Livres rares

1. Cache your password with ssh-agent

Using ssh keys and ssh-agent allows you to enter your password once and have it cached for the rest of the session. Edit your .xsession file to have this as its final line:

ssh-agent gnome-session

(or substitute the window manager of your choice for gnome-session). This starts gnome-session via ssh-agent, so that any programs run from that gnome-session will have access to the keys stored in ssh-agent.

Next, type:

ssh-add ~/.ssh/id_rsa

and enter your passphrase for that key. That's it! From now until the end of the session, you can log in with that key without entering the passphrase.

(Click for larger)

2. Speed up logins using Kerberos

Another option to reduce login hassle is to install Kerberos. As well as being significantly more secure than other setups, Kerberos also works as single-sign-on. So once you've logged in in the morning, you can SSH anywhere else in your Kerberised network without having to type your passphrase at all. Unfortunately, this is only lazy once it's actually going: setting it up in the first place does require a certain amount of effort. The documentation is excellent, though, and an increasingly large number of applications (eg Apache) are now Kerberised. This should also reduce your security workload, as it reduces the chances of a break-in.

3. screen: detach to avoid repeat logins

Entering:

screen -d

(detach screen), or hitting Ctrl-A then D whilst in a screen session, will detach your running screen, leaving it going in the background. This can be useful for running background jobs; it can also be useful for saving you frp, repeatedly logging into and out of machines. Start a screen session, log in to another machine, and detach the screen. Reattach the screen:

screen -r

and you'll be back connected to the ssh session, without having to type your password again.

4. screen: connect multiple users

When you're bugfixing, sometimes you really need to be able to see what the user who brought the problem to you is doing, and what output they're getting. You can use screen to avoid having to actually walk all the way over to their desk. Log on to the user's machine as them, then type:

screen -S debug

Then get them to type:

screen -x debug

and they'll join your screen session. Then whatever they do will be replicated on your screen (and vice versa). ('debug' is just the identifier; you can use any name you want.)

5. Expand Bash's tab completion

Aliases and functions are great for minimising the typing on anything you need to do on a regular basis. You can save both a few characters, and the hassle of the occasional mistype.

Improve bash a bit by installing /etc/bash_completion from this site. You'll get tab-completion of hostnames, and a "fuzzy matching" feature that will try to guess mistyped directory names and incomplete directory names.

There are also shell shortcuts that can be useful to speed you up. Learn a few of them - for example:

• Ctrl-A, Ctrl-E to jump to the start/end of the line.
• Ctrl-r to search your command-line history backwards.
• Alt-. to paste the last argument to the previous command (this is incredibly useful).
• $ then tab twice to show all the available system variables.

6. Automate your installations

Installation of new machines is boring, time-consuming, and can be error-prone. What you want is to set up your systems so that install is as close to a one-button process as possible. You can use TFTP and DHCP to boot off a networked image, or use FAI, which is an automated installation tool (similar to Kickstart for Redhat or JumpStart for Solaris). With FAI, you can install machines unattended, and even set up different installs based on different hardware provision and different requirements.

At the very least, it's worth creating your own install image with the packages and setup that you need. This is fairly straightforward with most distributions. Having standardised machines not only speeds install up, it makes it less likely that you'll spend time later on installing the things you forgot initially.

7. Roll out changes to multiple systems

The one-button install concept should extend to other aspects of your systems, for much the same reasons. Puppet enables you to manage your systems centrally - you change files or settings in the repository on the central Puppet server, and they're rolled out automatically to all your Puppet clients. You will still have to change things twice (once on a test machine to make sure what you're doing, then once in the central Puppet repository), but it'll save a lot of time and reduce mistakes. (Remember that it really is important to test - Puppet also makes it really fast to propagate an error across all your systems.)

8. Automate Debian updates

The package cron-apt can be set up to automatically install as well as download updates, but that's not really a good idea. Better is to get it to send you emails, check over what'll happen, and then dump all the emails in a specific folder. Then write a script which parses this local mailbox, grabs the machine names from the subject lines, and does the rest from there. (Probably using that root ssh key and ssh-add, again.)

Click here for one script that will do this (there are other options).

9. Sanely reboot a locked-up box

Rather than hitting the power button when something is dramatically crashed, thus meaning that you have to wait though a fsck disk check when the system boots back up, hold down Alt + Sysreq/Print Screen, and press REISUB in turn (whilst continually holding down those keys). Magic: your machine will reboot, after stopping all the programs and syncing and unmounting the drives.

There are some other magic things that you can do with SysReq, as well - it's worth looking up the documentation.

10. Send commands to several PCs

Not everything that you want to do on all machines will work well with Puppet, - you might for example want to temporarily mount a particular disk on all machines. ClusterSSH is great for this - it enables you to log onto a number of machines at once, and issue the same command on all of them simultaneously. Usefully, you can also click on a particular machine's screen and issue a command just on that machine, in case one machine is misbehaving.

You can set up groups of machines, as well, so that you can log in immediately to all your servers, or all your desktops. Combine this with a root ssh key and ssh-agent, and save yourself both typing and time.