A few of my compute nodes running on AWS were required to have their SSH port open to the public internet. There are several well established ways that can be used to protect the login. Fail2ban comes to mind, or a firewall if you know the source IP addresses or the range. In this instance, […]
Follow the documentation from the official website [here]. Installation on Ubuntu Add SSH key to GitLab First generate SSH keys from your Linux CLI for seamless and secure interaction with Gitlab servers. Navigate to https://gitlab.com and sign in. Select your avatar in the upper right corner, and click Settings Click SSH Keys. Paste the public […]
Even though I use GCP’s scheduled snapshot feature as a means to backup entire OS, for a last known good configuration for my compute instances. But it seems excessive in some cases because it doesn’t make sense to restore the entire OS for something as simple as recovering an accidentally deleted file. Therefore, we must […]
A note to self on how to check current sessions on a Cisco router that has Zone Based Firewall configured (ZBF)
Lately I have been messing around with tiny devices that have a SoC with embedded Linux on them typically equipped with an ARM processor or similar. Such a new toy in my collection to tinker with is a cheap IP Camera that I bought from Thailand. Steps Disassembling the outer case Soldering USB TTL cable […]
This topic is about BGP’s ability to prefer another router (kinda de-prefer, actually). The following diagram will make it clear. In this situation, it may be a better choice to traverse from R1 to R2 via the point-to-point link instead of going over the ISP Cloud. Here R1 and R2 are eBGP peers only. The […]
Lately, I have been struggling to understand the logic behind route-map and its functioning when used along with a prefix-list in order to filter prefixes. Basically configurations where the permit/deny of prefix-list couples with permit/deny of route-map. So I decided to lab it out in GNS3 – only allow 172.1.1.0/24 to pass through; filter everything […]
Ttcp can be used to test P2P links, however, the drawback of generating the traffic from router is high CPU usage as this is a control-plane operation. Therefore, it is not really recommended to use this utility to determine throughput for bigger interfaces. TTCP is a hidden undocumented and unsupported IOS command. For testing of […]
Here is the deal, I have a Western Digital MyBook 1TB NAS. It runs a trimmed version of Linux, called BusyBox. For the past two weeks I’ve been busy hacking and customizing it. Linux MyBookWorld 2.6.17.14 #1 PREEMPT Fri Jan 18 10:40:25 GMT 2008 armv5tejl GNU/Linux Recently after upgrading to latest firmware version 2.00.18, I […]
Mistypes holding up work This is often an annoying problem. Mistype a command and the router thinks you just typed a host name. For example, here we just mistyped the word “show”. We didn’t want to telnet to a device named “shwo”. The way to handle this is to change the preferred transport method. Problem […]
