April 19

Linux: Disable SSH connection timeout

You need to set the Client and the Server to stop the automatic timeout of SSH non active connections.

Client:
/etc/ssh/ssh_config

Add the following to the bottom of the file:
# Client keep alive
ServerAliveInterval 60

Server:
/etc/ssh/sshd_config

Add the following to the bottom of the file:
# Server Keep Alive
ClientAliveInterval 120
TCPKeepAlive yes
ClientAliveCountMax 720

systemctl restart sshd

Note:
120 X 720 = 86400 seconds or 24 hours

Category: Linux | Comments Off on Linux: Disable SSH connection timeout
April 18

Linux: After changing ulimit settings the proc limits do not match

When changing the ulimit settings in /etc/security/limits.conf or in /etc/security/limits.d/filename for a specific user, you will only see the correct change in /proc/[pid]/limits if you are looking as the user the limit was set for. Looking at this setting in /proc as root or su will display the settings for root not the user you set within the file.

The command:
ulimit -a username
is the best way to tell if the limits config file change is active.

Category: Linux | Comments Off on Linux: After changing ulimit settings the proc limits do not match
March 25

Linux: Using ssh to run a script on multiple servers

To start, it will be more convenient if you have ssh keys setup on the servers. Otherwise you will be entering a password for each server you need to connect to.


To break this out create three files:
1. iplist.txt
2. checkservers
3. serverscript

* If your command is small enough you do not need to have a seperate serverscript file.  I find it easier to put more complex scripts in their own file which is what the following example reflects.

Add your server IPs to iplist.txt:
192.168.1.10
192.168.1.22
192.168.1.45
192.168.1.100

Add you loop connection syntax in checkservers:
#!/bin/bash
for server in $(cat iplist.txt); do

ssh username@$server -i usernameprivatekeyfile 'bash -s'  < serverscript  >> server-results.txt

done

Add your script to serverscript:
#!/bin/bash

sudo -i

hostname

your
script
here

Final steps:
chmod 744 checkservers
chmod 744 serverscript

Finally run ./checkservers

Category: Linux | Comments Off on Linux: Using ssh to run a script on multiple servers
March 23

Linux: reverse ssh simplified

If you are tired of reading long blog posts of using reverse ssh you came to the right place.

Scenario:
You want to connect from your workstation to a server.
Both are on their own networks and are behind NAT.

Target: Server behind firewall
Jump: Server on the internet that you have control of the firewall
Source: Your Workstation behind firewall

Steps (Target connects to Jump, Source connects to Jump, From Jump you connect to Target):

  1. Target:
    ssh -fN -R 45000:localhost:22 username@Jumpserverip
  2. Source:
    ssh username@jumpserverip
  3. Jump:
    ssh useronTarget@localhost -p 45000

Category: Linux | Comments Off on Linux: reverse ssh simplified