sshpass
Problem:
Once again, portforwarding port 3141 on one vagrant box, to point to a local devpi-server running on another vagrant box has gotten tiring. I need to be able have this functionality on any vagrant box I provision.
Solution:
Moved the command to a script. This may not be a secure way of doing this, but it suffices for now as this is only for local development work. This is not intended for work on remote production or staging servers.
1. Install sshpass
$ sudo apt-get install sshpass
2. Put the command in a script file (port3141.sh).
#!/bin/bash cd /home/vagrant export SSHPASS="vagrant" sshpass -e ssh -L 3141:192.168.1.2:3141 -o LogLevel=Error -o StrictHostKeyChecking=no vagrant@192.168.1.2
3. Make it executable
$ chmod +x port3141.sh
4. Now everytime I need to port forward I simply open up a separate tmux window and run the script.
Note:
Only changing StrictHostKeyChecking because of my frequency of using a new box. Change with caution.
StrictHostKeyChecking
If this flag is set to “yes”, ssh(1) will never automatically add host keys to the ~/.ssh/known_hosts file, and refuses to connect to hosts whose host key has changed. This pro‐
vides maximum protection against trojan horse attacks, though it can be annoying when the /etc/ssh/ssh_known_hosts file is poorly maintained or when connections to new hosts are
frequently made. This option forces the user to manually add all new hosts. If this flag is set to “no”, ssh will automatically add new host keys to the user known hosts files.
If this flag is set to “ask”, new host keys will be added to the user known host files only after the user has confirmed that is what they really want to do, and ssh will refuse to
connect to hosts whose host key has changed. The host keys of known hosts will be verified automatically in all cases. The argument must be “yes”, “no”, or “ask”. The default is
“ask”.
Installing tmux 2.2
Problem:
How to install tmux 2.2 from source. (I am installing this on a vagrant box running Ubuntu 14.0).
Solution:
The read me works. Installing from the git version did not work for me.
1. Check the current version of tmux if installed. Remove it.
$ tmux -V 1.8 $ sudo apt-get remove tmux
2. Install the dependencies.
$ sudo apt-get install libevent-dev $ sudo apt-get install ncurses-dev
3. Download and install tmux
$ cd ~ $ wget https://github.com/tmux/tmux/releases/download/2.2/tmux-2.2.tar.gz $ tar -zxf tmux-2.2.tar.gz $ cd tmux-2.2 $ ./configure && make
4. Create a symlink to new version of tmux
$ sudo ln -s /home/vagrant/tmux-2.2/tmux /usr/local/bin/tmux
5. Confirm that you now have the new version of tmux.
$ tmux -V 2.2
Alternatively:
You could use this script. (I have not tried it for 2.2 but I am guessing that it would work)
https://github.com/kaosf/ubuntu-setup/blob/master/tmux-setup.sh
Update – 2017-06-02
To get the latest version of tmux from github
apt-get install the following
libevent-dev ncurses-dev automake autoconf pkg-config
$ git clone https://github.com/tmux/tmux.git $ cd tmux $ sh autogen.sh $ ./configure && make
As root
root> make install
$ tmux -V 2.5
TypeError: initialize() got an unexpected keyword argument ‘validate_cert’
Problem:
I was getting the following error, when running an applications’ tests. The application itself was running without an issue, it uses tornado. The tests on the other hand were failing with the following error.
TypeError: initialize() got an unexpected keyword argument 'validate_cert'
Solution:
I have no idea as to why but changing the code to use defaults=dict(… worked.
class AsyncHTTPSTestCase(AsyncHTTPTestCase): """A test case that starts an HTTPS server. Interface is generally the same as `AsyncHTTPTestCase`. """ def get_http_client(self): return AsyncHTTPClient(io_loop=self.io_loop, force_instance=True, defaults=dict(validate_cert=False))
Source:
http://www.tornadoweb.org/en/stable/_modules/tornado/testing.html
tmux – Notes
I started using tmux. It is genuinely easier to use than screen. I have used screen for a while, but I never bothered to learn more commands. I would not consider myself a screen power user so maybe that is why I prefer using tmux.
Basic commands for tmux
1. Creating named sessions
$ tmux new-session -s <name_of_session>
OR
$ tmux new -s <name_of_session>
2. To view sessions
$ tmux list-sessions
OR
$ tmux ls
3. To attach to a session
$ tmux attach -t <name_of_session>
4. To detach from a session
$ Cntrl-b d
5. To kill/destroy a session
$ tmux kill-session -t <name_of_session>
6. Working with Windows
$ tmux new -s <name_of_session> -n <name_of_window> Cntrl-b c # Create a new window. Cntrl-b , # Rename window. It defaults to whatever is running on the window. Cntrl-b n # Move to the next window. Cntrl-b p # Move to the previous window. Cntrl-b F # Find window if named, else they are numbered. Cntrl-b w # Display visual menu of the windows. Cntrl-b [0-9] # Can move to a particular window by typing the number eg Cntrl-b 1; Cntrl-b 2; etc. Cnrtl-b x # Closes the current pane or window after prompting for confirmation. Cntrl-b <space> # Cycles through the various panes layout. Cntrl-b z # With -Z, the active pane is toggled between zoomed (occupying the whole of the window) and unzoomed (its normal position in the layout).
[Updated 2017-04-26]
7. Copy mode
$ Cntrl-b [ # Enter copy mode Highlight the text to be copied. Use arrow keys or mouse if possible. $ Cntrl-b ] # Paste the contents of the buffer $ Cntrl-b = # View buffer. Press enter to select item in buffer.
My current tmux config
# set shell set -g default-shell /usr/bin/zsh # UTF is great, let us use that set -g utf8 set-window-option -g utf8 on # Tmux should be pretty, we need 256 color for that set -g default-terminal "screen-256color" # Tmux uses a 'control key', let's set it to 'Ctrl-a' # Reason: 'Ctrl-a' is easier to reach than 'Ctrl-b' set -g prefix C-a unbind C-b # Ctrl-a Ctrl-a to send an actual Ctrl-a character to the terminal bind-key C-a send-prefix # command delay? We don't want that, make it short set -sg escape-time 1 # Set the numbering of windows to go from 1 instead # of 0 - silly programmers 😐 set-option -g base-index 1 setw -g pane-base-index 1 # Allow us to reload our Tmux configuration while # using Tmux bind r source-file ~/.tmux.conf \; display "Reloaded!" # Getting interesting now, we use the vertical and horizontal # symbols to split the screen bind | split-window -h bind - split-window -v # hjkl pane traversal bind h select-pane -L bind j select-pane -D bind k select-pane -U bind l select-pane -R
Source:
tmux: Productive Mouse-Free Development 1st Editionby Brian P. Hogan (Author)
http://tmuxp.readthedocs.io/en/latest/about_tmux.html
Ansible – Interactive scripts
Problem:
Working with interactive scripts in Ansible 2. I need to change the shell from bash to zsh. Using the command chsh -s /usr/bin/zsh will prompt the user for their password. I am running this command on a vagrant box.
Solution:
Use expect.
This is what I added to my existing ansible script.
– name: “Install python pip”
become_user: root
apt: name=python-pip state=present# expect needs pexpect to work.
– pip: name=pexpect version=3.3
become_user: root– expect:
command: chsh -s /usr/bin/zsh
responses:
Password: vagrant
Source:
http://docs.ansible.com/ansible/expect_module.html
http://docs.ansible.com/ansible/pip_module.html
cURL to access Https server
Problem:
You need to access a https server using curl.
Solution:
Use –cert and –key options in curl. As per the man.
…
-E, –cert
(SSL) Tells curl to use the specified client certificate file when getting a file
with HTTPS, FTPS or another SSL-based protocol. The certificate must be in
PKCS#12 format if using Secure Transport, or PEM format if using any other
engine. If the optional password isn’t specified, it will be queried for on the
terminal. Note that this option assumes a “certificate” file that is the private
key and the private certificate concatenated! See –cert and –key to specify
them independently.
…skipping…
–key
(SSL/SSH) Private key file name. Allows you to provide your private key in this
separate file.If this option is used several times, the last one will be used.
-k, –insecure
(SSL) This option explicitly allows curl to perform “insecure” SSL connections
and transfers. All SSL connections are attempted to be made secure by using the
CA certificate bundle installed by default. This makes all connections considered
“insecure” fail unless -k, –insecure is used.See this online resource for further details:
http://curl.haxx.se/docs/sslcerts.html
Examples:
# This attempt fails. $ curl https://server.example.com <html> <head><title>400 No required SSL certificate was sent</title></head> <body bgcolor="white"> <center><h1>400 Bad Request</h1></center> <center>No required SSL certificate was sent</center> <hr><center>nginx/1.4.6 (Ubuntu)</center> </body> </html>
# This attempt to bypass fails. $ curl --insecure https://server.example.com <html> <head><title>400 No required SSL certificate was sent</title></head> <body bgcolor="white"> <center><h1>400 Bad Request</h1></center> <center>No required SSL certificate was sent</center> <hr><center>nginx/1.4.6 (Ubuntu)</center> </body> </html>
# This works. $ curl --cert /path/to/certifcate/client.crt --key /path/to/key/client.key https://server.example.com <html> <head> <title>Server Example</title> </head> <frameset rows="60,*" frameborder="1" border="1"> <frame src="/browser/header/" name="Header" id='header' scrolling="no" noresize="true" /> <frame src="/composer/?" name="content" id="composerFrame"/> </frameset> </html>
Impatient R — thoughts…
This is a tutorial (previously known as “Some hints for the R beginner”) for beginning to learn the R programming language. It is a tree of pages — move through the pages in whatever way best suits your style of learning. You are probably impatient to learn R — most people are. That’s fine. But […]