=== gnupg ===
  * gpg --list-keys --list-options show-uid-validity <kedid> # check validity

=== dos2unix endofline conversion: ===
  * od -t d1 <input.txt >output.txt
  * perl -pi -e 's/ / /g' input.txt

=== whats listening on what ports? ===
  * netstat -nlp
  * lsof -i tcp:7100
  * fuser -v -n tcp 7100

=== pulseaudio: sending audio to remote ===
  * server: 'pactl load-module module-native-protocol-tcp auth-ip-acl=<clientip>'
  * client: 'PULSE_SERVER=<ip-of-server> firefox'

=== kvm tuning ===
**note** This will increase chances of data loss, while improving performance! Not for production!
  * virsh edit <guest>
  * Seek for the "cache" clause. Change its value (probably none or writeback) to "unsafe"
  * sysctl -w vm.dirty_expire_centisecs=500000  
  * sysctl -w vm.dirty_ratio=98  
  * sysctl -w vm.dirty_background_ratio=90  
  * sysctl -w vm.dirty_writeback_centisecs=50000
  * To enforce data to be written before these limits strike in, "sync" could be used

=== bash hacks ===
  * **disown** : a backgrounded process (ctrl+Z / bg) can be sidowned, after logging out it keeps running.  nohup/screen also possible.
  * **fc** : start last run command in test editor, after leaving editor execute it

=== cpio usage ===
  * cpio -iv <../initrd.org # extract initrd.org
  * find ./ | cpio -H newc -o >/boot/6initrdnew # create cpio-archive

=== extract rpm files ===
  * %%rpm2cpio <path-to-rpm> |  cpio --extract --verbose --make-directories --preserve%%

=== what kind of ldap-server is running? ===
  * %%ldapsearch -x -h wiz -b "" -s base "objectclass=*"%%

=== force screen blanking in x: ===
  * xset dpms force off

=== reread a partitionable onthefly ===
  * partprobe or 'blockdev --rereadpt /dev/sda'

=== runtime lib-path variables: ===
  * LD_RUN_PATH LD_LIBRARY_PATH

=== compile/link paths ===
  * LD_LIBRARY_PATH="/usr/local/soft_gsasl-0.2.27/lib" LDFLAGS="-L/usr/local/soft_gsasl-0.2.27/lib" CPPFLAGS="-I/usr/local/soft_gsasl-0.2.27/include"
  * C_INCLUDE_PATH=/opt/gdbm-1.8.3/include
  * CPLUS_INCLUDE_PATH=/opt/gdbm-1.8.3/include

=== backup via ssh/netcat: ===
  * tar cfp - . |(ssh user@host 'cd /dir && tar xfp -')
  * on server: nc -l -p | (cd /tmp/backup && tar xfp -) on client: tar cfp - / | nc serverip 2222

=== drop ssh-publickeyfile: ===
  * (ssh user@remote "mkdir .ssh; cat >.ssh/authorized_keys") < .ssh/id_rsa.pub

=== create selfsigned cert (for apache etc.): ===
<code>
# step one - create the key and request:
openssl req -new -newkey rsa:4096 > new.cert.csr
# step two - remove the passphrase from the key (optional):
openssl rsa -in privkey.pem -out new.cert.key
# step three - convert request into signed cert:
openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days 730
</code>

=== show contents of x509-cert: ===
  * openssl x509 -in service.crt -noout -text

=== what dependencies does an rpm-file have? ===
  * rpm -qRp gcc.rpm

=== show the top ten of cpu-using processes: ===
  * ps ax -o pid,user,pcpu,comm | sort -k +2 |tail -10

=== presentationsoftware, networkdiagrams ===
  * magicpoint, dia, xfig, kivio, Xy-pic, tgif, inkscape, sodipodi
  * https://creately.com

=== dump whole networkpackets: ===
  * tcpdump -Xnvs 0 host 1.2.3.4

=== install perlmodule: ===
  * perl -MCPAN -e 'install Chocolate::Belgian'

=== how many percent of system are in use cpu-wise? ===
  * ps aux | nawk '{tot+=$5} ; END { print tot}'

=== packet forwarding + nat: ===
  * %%iptables -t nat -A PREROUTING -p tcp --dport 2222 -d 10.0.0.1 -j DNAT --to 192.168.4.16:22%%
  * iptables -t nat -A POSTROUTING -j MASQUERADE -o eth0 -d 2.3.4.5

=== create a 7GB sparse-file (uses space only when actually needed): ===
  * dd if=/dev/zero of=xm32_debian.img bs=1 count=1 seek=7G

=== ssh pubkey restrictions of pubkey-auth onto executing something from an array of allowed comands: ===
  * %%command="sh -c 'if expr \"${SSH_ORIGINAL_COMMAND}\" : \"^rsync.*--server\" >/dev/null ; then $SSH_ORIGINAL_COMMAND ; else echo REJECTED ; fi'" ssh-rsa..%%

=== irc-servers from europe: ===
  * irc.belwue.de
  * random.ircd.de
  * irc.uni-erlangen.de
  * irc.leo.org

=== rescan on linux for scsi/san-luns: ===
  * dmesg|grep scsi # find out the number of the scsi-host in use
  * %%echo "1" > /sys/class/fc_host/hostXYZ/issue_lip # XYZ = number of scsi-host%%
  * %%echo "- - -" > /sys/class/scsi_host/hostXYZ/scan%%

=== ask name-server for versioninfo: ===
  * host -c chaos -t txt version.bind someserver.org

=== create a pkcs12-cert: ===
  * openssl pkcs12 -export -in newcert.pem -inkey newkey.pem -certfile cacert.pem -name "[friendly name]" -out namecert.p12

=== Get cryptstring i.e. for httpasswd: ===
  * %%perl -we 'print crypt("secret",int(rand(90))+10),"\n";'%%

=== OpenSwan cvs checkout: ===
  * %%cvs -d :pserver:anoncvs@anoncvs.openswan.org:/public/cvs login # pass anoncvs%%
  * %%cvs -d :pserver:anoncvs@anoncvs.openswan.org:/public/cvs co openswan-2%%

=== change cdrom in qemu virtualmachine ===
  * <ctrl+alt+2>, eject cdrom, change cdrom /path/cd.iso, <ctrl+alt+1>

=== create a file, to compare time it takes between different media below ===
  * %%dd if=/dev/zero of=testfile bs=128M count=1 oflag=direct%% # writes file with DIRECTIO, so cache is not involved
  * %%sync; time bash -c 'dd if=/dev/zero of=testfile bs=128M count=1; sync;'%% # write, with sync bevore/after

=== vmware config for shared disks (for testing clusterstuff) ===
<code>
create preallocated disk (not this spare thingy), use new scsi-bus (i.e. target 1.1 for shared disk), add options to vm-configfile.vmx:
  scsi1.sharedBus = "virtual"
  disk.locking = "false"
  diskLib.dataCacheMaxSize = "0" 
</code>

=== linux cpu-speed tuning ===
  * echo ondemand >/sys/devices/system/cpu/cpu0/cpufreq/scaling_governor

=== running slrn on my utf8-debian ===
<code>
LANG=en_GB.iso88591 luit -encoding ISO-8859-1 slrn -h news.individual.de
</code>

=== getting a remote firefox on 'ssh -X' shell ===
<code>
firefox -no-remote
</code>

=== setting rpm-queryformat to also see architecture of rpms by default ===
<code>
echo "%_query_all_fmt %%{name}-%%{version}-%%{release}.%%{arch}" >~/.rpmmacros
</code>

=== gnu parted ===
<code>
parted /dev/sdb mkpart primary 500M 100%
parted /dev/sdb align-check opt 1
parted /dev/sdb align-check opt 2
</code>

=== cryptsetup/luks ===
<code>
# creation
cryptsetup -v luksFormat /dev/sdb       # initial setup
cryptsetup luksOpen /dev/sdb usbbackup  # create mapping
pv/cat /dev/zero >/dev/mapper/usbbackup # initialization
mkfs.ext4 /dev/mapper/usbbackup

# opening/mounting
cryptsetup luksOpen /dev/sdb usbbackup
mount /dev/mapper/usbbackup /mnt/usbbackup

# closing/umount
umount /mnt/usbbackup
cryptsetup luksClose usbbackup
</code>

=== sendmail: disable dns-usage for smarthost ===
<code>
echo 'hosts files' >/etc/mail/service.switch
echo 'aliases files' >>/etc/mail/service.switch
echo '1.2.3.4 mailgw' >>/etc/hosts
vi sendmail.cf # set 'DSmailgw'
echo 'O ServiceSwitchFile=/etc/mail/service.switch' >>/etc/mail/sendmail.cf
echo 'O HostsFile=/etc/hosts' >>/etc/mail/sendmail.cf
</code>

=== cpan with proxy ===
<code>
# export http_proxy="http://10.1.2.3:8080"
# export ftp_proxy="http://10.1.2.3:8080"
# perl -MCPAN -e shell
$ install Net::LDAP
</code>