ssh-audit is a tool for ssh server auditing. Features SSH1 and SSH2 protocol server support;
grab banner, recognize device or software and operating system, detect compression;
gather key-exchange, host-key, encryption and message authentication code algorithms;
output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc);
output algorithm recommendations (append or remove based on recognized software version);
output security information (related issues, assigned CVE list, etc);
analyze SSH version compatibility based on algorithm information;
Intro Stage two Machines, puffy206 and puffy207 Both Maschines needs static IP Adresses
puffy206 Loopback & Gif doas su - cat << 'EOF' > /etc/hostname.lo1 inet 10.0.0.6/32 up EOF cat << 'EOF' > /etc/hostname.gif0 description "Point2Point Interface for OSPF" mtu 1420 10.10.10.6 10.10.10.7 netmask 255.255.255.255 tunnel 192.168.108.206 192.168.108.207 EOF Enable IPSEC & IP Forwarding cat << 'EOF' >> /etc/sysctl.conf net.inet.ip.forwarding=1 net.inet.gre.allow=1 EOF rcctl enable ipsec isakmpd rcctl set isakmpd flags -K Create Tunnel Endpoint cat << 'EOF' > /etc/ipsec.
Intro Stage a few Machines, puffy206 - 209 puffy206 has got a static ip, while puffy207 - 209 got dynamic ip addresses
Master, puffy206 Loopback doas su - cat << 'EOF' > /etc/hostname.lo1 inet 10.0.0.6/32 up EOF Enable IPSEC & IP Forwarding cat << 'EOF' >> /etc/sysctl.conf net.inet.ip.forwarding=1 net.inet.gre.allow=1 EOF rcctl enable ipsec isakmpd rcctl set isakmpd flags -K Create Tunnel Endpoint cat << 'EOF' > /etc/ipsec.conf ike dynamic esp tunnel from 10.
Running a Promox Cluster with CEPH. Here a few Commands to figure out the Status of CEPH
ceph status ceph osd status pveceph lspools ceph pg dump Manual Backup vzdump 777 --dumpdir /mnt/backup --mode snapshot Manual Restore qmrestore /mnt/backup/vzdump-qemu-777.vma 777 Proxmox Performance Overview Intel Nuc I5, 32GB RAM, 500GB SSD
root@nuc:~# pveperf CPU BOGOMIPS: 36799.44 REGEX/SECOND: 3927398 HD SIZE: 93.99 GB (/dev/mapper/pve-root) BUFFERED READS: 522.34 MB/sec AVERAGE SEEK TIME: 0.11 ms FSYNCS/SECOND: 1588.
How to migrate all Packages Got several Packages installed on Host A and you would like to migrate them to Host B ? That’s easy :)
Extract on Host A pkg_info -mz | tee list ansible-- bash-- ... vnstat-- wget-- scp list HostB:/tmp/ Import on Host B doas pkg_add -l /tmp/list Oneline or you can simple do it in one line, although there are two commands. copy and install
target="host.world"; pkg_info -mz |ssh ${target} "cat > /tmp/list"; ssh ${target} "pkg_add -l /tmp/list" TwoWaySync Assume, you have two Hosts with different Packages installed, and you wanna have all Packages installed on both Hosts.
OpenBSD 6.6 is released today. here is my upgrade procedure:
run sysmerge
reboot
run script:
#!/bin/sh # be nice and verbose e() { echo "\n$1 **" } e "** vars" _mydir=$(pwd) e "** build base urls" _path_base=https://cdn.openbsd.org/pub/OpenBSD/6.6/amd64/ _path_pkg=https://cdn.openbsd.org/pub/OpenBSD/6.6/packages/amd64/ echo "_path_base: ${_path_base}" echo "_path_pkg: ${_path_pkg}" e "** make all devices" cd /dev ./MAKEDEV all || exit 1 e "** cd /tmp" cd /tmp e "** install boot loader" _boot=$(mount |awk -F'[/ ]' '/ on \/ / {print $3}') installboot ${_boot%?
How much Disk is used with Default Partitioning puffy66# df -h Filesystem Size Used Avail Capacity Mounted on /dev/sd0a 1005M 96.1M 858M 10% / /dev/sd0k 9.6G 2.0K 9.1G 0% /home /dev/sd0d 1.8G 12.0K 1.7G 0% /tmp /dev/sd0f 2.5G 955M 1.4G 39% /usr /dev/sd0g 1005M 202M 752M 21% /usr/X11R6 /dev/sd0h 4.2G 218K 3.9G 0% /usr/local /dev/sd0j 5.8G 2.0K 5.5G 0% /usr/obj /dev/sd0i 1.7G 2.0K 1.6G 0% /usr/src /dev/sd0e 2.8G 5.9M 2.7G 0% /var Example with 32 GB puffy66# df -h Filesystem Size Used Avail Capacity Mounted on /dev/sd0a 3.