Marc Kohaupt debuglevel

CAUTION: Nothing tested here.

ssh -J <user>@<bastion:port> <user>@<target:port>
       ^^^^^^
       on bastion
                             ^^^^^^
                             on target
                                    ^^^^^^^^^^^^^
                                    as seen from bastion?

`ssh-agent` basics

You might want to use SSH agent forwarding. This way you do not have to load your key on the server in any way - but it also bears a certain risk that a malicious user (e.g. another sudo user) on the remote system can also use it.
- PuTTY provides this setting (default off) at Connection->SSH->Auth->Allow agent forwarding.
- For OpenSSH, use ssh -A.
Start via eval $(ssh-agent) in your current shell.
Add your default key via ssh-add.
Add a key by pasting it into stdin: ssh-add - and CTRL+D three times. Password will probably be shown in cleartext! Use clear, reset or tmux clear-history afterwards.
List loaded keys: ssh-add -l or ssh-add -L
Use ssh-add -x to lock agent wirh a password and ssh-add -X to unlock.
sudo -s, sudo -i and even sudo ssh [...] will remove the SSH_AUTH_SOCK environment variable pointing to the agent socket. In case of sudoing to root, sudo -s --preserve-env=SSH_AUTH_SOCK will work (other users will not work due t

LVM cheatsheet

See https://www.thomas-krenn.com/de/wiki/LVM_Grundlagen for the core concepts regarding physical volumes (pv), volume groups (vg) and logival volumes (lv).

Partition table thing that do not have to do with LVM

Show drives, their sizes and their partitions in the boot log: dmesg | grep sd (or nvme on bare-metal; unlikely in virtualized environments)

List a block device tree. Shows in which partition a volume group was placed: lsblk

Grow the third partition to the maximum (if there is empty space afterwards). You may need to reboot afterwards: growpart --verbose /dev/sda 3

incomplete and barely proven comparison of file transfer methods with REST

JSON with base64

$ curl -X POST -d @content.json -H "Content-Type: application/json" -H "Accept: application/json" http://localhost/
$ cat content.json
{  
   "files":{  
      "main.tex":"XGRvY3VtZW50Y2xhc3N7YXJ0aWNsZX0KXGJlZ2lue2RvY3VtZW50fQpcaW5jbHVkZXt0ZXN0L3Rlc3R9ClxlbmR7ZG9jdW1lbnR9",
      "test/test.tex":"aGFsbG8gd2VsdA=="
   }

	#!/bin/bash

	# - Ensure your SSH key is loaded in ssh-agent.
	# - Ensure borg repository exists (use `-e none` to disable encyption).

	repository="ssh://[email protected]:23/./BorgBackup/repodir"
	export BORG_PASSPHRASE="dsadsdadsadsadsadsasda"

	i=0
	while true; do

	# Compress all
	# ... files
	# ... older than 30 days
	# ... not already compressed

	find . -mtime +30 -type f -not -name "*.xz" -exec xz {} \;

	version: '3.3'

	services:
	traefik:
	image: traefik:v2.5
	command:
	#- "--log.level=DEBUG"
	- "--providers.docker=true"
	- "--providers.docker.exposedbydefault=false"
	- "--entrypoints.web.address=:8888"

	https://regex101.com/r/jcpyd3/1 ❤️ #create #test #dispaygroups
	https://www.nodexr.net/ ❤️ #create #debug #visualize
	https://regexr.com/ # create
	https://regex-generator.olafneumann.org/ #wizard
	https://extendsclass.com/regex-tester.html #create #debug #visualize
	http://www.txt2re.com/ #wizard #broken

	#!/bin/bash
	for dir in */ ; do
	echo -ne "$dir \t "
	git -C "$dir" rev-parse &> /dev/null
	CODE=$?
	if [[ "$CODE" -eq "0" ]]; then
	echo -ne "is a git repository "
	git -C "$dir" remote get-url origin &> /dev/null
	CODE=$?
	if [[ "$CODE" -eq "0" ]]; then