ZSH ships a couple random number generators via the $RANDOM environment variable and rand48() via zsh/mathfunc, but neither are cryptographically secure. This code produces a 32-bit random number suitable for cryptography. It's only dependency is /dev/urandom and it does not rely on any shell commands or 3rd party utilities. It assumes ZSH was compiled with 64-bit integer support. Show Sample Output
tar(1) and cpio(1) are not fully platform agnostic, although their file formats are specified in POSIX.1-2001. As such, GNU tar(1) might not be able to extract a BSD tar(1) archive, and ivce versa. pax(1) is defined in POSIX.1-2001. To extract an archive:
pax -rf archive.tar
Looks best in an 80x24 256-color terminal emulator.
This command is similar to the alternate, except with head(1), you can pick as many passwords as you wish to generate by changing the number of lines you wish to preview. Show Sample Output
The "proportional set size" is probably the closest representation of how much active memory a process is using in the Linux virtual memory stack. This number should also closely represent the %mem found in ps(1), htop(1), and other utilities. Show Sample Output
Why use many different utilities all piped together, when you only need two? Show Sample Output
With the "--resolve" switch, you can avoid doing DNS lookups or edit the /etc/hosts file, by providing the IP address for a domain directly. Useful if you have many servers with different IP addresses behind a load balancer. Of course, you would loop it:
for IP in 10.11.0.{1..10}; do curl --resolve subdomain.example.com:80:$IP subdomain.example.com -I -s; done
This relies on a public API from http://longurl.org. So, this has the weakness that if the service disappears, the function will break. However, it has the advantage that the shortened URL service will not be tracking your IP address and other metrics, but instead will track longurl.org. Thus, you can remain anonymous from the shortened URL services (although not anonymous from longurl.org). It does no sanity checking that you have provided an argument. If you do not provide one, "message" is displayed to STDOUT. Show Sample Output
/dev/urandom is cryptographically secure, and indistinguishable from true random, as it gathers data from external sources, influenced by human timing interactions with computers, to fill the entropy pool, and hashes the input with SHA-1. As such, this is a quick way to do a "true random" fair-6 dice roll. Using this method, you could easily create passphrases with Diceware http://diceware.com. Change the head(1) count to something other than 5 for more or less numbers.
Quick shortcut if you know the hostname and want to save yourself one step for looking up the IP address separately.
Save some CPU, and some PIDs. :)
You could do the following, however, brace expansion with {} is not defined in POSIX, and therefore not guaranteed to work in all shells. But, if it does, it's more convenient (although it's certainly not less typing):
cp -r {*,.??*} /dest
Sometimes there are times when I need to cp(1), mv(1) or rm(1) files recursively, but don't want to traverse the previous directory by following ../../../../ etc out of the current directory. This command prevents that. The secret sauce is ".??*". The file globbing ensures that it must start with a dot, and be followed by at least two characters. So, three characters must exist in the filename, which eliminates "." and "..".
The command uses ssh(1) to get to a remote host, uses tar(1) to archive a remote directory, prints the result to STDOUT, which is piped to gzip(1) to compress to a local file. In other words, we are archiving and compressing a remote directory to our local box.
This command uses awk(1) to print all lines between two known line numbers in a file. Useful for seeing output in a log file, where the line numbers are known. The above command will print all lines between, and including, lines 3 and 6.
You can use "decode()" in a similar manner:
python -c 'print "68656c6c6f".decode("hex")'
Show Sample Output
Python is always such much more readable than most shell scripting. Show Sample Output
Git uses secure hash sums for its revision numbers. I'm sure this is fine and dandy for ultra-secure computing, but it's less than optimal for humans. Thus, this will give you sequential revision numbers in Git all the way from the first commit.
curl(1) is more portable than wget(1) across Unices, so here is an alternative doing the same thing with greater portability. This shell function uses curl(1) to show what site a shortened URL is pointing to, even if there are many nested shortened URLs. This is a great way to test whether or not the shortened URL is sending you to a malicious site, or somewhere nasty that you don't want to visit. The sample output is from:
expandurl http://t.co/LDWqmtDM
Show Sample Output
This shell function uses wget(1) to show what site a shortened URL is pointing to, even if there are many nested shortened URLs. This is a great way to test whether or not the shortened URL is sending you to a malicious site, or somewhere nasty that you don't want to visit. The sample output is from:
expandurl http://t.co/LDWqmtDM
Show Sample Output
Yes, rsync(1) supports local directories. And, should anything change, it's trivial to run the command again, and grab only the changes, instead of the full directory.
A common programming question for interviewers to ask potential job candidates is to code "FizzBuzz". That is, if a number is divisible by 3, then it should display "Fizz". If a number is divisible by 5, it should display "Buzz". If it is divisible by both, then it should display "FizzBuzz". Otherwise, display the current number between 1 and 100. Show Sample Output
Quick and dirty one-liner to get the average ping(1) time from a server. Show Sample Output
it is generally advised to avoid using which(1) whenever possible. which(1) is usually a csh(1) script, or sometimes a compiled binary. It's output is highly variable from operating system to operating system, so platform independent scripts could become quite complicated with the logic. On HP-UX 10.20, for example, it prints "no bash in /path /path /path ..."; on OpenBSD 4.1, it prints "bash: Command not found."; on Debian (3.1 through 5.0 at least) and SuSE, it prints nothing at all; on Red Hat 5.2, it prints "which: no bash in (/path:/path:...)"; on Red Hat 6.2, it writes the same message, but on standard error instead of standard output; and on Gentoo, it writes something on stderr. And given all these differences, it's still variable based on your shell. This is why POSIX is king. See http://mywiki.wooledge.org/BashFAQ/081 for more ways on avoiding which(1). Show Sample Output
As odd as this may be, I know of servers where the man(1) command is not installed, and there is not enough room on / to install it. However, zcat(1), nroff(1) and less(1) are. This is a way to read those documents without the proper tool to do so, as sad as this may seem. :)
According to the gpg(1) manual:
--gen-random 0|1|2 count
Emit count random bytes of the given quality level 0, 1 or 2. If count is not given or zero, an endless sequence of random bytes will be emitted. If used with --armor the output will be base64 encoded. PLEASE, don't use this command unless you know what you are doing; it may remove precious entropy from the system!
If your entropy pool is critical for various operations on your system, then using this command is not recommended to generate a secure password. With that said, regenerating entropy is as simple as:
du -s /
This is a quick way to generate a strong, base64 encoded, secure password of arbitrary length, using your entropy pool (example above shows a 30-character long password).
Show Sample Output
commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.
Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.
» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10
Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):
Subscribe to the feed for: