Username or EmailPassword
The article is very good. I am sure there is more..(midnight commander is one of my lazy admin things...) but still, its a darn good list. I didnt know about ClusterSSH. I can see many uses for this.
As a cmd line enthusiast I found especially these tips useful:
* Ctrl-A, Ctrl-E to jump to the start/end of the line.
* Ctrl-r to search your command-line history backwards.
* Alt-. to paste the last argument to the previous command (this is incredibly useful).
* $ then tab twice to show all the available system variables.
However, anybody knows how to go back word-wise within the command you are typing? E.g. entering
find ~/Desktop | xargs grep -H -I -i -n "Name\[ru\]"
/home/alex/Desktop/.directory:58:Name[ru]=Ð Ð°Ð±Ð¾ÑÐ¸Ð¹ ÑÑÐ¾Ð»
So I have searched for the string "Name[ru]" in my Desktop directory and got the corresponding filename with the line number containing this string. ...also a really nifty example for the expressiveness of the cmd line UI.
But if I type this long command, at the end of this command I want to change e.g. one of the grep parameters. So I have to press the left cursor key until I have reached the appropriate position. But how can I go back word-wise within the command I type?
Use Bash in Vi mode.
If you're used to work with Vim, you'll adapt very fast to this.
# set -o vi
Normally, you're in input mode. It's not shown, so you'll have to remember the active mode.
Press Escape, to go to navigation mode.
Now do 'w' to go to the beginning of the next word, or press 'b' to move to the start of the previous word.
Press 'i' or 'a' to go back to insert mode.
* shift-d deletes everything after the cursor
* shift-i turns back to insert mode, and moves to the start of the comand line
* shfit-a turns back to insert mode, and moves to the end of the comand line
Emacs lovers should probably try:
# set -o emacs
for something similar.
edit: this should have been a reply to usr0 Edited 2008-09-11 21:19 UTC
Thanks! It works not only with bash but also with zsh. I will make the option persistent by putting it into my .zshrc. Let's see if I can adopt to the new cmd line behavior.
zsh will make your live easier than bash. it has completion over ssh, really good command completion etc etc.
adding kerberos is a real win of you have to type your password a lot. i have single signon working with osx and freebsd and it really rocks.
We windows admins call it "reaching the end of the internet".
I prefer vi mode in bash.
set -o vi
Possibly the best article I've seen here for ages. Tip 3 is great, and I had totally forgotten all about running a SSH session in the background and resuming it later.
The SysReq salute is all well and dandy, but should come with at least two caveats:
a) You need to have it in your kernel, which is not a given.
b) I dunno about the rest of you, but 99.9% of the lockups my machines encounter are X lockups - and when X goes titsup it takes the keyboard with it, so you can press Alt+PrintScreen and any darn thing you like, for all the good it'll do.
I don't get it. Why in the world would somebody who is a system administrator _want_ SSO? It only compromises your entire network to the first person to sit down at an unlocked workstation.
Any how many sysadmins who like this idea also like the idea of a NOPASSWD sudo? "After all, they can't get to _my_ user without my password. Why ask for it again?"
Doesn't make sense to me. But then, I subscribe to the "Don't ever save my password" and "remove all history and cookies on close" schools. Anyone needing my browser history at work can look in the proxy logs which show user and computer from anywhere on the network. Much quicker and more secure.
Because using Kerberos (which, for better or worse, is still the only real SSO solution in town) means that you don't have passwords flying around the network. Mail server gets compromised? Oh, now the cracker has access to all the user accounts who pick up their mail, including the sysadmins. A developer forgot to SSL encrypt all his HTTP traffic? Oops, now passwords are open to being sniffed. Password saved in plaintext on stolen laptop?
The other option is to have individual password databases on each machine. Then people start using ssh-rsa keys and other work arounds, using the default password, and/or same password in multiple locations and never change it. Furthermore, you then lose the ability to universally lock out an account network wide.
Also, Kerberos also lets you authenticate the service to the end user, so if a server's IP is hi-jacked, the user will know.
Yes, your admins should probably have a separate account for doing admin work, but that's an entirely different state of affairs. For all your every day users, SSO, a good screen lockout policy, and the occasional use of http://www.lockyourpc.com/ as a LART tool will are a much better security option.