Check These Out
You might want to secure your AWS operations requiring to use a MFA token. But then to use API or tools, you need to pass credentials generated with a MFA token.
This commands asks you for the MFA code and retrieves these credentials using AWS Cli. To print the exports, you can use:
`awk '{ print "export AWS_ACCESS_KEY_ID=\"" $1 "\"\n" "export AWS_SECRET_ACCESS_KEY=\"" $2 "\"\n" "export AWS_SESSION_TOKEN=\"" $3 "\"" }'`
You must adapt the command line to include:
* $MFA_IDis ARN of the virtual MFA or serial number of the physical one
* TTL for the credentials
Create a exact mirror of the local folder "/root/files", on remote server 'remote_server' using SSH command (listening on port 22)
(all files & folders on destination server/folder will be deleted)
When I go to change a configuration file I always like to make a backup first. You can use "cp -p" to preserve the modification time, but it gets confusing to have file.prev, file.prev2, etc. So I like to add a YYMMDD suffix that shows when the file was last changed.
"stat -c %Y" gives you the modification time in epoch seconds, then "date -d @" converts that to whatever format you specify in your "+format" string.
This is useful for examining the path.
I have come across a situation in the past where someone has unlinked a file by running an 'rm' command against it while it was still being written to by a running process.
The problem manifested itself when a 'df' command showed a filesystem at 100%, but this did not match the total value of a 'du -sk *'.
When this happens, the process continues to write to the file but you can no longer see the file on the filesystem. Stopping and starting the process will, more often than not, get rid of the unlinked file, however this is not always possible on a live server.
When you are in this situation you can use the 'lsof' command above to get the PID of the process that owns the file (in the sample output this is 23521).
Run the following command to see a sym-link to the file (marked as deleted):
$ cd /proc/23521/fd && ls -l
Truncate the sym-link to regain your disk space:
$ > /proc/23521/fd/3
I should point out that this is pretty brutal and *could* potentially destabilise your system depending on what process the file belongs to that you are truncating.
swap out "80" for your port of interest. Can use port number or named ports e.g. "http"
Often you run a command, but afterwards you're not quite sure what it did.
By adding this prefix/suffix around [COMMAND], you can list any files that were modified.
.
Take a nanosecond timestamp: YYYY-MM-DD HH:MM:SS.NNNNNNNNN
$ date "+%F %T.%N"
.
Find any files that have been modified since that timestamp:
$ find . -newermt "$D"
.
This command currently only searches below the current directory.
If you want to look elsewhere change the find parameter, e.g.
$ find /var/log . -newermt "$D"