ssh to remote servers via a proxy server 20 Apr 2017
In some strictly controlled hosts, ssh access is limitted from only a few hosts. For example, Server1 is not allowed to ssh to Server2, while Server0 does not has that limit. If we want to ssh to Server2 from Server1, we will have to use Server0 as a proxy server.
In newer SSH versions, we could use
-Joption as below:
ansible playbook retry a task until success 20 Apr 2017
When writing ansible playbook, there is a scene when a task should be delayed for seconds to run. But you do not know how long it should be. In this case, we want to delay this task for seconds, and retry it for several times.
Here is an example to archive that.
set user password none-interactively in unix 18 Apr 2017
For system administrators, it’s a common task to set user’s password. Often we hope that we could do that without user interaction. In Linux or AIX, typically, we would write a shell script like this:
However, if you were in a HPUX system, you will find neither
passwd --stdinis available. So, how can we set user password in HPUX shell script?
Say we have a file as below, we want to split this file by empty line.
Back to my blog 04 Dec 2016
It has been a really long long time since I wrote a blog last time. I know, it’s probably because of my laziness. But plagiarism by some domestic websites did blow off some of my motivation to write.These days, I figure out I better promote myself and continue blogging, otherwise I’d be out of date.
So I made a decision, from now on, I shall write blog in English. On one hand, I kind of love English. On the other hand, I think that should stop some websites from plagiarizing my blog.
Hope I can stick on, make it a habit. Good luck to me!
ssh相关的selinux安全上下文小记一则 19 Jul 2014
restorecon -R -v .ssh命令恢复其安全上下文后，问题即解决。
记一个rsh报错的解决办法 19 Jul 2014
rsh -l user1 192.168.0.2 "pwd"命令时报错，报错提示“poll: protocol failure in circuit setup”，但是只有在大并发执行的情况下才会发生。
Linux中pam_cracklib.so的minlen和credit参数 11 Jun 2014
Linux中的PAM(Pluggable Authentication Modules)包含很多有用的模块，其中pam_cracklib.so模块可以配置密码长度复杂度的需求。一般需要同时配置/etc/pam.d/目录中的system-auth和password-auth文件，例如下面
ssh端口转发 27 Apr 2014
ssh -X server可以将远程服务器的GUI画面转发到本地，实际上除了转发X协议之外，ssh还可以建立任意的端口转发。
不使用ftp或scp传输文件 30 Mar 2014