Commands
# all port usage
netstat -pnltu
# specific port usage
lsof -i :9000
netstat -ltnp | grep -w ':80'
Endpoint Info
Useful when trying to verify if headers are acting as they're supposed to when building an API
curl -is http://google.com
HTTP/2 301
location: https://www.google.com/
content-type: text/html; charset=UTF-8
date: Fri, 23 Apr 2021 15:36:48 GMT
expires: Sun, 23 May 2021 15:36:48 GMT
cache-control: public, max-age=2592000
server: gws
content-length: 220
x-xss-protection: 0
x-frame-options: SAMEORIGIN
Find IP Address
Private IP
Find private IP address of device. This address is used to access a self hosted service from within the same wifi or local network. Any application hosted locally on 0.0.0.0
is shared on this address.
# get private ip address
# if this returns two entries, ignore loopback ip (127.0.0.1)
# ignore everything after the slash
nmcli -p device show | grep "IP4.ADDRESS"
# or
# ip is the inet of the currently active interface
ip addr
# check if firewalls are disabled, they can cause issues here
sudo ufw status
Public IP
Find externally accessible public IP address of device.
curl ifconfig.me # ipv4
curl ipinfo.io/ip # ipv4
curl api.ipify.org # ipv4
curl ident.me # ipv6
SSH Port Forwarding
ssh -N -L 8888:127.0.0.1:80 user@server.com
The command above attaches the server's port 80 to local port 8888
. Meaning if a site is hosted on port 80
on the server. I can view it by going to 127.0.0.1:8888
on my browser.
The command above doesn't give any output. So if there isn't anything, that means its probably working as intended.
Service Ports
If ports aren't defined for inbuilt services at /etc/services
, all of the tools that depend on it fail. Use this (opens in a new tab) link if anything happens to it. Simply paste in everything.
NTP
With the following UFW rules should be present for NTP to work correctly.
sudo ufw allow 123/udp
sudo ufw allow out 123/udp
sudo ufw allow out 53
UDP port 123
is allowed for both incoming and outgoing traffic to NTP work. Additionally TCP port 53
(DNS) is opened for outgoing traffic since /etc/ntp.conf
contains domain names of NTP servers.
!!! error ""
If Servname not supported for ai_socktype and ntp
is displayed when starting NTP. The service file is probably fucked. Check out how to replace it here. More info here (opens in a new tab).
Ghost
By default the port is set to 2369
. If you visit that port, it'd show nothing. The correct port is 2368
Troubleshooting
ssh Received disconnect from port <port>:2: Too many authentication failures
One major cause for this error is having multiple keys in your .ssh directory. When encountering this, either specify the key you want to use or add the key to the ssh config.
ssh -i ~/.ssh/id_rsa user@host
Host example.com
IdentityFile ~/.ssh/id_rsa
IdentitiesOnly=yes
Error connecting to agent: Permission denied
when trying to run ssh-add
First check if the key permissions are correct. You want both the key folder and the key itself to only be readable by the user. This is recommended.
chmod 0700 ~/.ssh
chmod 600 ~/.ssh/*
If the file's permissions aren't the issue, there can be several other causes. You could have incorrect permissions set on any of the directories ~/.ssh or ~/.ssh/keyfolder (technically also on ~ but then this wouldn't be the only symptom). Use ls -adl to inspect those directories. They should have rwx for you, but --- for both group and world.
Another issue could be (but this is quite rare) is that the ssh-add binary has the setuid bit set, causing it to run as a different user, and hence have no right to read your private key. Use ls -lh $(which ssh-add)
to inspect this. If it returns an agent instance run by a different user. Kill it running ssh-agent -k
after logging in as that user.