Commands by JohnQUnknown (2)

  • This command shows a sorted list of the IP addresses from which there have been authentication errors via SSH (possible script kiddies trying to gain access to your server), it eliminates duplicates so it's easier to read, but you can remove the "uniq" command at the end, or even do a "uniq -c" to have a count of how many times each IP address shows in the log (the path to the log may vary from system to system) Show Sample Output


    2
    cat /var/log/auth.log | grep -i "pam_unix(sshd:auth): authentication failure;" | cut -d' ' -f14,15 | cut -d= -f2 | sort | uniq
    JohnQUnknown · 2011-10-25 04:58:09 0
  • Provides a cleaner output plus some more details about the IP address. Also, a flaw was corrected where the URL provided the results in Spanish by default. Show Sample Output


    0
    function geoip() { curl -s "http://www.geoiptool.com/en/?IP=$1" | html2text | egrep --color "IP Address:|Country:|City:|Longitude:|Latitude:|Host Name:" }
    JohnQUnknown · 2011-10-25 04:49:25 0

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands


Check These Out

Optimal way of deleting huge numbers of files
This command works by rsyncing the target directory (containing the files you want to delete) with an empty directory. The '--delete' switch instructs rsync to remove files that are not present in the source directory. Since there are no files there, all the files will be deleted. I'm not clear on why it's faster than 'find -delete', but it is. Benchmarks here: https://web.archive.org/web/20130929001850/http://linuxnote.net/jianingy/en/linux/a-fast-way-to-remove-huge-number-of-files.html

Processes by CPU usage

Create QR codes from a URL.
QR codes are those funny square 2d bar codes that everyone seems to be pointing their smart phones at. Try the following... $ qrurl http://xkcd.com Then open qr.*.png in your favorite image viewer. Point your the bar code reader on your smart phone at the code, and you'll shortly be reading xkcd on your phone. URLs are not the only thing that can be encoded by QR codes... short texts (to around 2K) can be encoded this way, although this function doesn't do any URL encoding, so unless you want to do that by hand it won't be useful for that.

Silently deletes lines containing a specific string in a bunch of files
This command will find all occurrences of one or more patterns in a collection of files and will delete every line matching the patterns in every file

Get all available packages on Ubuntu (or any distro that uses apt)

Rip a DVD to AVI format
Substitute whatever track number you want into the "dvd://1" parameter. The "-aid 128" is to select the English language.

Extend a logical volume to use up all the free space in a volume group

Virtualbox: setup hardware
where - memory 256 assign 256 Mb RAM - acpi on enable ACPI (mandatory if you use Winfog 2000 - ioapic off disable the IO APIC. Not useful if you use one CPU (on virtual machine or a 32 bit operative system). As ACPI, this switch is mandatory for Winbug 2000 - pae on enable the Phisical Address Extension how to use more than 4Gb of RAM on x86 CPU - hwvirtex on enables hardware virtualization extensions for microprocessors that have this feature (which should be also enabled in the BIOS of the motherboard) - nestedpaging on allows part of the processes of memory management hardware are made directly

Update twitter via curl
Doesn't require password (asks for it instead)

Exclude inserting a table from a sql import
Starting with a large MySQL dump file (*.sql) remove any lines that have inserts for the specified table. Sometimes one or two tables are very large and uneeded, eg. log tables. To exclude multiple tables you can get fancy with sed, or just run the command again on subsequently generated files.


Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: