Quickest Way: Using STDIN and Pipe to Copy SSH Public Key to Server

Tags: July 27, 2016 8:13 PM
0 comments

Goal

Copy SSH public key to another machine without using external tools such as ssh-copy-id - Only pure shell built-in or at least standard commands.

Solution

The solution is using shell STDIN and PIPE it to ssh.

$ cat ~/.ssh/id_rsa.pub | ssh [email protected] 'cat >> .ssh/authorized_keys -'
The quote for the ssh arguments is important because without it the redirection will goes to your local machine instead of remote machine. The "-" at the last of cat command on the remote indicate it reads the input from STDIN.

Reference

Share on Facebook Twitter

Expose Port Inside Running Container on Docker Toolbox for Mac

Tags: July 20, 2016 11:05 PM
0 comments

Problem

Docker only allows to define port that need to be exposed when doing container creation. When the container already running and new port need to be exposed, you're out of luck.

Goal

You want to expose new port which run by application inside a running container, so you can hit the docker-vm-ip:port to access the port on Mac OS X.

Assumptions

  • IP of Boot2Docker VM (Which run by Virtualbox) is 192.168.99.100
  • IP of the docker container running the application is 172.17.0.2
  • The application listen on address 0.0.0.0 and port 80

Share on Facebook Twitter

How to Create Root Certificate Authority (CA) and Self Signed Certificate

Tags: June 18, 2016 9:47 AM
0 comments

Goal

Make client application such as web browser to trust our self signed certificate, so we can use any custom domain in development or internal network.

Generate Root CA

The first is to generate private key for our Certificate Authority (CA). Command below will generate RSA based private key 2048 bits key size.

$ mkdir self-root-ca && cd self-root-ca
$ openssl genrsa -out myRootCA.key
Generating RSA private key, 2048 bit long modulus
.................+++
................+++
e is 65537 (0x10001)
$ chmod 0600 myRootCA.key

Command above will produce a file called myRootCA.key. The chmod command will make sure that only super user and the creator of the key able to read the file.

Share on Facebook Twitter

Custom Solution for Managing ssh-agent without Gnome Keyring

Tags: June 14, 2016 8:08 PM
0 comments

Goal

How to enter ssh private key password only once without having managed by Gnome Keyring. The ssh agent should remain detected every time new terminal spawned or even on tty console CTRL+ALT+F1 and so on.

Solutions

We will utilize ssh-add, ssh-agent and little bit shell script commands for achieving the goal.

Step 1

First start the authentication agent and redirect the result to a file so can gather the agent information later.
$ ssh-agent -s > /tmp/my-ssh-agent.sh
Execute the file so we have the correct environment variables needed by ssh-add.

Share on Facebook Twitter

Stop Gnome Keyring for Managing ssh-agent on Xubuntu

Tags: 6:35 PM
0 comments

Goal

Stop Gnome keyring for managing ssh-agent on Ubuntu so you can use the original OpenSSH ssh-agent implementation.

Quick Solution

The solution is quite easy because Gnome Keyring daemon provide a way to replace the existing session.
$ gnome-keyring-daemon --replace --daemonize --components=pkcs11,secrets,gpg
Command above will replace the existing Gnome Keyring daemon but it removes the ability to manage the ssh agent. You can execute command below to make sure Gnome keyring does not manage the ssh agent anymore.

Share on Facebook Twitter

Starting Ngrok Automatically at Boot Using Upstart

Tags: May 19, 2016 6:41 PM
0 comments

Goal

Expose SSH of the local machine to the internet using service provided by ngrok.com.

Steps

First thing first create an account at ngrok.com so we can get the Auth Token and also can monitor the tunnel created and know the address of the tunnel. Next is create a configurion file under ~/.ngrok2/ngrok.yml to store the token. You can get this token on your Ngrok dashboard.

$ cat > ~/.ngrok2/ngrok.yml
authtoken: YOUR_NGROK_TOKEN
Then create new file called ngrok.conf in /etc/init. Assuming the location of the ngrok binary is on /opt/ngrok/ngrok.

Share on Facebook Twitter

Simplify Multi-Hop SSH Connection Using Config

Tags: April 29, 2016 8:15 PM
0 comments

Goal

Using SSH config to simplify connecting to another host from a host a.k.a multi-hop connection. Diagram for the connection:
+---------------+
| Local Machine |
| 192.168.0.5   |
+---------------+
      |
      | SSH 
       \
       \/
+-------------------------------------+
| Host Machine 192.168.0.10           |
|           /          \              |
|          / -- SSH --  \             |
|  +--------------+  +-------------+  |
|  | Docker 1     |  | Docker 2    |  |
|  | 172.17.0.1   |  | 172.17.0.2  |  |
|  +--------------+  +-------------+  |
|                                     |
+-------------------------------------+

Share on Facebook Twitter