Bash cheatsheet: Difference between revisions
From Lolly's Wiki
Jump to navigationJump to search
| Line 1: | Line 1: | ||
=bash history per user= | =bash history per user= | ||
You need to set LogLevel of sshd to VERBOSE in your /etc/ssh/sshd_config: | |||
<source lang=bash> | |||
... | |||
LogLevel VERBOSE | |||
... | |||
</source> | |||
If you are using ssh public keys for authenticating and want to use a seperate history for each user, you can put this in your .bash_profile: | If you are using ssh public keys for authenticating and want to use a seperate history for each user, you can put this in your .bash_profile: | ||
<source lang=bash> | <source lang=bash> | ||
FINGERPRINT=$(nawk -v ssh_connection="${SSH_CONNECTION}" -v user=${LOGNAME} 'BEGIN{split(ssh_connection,connection)}/.*sshd\[[0-9]+\]: Accepted publickey for/ && $(NF-5)==connection[1] && $(NF-3)==connection[2] {print $NF;}' /var/log/ | [ -f /var/log/fingerprint.log ] && FINGERPRINT=$(nawk -v ssh_connection="${SSH_CONNECTION}" -v user=${LOGNAME} 'BEGIN{split(ssh_connection,connection)}/.*sshd\[[0-9]+\]: Accepted publickey for/ && $(NF-5)==connection[1] && $(NF-3)==connection[2] {print $NF;}' /var/log/fingerprint.log) | ||
export HISTFILE=.bash_history_${FINGERPRINT:-${SUDO_USER:-login}} | export HISTFILE=.bash_history_${FINGERPRINT:-${SUDO_USER:-login}} | ||
| Line 8: | Line 15: | ||
If $FINGERPRINT is empty the sudo user will be used. | If $FINGERPRINT is empty the sudo user will be used. | ||
I forced rsyslog to write another logfile where group ssh may read: | |||
/etc/rsyslog.d/99-fingerprint.conf: | |||
<source lang=bash> | |||
$FileCreateMode 0640 | |||
$FileGroup ssh | |||
auth /var/log/fingerprint.log | |||
</source> | |||
Add user syslog to group ssh so that syslog can open a file as group ssh: | |||
<source lang=bash> | |||
# usermod -aG ssh syslog | |||
</source> | |||
Let only users from group ssh login via ssh except the syslog user: | |||
/etc/ssh/sshd_config: | |||
<source lang=bash> | <source lang=bash> | ||
# SSH is only allowed for users in this group | |||
AllowGroups ssh | |||
DenyUsers syslog | |||
</source> | </source> | ||
Revision as of 12:49, 11 December 2015
bash history per user
You need to set LogLevel of sshd to VERBOSE in your /etc/ssh/sshd_config:
...
LogLevel VERBOSE
...
If you are using ssh public keys for authenticating and want to use a seperate history for each user, you can put this in your .bash_profile:
[ -f /var/log/fingerprint.log ] && FINGERPRINT=$(nawk -v ssh_connection="${SSH_CONNECTION}" -v user=${LOGNAME} 'BEGIN{split(ssh_connection,connection)}/.*sshd\[[0-9]+\]: Accepted publickey for/ && $(NF-5)==connection[1] && $(NF-3)==connection[2] {print $NF;}' /var/log/fingerprint.log)
export HISTFILE=.bash_history_${FINGERPRINT:-${SUDO_USER:-login}}
If $FINGERPRINT is empty the sudo user will be used.
I forced rsyslog to write another logfile where group ssh may read: /etc/rsyslog.d/99-fingerprint.conf:
$FileCreateMode 0640
$FileGroup ssh
auth /var/log/fingerprint.log
Add user syslog to group ssh so that syslog can open a file as group ssh:
# usermod -aG ssh syslog
Let only users from group ssh login via ssh except the syslog user: /etc/ssh/sshd_config:
# SSH is only allowed for users in this group
AllowGroups ssh
DenyUsers syslog
bash prompt
Put this in your ~/.bash_profile
typeset +x PS1="\[\e]0;\u@\h: \w\a\]\u@\h:\w# "
Nützliche Variablenersetzungen
dirname
$ myself=/usr/bin/blafasel ; echo ${myself%/*}
/usr/bin
basename
$ myself=/usr/bin/blafasel ; echo ${myself##*/}
blafasel
Schleifen
Zahlenfolgen
$ for i in {0..9} ; do echo $i ; done
oder
$ for ((i=0;i<=9;i++)); do echo $i; done
so gehen natürlich auch andere Sprünge, z.B. immer 3 weiter:
$ for ((i=0;i<=9;i+=3)); do echo $i; done
oder oder oder
$ for ((i=0,j=1;i<=9;i+=3,j++)); do echo "$i $j"; done
Rechnen
$ echo $[ 3 + 4 ] $ echo $[ 2 ** 8 ] # 2^8
