User Tools

Site Tools


  • miscadmin
  • Jonathan Haack
  • Haack's Networking

A dumping ground for basic gnulinux sysadmin and other miscellaneous notes, or miscadmin for short.

-Text Editors-

Change the default text editor, terminal, web browser, in Debian


Some systems are not kind with exo, so …

xdg-mime default caja.desktop inode/directory application/x-gnome-saved-search

Set caja or other file managers to manage desktop

gsettings set org.gnome.desktop.background show-desktop-icons false
gsettings set org.nemo.desktop show-desktop-icons true


Create the following to make a message of the day that will be appended to the dynamic message of the day.

sudo nano /etc/motd

Is motd printing twice, comment out motd statis in pam setting

#session    optional noupdate
(actually it is the line above this, leave this active)

Print motd with every shell log in …

nano ~/.bashrc

Navigate to the end of the file, and add

cat /etc/motd


To install the latest firefox on Debian and make it default, do the following. The link below may not always work, so replace when updated.

sudo mkdir -p /opt/firefox
sudo chown -R $USER:$USER /opt/firefox
cd ~/Downloads && wget -O FirefoxSetup.tar.bz2 ""
tar xjf FirefoxSetup.tar.bz2 -C /opt/firefox/
sudo mv /usr/lib/firefox-esr/firefox-esr /usr/lib/firefox-esr/firefox-esr_orig
sudo ln -s /opt/firefox/firefox/firefox /usr/lib/firefox-esr/firefox-esr

To restore firefox-esr that comes with Debian.

unlink /usr/lib/firefox-esr/firefox-esr
mv /usr/lib/firefox-esr/firefox-esr_orig /usr/lib/firefox-esr/firefox-esr


sudo curl -L -o /usr/local/bin/youtube-dl
sudo chmod 750 /usr/local/bin/youtube-dl

-optical ripping example-

cdrecord -pad -dao -data blag-140k-i686.iso

-pam hardening location-

sudo nano /etc/pam.d/common-password

Prevent Log in - create file


-old reminders-

remove old and offending keyring from gnome, make new directory for new one

sudo rm -rf ~/.local/share/keyrings
mkdir ~/.local/share/keyrings

start or stop network manager (or other services)

systemctl <start/stop/restart> networkmanager.service
/etc/init.d/network-manager <start/stop/restart>

verify dhcp client working for interface eno1

dhclient -v eno1

add subnet to interface eno1

ip address add 192.1##.1##.2/24 dev eno1

interface tool w/ eno1 example

ethtool eno1  

interface with switch using screen

screen /dev/ttyUSB0/ 19200

calculate subnet automatically


proxying web traffic through remote server

ssh -D <port#> <user>@<>

get block ID of drives


nmap to scan devices on lan

nmap -sP 10.##.##.0/24

find utils example

find . -iname "name" 


ngrok notes; private http(s) tunnels

./ngrok http 80
wget https://[ngrok tunnel]/
cat ~/ >> ~/.ssh/authorized_keys

query hosts on the lan

avahi-browse -tl _workstation._tcp

Debian print system configuration to stdout; use root

cat /proc/cpuinfo && lspci | grep -i vga && uname -a && lsb_release -a
lsb_release -a

Debian repo management

cd /etc/apt
nano sources.lsit
[main contrib non-free]

-sftp basics-

cd ~/Downloads
> put /path/to/file.txt 

-build app from source-

tar -xf <source_filename>

Navigate to the directory that tar unarchived the files to. Then, within that directory, execute:

./configure --prefix=/usr/local

sudo make install clean

-using vi to scrape unnecessary text strings away from openwrt packages that need updating

:1,$s/ .*//

-passing traffic through wifi radio to another interface on host-

sudo su -c "iptables -t nat -A POSTROUTING -o wlp2s0 -j MASQUERADE"
sudo su -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
set a static ip using ip a a x.x.x.x. dev blah
set static on wndr wan

-exim delete all messages and other-

exim -bp <print message ids>
exim -Mrm <message id>
exim -bp | awk '/^ *[0-9]+[mhd]/{print "exim -Mrm " $3}' | bash

use this for local interfaces for ipv6

exim -Mvh

-verifying TLS with swaks on exim4 relay setup

swaks -a -tls -q HELO -s -au test -ap '<>'

-mysql password-

nano /etc/mysql/debian.cnf 
sudo mysql -u debian-sys-maint  

-temporary name servers - how to add some - temporary/permanent syntax below:

echo "nameserver" | sudo tee /etc/resolv.conf > /dev/null
echo "nameserver" | sudo tee /etc/resolvconf/resolv.conf.d/base > /dev/null

-strip desktop environments from GUI system

tasksel --list-tasks
tasksel --task-packages desktop
sudo apt-get purge $(tasksel --task-packages desktop)


sudo apt install deborphan
sudo apt-get remove `deborphan`
for i in `deborphan`; do apt-get --purge remove -y $i; done

-checking ssh logs

cat /var/log/auth.log | grep 'sshd.*Invalid'
cat /var/log/auth.log | grep 'sshd.*opened'

-checking disk space-

du -ch -d 1 | sort -hr

-check disk space with ncurses tool-

sudo apt install ncdu

-stop/start sleep of any form on servers-

sudo systemctl mask
sudo systemctl unmask

-xorg with ssh

touch /root/.Xauthority 
touch /home/user/.Xauthority

-batch convert with ffmpeg to mp4 from mkv

for i in *.mkv; do
ffmpeg -i "$i" -codec copy "${i%.*}.mp4"

-fix badly configured zpool that used short names to by-id names. This command can be entered as-is, and does not need to be adjusted at all for what your specific ids are or for multiple drives. It literally exports the short names and by-ids, unmounts the volumes/pool, then remakes it using the blkid.

zpool export tank 
zpool import -d /dev/disk/by-id tank

monitor ram usage every 3 seconds in human readable way

free -h -w -s 3

postfix to relay, satellite option, enter the relay like this: to prevent lookups


Re-attach to screen session that's attached.

screen -d -r <session#.user>

mysqldump to local from remote

ssh /usr/bin/mysqldump --all-databases --single-transaction --skip-comments --skip-dump-date > hknet.sqldump

Turn off sleep.

sudo systemctl mask

Amd gPU errors fix

mkdir ~/Repositories
cd /home/user/Repositories && git clone
sudo cp /home/user/Repositories/linux-firmware/amdgpu/* /lib/firmware/amdgpu && sudo update-initramfs -k all -u -v

Unattended Upgrades

sudo apt install unattended-upgrades
sudo apt install apt-config-auto-update
sudo unattended-upgrades --dry-run --debug
sudo systemctl status unattended-upgrades

Next … ssh failed attempts

grep "Failed password" /var/log/auth.log
journalctl _SYSTEMD_UNIT=ssh.service | egrep "Failed|Failure"
faillock --user <user>
grep "authentication failure" /var/log/auth.log | awk '{ print $14 }' | cut -b7-  | sort | uniq -c

Display Managers (Lightdm, etc.)

sudo nano /etc/lightdm/lightdm-gtk-greeter.conf
nano ~/.config/gtk-3.0/settings.ini
sudo nano /etc/lightdm/lightdm.conf
cd /usr/share/lightdm/light.conf.d/

Setting ufw to allow connections to only certain subnets.

ufw allow from to any proto tcp port 8006
ufw allow from to any proto tcp port 8006
ufw allow from to any proto tcp port 22
ufw allow from to any proto tcp port 22
ufw allow from to any proto tcp port 80
ufw allow from to any proto tcp port 80
ufw allow from to any proto tcp port 443
ufw allow from to any proto tcp port 443

Establish NIC name using mac:ID

nano /etc/udev/rules.d/70-persistent-net.rules

Establish Nemo as default, remove desktop icons, verify nemo default

xdg-mime default nemo.desktop inode/directory application/x-gnome-saved-search
gsettings set org.gnome.desktop.background show-desktop-icons false
xdg-mime query default inode/directory

Sury php

sudo apt install -y apt-transport-https lsb-release ca-certificates wget
wget -O /etc/apt/trusted.gpg.d/php.gpg
echo "deb $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/php.list 

Static ipv6 in ifupdown

iface enp0s3 inet6 static
  address 2001:db8:1000::1
  netmask 64
  gateway 2001:db8:1000::1
  autoconf 0
  dns-nameservers 2001:4860:4860::8888 2001:4860:4860::8844

oemb1905 2024/05/17 01:24

computing/miscadmin.txt · Last modified: 2024/05/17 02:19 by oemb1905