Deploying gotop with Ansible
Gotop is a terminal based graphical activity monitor inspired by gtop and vtop; it’s available at:
https://github.com/xxxserxxx/gotop/
I published a role in Ansible Galaxy for deploying gotop in Linux servers. The role page in Ansible Galaxy is at:
https://galaxy.ansible.com/oriolrius/install_gotop
Role installation command and deployment command:
ansible-galaxy install oriolrius.install_gotop # change SERVER_IP, for the IP address where you want to deploy gotop ansible -i SERVER_IP, -u root -m include_role -a name=oriolrius.install_gotop all
Get the IP addresses of local Docker containers
We have Docker running with containers that are connected to their own private network. To efficiently manage and monitor these containers, it’s often useful to retrieve their private IP addresses.
With the following command, you can easily obtain the private IP addresses of all running Docker containers:
sudo docker inspect $(docker ps -q) --format='{{ printf "%-50s" .Name}} {{range .NetworkSettings.Networks}}{{.IPAddress}} {{end}}' | sort -t. -k2,2n -k3,3n -k4,4nOutput example:
$ sudo docker inspect $(docker ps -q ) --format='{{ printf "%-50s" .Name}} {{range .NetworkSettings.Networks}}{{.IPAddress}} {{end}}' | sort -t. -k2,2n -k3,3n -k4,4n /rproxy 10.3.10.2 /n8n 10.3.10.4 /semaphore 10.3.10.6 /code 10.3.10.7 /ssh 10.3.10.9 /nodered 10.3.10.11 /pihole_opendns 10.3.10.23 /pihole_googledns 10.3.10.24
OpenSSH public key fingerprint
Quick and easy, how to get the fingerprint of your SSH RSA key.
# syntax: openssl pkey -in PATH/PRIVATE_RSA_KEY -pubout -outform DER | openssl md5 -c # example: $ openssl pkey -in ~/.ssh/id_rsa -pubout -outform DER | openssl md5 -c MD5(stdin)= a6:26:23:d9:c1:d3:d5:e5:c0:38:ab:3c:c1:6a:3f:ea
Mikrotik passwordless SSH with public key
Following the instructions described in the official documentation:
https://wiki.mikrotik.com/wiki/Use_SSH_to_execute_commands_(public/private_key_login)
The process is as always as easy as:
# upload the id_rsa.pub file # then import the public key file for the user used for connecting via SSH user ssh-keys import public-key-file=id_rsa.pub user=admin-ssh # and it's done.
Everything was OK with my WSL Ubuntu 20.04. (I added WSL at the beginning of the versions because it runs in Windows Subsystem Linux).
But, with the newest WSL Ubuntu 22.04 I was unsuccessful.
Being precise, the SSH versions are:
# WSL Ubuntu 20.04 $ ssh -V OpenSSH_8.2p1 Ubuntu-4ubuntu0.5, OpenSSL 1.1.1f 31 Mar 2020 # WSL Ubuntu 22.04 $ ssh -V OpenSSH_8.9p1 Ubuntu-3, OpenSSL 3.0.2 15 Mar 2022
After connecting with verbose details, I found this message, that was the key for solving the problem:
debug1: Offering public key: /home/my_user/.ssh/id_rsa RSA SHA256:2******************************Y agent debug1: send_pubkey_test: no mutual signature algorithm
Then, I discovered that newest SSH versions aren’t compatible with Mikrotik SSH version. It seems that version isn’t enough newest and are incompatible with how public keys are negotiated at the beginning of the connection.
Finally, the solution was to use an extra parameter for establishing the connection:
ssh -o 'PubkeyAcceptedAlgorithms +ssh-rsa' THE_USER@THE_HOSTOf course, an alternative is using ~/.ssh/config file or the system file: /etc/ssh/ssh_config and add this parameter for everything, or specific hosts. For instance, like this:
Host JUST_A_NAME_OF_THE_CONNECTION Hostname THE_IP_ADDRESS_OR_HOSTNAME_OF_THE_TARGET_HOST user THE_USER PubkeyAcceptedAlgorithms +ssh-rsa
Get the IP address of the WSL2 in Windows 10
Nothing else than what the title says. Simple PowerShell script for dumping the IP address:
wsl -- ip -o -4 -json addr list eth0 ` | ConvertFrom-Json ` | %{ $_.addr_info.local } ` | ?{ $_ }
socat: publish a port only available in localhost
Assume that we have a service only available in localhost (127.0.0.1/8) and we want to expose this port temporarily. Of course, you can use iptables for redirecting the port. But take care, this is not a simple DNAT because packets will not be evaluated by PREROUTING (-t nat) rules.
Another option is using an old-powerful Swiss knife tool: socat (github) (my fork).
# binds public port to any local interface socat TCP-LISTEN:<public_port>,fork TCP:127.0.0.1:<internal_port> # binds only to an IP address SOCAT_SOCKADDR=<interface_IP> socat TCP-LISTEN:<public_port>,fork TCP:127.0.0.1:<internal_port> # examples: # binds to all interfaces: socat TCP-LISTEN:1880,fork TCP:127.0.0.1:1880 # just for an IP address of one interface: SOCAT_SOCKADDR=10.2.0.110 socat TCP-LISTEN:1880,fork TCP:127.0.0.1:1880