Posts

Posted on by oueta

Using ssh-agent for auto login with public keys in Linux

Most of the time when you are using a Desktop Environment in Linux this is already implemented, all you have to do is add AddKeysToAgent yes to your /etc/ssh/ssh_config and you are good to go, the keys will be added to the ssh-agent and can be reused.

In this tutorial we will setup ssh-agent from scratch, but first let’s see how it works.

How ssh-agent works?

The first step is to run the ssh-agent.

eval $(ssh-agent)

We have to use the eval keyword, because the output looks like below and we must set and export the SSH_AUTH_SOCK and SSH_AGENT_PID variables, which will be later used by ssh-add.

SSH_AUTH_SOCK=/tmp/ssh-4Ao0M59fzyhD/agent.12706; export SSH_AUTH_SOCK;
SSH_AGENT_PID=12707; export SSH_AGENT_PID;
echo Agent pid 12707;

List keys, the output is correct, this means that ssh-add can connect to the ssh-agent socket.
Now you can log into your machines, the keys will be added.

ssh-add -l
The agent has no identities.

If your output looks like below, the variables are not exported correctly, make sure you run ssh-agent using the eval keyword.

Could not open a connection to your authentication agent.

Implementation

Now that we know how ssh-agent works, it would be easy to add this to your ~/.bashrc file, but it would not be a good choice because you will end up with a lot of ssh-agent services running.

I created a script which will first check if there is a running ssh-agent and make sure that we are not running multiple agents.

running_agent_user=$(pgrep -u $USER ssh-agent | wc -l)
tmp_ssh_agent="/tmp/${USER}_ssh_agent"
# timeout in seconds, lifetime = 0 (not a good idea if you are using a server)
timeout_ssh_agent=10800

function start_ssh_agent() {
    echo "Starting ssh-agent"
    ssh-agent -t $timeout_ssh_agent > $tmp_ssh_agent
    chmod 600 $tmp_ssh_agent
    eval $(cat $tmp_ssh_agent)
}

if [ $running_agent_user == 1  ]
then
    echo "ssh-agent already running, setting up the environment variables"
    eval $(cat $tmp_ssh_agent)
elif [ $running_agent_user == 0 ]
then
    echo "ssh-agent is not running"
    start_ssh_agent
else
    echo "Multiple ssh-agent services are running, stopping all the agents"
    kill $(pgrep -u $USER ssh-agent)
    start_ssh_agent
fi

Download from GitHub ssh-agent.bashrc

You can setup a timeout value for ssh-agent, I used 3 hours in my script.. feel free to modify it.
The default value for timeout is forever, so your keys will be kept until you restart the ssh-agent or the timeout value expires.

Add the script with the source keyword to your ~/.bashrc or global bashrc found in /etc.

source /path_to_your_script/ssh-agent.bashrc > /dev/null

With this implementation every user will have it’s own ssh-agent, good luck!

Posted on by oueta

How to display CPU Information in Linux

The easiest way to get informations about the CPU in Linux is by using the lscpu command, which is a part of util-linux package. The data is collected from sysfs and /proc/cpuinfo, let’s see how this work, also in this post we will use /proc/cpuinfo and dmidecode.

Source code: lscpu.c

lscpu
Architecture:          x86_64
CPU op-mode(s):        32-bit, 64-bit
Byte Order:            Little Endian
CPU(s):                8
On-line CPU(s) list:   0-7
Thread(s) per core:    2
Core(s) per socket:    4
Socket(s):             1
NUMA node(s):          1
Vendor ID:             GenuineIntel
CPU family:            6
Model:                 60
Model name:            Intel(R) Core(TM) i7-4771 CPU @ 3.50GHz
Stepping:              3
CPU MHz:               902.984
CPU max MHz:           3900.0000
CPU min MHz:           800.0000
BogoMIPS:              6995.99
Virtualization:        VT-x
L1d cache:             32K
L1i cache:             32K
L2 cache:              256K
L3 cache:              8192K
NUMA node0 CPU(s):     0-7
Flags:                 fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm epb invpcid_single ssbd ibrs ibpb stibp kaiser tpr_shadow vnmi flexpriority ept vpid fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid xsaveopt dtherm ida arat pln pts flush_l1d

Most of the information is self explanatory however some of the more important ones:
Socket(s): 1, Physical chip which is connected into the motherboard’s socket.
Core(s) per socket: 4, Number of physical cores a socket contains.
Thread(s) per core: 2, Number of threads a physical core contains.
CPU(s): 8, Logical cores, number of CPU’s that are used by the Operating System.

Display Level 1,Level 2, Level 3 cache information, online status and minimum and maximum frequency.

lscpu -e -a
CPU NODE SOCKET CORE L1d:L1i:L2:L3 ONLINE MAXMHZ    MINMHZ
0   0    0      0    0:0:0:0       yes    3900.0000 800.0000
1   0    0      1    1:1:1:0       yes    3900.0000 800.0000
2   0    0      2    2:2:2:0       yes    3900.0000 800.0000
3   0    0      3    3:3:3:0       yes    3900.0000 800.0000
4   0    0      0    0:0:0:0       yes    3900.0000 800.0000
5   0    0      1    1:1:1:0       yes    3900.0000 800.0000
6   0    0      2    2:2:2:0       yes    3900.0000 800.0000
7   0    0      3    3:3:3:0       yes    3900.0000 800.0000

Print out a parsable format

lscpu -p
# The following is the parsable format, which can be fed to other
# programs. Each different item in every column has an unique ID
# starting from zero.
# CPU,Core,Socket,Node,,L1d,L1i,L2,L3
0,0,0,0,,0,0,0,0
1,1,0,0,,1,1,1,0
2,2,0,0,,2,2,2,0
3,3,0,0,,3,3,3,0
4,0,0,0,,0,0,0,0
5,1,0,0,,1,1,1,0
6,2,0,0,,2,2,2,0
7,3,0,0,,3,3,3,0

Parsable format and select the columns

lscpu -p=CPU,ONLINE
# The following is the parsable format, which can be fed to other
# programs. Each different item in every column has an unique ID
# starting from zero.
# CPU,Online
0,Y
1,Y
2,Y
3,Y
4,Y
5,Y
6,Y
7,Y

Information about the physical chip

dmidecode -t processor
# dmidecode 3.0
Getting SMBIOS data from sysfs.
SMBIOS 2.7 present.

Handle 0x0053, DMI type 4, 42 bytes
Processor Information
	Socket Designation: SOCKET 1150
	Type: Central Processor
	Family: Other
	Manufacturer: Intel
	ID: C3 06 03 00 FF FB EB BF
	Version: Intel(R) Core(TM) i7-4771 CPU @ 3.50GHz
	Voltage: 1.2 V
	External Clock: 100 MHz
	Max Speed: 3900 MHz
	Current Speed: 3504 MHz
	Status: Populated, Enabled
	Upgrade: Socket BGA1155
	L1 Cache Handle: 0x004D
	L2 Cache Handle: 0x004E
	L3 Cache Handle: 0x004F
	Serial Number: Not Specified
	Asset Tag: Fill By OEM
	Part Number: Fill By OEM
	Core Count: 4
	Core Enabled: 4
	Thread Count: 8
	Characteristics:
		64-bit capable

Cache information

dmidecode -t cache
# dmidecode 3.0
Getting SMBIOS data from sysfs.
SMBIOS 2.7 present.

Handle 0x004D, DMI type 7, 19 bytes
Cache Information
	Socket Designation: CPU Internal L1
	Configuration: Enabled, Not Socketed, Level 1
	Operational Mode: Write Back
	Location: Internal
	Installed Size: 256 kB
	Maximum Size: 256 kB
	Supported SRAM Types:
		Unknown
	Installed SRAM Type: Unknown
	Speed: Unknown
	Error Correction Type: Single-bit ECC
	System Type: Other
	Associativity: 8-way Set-associative

Handle 0x004E, DMI type 7, 19 bytes
Cache Information
	Socket Designation: CPU Internal L2
	Configuration: Enabled, Not Socketed, Level 2
	Operational Mode: Write Back
	Location: Internal
	Installed Size: 1024 kB
	Maximum Size: 1024 kB
	Supported SRAM Types:
		Unknown
	Installed SRAM Type: Unknown
	Speed: Unknown
	Error Correction Type: Single-bit ECC
	System Type: Unified
	Associativity: 8-way Set-associative

Handle 0x004F, DMI type 7, 19 bytes
Cache Information
	Socket Designation: CPU Internal L3
	Configuration: Enabled, Not Socketed, Level 3
	Operational Mode: Write Back
	Location: Internal
	Installed Size: 8192 kB
	Maximum Size: 8192 kB
	Supported SRAM Types:
		Unknown
	Installed SRAM Type: Unknown
	Speed: Unknown
	Error Correction Type: Single-bit ECC
	System Type: Unified
	Associativity: 16-way Set-associative

Read cpuinfo from /proc

cat /proc/cpuinfo

Watch current frequency for each CPU

watch -n 1 "cat /proc/cpuinfo | grep -i 'processor\|mhz'"