Shotts ch. 16 and 17
find Size Units: Unit for character: b
512-byte blocks. This is the default if no unit is specified.
The locate program performs a rapid database search of pathnames and then outputs every name that matches a given substring. Say, for example, we want to find all the programs with names that begin with zip. Because we are looking for programs, we can assume that the name of the directory containing the programs would end with
bin/.
Find file types: File type with description: ( Character special device file)
c
find Size Units: Character for unit: (Bytes.)
c
Besides opening a shell session on a remote system, ssh allows us to execute a single command on a remote system. For example, to execute the free command on a remote host named remote-sys and have the results displayed on the local system, use this: " [me@linuxbox ~]$ ssh remote-sys free". It's possible to use this technique in more interesting ways, such as the following example in which we perform an ls on the remote system and redirect the output to a file on the local system: (show command)
" [me@linuxbox ~]$ ssh remote-sys 'ls *(ast)' > dirlist.txt". Notice the use of the single quotes in the preceding command. This is done because we do not want the pathname expansion performed on the local machine; rather, we want it to be performed on the remote system.
Find: We can also search by file size and filename by adding some additional tests. Let's look for all the regular files that match the wildcard pattern *.JPG and are larger than one megabyte: (show sample command)
"[me@linuxbox ~]$ find ~ -type f -name "*(ast).JPG" -size +1M | wc -l". In this example, we add the -name test followed by the wildcard pattern. Notice how we enclose it in quotes to prevent pathname expansion by the shell. Next, we add the -size test followed by the string +1M. The leading plus sign indicates that we are looking for files larger than the specified number. A leading minus sign would change the meaning of the string to be smaller than the specified number. Using no sign means "match the value exactly." The trailing letter M indicates that the unit of measurement is megabytes. Table 17-2 lists the characters that can be used to specify units.
In the example that follows, we show a typical session with the ftp program downloading an Ubuntu iso image located in the /pub/cd_images/ubuntu-18.04 directory of the anonymous FTP server fileserver: (show commands)
"[me@linuxbox ~]$ ftp fileserver" "Name (fileserver:me): anonymous" "ftp> cd pub/cd_images/ubuntu-18.0" "ftp> lcd Desktop" "ftp> get ubuntu-18.04-desktop-amd64.iso" "ftp> bye"
The locate program performs a rapid database search of pathnames and then outputs every name that matches a given substring. Say, for example, we want to find all the programs with names that begin with zip. Because we are looking for programs, we can assume that the name of the directory containing the programs would end with bin/. Therefore, we could try to use locate this way to find our files:
"[me@linuxbox ~]$ locate bin/zip". locate will search its database of pathnames and output any that contain the string bin/zip
The OpenSSH package also includes two programs that can make use of an SSH-encrypted tunnel to copy files across the network. The first, scp (secure copy), is used much like the familiar cp program to copy files. The most notable difference is that the source or destination pathnames may be preceded with the name of a remote host, followed by a colon character. For example, if we wanted to copy a document named document.txt from our home directory on the remote system, remote-sys, to the current working directory on our local system, we could do this: (show command)
"[me@linuxbox ~]$ scp remote-sys:document.txt . " Result: me@remote-sys's password: document.txt 100% 5581 5.5KB/s 00:00
ssh: It is also possible to connect to remote systems using a different username. For example, if the local user me had an account named bob on a remote system, user me could log in to the account bob on the remote system as follows: (show command)
"[me@linuxbox ~]$ ssh bob@remote-sys"
In cases where routing information is blocked, we can sometimes overcome this by adding either the __ or __ option to the traceroute command.
-T; -I (capital i)
The netstat program is used to examine various network settings and statistics. Through the use of its many options, we can look at a variety of features in our network setup. Using the __ option, we can examine the network interfaces in our system.
-ie
find Size Units: Unit for character: w
2-byte words.
Find file types: Description of file type: b
Block special device file
What command xargs does:
Build and execute command lines from standard input
find Size Units: Unit for character: c
Bytes.
What command touch does:
Change file times
In the example that follows, we show a typical session with the ftp program downloading an Ubuntu iso image located in the /pub/cd_images/ubuntu-18.04 directory of the anonymous FTP server fileserver: (show commands): "[me@linuxbox ~]$ ftp fileserver" "Name (fileserver:me): anonymous" "ftp> cd pub/cd_images/ubuntu-18.0" "ftp> lcd Desktop" "ftp> get ubuntu-18.04-desktop-amd64.iso" "ftp> bye" . What does "lcd Desktop" do?
Change the directory on the local system (NOT THE REMOTE SYSTEM) to ~/Desktop.
Find file types: Description of file type: c
Character special device file
Find file types: Description of file type: d
Directory
What command stat does:
Display file or file system status
What command locate does:
Find files by name
find Size Units: Character for unit: ( Gigabytes (units of 1,073,741,824 bytes))
G
The SFTP protocol is supported by many of the graphical file managers found in Linux distributions. Using either __ or __, we can enter a URI beginning with sftp:// into the location bar and operate on files stored on a remote system running an SSH server.
GNOME or KDE
find Size Units: Unit for character: G
Gigabytes (units of 1,073,741,824 bytes)
What command does: ftp:
Internet file transfer program
find Size Units: Unit for character: k
Kilobytes (units of 1,024 bytes)
find Size Units: Character for unit: ( Megabytes (units of 1,048,576 bytes).)
M
find Test: Description of test: -cmin <n>
Match files or directories whose content or attributes were last modified exactly <n> minutes ago. To specify less than n minutes ago, use -<n>, and to specify more than n minutes ago, use +<n>.
find Test: Description of test: -cnewer <file>
Match files or directories whose contents or attributes were last modified more recently than those of <file>
find Size Units: Unit for character: M
Megabytes (units of 1,048,576 bytes).
What command does: wget:
Non-interactive network downloader
Most Linux distributions ship an implementation of SSH called __ from the OpenBSD project.
OpenSSH
What command does: ftp: ssh:
OpenSSH SSH client (remote login program)
Most Linux distributions ship an implementation of SSH called OpenSSH from the OpenBSD project. Some distributions include both the client and the server packages by default (for example, Red Hat), while others (such as Ubuntu) supply only the client. To enable a system to receive remote connections, it must have the __ package installed, configured, and running.
OpenSSH-server
The locate program performs a rapid database search of
pathnames and then outputs every name that matches a given substring.
(sidebar): Let's say you are sitting at a Windows machine but you need to log in to your Linux server and get some real work done; what do you do? Get an SSH client program for your Windows box, of course! There are a number of these. The most popular one is probably
PuTTY by Simon Tatham and his team. The PuTTY program displays a terminal window and allows a Windows user to open an SSH (or telnet) session on a remote host.
Find file types: Description of file type: f
Regular file
What command does: ip
Show/manipulate routing, devices, policy routing, and tunnels
What command find does:
Search for files in a directory hierarchy
Find file types: Description of file type: l
Symbolic link
Find: "[me@linuxbox ~]$ find ~ -type f -name "*.JPG" -size +1M | wc -l 840". In this example, we add the -name __ followed by the wildcard pattern.
test
TUNNELING WITH SSH: Part of what happens when you establish a connection with a remote host via SSH is that an encrypted tunnel is created between the local and remote systems. Normally, this tunnel is used to allow commands typed at the local system to be transmitted safely to the remote system and for the results to be transmitted safely back. In addition to this basic function, the SSH protocol allows most types of network traffic to be sent through the encrypted tunnel, creating a sort of virtual private network (VPN) between the local and remote systems. Perhaps the most common use of this feature is to allow
X Window system traffic to be transmitted. On a system running an X server (that is, a machine displaying a GUI), it is possible to launch and run an X client program (a graphical application) on a remote system and have its display appear on the local system. It's easy to do; here's an example. Let's say we are sitting at a Linux system called linuxbox that is running an X server and we want to run the xload program on a remote system named remote-sys to see the program's graphical output on our local system. We could do this: [me@linuxbox ~]$ ssh -X remote-sys me@remote-sys's password: Last login: Mon Sep 10 13:23:11 2018 [me@remote-sys ~]$ xload. After the xload command is executed on the remote system, its window appears on the local system. On some systems, you may need to use the -Y option rather than the -X option to do this.
Find file types: File type with description: ( Block special device file)
b
find Size Units: Character for unit: (512-byte blocks. This is the default if no unit is specified.)
b
In its simplest use, find is given one or more names of directories to search. For example, to produce a listing of our home directory, we can use this: (show command)
[me@linuxbox ~]$ find ~
While the locate program can find a file based solely on its name, the find program searches a given directory (and its subdirectories) for files based on a variety of attributes. We're going to spend a lot of time with find because it has a lot of interesting features that we will see again and again when we start to cover programming concepts in later chapters. In its simplest use, find is given one or more names of directories to search. For example, to produce a listing of our home directory, we can use this: [me@linuxbox ~]$ find ~ On most active user accounts, this will produce a large list. Because the list is sent to standard output, we can pipe the list into other programs. Let's use wc to count the number of files. [me@linuxbox ~]$ find ~ | wc -l 47068 Wow, we've been busy! The beauty of find is that it can be used to identify files that meet specific criteria. It does this through the (slightly strange) application of options, tests, and actions. We'll look at the tests first. Tests Let's say we want a list of directories from our search. To do this, we could add the following test: (show command)
[me@linuxbox ~]$ find ~ -type d | wc -l
Find: Let's say we want a list of directories from our search. To do this, we could add the following test: "[me@linuxbox ~]$ find ~ -type d | wc -l". Adding the test -type d limited the search to directories. Conversely, we could have limited the search to regular files with this test: (show command)
[me@linuxbox ~]$ find ~ -type f | wc -l
To connect to a remote host named remote-sys, we would use the ssh client program like so: (show command)
[me@linuxbox ~]$ ssh remote-sys
Besides opening a shell session on a remote system, ssh allows us to execute a single command on a remote system. For example, to execute the free command on a remote host named remote-sys and have the results displayed on the local system, use this: (show command)
[me@linuxbox ~]$ ssh remote-sys free
Another popular command-line program for file downloading is wget. It is useful for downloading content from both web and FTP sites. Single files, multiple files, and even entire sites can be downloaded. To download the first page of linuxcommand.org, we could do this: (show command)
[me@linuxbox ~]$ wget http://linuxcommand.org/index.php
To connect to a remote host named remote-sys, we would use the ssh client program like so: .....The first time the connection is attempted,
a message is displayed indicating that the authenticity of the remote host cannot be established. This is because the client program has never seen this remote host before. To accept the credentials of the remote host, enter yes when prompted. Once the connection is established, the user is prompted for a password.
Once started, ping
continues to send packets at a specified interval (the default is one second) until it is interrupted.
Find file types: File type with description: (Directory)
d
Netstat: Using the -r option will
display the kernel's network routing table.
Find file types: File type with description: (Regular file)
f
Command to: ( Search for files in a directory hierarchy)
find
find command to find regular files in the home directory matching wildcard pattern *.JPG that are larger than one gigabyte
find ~ -type f -name "*(ast).JPG" -size +1G
find command to find regular files in the home directory matching wildcard pattern *.JPG that are smaller than one gigabyte
find ~ -type f -name "*(ast).JPG" -size -1G
find command to find regular files in the home directory matching wildcard pattern *.JPG that are one gigabyte
find ~ -type f -name "*(ast).JPG" -size 1G
Command to: (Internet file transfer program)
ftp
Typing __ at the ftp> prompt will display a list of the supported commands.
help
The ip program is a multipurpose network configuration tool that makes use of the full range of networking features available in modern Linux kernels. It replaces the earlier and now deprecated __ program.
ifconfig
Command "ip a": In the preceding example, we see that our test system has two network interfaces. The first, called lo, is the loopback interface, a virtual interface that the system uses to "talk to itself," and the second, called eth0, is the Ethernet interface. When performing casual network diagnostics, the important things to look for are the presence of the word UP in the first line for each interface, indicating that the network interface is enabled, and the presence of a valid IP address in the __ field on the third line.
inet
Command to: (Show/manipulate routing, devices, policy routing, and tunnels)
ip
he second SSH file-copying program is sftp, which, as its name implies, is a secure replacement for the ftp program. sftp works much like the original ftp program that we used earlier; however, instead of transmitting everything in cleartext, it uses an SSH encrypted tunnel. sftp has an important advantage over conventional ftp in that
it does not require an FTP server to be running on the remote host. It requires only the SSH server. This means that any remote machine that can connect with the SSH client can also be used as an FTP-like server.
find Size Units: Character for unit: ( Kilobytes (units of 1,024 bytes))
k
Find file types: File type with description: (Symbolic link)
l
Command to: ( Find files by name)
locate
If the search requirement is not so simple, we can combine locate with other tools such as grep to design more interesting searches: (show sample command)
locate zip | grep bin
What command does: netstat: Print (5)
network connections, routing tables, interface statistics, masquerade connections, and multicast memberships
The ip program is a multipurpose network configuration tool that makes use of the full range of networking features available in modern Linux kernels. It replaces the earlier and now deprecated ifconfig program. With ip, we can examine a system's __ and __
network interfaces and routing table.
The beauty of find is that it can be used to identify files that meet specific criteria. It does this through the (slightly strange) application of (3)
options, tests, and actions. We'll look at the tests first.
Besides opening a shell session on a remote system, ssh allows us to execute a single command on a remote system. For example, to execute the free command on a remote host named remote-sys and have the results displayed on the local system, use this: " [me@linuxbox ~]$ ssh remote-sys free". It's possible to use this technique in more interesting ways, such as the following example in which we perform an ls on the remote system and redirect the output to a file on the local system: "[me@linuxbox ~]$ ssh remote-sys 'ls *' > dirlist.txt". Notice the use of the single quotes in the preceding command. This is done because we do not want the pathname expansion performed on the local machine; rather, we want it to be performed on the remote system. Likewise, if we had wanted the output redirected to a file on the remote machine, we could have
placed the redirection operator and the filename within the single quotes: "[me@linuxbox ~]$ ssh remote-sys 'ls *(ast) > dirlist.txt' "
Find: We can also search by file size and filename by adding some additional tests. Let's look for all the regular files that match the wildcard pattern *.JPG and are larger than one megabyte: (show sample command): "[me@linuxbox ~]$ find ~ -type f -name "*.JPG" -size +1M | wc -l". In this example, we add the -name test followed by the wildcard pattern. Notice how we enclose it in quotes to
prevent pathname expansion by the shell.
What the ip does: Show/manipulate (4)
routing, devices, policy routing, and tunnels
WHERE DOES THE LOCATE DATABASE COME FROM? You might notice that, on some distributions, locate fails to work just after the system is installed, but if you try again the next day, it works fine. What gives? The locate database is created by another program named updatedb. Usually, it is run periodically as a cron job, that is, a task performed at regular intervals by the cron daemon. Most systems equipped with locate run updatedb once a day. Because the database is not updated continuously, you will notice that very recent files do not show up when using locate. To overcome this, it's possible to
run the updatedb program manually by becoming the superuser and running updatedb at the prompt.
While the locate program can find a file based solely on its name, the find program
searches a given directory (and its subdirectories) for files based on a variety of attributes. We're going to spend a lot of time with find because it has a lot of interesting features that we will see again and again when we start to cover programming concepts in later chapters
Command to: (OpenSSH SSH client (remote login program))
ssh
Command to: ( Display file or file system status)
stat
Netstat: Using the -r option will display the kernel's network routing table. This shows how the network is configured to send packets from network to network: [me@linuxbox ~]$ netstat -r Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.1.0 * 255.255.255.0 U 0 0 0 eth0 default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0 In this simple example, we see a typical routing table for a client machine on a local area network (LAN) behind a firewall/router. The first line of the listing shows the destination 192.168.1.0. IP addresses that end in zero refer to networks rather than individual hosts, so this destination means any host on the LAN. The next field, Gateway, is the name or IP address of the gateway (router) used to go from the current host to the destination network. An asterisk in this field indicates
that no gateway is needed.
Most Linux distributions ship an implementation of SSH called OpenSSH from
the OpenBSD project.
The OpenSSH package also includes two programs that can make use of an SSH-encrypted tunnel to copy files across the network. The first, scp (secure copy), is used much like the familiar cp program to copy files. The most notable difference is that the source or destination pathnames may be preceded with the name of a remote host, followed by a colon character. For example, if we wanted to copy a document named document.txt from our home directory on the remote system, remote-sys, to the current working directory on our local system, we could do this: [me@linuxbox ~]$ scp remote-sys:document.txt . me@remote-sys's password: document.txt 100% 5581 5.5KB/s 00:00 [me@linuxbox ~]$ As with ssh, you may apply a username to the beginning of the remote host's name if
the desired remote host account name does not match that of the local system. " [me@linuxbox ~]$ scp bob@remote-sys:document.txt ."
As stated earlier, ssh verifies the authenticity of the remote host. If the remote host does not successfully authenticate, the following message appears: "[me@linuxbox ~]$ ssh remote-sys @@@@......". After it has been determined that the message is because of a benign cause, it is safe to correct the problem on the client side. This is done by using a text editor (vim perhaps) to remove the obsolete key from the ~/.ssh/known_hosts file. In the preceding example message, we see this: "Offending key in /home/me/.ssh/known_hosts:1". This means that
the first line of the known_hosts file contains the offending key. Delete this line from the file, and the ssh program will be able to accept new authentication credentials from the remote system.
FTP (in its original form) is not secure because it sends account names and passwords in cleartext. This means they are not encrypted, and anyone sniffing the network can see them. Because of this, almost all FTP done over the Internet is done by anonymous FTP servers. An anonymous server allows anyone to log in using
the login name "anonymous" and a meaningless password.
Command "ip a": In the preceding example, we see that our test system has two network interfaces. The first, called lo, is
the loopback interface, a virtual interface that the system uses to "talk to itself,"
Command "ip a": In the preceding example, we see that our test system has two network interfaces. The first, called lo, is the loopback interface, a virtual interface that the system uses to "talk to itself," and the second, called eth0, is the Ethernet interface. When performing casual network diagnostics, the important things to look for are (2)
the presence of the word UP in the first line for each interface, indicating that the network interface is enabled, and the presence of a valid IP address in the inet field on the third line. For systems using Dynamic Host Configuration Protocol (DHCP), a valid IP address in this field will verify that the DHCP is working.
The OpenSSH package also includes two programs that can make use of an SSH-encrypted tunnel to copy files across the network. The first, scp (secure copy), is used much like the familiar cp program to copy files. The most notable difference is that
the source or destination pathnames may be preceded with the name of a remote host, followed by a colon character.
ssh: The remote shell session continues until
the user enters the exit command at the remote shell prompt, thereby closing the remote connection. At this point, the local shell session resumes, and the local shell prompt reappears.
Command to: ( Change file times)
touch
The traceroute program (some systems use the similar __ program instead) lists all the "hops" network traffic takes to get from the local system to a specified host.
tracepath
WHERE DOES THE LOCATE DATABASE COME FROM? You might notice that, on some distributions, locate fails to work just after the system is installed, but if you try again the next day, it works fine. What gives? The locate database is created by another program named
updatedb. Usually, it is run periodically as a cron job, that is, a task performed at regular intervals by the cron daemon. Most systems equipped with locate run updatedb once a day. Because the database is not updated continuously, you will notice that very recent files do not show up when using locate. To overcome this, it's possible to run the updatedb program manually by becoming the superuser and running updatedb at the prompt.
find Test: Description of test: -cmin <n>: Match files or directories whose content or attributes were last modified exactly <n> minutes ago. To specify less than <n> minutes ago,
use -<n>, and to specify more than n minutes ago, use +<n>.
As stated earlier, ssh verifies the authenticity of the remote host. If the remote host does not successfully authenticate, the following message appears: "[me@linuxbox ~]$ ssh remote-sys @@@@......". After it has been determined that the message is because of a benign cause, it is safe to correct the problem on the client side. This is done by
using a text editor (vim perhaps) to remove the obsolete key from the ~/.ssh/known_hosts file. In the preceding example message, we see this: "Offending key in /home/me/.ssh/known_hosts:1". This means that the first line of the known_hosts file contains the offending key. Delete this line from the file, and the ssh program will be able to accept new authentication credentials from the remote system.
find Size Units: Character for unit: ( 2-byte words.)
w
Another popular command-line program for file downloading is wget. It is useful for downloading content from both
web and FTP sites. Single files, multiple files, and even entire sites can be downloaded.
Another popular command-line program for file downloading is __. It is useful for downloading content from both web and FTP sites. Single files, multiple files, and even entire sites can be downloaded.
wget
Command to: (Non-interactive network downloader)
wget
Command to: ( Build and execute command lines from standard input)
xargs
As stated earlier, ssh verifies the authenticity of the remote host. If the remote host does not successfully authenticate, the following message appears: "[me@linuxbox ~]$ ssh remote-sys @@@@......". After it has been determined that the message is because of a benign cause, it is safe to correct the problem on the client side. This is done by using a text editor (vim perhaps) to remove the obsolete key from the __ file.
~/.ssh/known_hosts
