}
_khfix-common() {
- local host ip port file key tmp
- read -r host ip port < <(timeout -s 9 2 ssh -oBatchMode=yes -oControlMaster=no -oControlPath=/ -v $1 |& sed -rn "s/debug1: Connecting to ([^ ]+) \[([^\]*)] port ([0-9]+).*/\1 \2 \3/p" ||: )
+ local host ip port file key tmp ssh_host alias
+ ssh_host=$1
+ {
+ read -r host ip port
+ read -r alias;
+ # note ":graph:" is needed or else we get a trailing \r out of ssh,
+ # dunno why. web search says terminals add \r, so I tried adding -T
+ # to turn off psuedo terminal, but it didnt help.
+ } < <(timeout -s 9 2 ssh -TN -oBatchMode=yes -oControlMaster=no -oControlPath=/ -v $ssh_host |&
+ sed -rn "s/debug1: Connecting to ([^ ]+) \[([^\]*)] port ([0-9]+).*/\1 \2 \3/p;
+s/^debug1: using hostkeyalias: ([[:graph:]]*).*/\1/p" ||: )
file=$(readlink -f ~/.ssh/known_hosts)
if [[ ! $ip ]]; then
echo "khfix: ssh failed"
return 1
fi
+ ip_entry=$ip
+ host_entry=$host
+ if [[ $alias ]]; then
+ host_entry="$alias"
+ fi
if [[ $port != 22 ]]; then
ip_entry="[$ip]:$port"
- host_entry="[$host]:$port"
- else
- ip_entry=$ip
- host_entry=$host
+ if [[ ! $alias ]]; then
+ host_entry="[$host]:$port"
+ fi
fi
- if [[ $host != "$ip" ]]; then
+ if [[ $host_entry != "$ip_entry" ]]; then
tmp=$(mktemp)
ssh-keygen -F "$host_entry" -f $file >$tmp || [[ $? == 1 ]] # 1 when it doesnt exist in the file
if [[ -s $tmp ]]; then
key=$(sed -r 's/^.*([^ ]+ +[^ ]+) *$/\1/' $tmp)
+ else
+ echo "khfix WARNING: did not find host entry:$host_entry in known_hosts"
fi
rm $tmp
if [[ $key ]]; then
ssh-keygen -F "$ip_entry" -f $file >$tmp || [[ $? == 1 ]]
if [[ -s $tmp ]]; then
key=$(sed -r 's/^.*([^ ]+ +[^ ]+) *$/\1/' $tmp)
+ else
+ echo "khfix WARNING: did not find ip entry:$ip_entry in known_hosts"
fi
rm $tmp
if [[ $key ]]; then
grep -Fv "$key" "$file" | sponge "$file"
fi
- ll ~/.ssh/known_hosts
}
khfix-r() { # known hosts fix without syncing to root user
_khfix-common "$@" || return 1
sed -rn '/testignore|jtuttle|eximbackup/!s/^[^ ]+ ([^ ]+) [^ ]+ [^ ]+ <= ([^ ]+).* id=([^ ]+) T="(.*)" from (<[^ ]+> .*$)/\1 \5\n \3\n \4/p' <${1:-/var/log/exim4/mainlog}
}
etailin() {
- tail -F /var/log/exim4/mainlog | sed -rn '/testignore|jtuttle|eximbackup/!s/^[^ ]+ ([^ ]+) [^ ]+ [^ ]+ <= ([^ ]+).*T="(.*)" from (<[^ ]+> .*$)/\1 \4\n \3/p'
+ local -a tail_arg
+ tail_arg=(-n500)
+ if [[ $1 ]]; then
+ tail_arg=($@)
+ fi
+ tail "${tail_arg[@]}" -F /var/log/exim4/mainlog | sed -rn '/testignore|jtuttle|eximbackup/!s/^[^ ]+ ([^ ]+) [^ ]+ [^ ]+ <= ([^ ]+).*T="(.*)" from (<[^ ]+> .*$)/\1 \4\n \3/p'
}
slr() {
sl --rsync "$@"
}
-sss() { # ssh solo
- sl -oControlMaster=no -oControlPath=/ "$@"
+
+
+# ssh solo
+#
+# WARNING: If you are trying to use -i, remember that keys added to
+# agent previously will still be tried. Use ssh-add -D to remove all
+# keys from the agent.
+sss() {
+ ssh -oControlMaster=no -oControlPath=/ "$@"
}
# kill off old shared socket then ssh
ssk() {
m s ip n flush dev "$default_route_dev"
}
+dsh() {
+ command dsh -c "$@"
+}
+
# * stuff that makes sense to be at the end
ap() {
# pushd in case current directory has an ansible.cfg file
pushd /a/xans >/dev/null
- ansible-playbook -v -l ${1:- $(hostname -f)} site.yml
+ ansible-playbook -v -i ${1:- $(hostname -f)}, site.yml
popd >/dev/null
}
aw() {
done | s cedit -e hosts-file-up /etc/hosts
for host in ${hosts[@]}; do
echo $host
- done | cedit -e /a/bin/ds/subdir_files/.dsh/group/btrbk
+ done >/p/c/subdir_files/.dsh/group/btrbk
### end focus on hosts file update ###
pushd /home/iank/.local/share/profanity/chatlogs/iank_at_fsf.org/rooms/office_at_conference.fsf.org
logs=(*)
logcount=${#logs[@]}
- if (( logcount > 15 )); then
- i=$(( logcount - 15 ))
+ if (( logcount > 16 )); then
+ i=$(( logcount - 16 ))
else
i=0
fi
openssl x509 -txt -in "$@"
}
+# dsh on btrbk hosts
+dsb() {
+:
+ }
+
+# dsh a file and run it
+dsa() {
+ local ret file
+ if ! parallel -j 10 scp x {}:/tmp <~/.dsh/group/btrbk; then
+ echo parallel scp failed. dsa returning $ret
+ fi
+ dsh -g btrbk
+ }
+
export BASEFILE_DIR=/a/bin/fai-basefiles
#export ANDROID_HOME=/a/opt/android-home
# disabled temporarily
###### setup /i
# if home_network; then
-# sudo teeu /etc/fstab <<'EOF'
+# sudo /a/exe/teeu /etc/fstab <<'EOF'
# /i/w /w none bind,noauto 0 0
# /i/k /k none bind,noauto 0 0
# EOF
# sudo chown $USER:user2 /kr
# fi
# if [[ $HOSTNAME == frodo ]]; then
-# sudo teeu /etc/fstab <<'EOF'
+# sudo /a/exe/teeu /etc/fstab <<'EOF'
# /k /kr none bind,noauto 0 0
# EOF
# else
-# sudo teeu /etc/fstab <<'EOF'
+# sudo /a/exe/teeu /etc/fstab <<'EOF'
# frodo:/k /kr nfs noauto 0 0
# EOF
# fi
fi
first_root_crypt=$(awk '$2 == "/" {print $1}' /etc/mtab)
- sudo teeu /etc/fstab <<EOF
+ sudo /a/exe/teeu /etc/fstab <<EOF
$first_root_crypt /nocow btrfs noatime,subvol=nocow$( (( $(nproc) > 2)) && echo ,compress=zstd ) 0 0
EOF
sudo mkdir -p $dir
case $HOSTNAME in
kd)
- sudo teeu /etc/fstab <<'EOF'
+ sudo /a/exe/teeu /etc/fstab <<'EOF'
/dev/mapper/crypt_dev_ata-Samsung_SSD_870_QVO_8TB_S5VUNG0N900656V-part7 /d btrfs nofail,x-systemd.device-timeout=30s,x-systemd.mount-timeout=30s,noatime,compress=zstd,subvol=d 0 0
/d/m /i none bind,compress=zstd 0 0
EOF
fi
;;
frodo)
- sudo teeu /etc/fstab <<'EOF'
+ sudo /a/exe/teeu /etc/fstab <<'EOF'
/dev/mapper/crypt_dev_ata-ata-Hitachi_HDS722020ALA330_JK1121YAG7SXWS-part1 /i btrfs nofail,x-systemd.device-timeout=30s,x-systemd.mount-timeout=30s,noatime,subvol=i 0 0
EOF
if ! mountpoint /i &>/dev/null; then
fi
## slow down ploopy trackball, until we recompile firmware
-# id=$(xinput list | grep -F 'Ploopy Corporation Trackball Mouse' | sed -rn 's/.*[[:space:]]id=([^[:space:]]*).*/\1/p' ||:)
-# if [[ $id ]]; then
-# xinput --set-prop $id 'libinput Accel Speed' -0.9
-# fi
+id=$(xinput list | grep -F 'Ploopy Corporation Trackball Mouse' | sed -rn 's/.*[[:space:]]id=([^[:space:]]*).*/\1/p' ||:)
+if [[ $id ]]; then
+ xinput --set-prop $id 'libinput Accel Speed' -0.7
+fi
set +x
exit 0
#keyserver hkp://keys.gnupg.net
#keyserver hkp://keyserver.ubuntu.com
#keyserver hkp://keyring.debian.org
-#keyserver keyserver.ubuntu.com
+keyserver keyserver.ubuntu.com
# more secure hkps, but had problems with my gpg version
-keyserver hkps://hkps.pool.sks-keyservers.net
+#keyserver hkps://hkps.pool.sks-keyservers.net
### begin things added by enigmail
cert-digest-algo SHA256
iankelling.org / git / distro-setup / commitdiff