Today I Learned

Networking

<TIL

Authorization header missing in PHP POST request

Add the following lines to .htaccess file

RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

src

Determine the IP of a domain

$ host domainname.com

or more detailed info by using:

$ dig domainname.com

src

How to make a POST request with :curl: from :command line:

curl --data "param1=value1&param2=value2" https://example.com/resource.cgi

or

curl --data "param1=value1" --data "param2=value2" https://example.com/resource.cgi

Without data:

curl --data "" https://example.com/resource.cgi

or

curl --request POST https://example.com/resource.cgi

Check if a port is in use

The lsof command is used to list open files. $ lsof -i TCP:3000

source

Multiple ssh keys

  1. Check if there is a .ssh directory in the home root:

mkdir ~/.ssh

  1. generate a ssh key (on the question about the passphrase just press ENTER)

ssh-keygen -t rsa -b 4096

  1. copy the ida_rsa.pub file to the authorized_keys of the remote server

cd ~/.ssh scp -P 2222 id_rsa.pub user@domain.net:.ssh/authorized_keys

  1. rename id_rsa to domain_rsa

mv id_rsa domain_rsa

  1. add a shortcut in the .ssh/conf file
Host domainName
Hostname domain.net
IdentityFile ~/.ssh/domain_rsa
User www

“User” is the username for logging over ssh

Make heavy use of the .ssh/config file

   Host x
       Hostname full.host.name.com  (or 1.2.3.4)
       User <myuser>
       IdentitiesOnly yes
       IdentityFile ~/.ssh/id_x_ed25519

Give hosts short names so you can ssh x

Source

Use Host * at the beginning of the config file for global settings

    Host *
        Ciphers aes128-ctr
        Compression yes
        ServerAliveInterval 120
        ForwardX11 yes

With this setup, typing ssh example is equivalent to ssh -XCY -c aes128-ctr my_name@example.url.com which definitely saves some keystrokes.

Source

Automatic login

Generate identities for some machines

` ssh-keygen -t ed25519 -f ~/.ssh/id_x_ed25519`

use ssh-copy-id to copy the identity to the target machine so it lets you in:

` ssh-copy-id -i ~/.ssh/id_x_ed25519.pub x`

or if your machine doesn’t have ssh-copy-id:

cat ~/.ssh/id_x_ed25519.pub | ssh x "cat >> .ssh/authorized_keys"

Source

Kill the ssh session

~. Help about the ssh escape sequence: ~?

Source

Exit automatically on network interruptions

In your .ssh/config, add:

ServerAliveInterval 5
ServerAliveCountMax 1

What happens is that ssh will check the connection by sending an echo to the remote host every ServerAliveInterval seconds. If more than ServerAliveCountMax echos are sent without a response, ssh will timeout and exit.

Source

Use ssh server as a proxy to another SSH server

Useful for accessing servers behind a firewall, or using your own server as a proxy to bypass a bottleneck in the network.

$ ssh -J user1@host1 user_final@host_final

Source

Accessing internal resources externally via ssh

ssh -D9090 user@remote

Then, in Firefox, set it to use a SOCK5 proxy of localhost:9090 and “Proxy DNS when using SOCKS v5”. Now, when you use Firefox it is as if you are using Firefox on the machine you are SSH’d into(including DNS resolution!). This is really handy for things like accessing otherwise unreachable resources or other internal resources externally. It is also handy to be able to put all your web traffic as originating from a remote VPS with no advanced setup required.

Source

Closing/opening ports:

Check the status of all ports with:

sudo netstat -lnp

Close and/or open ports with:

sudo ufw allow 22

sudo ufw deny 22

src

Client-Bridge configuration for router