• ssh to remote servers via a proxy server 20 Apr 2017

    In some strictly controlled hosts, ssh access is limitted from only a few hosts. For example, Server1 is not allowed to ssh to Server2, while Server0 does not has that limit. If we want to ssh to Server2 from Server1, we will have to use Server0 as a proxy server.

    In newer SSH versions, we could use -J option as below:


  • ansible playbook retry a task until success 20 Apr 2017

    When writing ansible playbook, there is a scene when a task should be delayed for seconds to run. But you do not know how long it should be. In this case, we want to delay this task for seconds, and retry it for several times.

    Here is an example to archive that.


  • set user password none-interactively in unix 18 Apr 2017

    For system administrators, it’s a common task to set user’s password. Often we hope that we could do that without user interaction. In Linux or AIX, typically, we would write a shell script like this:

    $ echo 'username:password' | chpasswd 
    $ echo 'password' | passwd --stdin username

    However, if you were in a HPUX system, you will find neither chpasswd nor passwd --stdin is available. So, how can we set user password in HPUX shell script?


  • Split a text file by empty line or string pattern 16 Feb 2017

    Say we have a file as below, we want to split this file by empty line.

    $ cat infile.txt
    hello world
    quick fox
    hello again


  • Back to my blog 04 Dec 2016

    It has been a really long long time since I wrote a blog last time. I know, it’s probably because of my laziness. But plagiarism by some domestic websites did blow off some of my motivation to write.These days, I figure out I better promote myself and continue blogging, otherwise I’d be out of date.

    So I made a decision, from now on, I shall write blog in English. On one hand, I kind of love English. On the other hand, I think that should stop some websites from plagiarizing my blog.

    Hope I can stick on, make it a habit. Good luck to me!


  • ssh相关的selinux安全上下文小记一则 19 Jul 2014


    继续追查selinux的具体原因,一开始以为是selinux布尔值的原因,尝试后无果;后来发现是安全上下文的问题,是家目录下的.ssh目录及其文件的安全上下文不对,执行restorecon -R -v .ssh命令恢复其安全上下文后,问题即解决。


  • 记一个rsh报错的解决办法 19 Jul 2014

    问题现象:执行到rsh -l user1 "pwd"命令时报错,报错提示“poll: protocol failure in circuit setup”,但是只有在大并发执行的情况下才会发生。



  • Linux中pam_cracklib.so的minlen和credit参数 11 Jun 2014

    Linux中的PAM(Pluggable Authentication Modules)包含很多有用的模块,其中pam_cracklib.so模块可以配置密码长度复杂度的需求。一般需要同时配置/etc/pam.d/目录中的system-auth和password-auth文件,例如下面


  • ssh端口转发 27 Apr 2014

    我们知道ssh -X server可以将远程服务器的GUI画面转发到本地,实际上除了转发X协议之外,ssh还可以建立任意的端口转发。


  • 不使用ftp或scp传输文件 30 Mar 2014