Network

http://robin.me/pi
remove key from known hosts: ssh-keygen -R 192.168.0.200 ============================= ifconfig - all network interfaces iwconfig - wifi network interfaces hostname -I ============================= to send a file from mac to pi over ssh rsync -v -e ssh ./bashaliases.txt pi@192.168.60.102:~/ ============================= HTML:
stops floating and imposes line break ============================= copy ssh credentials ssh-keygen -t rsa -b 2048 ssh-copy-id -i ~/.ssh/id_rsa.pub pi@4kendrick.com mv .ssh/authorized_keys /etc/dropbear/authorized_keys ============================= Namecheap D DNS setup https://www.namecheap.com/support/knowledgebase/article.aspx/43/11/how-do-i-set-up-a-host-for-dynamic-dns select A+Dynamic DNS Record for Type and enter @symbol as a Host: You may use any dummy IP address, like 127.0.0.0 for Value. Once your Dynamic DNS client is configured, this IP address will be updated automatically to your current one. namecheap client setup https://www.namecheap.com/support/knowledgebase/article.aspx/583/11/how-do-i-configure-ddclient ======================== Restart the web server: /etc/init.d/uhttpd restart ======================== Create Dynamic DNS with namecheap sudo apt-get install ddclient sudo vi /etc/ddclient.conf Here is a sample "normal" configuration file for ddclient: use=web, web=dynamicdns.park-your-domain.com/getip ssl=yes protocol=namecheap server=dynamicdns.park-your-domain.com login=yourdomain.com password='password' @,www try deleting the cache, or changing the ip in the cache: sudo rm /var/cache/ddclient/ddclient.cache Maybe run ddclient with the force option and see if you get the SSL message in the output? sudo ddclient -debug -verbose -noquiet -force sudo rm /var/cache/ddclient.cache use=web, web=http://whatismyipaddress.com/ address is NOT FOUND https://samhobbs.co.uk/2015/01/dynamic-dns-ddclient-raspberry-pi-and-ubuntu Certification and apache redirect: ==================================== for Stretch: add source to debian sources list: sudo vi /etc/apt/sources.list.d/raspi.list deb http://ftp.debian.org/debian stretch-backports main sudo apt-get update then sudo apt-get install python-certbot-apache -t stretch-backports then install certs for apache: sudo certbot --apache Certificates stored: /etc/letsencrypt/live/$domain /etc/letsencrypt/live/12kendrick.com/privkey.pem /etc/letsencrypt/live/12kendrick.com/cert.pem ======================== Namecheap guide to SSL on Apache: https://www.namecheap.com/support/knowledgebase/article.aspx/9423/0/apache-opensslmodssl ======================== Apache: link a web file: sudo su ln -sT /home/pi/uptimelog uptimelog /etc/apache2/apache /var/www restart apache server: sudo /etc/init.d/apache2 restart /etc/apache2/sites-available/000-default.conf DocumentRoot /var/www/ ServerName hayfarm.app DocumentRoot /var/www/ SSLEngine on SSLCertificateFile /etc/ssl/hayfarm_app.crt SSLCertificateKeyFile /etc/ssl/private/server.key SSLCertificateChainFile /etc/ssl/hayfarm_app.ca-bundle https://wiki.apache.org/httpd/RedirectSSL NameVirtualHost *:80 ServerName www.example.com Redirect / https://secure.example.com/ ServerName secure.example.com DocumentRoot /usr/local/apache2/htdocs SSLEngine On # etc... ======================== simple HTML:

Hay Farm

Page for alarms.

Alarms ======================== ngrok config: pi@raspberrypi:~/.ngrok2 $ cat ngrok.yml authtoken: CD012345678901234567890123456789 ssh-access: addr: 22 proto: tcp ======================== dd client sudo apt-get install ddclient sudo nano /etc/ddclient.conf # Configuration file for ddclient generated by debconf # # /etc/ddclient.conf protocol=namecheap use=web ssl=yes server=dynamicdns.park-your-domain.com login=2kendrick.com password='CD012345678901234567890123456789' @ ======================== Ddlicnet with two or more names: /etc/ddclient.conf: # Configuration file for ddclient generated by debconf # # /etc/ddclient.conf use=web, web=dynamicdns.park-your-domain.com/getip protocol=namecheap login=inferentialist.com postscript=/usr/sbin/ddpost password=CD012345678901234567890123456789 @ # # # /usr/sbin/ddpost #!/usr/bin/python import argparse import tempfile import os import subprocess import syslog import sys parser = argparse.ArgumentParser(description='run ddclient on secondary hosts') parser.add_argument('ip_addr', help='script should be passed current ip address') args = parser.parse_args() ip_addr = args.ip_addr host_passwords = { 'inferentialist.com': 'AA012345678901234567890123456789', 'statscache.org' : 'BB012345678901234567890123456789', 'twittalytics.com': 'CC012345678901234567890123456789', 'dlennon.org': 'DD012345678901234567890123456789' } host_subdomains = { 'inferentialist.com': ['blog', 'api'], 'statscache.org' : ['@'], 'twittalytics.com': ['@'], 'dlennon.org': ['@'] } config_template = """ use=ip ip={ip_addr} protocol=namecheap login={host} password={password} {subdomain} """ ddconfig_template = """ddclient -file /tmp/{host}.conf -cache /tmp/{host}.cache -quiet""" for host in host_passwords.keys(): password = host_passwords[host] for subdomain in host_subdomains[host]: config_name = "/tmp/{0}.conf".format(host) cache_name = "/tmp/{0}.cache".format(host) config = config_template.format(**locals()) with open(config_name, "w") as f: f.write(config) ddconfig_cmd = ddconfig_template.format(**locals()) sys_msg = None try: subprocess.check_call(ddconfig_cmd.split(' ')) sys_msg = "SUCCESS: [ddclient postscript] updating {subdomain}.{host}: good: IP address set to {ip_addr}".format(**locals()) except subprocess.CalledProcessError: sys_msg = "FAILED: [ddclient postscript] updating {subdomain}.{host}".format(**locals()) syslog.syslog(sys_msg) for fname in [config_name, cache_name]: try: os.unlink(fname) except OSError: pass ======================== firewall ports ssh 22 http 80 https 443 vnc 5900 node-red 1880 ======================== https://www.namecheap.com/support/knowledgebase/article.aspx/794/0/ssl-activation generating cert on pi: https://www.namecheap.com/support/knowledgebase/article.aspx/9446/0/apache-opensslmodsslnginx cname dns authentication: https://www.namecheap.com/support/knowledgebase/article.aspx/9646/10/how-can-i-set-up-a-cname-record-for-my-domain?_ga=2.128007301.821629026.1543855982-1661440329.1538405565 https://www.namecheap.com/support/knowledgebase/article.aspx/9423/0/apache-opensslmodssl ======================== NameVirtualHost *:80 ServerName www.yourdomain.com Redirect / https://www.yourdomain.com ServerName www.yourdomain.com DocumentRoot /usr/local/apache2/htdocs SSLEngine On # etc... Save and close the file, then restart the HTTP sever like this. $ sudo systemctl restart apache2 ======================== sudo apt-get install sshfs ======================== It is possible to use homebrewto install OSXFuse and sshfs. To start we will need to create a local directory in which to mount the droplet's file system. sudo mkdir /mnt/droplet <--replace "droplet" whatever you prefer Now we can use sshfs to mount the file system locally with the following command. sudo sshfs -o allow_other,defer_permissions root@xxx.xxx.xxx.xxx:/ /mnt/droplet or sudo sshfs -o allow_other,defer_permissions,IdentityFile=~/.ssh/id_rsa root@xxx.xxx.xxx.xxx:/ /mnt/droplet sudo mkdir /tmp/droplet sudo sshfs -o allow_other,defer_permissions pi@192.168.0.205:/ /Users/robinlefever/mount sudo umount /Users/robinlefever/mount unnecessary to use sudo. Drive appears in drive list in Folder on Mac sshfs pi@192.168.0.205:/home/pi ~/RemoteFS umount /Users/robinlefever/RemoteFS ======================== sudo apt-get update sudo apt-get install fail2ban sudo vi /etc/fail2ban/jail.local [ssh] enabled = true port = ssh filter = sshd logpath = /var/log/auth.log bantime = 900 banaction = iptables-allports findtime = 900 maxretry = 3 sudo service fail2ban restart ======================== hostname -I sudo apt-get install nmap sudo nmap -sP 192.168.1.0/24 grep for onions: sudo nmap -sP 192.168.0.0/24 |grep -A1 '40:A3:6B' or sudo nmap -sP 192.168.1.0/24 |grep -A1 '40:A3:6B\|22:23:F6' ======================== scp @: ======================== wpa_supplicant.conf file is: ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev update_config=1 country=GB network={ ssid="Rowling" psk="password" key_mgmt=WPA-PSK } ======================== ======================== ======================== ======================== ======================== ======================== ======================== ========================