using connman

IP Host (eth1 has internet, eth0 is remote)

# Enable kernel port forwarding
sysctl -w net.ipv4.ip_forward=1
# Enable at reboot
echo net.ipv4.ip_forward=1 >> /etc/sysctl.conf
# See interfaces
ip a
# Configuration of interfaces
connmanctl
services <ethX>
config <eth0> --ipv4 manual 192.168.137.1 255.255.255.0 192.168.137.1
config <eth1> --nameservers <DNS-SERVER>
# Configure packets redirections
iptables -I INPUT -s 192.168.137.2/30 -j ACCEPT
iptables -I FORWARD -o eth0 -s 192.168.137.2/30 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

IP Remote

connmanctl
config <eth0> --ipv4 manual 192.168.137.2 255.255.255.0 192.168.137.1 --nameservers <DNS-SERVER>

Remove DRM from Adobe Digital Editions

Prerequisites

On Windows, you must have Adobe Digital Editions and Calibre using Chocolatey

choco install -y adobedigitaleditions calibre

Setting up Calibre

• Download the DeDRM plugin on GitHub.
• Extract the plugin archive
• Install the plugin in Calibre → Preferences → Plugins → Add from file

Getting the DRM-free PDF

• Open the PDF using Adobe Digital Editions
• Navigate to C:/Users/<USER>/My\ Digital\ Editions
• Add the PDF to calibre
• The DRM free PDF is available at C:/Users/<USER>/Calibre\ Library

Loop devices

# Create loop device to $BLOCK_PATH of 4G
dd if=/dev/zero of=$BLOCK_PATH bs=1M count=4096
# Create loop filesystem
losetup -f $BLOCK_PATH
# Check if the loop was created and get LOOP_ID
losetup -a
mkfs.ext4 /dev/loop$LOOP_ID
mount /dev/loop$LOOP_ID $MOUNT_POINT
# Detach and remove loop file
umount $MOUNT_POINT
losetup -d /dev/loop$LOOP_ID
rm $BLOCK_PATH

Install img.xz

xzcat $IMG_FILE | dd of=/dev/$DEVICE bs=64k oflag=dsync status=progress

Raise Linux open files limits

In the file /etc/security/limits.conf add this :

*       soft    nofile    64000
*       hard    nofile    64000
root    soft    nofile    64000
root    hard    nofile    64000

Verify a PGP Signature

mkdir /home/$USER/.XDG/data/gnupg
chmod 700 /home/$USER/.XDG/data/gnupg
gpg --import $PUBLIC_KEY
chmod 600 /home/$USER/.XDG/data/gnupg/$PUBLIC_KEY
gpg --verify $SIGNATURE.sig $FILE

Self-signed OpenSSL

interactive

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365

non-interactive and 10 years expiration

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650 -nodes -subj '/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=CommonNameOrHostname'

Bind to port 80 or 443

Is there a way for non-root processes to bind to "privileged" ports on Linux?

Allow non-root process to bind to port 80 and 443?