Benutzer-Werkzeuge

Webseiten-Werkzeuge


commands-general-tools

Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

Beide Seiten der vorigen Revision Vorhergehende Überarbeitung
Nächste Überarbeitung
Vorhergehende Überarbeitung
commands-general-tools [2018/05/05 01:21]
alex [OpenSSL] show details of a certificate signing request
commands-general-tools [2020/07/11 11:22] (aktuell)
alex [Conversion Stuff] add rounded corners to an image (for app icon with rounded corners in the style of iPhone‘s SpringBoard)
Zeile 33: Zeile 33:
 clang++ -dM -E -x c /dev/null clang++ -dM -E -x c /dev/null
 </code> </code>
 +
 ==== OpenSSL ==== ==== OpenSSL ====
  
Zeile 42: Zeile 43:
 openssl x509 -inform der -in cert-file.cer -text -noout -fingerprint openssl x509 -inform der -in cert-file.cer -text -noout -fingerprint
 </code> </code>
-[[https://wiki.openssl.org/index.php/Manual:X509(1)|man x509]]+[[https://www.openssl.org/docs/manmaster/man1/x509.html|man x509]]
  
 === show details for a private key file === === show details for a private key file ===
Zeile 48: Zeile 49:
 openssl rsa -in privkey.pem -text -noout openssl rsa -in privkey.pem -text -noout
 </code> </code>
-[[https://wiki.openssl.org/index.php/Manual:Rsa(1)|man rsa]]+[[https://www.openssl.org/docs/manmaster/man1/rsa.html|man rsa]]
  
 === show details of a certificate signing request === === show details of a certificate signing request ===
Zeile 61: Zeile 62:
 openssl pkcs12 -in yourP12File.pfx -nocerts -out privateKey.pem openssl pkcs12 -in yourP12File.pfx -nocerts -out privateKey.pem
 </code> </code>
-[[https://wiki.openssl.org/index.php/Manual:Pkcs12(1)|man pkcs12]]+[[https://www.openssl.org/docs/manmaster/man1/pkcs12.html|man pkcs12]]
  
 === create a self-signed certificate === === create a self-signed certificate ===
Zeile 68: Zeile 69:
 openssl req -new -x509 -key privKey.pem -out cert.pem openssl req -new -x509 -key privKey.pem -out cert.pem
 </code> </code>
-[[https://wiki.openssl.org/index.php/Manual:Genrsa(1)|man genrsa]] [[https://wiki.openssl.org/index.php/Manual:Req(1)|man req]]+[[https://www.openssl.org/docs/manmaster/man1/genrsa.html|man genrsa]] [[https://www.openssl.org/docs/manmaster/man1/req.html|man req]]
  
 === AES-256-CBC benchmark === === AES-256-CBC benchmark ===
 <code bash> <code bash>
-software +## with AES-NI (if available)
-openssl speed aes-256-cbc +
-hardware (AES-NI)+
 openssl speed -evp aes-256-cbc openssl speed -evp aes-256-cbc
-# multithread and hardware+## without AES-NI 
 +OPENSSL_ia32cap="~0x200000200000000" openssl speed -evp aes-256-cbc 
 +## multithread
 openssl speed -multi 2 -evp aes-256-cbc openssl speed -multi 2 -evp aes-256-cbc
 </code> </code>
-[[https://wiki.openssl.org/index.php/Manual:Speed(1)|man speed]]+[[https://www.openssl.org/docs/manmaster/man1/speed.html|man speed]] 
 + 
 +=== parse a file's ASN.1 content === 
 +<code bash> 
 +openssl asn1parse -in someCertOrKeyOrOther.pem 
 +</code> 
 +[[https://www.openssl.org/docs/manmaster/man1/asn1parse.html|man asn1parse]] 
 ==== Network Stuff ==== ==== Network Stuff ====
  
Zeile 88: Zeile 96:
 curl test.schrimpe.de -x 127.0.0.1:3128 | w3m -dump -T text/html curl test.schrimpe.de -x 127.0.0.1:3128 | w3m -dump -T text/html
 </code> </code>
-[[https://www.freebsd.org/cgi/man.cgi?query=curl|man curl]]+[[https://www.freebsd.org/cgi/man.cgi?query=curl&sektion=1|curl(1)]]
  
 === measure duration of HTTP request === === measure duration of HTTP request ===
Zeile 94: Zeile 102:
 curl https://test.schrimpe.de/ -w %{time_connect}:%{time_starttransfer}:%{time_total} curl https://test.schrimpe.de/ -w %{time_connect}:%{time_starttransfer}:%{time_total}
 </code> </code>
-[[https://www.freebsd.org/cgi/man.cgi?query=curl|man curl]]+[[https://www.freebsd.org/cgi/man.cgi?query=curl&sektion=1|curl(1)]]
  
 === check whether a TCP connection can be established with a three second timeout === === check whether a TCP connection can be established with a three second timeout ===
Zeile 100: Zeile 108:
 nc -w3 -z 192.168.0.1 80 ## return code zero on success nc -w3 -z 192.168.0.1 80 ## return code zero on success
 </code> </code>
-[[https://www.freebsd.org/cgi/man.cgi?query=nc|man nc]]+[[https://www.freebsd.org/cgi/man.cgi?query=nc&sektion=1|nc(1)]]
  
 === mDNS query === === mDNS query ===
Zeile 106: Zeile 114:
 dig somehostname.local @224.0.0.251 -p 5353 dig somehostname.local @224.0.0.251 -p 5353
 </code> </code>
-[[https://www.freebsd.org/cgi/man.cgi?query=dig|man dig]]+[[https://www.freebsd.org/cgi/man.cgi?query=dig&sektion=1|dig(1)]]
  
 === verify DNSSEC chain of a domain === === verify DNSSEC chain of a domain ===
 <code bash> <code bash>
-## obtain the root keys first+## if you don't have the root keys yet, obtain them first 
 +unbound-anchor -a /usr/local/etc/unbound/root.key 
 +## if the root key file is at the standard path of your unbound/ldns installation, the "-k" option can be omitted
 drill -S -k /usr/local/etc/unbound/root.key kuehrmann.de drill -S -k /usr/local/etc/unbound/root.key kuehrmann.de
-## if your resolver does not support DNSSEC use e.g. Quad9 +## if your resolver does not support DNSSECuse a public one, e.g. Hurricane Electric 
-drill -S -k /usr/local/etc/unbound/root.key kuehrmann.de @9.9.9.9+drill -S -k /usr/local/etc/unbound/root.key kuehrmann.de @74.82.42.42
 </code> </code>
 +[[https://www.freebsd.org/cgi/man.cgi?query=drill&sektion=1|drill(1)]] [[https://www.freebsd.org/cgi/man.cgi?query=unbound-anchor&sektion=8|unbound-anchor(8)]]
  
 === check whether your DNS resolver discards invalid DNSSEC domains === === check whether your DNS resolver discards invalid DNSSEC domains ===
Zeile 120: Zeile 131:
 dig www.dnssec-failed.org dig www.dnssec-failed.org
 </code> </code>
 +[[https://www.freebsd.org/cgi/man.cgi?query=dig&sektion=1|dig(1)]]
 +
 +=== check whether your DNS resolver uses QNAME minimisation ===
 +<code bash>
 +dig txt qnamemintest.internet.nl +short
 +</code>
 +[[https://www.freebsd.org/cgi/man.cgi?query=dig&sektion=1|dig(1)]]
  
 === scan all TCP ports of a host === === scan all TCP ports of a host ===
Zeile 125: Zeile 143:
 nmap -p- somehost.example.com nmap -p- somehost.example.com
 </code> </code>
-[[https://www.freebsd.org/cgi/man.cgi?query=nmap|man nmap]]+[[https://www.freebsd.org/cgi/man.cgi?query=nmap&sektion=1|nmap(1)]] 
 + 
 +=== reverse DNS lookup of an IP subnet === 
 +<code bash> 
 +nmap -R -sL 198.51.100.96/27 
 +nmap -R -sL -6 2001:db8::43a1:89d0/124 
 +</code> 
 +[[https://www.freebsd.org/cgi/man.cgi?query=nmap&sektion=1|nmap(1)]] 
 + 
 +=== scan for responding hosts in an IP subnet === 
 +<code bash> 
 +## probe TCP connect on Port 80 with five attempts for each host 
 +nping 198.51.100.96/27 
 +## probe ICMP with five attempts for each host 
 +nping --icmp 198.51.100.96/27 
 +## probe ICMP with one attempt for each host and 200ms between requests (and decrease verbosity) 
 +nping -q --count 1 --delay 200ms --icmp 198.51.100.96/27 
 +</code> 
 +[[https://www.freebsd.org/cgi/man.cgi?query=nping&sektion=1|nping(1)]]
 ==== File Stuff ==== ==== File Stuff ====
  
 === count lines of a certain file type recursively (e.g. C++ source files) === === count lines of a certain file type recursively (e.g. C++ source files) ===
 <code bash> <code bash>
-find -name "*.cpp" -print0 | xargs -0 wc -l+find /your/dir -name "*.cpp" -print0 | xargs -0 wc -l 
 +</code> 
 +[[https://www.freebsd.org/cgi/man.cgi?query=find&sektion=1|find(1)]] [[https://www.freebsd.org/cgi/man.cgi?query=xargs&sektion=1|xargs(1)]] 
 + 
 +=== check recursively for broken symlinks === 
 +<code bash> 
 +find /your/dir -type l ! -exec test -e {} \; -print 
 +</code> 
 +[[https://www.freebsd.org/cgi/man.cgi?query=find&sektion=1|find(1)]] 
 + 
 +=== delete recursively all files with a certain name (e.g. “.DS_Store”) === 
 +<code bash> 
 +find /your/dir -type f -name .DS_Store -print -delete
 </code> </code>
 +[[https://www.freebsd.org/cgi/man.cgi?query=find&sektion=1|find(1)]]
  
 === create checksums of directory tree and verify them === === create checksums of directory tree and verify them ===
Zeile 143: Zeile 192:
 rhash -cr --crc-accept=sfv,md5,sha256 /tmp/directory/ rhash -cr --crc-accept=sfv,md5,sha256 /tmp/directory/
 </code> </code>
-[[https://www.freebsd.org/cgi/man.cgi?query=rhash|man rhash]]+[[https://www.freebsd.org/cgi/man.cgi?query=rhash&sektion=1|rhash(1)]]
  
 === create a file with specific timestamps === === create a file with specific timestamps ===
Zeile 152: Zeile 201:
 ## -t = timestamp - use [[CC]YY]MMDDhhmm[.ss] time format ## -t = timestamp - use [[CC]YY]MMDDhhmm[.ss] time format
 </code> </code>
-[[https://www.freebsd.org/cgi/man.cgi?query=touch|man touch]]+[[https://www.freebsd.org/cgi/man.cgi?query=touch&sektion=1|touch(1)]]
  
 === handle sparse files === === handle sparse files ===
Zeile 161: Zeile 210:
 dd if=inputSparse.ext of=outputSparse.ext bs=4096 conv=sparse dd if=inputSparse.ext of=outputSparse.ext bs=4096 conv=sparse
 </code> </code>
-[[https://www.freebsd.org/cgi/man.cgi?query=truncate|man truncate]] [[https://www.freebsd.org/cgi/man.cgi?query=dd|man dd]]+[[https://www.freebsd.org/cgi/man.cgi?query=truncate&sektion=1|truncate(1)]] [[https://www.freebsd.org/cgi/man.cgi?query=dd&sektion=1|dd(1)]] 
 + 
 +=== create a 7-ZIP archive encrypted with a password === 
 + 
 +<code bash> 
 +7z a -p -mhe=on the_new_archive.7z -r dir_containing_stuff another_file.bin 
 +</code> 
 +[[https://www.freebsd.org/cgi/man.cgi?query=7z&sektion=1|7z(1)]] 
 + 
 +=== view contents of ZIP or TAR files without complete extracting === 
 +<code bash> 
 +### example of "Android Package Kit" which is actually a ZIP file 
 +unzip -l SomeAndroidApp.apk 
 +unzip -p SomeAndroidApp.apk META-INF/MANIFEST.MF 
 +### example of an "Open Virtual Appliance" which is actually a TAR file 
 +tar -tf SomeAppliance.ova 
 +tar -xfO SomeAppliance.ova SomeAppliance.ovf 
 +</code> 
 +[[https://www.freebsd.org/cgi/man.cgi?query=unzip&sektion=1|unzip(1)]] [[https://www.freebsd.org/cgi/man.cgi?query=tar&sektion=1|tar(1)]] 
  
 ==== Disk and Partition Stuff ==== ==== Disk and Partition Stuff ====
Zeile 172: Zeile 240:
 === disk images over SSH === === disk images over SSH ===
 <code bash> <code bash>
 +## from a local disk send compressed image to remote host
 dd if=/dev/sda bs=1048576 | pv | lz4 | ssh user@dest.example.com "dd of=/backup/basil-sda.img.lz4" dd if=/dev/sda bs=1048576 | pv | lz4 | ssh user@dest.example.com "dd of=/backup/basil-sda.img.lz4"
 +## to a local disk receive compressed image from remote host
 +ssh user@src.example.com "cat /backup/basil-sda.img.lz4" | lz4cat | pv | dd of=/dev/sda bs=1048576
 </code> </code>
  
 ==== Conversion Stuff ==== ==== Conversion Stuff ====
  
-=== make a big image small with ImageMagick ===+=== convert image file using ImageMagick ===
 <code bash> <code bash>
 +## make a big image small
 convert big_input.tif -resize 256x256 small_output.png convert big_input.tif -resize 256x256 small_output.png
 +## make an image grayscale and remove any transparency
 +convert input.png -alpha deactivate -colorspace Gray output.png
 +## create PNG with transparency from SVG, determine it's pixel dimensions from a DPI parameter
 +convert -background none -density 1200 input.svg output.png
 +## create PNG with transparency from SVG, specify it's pixel dimensions directly
 +convert -background none -size 512x512 input.svg output.png
 </code> </code>
-[[https://www.freebsd.org/cgi/man.cgi?query=convert|man convert]] [[https://www.freebsd.org/cgi/man.cgi?query=ImageMagick|man ImageMagick]]+[[https://www.freebsd.org/cgi/man.cgi?query=convert&sektion=1|convert(1)]] [[https://www.freebsd.org/cgi/man.cgi?query=ImageMagick&sektion=1|ImageMagick(1)]] 
 + 
 +=== batch convert images in a directory: rename by creation date and resize to width === 
 +<code bash> 
 +### for JPGs 
 +exiftool -ext jpg '-FileName<CreateDate' -d %Y%m%d_%H%M%S%%-c.%%e . 
 +mogrify -resize 375 -define preserve-timestamp=True *.JPG 
 +### for PNGs 
 +exiftool -ext png '-FileName<DateCreated' -d %Y%m%d_%H%M%S%%-c.%%e . 
 +mogrify -resize 375 -define preserve-timestamp=True *.PNG 
 +### Comments: 
 +## the "%%-c" in the filename template is for a numerical suffix, in case of multiple images with the same date 
 +## the "-define preserve-timestamp=True" is for keeping file attributes for timestamps 
 +## for case-sensitive filesystems in the "mogrify" command the glob pattern must be adjusted 
 +</code> 
 +[[https://www.freebsd.org/cgi/man.cgi?query=exiftool&sektion=1|exiftool(1)]] [[https://www.freebsd.org/cgi/man.cgi?query=mogrify&sektion=1|mogrify(1)]] [[https://www.freebsd.org/cgi/man.cgi?query=ImageMagick&sektion=1|ImageMagick(1)]] 
 + 
 +=== add rounded corners to an image (for app icon with rounded corners in the style of iPhone‘s SpringBoard) === 
 +<code bash> 
 +### Adjust the corner radius (in pixel) to your needs. 
 +### For a 1024x1024 image a value of 128 looks good. 
 +RADIUS=128 
 + 
 +### The whole ImageMagick command is quite complex. The resulting rounded image is written to a new file.  
 +### The cascade of parenthesized options defines the operations to cut out the transparent arcs in the corners. 
 +convert AppIconRaw.png \( +clone -alpha extract \ 
 +  \( -size ${RADIUS}x${RADIUS} xc:black -draw "fill white circle ${RADIUS},${RADIUS} ${RADIUS},0" -write mpr:arc +delete \) \ 
 +  \( mpr:arc \) -gravity northwest -composite \ 
 +  \( mpr:arc -flip \) -gravity southwest -composite \ 
 +  \( mpr:arc -flop \) -gravity northeast -composite \ 
 +  \( mpr:arc -rotate 180 \) -gravity southeast -composite \) \ 
 +  -alpha off -compose CopyOpacity -composite AppIconRounded.png 
 +</code> 
 +[[https://www.freebsd.org/cgi/man.cgi?query=convert&sektion=1|convert(1)]] [[https://www.freebsd.org/cgi/man.cgi?query=ImageMagick&sektion=1|ImageMagick(1)]] [[https://imagemagick.org/script/command-line-processing.php|ImageMagick - Command-line Processing]] [[http://www.imagemagick.org/script/command-line-options.php|ImageMagick - Command-line Options]] 
 + 
 +=== Unix timestamp to human readable time === 
 +<code bash> 
 +## with BSD date 
 +date -r 1523210382 
 +## with GNU date 
 +date -d @1523210382 
 +</code> 
 +[[https://www.freebsd.org/cgi/man.cgi?query=date&sektion=1|date(1)]] from BSD — [[https://manpages.debian.org/stretch/coreutils/date.1.en.html|date(1)]] from GNU
  
 === format XML === === format XML ===
Zeile 190: Zeile 310:
 xmllint --noblanks input_pretty.xml > output_ugly.xml xmllint --noblanks input_pretty.xml > output_ugly.xml
 </code> </code>
 +[[https://www.freebsd.org/cgi/man.cgi?query=xmllint&sektion=1|xmllint(1)]]
  
 === C array of the content of some file === === C array of the content of some file ===
Zeile 195: Zeile 316:
 xxd -i someFile.bin xxd -i someFile.bin
 </code> </code>
-[[https://www.freebsd.org/cgi/man.cgi?query=xxd|man xxd]]+[[https://www.freebsd.org/cgi/man.cgi?query=xxd&sektion=1|xxd(1)]]
  
-=== Unix timestamp to human readable time ===+=== change the character encoding of a file‘s content === 
 +<code> 
 +## convert from "UTF-8" to "ISO-8859-1" 
 +recode utf8...latin1 test.dat  
 +## autodetect and convert to "ISO-8859-1" 
 +recode ..latin1 test.dat 
 +## list available encodings available in your "recode" build 
 +recode --list 
 +</code> 
 +[[https://www.freebsd.org/cgi/man.cgi?query=recode&sektion=1|recode(1)]]  (more lightweight and probably already installed alternative: [[https://www.freebsd.org/cgi/man.cgi?query=iconv&sektion=1|iconv(1)]]) 
 + 
 +=== occurrences of non-ASCII characters in a file‘s content (with GNU grep) === 
 +<code> 
 +ggrep --color='auto' -P -n "[\x80-\xFF]" file.txt 
 +</code> 
 + 
 +=== occurrences of invalid UTF-8 characters in a file‘s content (this assumes you have an UTF-8 locale set) === 
 +<code> 
 +grep -axv '.*' file.txt 
 +</code> 
 +[[https://stackoverflow.com/questions/29465612/how-to-detect-invalid-utf8-unicode-binary-in-a-text-file|some StackOverflow discussion]] 
 + 
 +=== count how many time each byte value occurs in a file‘s content === 
 +<code> 
 +recode latin1/..count-characters < input.dat 
 +</code> 
 +[[https://www.freebsd.org/cgi/man.cgi?query=recode&sektion=1|recode(1)]] 
 + 
 +==== Process Stuff ==== 
 + 
 +=== execute a program in a background terminal ===
 <code bash> <code bash>
-## with BSD date +## create named session using the terminal emulator "screen" 
-date -r 1523210382 +screen -dMS some_session_name /usr/bin/command command_args 
-## with GNU date +## show PID of the "screen" session 
-date -d @1523210382+screen -lsS some_session_name | awk '/\.some_session_name\t/ {print $1}' | cut -d. -f1 
 +## attach to the session 
 +screen -rS some_session_name 
 +</code> 
 + 
 +=== show child PIDs of a PID === 
 +<code bash> 
 +pgrep -P 56789 
 +</code> 
 + 
 +==== Bourne Again Shell ==== 
 + 
 +=== delete entries from the command history (e.g. to remove passwords) === 
 +<code bash> 
 +## show the current history 
 +history 
 +## determine the entry number, in this example the desired entry was #501 
 +history -d 501 
 +</code> 
 + 
 +=== avoid history recording for one interactive shell completely === 
 +<code bash> 
 +unset HISTFILE
 </code> </code>
-[[https://www.freebsd.org/cgi/man.cgi?query=date|man date]] [[https://manpages.debian.org/stretch/coreutils/date.1.en.html|man date]] 
commands-general-tools.1525476104.txt.gz · Zuletzt geändert: 2018/05/05 01:21 von alex