Utilities

autossh

Can be used to forward a service on a local port to an SSH jump server:

docker run --restart always -d --network host -v $HOME/.ssh:/keys:ro ghcr.io/altermarkive/autossh -M 0 -o "PubkeyAuthentication=yes" -o "PasswordAuthentication=no" -o 
"StrictHostKeyChecking no" -i /keys/id_rsa -R ${JUMP_SERVER_PORT}:127.0.0.1:${LOCAL_PORT_FORWARDED} -N ${JUMP_SERVER_USER}@${JUMP_SERVER_HOST}

The SSH key can be also passed via an environment variable:

docker run --restart always -d --network host -e AUTOSSH_ID_KEY=$(cat $HOME/.ssh/id_key) ghcr.io/altermarkive/autossh -M 0 -o "PubkeyAuthentication=yes" -o 
"PasswordAuthentication=no" -o "StrictHostKeyChecking no" -R ${JUMP_SERVER_PORT}:127.0.0.1:${LOCAL_PORT_FORWARDED} -N ${JUMP_SERVER_USER}@${JUMP_SERVER_HOST}

When using autossh remember to include the following line in /etc/ssh/sshd_config file on the SSH jump server:

GatewayPorts yes

Editing Photos (jhead, exiftime, exiftool)

To run the tools included install following packages on Ubuntu: jhead, exiftags, libimage-exiftool-perl.

To add EXIF:

jhead -mkexif IMG_0000.jpg

To shift the date:

exiftime -v-55M -fw -ta *.JPG

To set an arbitrary date:

exiftool "-AllDates=20221131000000" example.jpg

Rename photos to feature album name and creation date:

find -type f -printf "mv %p \$ALBUM.\$(exiftool -CreateDate %p | cut -c 35- | sed 's/[ :]//g').jpg\n" | sh

Editing Videos (ffmpeg)

Can be used for AV conversion between formats (linuxserver/ffmpeg):

docker run --rm -it -v $PWD:/w -w /w linuxserver/ffmpeg -i example.avi -c:a aac -c:v libx264 example.mp4

To encode H.265:

ffmpeg -i input.mp4 -metadata creation_time="1970-01-10T00:00:00Z" -c:v libx265 -c:a aac output.hevc.mp4

To transcode from DVD:

ffmpeg -i dvd.vob -f mp4 -vcodec libx264 -profile:v main -level 4.0 -s 480x384 -b:v 500k -maxrate 500k -bufsize 1000k -c:a aac -strict experimental -ac 2 -ar 48000 -ab 192k -threads 0 video.mp4

To scale:

ffmpeg -i video.mp4 -vf scale=540:960 scaled.mp4

To convert video to individual frames:

ffmpeg -i video.mp4 frame.%08d.png

To create a silent audio file:

ffmpeg -f s16le -ac 1 -t 1 -i /dev/zero -ar 22050 -y silence.mp3

To concatenate files:

ffmpeg -i concat:"one.mp3|two.mp3" -strict -2 -y three.aac

To combine video frames with audio:

for ENTRY in $(ls -1 *.jpg | sed -e 's/\.jpg//g')
do
    ffmpeg -loop 1 -i ${ENTRY}.jpg -i ${ENTRY}.aac -strict -2 -crf 25 -c:v libx264 -tune stillimage -pix_fmt yuv420p -shortest -y ${ENTRY}.mp4
done

imagemagick

Can be used for conversion between formats:

docker run --rm -it -v $PWD:/w -w /w --entrypoint convert dpokidov/imagemagick example.png example.pdf
docker run --rm -it -v $PWD:/w -w /w --entrypoint convert dpokidov/imagemagick -density 600 example.pdf example.png

Or, in combination with the ghcr.io/altermarkive/exif utility, one can run the following compact.sh:

#!/bin/sh
EXTENSION=$1
PREFIX=$2
TEMPORARY_SCRIPT=./compact.$PREFIX.sh
RENAME="echo -n convert {}; echo -n \ $PREFIX/$PREFIX.; /usr/bin/exiftool -CreateDate {} | sed s/[^0-9]*//g | sed -e 's/\$/\.heic/'"
RENAME_ALL="find $PREFIX -name $EXTENSION -exec /bin/sh -c \"$RENAME\" \;"
docker run -it --rm -v $PWD:/w -w /w --entrypoint /bin/sh ghcr.io/altermarkive/exif -c "$RENAME_ALL" | tr -d '\r' > $TEMPORARY_SCRIPT
cat $TEMPORARY_SCRIPT
docker run -it --rm -v $PWD:/w -w /w --entrypoint /bin/sh dpokidov/imagemagick $TEMPORARY_SCRIPT
rm $TEMPORARY_SCRIPT

poppler

Can be used to extract pages from a PDF file:

docker run --rm -it -v $PWD:/w -w /w --entrypoint /usr/bin/pdfseparate ghcr.io/altermarkive/poppler -f 1 -l 1 example.pdf %d.pdf

Or to join PDF files:

docker run --rm -it -v $PWD:/w -w /w --entrypoint /usr/bin/pdfunite ghcr.io/altermarkive/poppler 0.pdf 1.pdf result.pdf

socat

To expose Docker host ports on Docker networks it is often enough to use qoomon/docker-host (and it may be necessary to add --network host):

docker run --restart always -d --name forwarder --cap-add=NET_ADMIN --cap-add=NET_RAW qoomon/docker-host

However, if an another image is interfering with firewall rules (or cannot grant NET_ADMIN or NET_RAW cabilities) it may be necessary to tunnel the traffic with socat, here an example for ssh:

docker run --restart always -d --name forwarder alpine/socat TCP4-LISTEN:22,fork,reuseaddr TCP4:host.docker.internal:22

Note: On Linux, the following option might be necessary to be added to the command above: --add-host=host.docker.internal:host-gateway

ssh-jump-server

Prepare the SSH keys:

mkdir computer
ssh-keygen -t rsa -b 4096 -C "nobody@nowhere" -f computer/id_rsa
touch authorized_keys
cat computer/id_rsa.pub >> authorized_keys
ssh user@computer mkdir /home/user/.jump
scp computer/id_rsa user@computer:/home/user/.jump/id_rsa
scp computer/id_rsa.pub user@computer:/home/user/.jump/id_rsa.pub
kubectl create secret generic authorized-keys --from-file=authorized_keys=authorized_keys

Create ssh-jump-server.yml file:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: ssh-jump-server
spec:
  replicas: 1
  selector:
    matchLabels:
      app: ssh-jump-server
  template:
    metadata:
      labels:
        app: ssh-jump-server
    spec:
      nodeSelector:
        "beta.kubernetes.io/os": linux
      restartPolicy: Always
      containers:
      - name: ssh-jump-server
        image: altermarkive/ssh-jump-server
        ports:
        - containerPort: 22
        - containerPort: 22000
        volumeMounts:
          - name: authorized-keys-volume
            readOnly: true
            mountPath: "/home/user/.ssh"
      volumes:
      - name: authorized-keys-volume
        secret:
          secretName: authorized-keys
---
apiVersion: v1
kind: Service
metadata:
  name: ssh-jump-server
spec:
  type: LoadBalancer
  ports:
  - port: 22
    targetPort: 22
    name: ssh
    protocol: TCP
  - port: 22000
    targetPort: 22000
    name: ssh0
    protocol: TCP
  selector:
    app: ssh-jump-server

Deploy the jump server to Kubernetes cluster:

kubectl apply -f ssh-jump-server.yml
kubectl describe services

Forward the SSH:

docker run --restart always -d --name forward22 --network host --add-host=host.docker.internal:host-gateway alpine/socat TCP4-LISTEN:10022,fork,reuseaddr 
TCP4:host.docker.internal:22
docker run --restart always -d --name autossh22 --network host -v $HOME/.jump:/keys:ro ghcr.io/altermarkive/autossh -M 0 -o "PubkeyAuthentication=yes" -o 
"PasswordAuthentication=no" -o "StrictHostKeyChecking no" -i /keys/id_rsa -R 22002:127.0.0.1:10022 -N user@${JUMP_SERVER_HOST}

or shorter:

docker run --restart always -d --name autossh22 -v $HOME/.jump:/keys:ro --add-host=host.docker.internal:host-gateway ghcr.io/altermarkive/autossh -M 0 -o 
"PubkeyAuthentication=yes" -o "PasswordAuthentication=no" -o "StrictHostKeyChecking no" -i /keys/id_rsa -R 22002:host.docker.internal:22 -N user@${JUMP_SERVER_HOST}

Additional materials:

• How to SSH Into a Kubernetes Pod From Outside the Cluster
• Kubernetes - Secrets
• Kubernetes - Get a Shell to a Running Container
• Kubernetes - Create an External Load Balancer

Midnight Commander

Use: blackvoidclub/midnight-commander

Cheat Sheet

Keyboard Shortcuts

Shortcut	Function
Ctrl + Shift + Esc	Windows: Open Task Manager
Win + B	Windows: Go to System Tray
Shift + F10	Windows: Right-click in System Tray
Win + V	Windows: Paste from Clipboard history
Win + H	Windows: Start dictation
Win + I	Windows: System settings
Alt + P	Windows Explorer: Toggle preview panel
⌘ + Shift + E	Visual Studio Code: Navigate between editor and file tree panels
⌘ + [	Visual Studio Code: Unindent selection
⌘ + ]	Visual Studio Code: Indent selection
⌘ + Shift + L	Visual Studio Code: Select all occurences
⌘ + K, V	Visual Studio Code: Preview Markdown
⌘ + L	Edge: Select the URL in the address bar to edit
⌘ + W	Edge: Close tab
Ctrl + K	bash: Clear characters in line after cursor

git

Get latest tag with current "distance"

git describe --tags --dirty

Re-commit a particular branch / commit/ tag

git rm -r .
git checkout <branch/tag/commit> .
git commit

Undo local uncommited changes on a specific file

git checkout -- <file>

Delete remote branch

git push origin :<branch>

Merging branch as one commit

git merge --squash <branch> -m <message>

Make the current commit the only commit

rm -rf .git
git init
git add .
git commit -m "Initial commit"
git remote add origin <uri>
git push -u --force origin master

or

git switch example-branch
git reset --soft $(git merge-base master HEAD)
git commit -m "one commit on example branch"

Merging repository into another under a subdirectory

git clone $A_URL $A_NAME
cd $A_NAME
git remote add -f $B_NAME $B_URL
git merge --allow-unrelated-histories -s ours --no-commit $B_NAME/master
git read-tree --prefix=$SUBDIRECTORY -u $B_NAME/master
git commit -m "Merged $B_NAME into $A_NAME under $SUBDIRECTORY"

Print all files ever committed

git log --abbrev-commit --pretty=oneline | cut -d ' ' -f 1 | xargs -L1 git diff-tree --no-commit-id --name-only -r | sort | uniq

Correcting author for selected commits

See details here.

Docker

Nexus 3

Quick start with Nexus 3:

mkdir /tmp/nexus-data && sudo chown -R 200 /tmp/nexus-data
docker run -p 8081:8081 -p 8082:8082 --name nexus -v /tmp/nexus-data:/nexus-data -it sonatype/nexus3:3.4.0

Bash

• Tutorial about Bash history

• Check if the script was called with root privileges:

if [ "$(id -u)" != "0" ]; then
    echo "This must be run as root!"
    exit 1
fi

• Parameterize successive arguments:

cp {source,destination}.txt

Network Troubleshooting

Wireshark

To filter for UDP, a particular MAC and broadcast use this filter:

udp && (eth.addr == 00:11:22:33:44:55 || eth.addr == FF:FF:FF:FF:FF:FF)

For more see this link.

netcat

Send text "test" in a UDP packet over IPv4 with a connection time of 1 second from port 5000 to a broadcast address 172.17.255.255 and port 10000:

echo test | netcat -4u -w1 -p 5000 -b 172.17.255.255 10000

HTTP

Headers to prevent browsers from caching:

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache

IMAP Migration

docker run --rm gilleslamiral/imapsync imapsync --gmail1 --office2 --dry --user1 "$G_USER" --password1 "$G_PASS" --user2 "$M_USER" --password2 "$M_PASS" --exclude 'All Mail|Spam|Drafts|Important|Starred|Trash' --skipemptyfolders

Links

Science

• SciHub

Cloud

• Google Cloud Shell

Other

• Import from CSV to draw.io

OS, web browser, etc.

Windows

Beep

powershell -c (New-Object Media.SoundPlayer "C:\beep.wav").PlaySync();

Lock the screen

rundll32 user32.dll, LockWorkStation

A command to set the default printer on Windows

cscript C:\Windows\System32\Printing_Admin_Scripts\en-US\prnmngr.vbs -t -p "\\host\printer"

Run Edge as an administrator (or any other user)

runas /user:"%ADMINISTRATOR%" /savecred "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

Removing Dead Icons From Taskbar

• See: https://www.tenforums.com/tutorials/3151-reset-clear-taskbar-pinned-apps-windows-10-a-3.html

List the password of a WiFi network:

netsh wlan show profile name=$SSID key=clear

File encryption/decryption with GPG

gpg --cipher-algo AES256 -c filename.tar.gz
gpg -o filename.tar.gz -d filename.tar.gz.gpg

Mac

Basic tools:

brew install bash git jq yq p7zip python@3.10 meld

Completely disable sleep on any Mac:

sudo pmset -a sleep 0; sudo pmset -a hibernatemode 0; sudo pmset -a disablesleep 1;

List partition and format a USB stick:

diskutil list disk2
diskutil partitionDisk disk2 1 MBR MS-DOS STICK R

To make sure that fonts render well on the terminal:

defaults write -g CGFontRenderingFontSmoothingDisabled -bool NO
defaults -currentHost write -globalDomain AppleFontSmoothing -int 2

Chrome

• To enable password import got to chrome://flags/

Visual Studio Code

Extensions:

• Docker, docs-markdown, docs-preview, docs-yaml, Pylance, Python, Remote - Containers, Remote - SSH, XML (RedHat), YAML (RedHat)