diff --git a/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/1.aux b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/1.aux new file mode 100644 index 0000000..d2a5ca7 --- /dev/null +++ b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/1.aux @@ -0,0 +1,6 @@ +\relax +\@writefile{toc}{\contentsline {section}{\numberline {1}Overview}{1}} +\@writefile{toc}{\contentsline {section}{\numberline {2}Work Log}{1}} +\@writefile{toc}{\contentsline {subsection}{\numberline {2.1}Crontab}{1}} +\@writefile{toc}{\contentsline {subsection}{\numberline {2.2}Bash Script}{1}} +\@writefile{toc}{\contentsline {section}{\numberline {3}What Did NOT Work}{3}} diff --git a/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/1.log b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/1.log new file mode 100644 index 0000000..bfb78b9 --- /dev/null +++ b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/1.log @@ -0,0 +1,252 @@ +This is pdfTeX, Version 3.14159265-2.6-1.40.15 (TeX Live 2015/dev/Debian) (preloaded format=pdflatex 2018.11.28) 5 JUN 2019 00:27 +entering extended mode + restricted \write18 enabled. + %&-line parsing enabled. +**/home/layoutdev/Desktop/code/documentation_general/IT_Articles/2019/AutoSSH_a +nd_Reverse_Proxy_Alternative/docs/1.tex + +(/home/layoutdev/Desktop/code/documentation_general/IT_Articles/2019/AutoSSH_an +d_Reverse_Proxy_Alternative/docs/1.tex +LaTeX2e <2014/05/01> +Babel <3.9l> and hyphenation patterns for 2 languages loaded. +(/usr/share/texlive/texmf-dist/tex/latex/base/article.cls +Document Class: article 2014/09/29 v1.4h Standard LaTeX document class +(/usr/share/texlive/texmf-dist/tex/latex/base/size11.clo +File: size11.clo 2014/09/29 v1.4h Standard LaTeX file (size option) +) +\c@part=\count79 +\c@section=\count80 +\c@subsection=\count81 +\c@subsubsection=\count82 +\c@paragraph=\count83 +\c@subparagraph=\count84 +\c@figure=\count85 +\c@table=\count86 +\abovecaptionskip=\skip41 +\belowcaptionskip=\skip42 +\bibindent=\dimen102 +) +(/usr/share/texlive/texmf-dist/tex/latex/graphics/graphicx.sty +Package: graphicx 2014/04/25 v1.0g Enhanced LaTeX Graphics (DPC,SPQR) + +(/usr/share/texlive/texmf-dist/tex/latex/graphics/keyval.sty +Package: keyval 2014/05/08 v1.15 key=value parser (DPC) +\KV@toks@=\toks14 +) +(/usr/share/texlive/texmf-dist/tex/latex/graphics/graphics.sty +Package: graphics 2009/02/05 v1.0o Standard LaTeX Graphics (DPC,SPQR) + +(/usr/share/texlive/texmf-dist/tex/latex/graphics/trig.sty +Package: trig 1999/03/16 v1.09 sin cos tan (DPC) +) +(/usr/share/texlive/texmf-dist/tex/latex/latexconfig/graphics.cfg +File: graphics.cfg 2010/04/23 v1.9 graphics configuration of TeX Live +) +Package graphics Info: Driver file: pdftex.def on input line 91. + +(/usr/share/texlive/texmf-dist/tex/latex/pdftex-def/pdftex.def +File: pdftex.def 2011/05/27 v0.06d Graphics/color for pdfTeX + +(/usr/share/texlive/texmf-dist/tex/generic/oberdiek/infwarerr.sty +Package: infwarerr 2010/04/08 v1.3 Providing info/warning/error messages (HO) +) +(/usr/share/texlive/texmf-dist/tex/generic/oberdiek/ltxcmds.sty +Package: ltxcmds 2011/11/09 v1.22 LaTeX kernel commands for general use (HO) +) +\Gread@gobject=\count87 +)) +\Gin@req@height=\dimen103 +\Gin@req@width=\dimen104 +) +(/usr/share/texlive/texmf-dist/tex/latex/caption/caption.sty +Package: caption 2013/05/02 v3.3-89 Customizing captions (AR) + +(/usr/share/texlive/texmf-dist/tex/latex/caption/caption3.sty +Package: caption3 2013/05/02 v1.6-88 caption3 kernel (AR) +Package caption3 Info: TeX engine: e-TeX on input line 57. +\captionmargin=\dimen105 +\captionmargin@=\dimen106 +\captionwidth=\dimen107 +\caption@tempdima=\dimen108 +\caption@indent=\dimen109 +\caption@parindent=\dimen110 +\caption@hangindent=\dimen111 +) +\c@ContinuedFloat=\count88 +) (./1.aux) +\openout1 = `1.aux'. + +LaTeX Font Info: Checking defaults for OML/cmm/m/it on input line 8. +LaTeX Font Info: ... okay on input line 8. +LaTeX Font Info: Checking defaults for T1/cmr/m/n on input line 8. +LaTeX Font Info: ... okay on input line 8. +LaTeX Font Info: Checking defaults for OT1/cmr/m/n on input line 8. +LaTeX Font Info: ... okay on input line 8. +LaTeX Font Info: Checking defaults for OMS/cmsy/m/n on input line 8. +LaTeX Font Info: ... okay on input line 8. +LaTeX Font Info: Checking defaults for OMX/cmex/m/n on input line 8. +LaTeX Font Info: ... okay on input line 8. +LaTeX Font Info: Checking defaults for U/cmr/m/n on input line 8. +LaTeX Font Info: ... okay on input line 8. + +(/usr/share/texlive/texmf-dist/tex/context/base/supp-pdf.mkii +[Loading MPS to PDF converter (version 2006.09.02).] +\scratchcounter=\count89 +\scratchdimen=\dimen112 +\scratchbox=\box26 +\nofMPsegments=\count90 +\nofMParguments=\count91 +\everyMPshowfont=\toks15 +\MPscratchCnt=\count92 +\MPscratchDim=\dimen113 +\MPnumerator=\count93 +\makeMPintoPDFobject=\count94 +\everyMPtoPDFconversion=\toks16 +) (/usr/share/texlive/texmf-dist/tex/generic/oberdiek/pdftexcmds.sty +Package: pdftexcmds 2011/11/29 v0.20 Utility functions of pdfTeX for LuaTeX (HO +) + +(/usr/share/texlive/texmf-dist/tex/generic/oberdiek/ifluatex.sty +Package: ifluatex 2010/03/01 v1.3 Provides the ifluatex switch (HO) +Package ifluatex Info: LuaTeX not detected. +) +(/usr/share/texlive/texmf-dist/tex/generic/oberdiek/ifpdf.sty +Package: ifpdf 2011/01/30 v2.3 Provides the ifpdf switch (HO) +Package ifpdf Info: pdfTeX in PDF mode is detected. +) +Package pdftexcmds Info: LuaTeX not detected. +Package pdftexcmds Info: \pdf@primitive is available. +Package pdftexcmds Info: \pdf@ifprimitive is available. +Package pdftexcmds Info: \pdfdraftmode found. +) +(/usr/share/texlive/texmf-dist/tex/latex/oberdiek/epstopdf-base.sty +Package: epstopdf-base 2010/02/09 v2.5 Base part for package epstopdf + +(/usr/share/texlive/texmf-dist/tex/latex/oberdiek/grfext.sty +Package: grfext 2010/08/19 v1.1 Manage graphics extensions (HO) + +(/usr/share/texlive/texmf-dist/tex/generic/oberdiek/kvdefinekeys.sty +Package: kvdefinekeys 2011/04/07 v1.3 Define keys (HO) +)) +(/usr/share/texlive/texmf-dist/tex/latex/oberdiek/kvoptions.sty +Package: kvoptions 2011/06/30 v3.11 Key value format for package options (HO) + +(/usr/share/texlive/texmf-dist/tex/generic/oberdiek/kvsetkeys.sty +Package: kvsetkeys 2012/04/25 v1.16 Key value parser (HO) + +(/usr/share/texlive/texmf-dist/tex/generic/oberdiek/etexcmds.sty +Package: etexcmds 2011/02/16 v1.5 Avoid name clashes with e-TeX commands (HO) +Package etexcmds Info: Could not find \expanded. +(etexcmds) That can mean that you are not using pdfTeX 1.50 or +(etexcmds) that some package has redefined \expanded. +(etexcmds) In the latter case, load this package earlier. +))) +Package grfext Info: Graphics extension search list: +(grfext) [.png,.pdf,.jpg,.mps,.jpeg,.jbig2,.jb2,.PNG,.PDF,.JPG,.JPE +G,.JBIG2,.JB2,.eps] +(grfext) \AppendGraphicsExtensions on input line 452. + +(/usr/share/texlive/texmf-dist/tex/latex/latexconfig/epstopdf-sys.cfg +File: epstopdf-sys.cfg 2010/07/13 v1.3 Configuration of (r)epstopdf for TeX Liv +e +)) +Package caption Info: Begin \AtBeginDocument code. +Package caption Info: End \AtBeginDocument code. + +Overfull \hbox (30.91077pt too wide) in paragraph at lines 46--46 +[]\OT1/cmtt/m/n/10.95 autossh -L 0.0.0.0:2:localhost:80 -f user@ipaddress sle +ep 31536000[] + [] + + +Overfull \hbox (36.65945pt too wide) in paragraph at lines 46--46 +[]\OT1/cmtt/m/n/10.95 #autossh -M 0 -o "ServerAliveInterval 30" -o "ServerAliv +eCountMax 3"[] + [] + +[1 + +{/var/lib/texmf/fonts/map/pdftex/updmap/pdftex.map}] +LaTeX Font Info: External font `cmex10' loaded for size +(Font) <10.95> on input line 47. +LaTeX Font Info: External font `cmex10' loaded for size +(Font) <8> on input line 47. +LaTeX Font Info: External font `cmex10' loaded for size +(Font) <6> on input line 47. +LaTeX Font Info: External font `cmex10' loaded for size +(Font) <9> on input line 47. +LaTeX Font Info: External font `cmex10' loaded for size +(Font) <5> on input line 47. + +Overfull \hbox (25.16208pt too wide) in paragraph at lines 93--93 +[]\OT1/cmtt/m/n/10.95 solves this in a painless way. It's in the repos for Debi +an/Ubuntu:[] + [] + + +Overfull \hbox (2.16733pt too wide) in paragraph at lines 93--93 +[]\OT1/cmtt/m/n/10.95 and perhaps for many other distros (it looks like it orig +inated[] + [] + + +Overfull \hbox (19.41339pt too wide) in paragraph at lines 93--93 +[] \OT1/cmtt/m/n/10.95 provide shell scripts that can be sourced and connect th +e current[] + [] + + +Overfull \hbox (2.16733pt too wide) in paragraph at lines 93--93 +[]\OT1/cmtt/m/n/10.95 For bash, with a private key named id_rsa, add the follow +ing to[] + [] + + +Overfull \hbox (7.91602pt too wide) in paragraph at lines 93--93 +[]\OT1/cmtt/m/n/10.95 This will start an ssh-agent and add the id_rsa key on th +e first[] + [] + + +Overfull \hbox (7.91602pt too wide) in paragraph at lines 93--93 +[] \OT1/cmtt/m/n/10.95 login after reboot. If the key is passphrase-protected, +it will[] + [] + +[2] +Overfull \hbox (13.6647pt too wide) in paragraph at lines 93--93 +[]\OT1/cmtt/m/n/10.95 This will let the shell know where to reach the SSH agent + managed[] + [] + +LaTeX Font Info: Try loading font information for OMS+cmr on input line 103. + +(/usr/share/texlive/texmf-dist/tex/latex/base/omscmr.fd +File: omscmr.fd 2014/09/29 v2.5h Standard LaTeX font definitions +) +LaTeX Font Info: Font shape `OMS/cmr/m/n' in size <10.95> not available +(Font) Font shape `OMS/cmsy/m/n' tried instead on input line 103. + [3] (./1.aux) ) +Here is how much of TeX's memory you used: + 2556 strings out of 495020 + 40753 string characters out of 6181323 + 95820 words of memory out of 5000000 + 5770 multiletter control sequences out of 15000+600000 + 8977 words of font info for 32 fonts, out of 8000000 for 9000 + 14 hyphenation exceptions out of 8191 + 38i,8n,38p,438b,241s stack positions out of 5000i,500n,10000p,200000b,80000s + +Output written on 1.pdf (3 pages, 106593 bytes). +PDF statistics: + 46 PDF objects out of 1000 (max. 8388607) + 32 compressed objects within 1 object stream + 0 named destinations out of 1000 (max. 500000) + 1 words of extra memory for PDF output out of 10000 (max. 10000000) + diff --git a/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/1.pdf b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/1.pdf new file mode 100644 index 0000000..a1a9365 Binary files /dev/null and b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/1.pdf differ diff --git a/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/1.tex b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/1.tex new file mode 100644 index 0000000..4dee84a --- /dev/null +++ b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/1.tex @@ -0,0 +1,110 @@ +\documentclass[11pt]{article} +%Gummi|065|=) +\title{\textbf{AutoSSH - a Reverse Proxy Alternative}} +\usepackage{graphicx} +\usepackage{caption } +\author{Steak Electronics} +\date{06/4/19} +\begin{document} + +%\maketitle +\textbf{AutoSSH - a Reverse Proxy Alternative} + +\vspace{0.2in} +This document is best read printed out on paper. +%\textbf{Todo} +\section{Overview} +I recently added another apache server to an existing infrastructure, and I wanted it to be accessible under a similar IP as another server. Due to the complexity of the website, it was not possible to simply do a reverse proxy without knowing the correct settings (e.g. X-Forwarded for). Instead, AutoSSH was used. + +\section{Work Log} +Ok, I'm going to get right to the configs that I used. You want the tool, you don't need to know all the details. + +\subsection{Crontab} +Here is the crontab script I used. I put this in /etc/crontab, so it has root after the times. I only use /etc/crontab, as it's easier to manage. +\begin{verbatim} +* * * * * root pgrep autossh > /dev/null || \ + /usr/local/bin/autosshzm/autosshzm.sh +\end{verbatim} +A few notes about this. Pgrep will search for autossh. If it doesn't find it, then it will try the next command. (|| is an OR). Put the bash script wherever you want. + +\subsection{Bash Script} + +This script is obviously what the crontab calls. +\begin{verbatim} +#!/bin/bash +logger " /usr/local/bin/autosshzm script started." +#source $HOME/.bash_profile #not needed. +source $HOME/.keychain/$HOSTNAME-sh +logger " /usr/local/bin/autosshzm sourced." + +autossh -L 0.0.0.0:2:localhost:80 -f user@ipaddress sleep 31536000 + &> /var/log/autosshzm/autosshzm.log +#autossh -M 0 -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" + -L 0.0.0.0:2:localhost:80 user@ipaddress &> + /var/log/autosshzm/autosshzm.log +logger "auto ssh ran" +\end{verbatim} +Note that the second autossh does not work, as it's missing the sleep and the -f command. \footnote{Figuring this kind of stuff out can take about an hour.} In order for this to work, you'll also need the following commands: + +\begin{verbatim} +apt-get install keychain autossh +\end{verbatim} +There were some more setup steps required for keychain... +From stackexchange: +\begin{verbatim} +25 +keychain +solves this in a painless way. It's in the repos for Debian/Ubuntu: + +sudo apt-get install keychain + +and perhaps for many other distros (it looks like it originated +from Gentoo). + +This program will start an ssh-agent if none is running, and + provide shell scripts that can be sourced and connect the current + shell to this particular ssh-agent. + +For bash, with a private key named id_rsa, add the following to + your .profile: + +keychain --nogui id_rsa + +This will start an ssh-agent and add the id_rsa key on the first + login after reboot. If the key is passphrase-protected, it will + also ask for the passphrase. No need to use unprotected keys + anymore! For subsequent logins, it will recognize the agent + and not ask for a passphrase again. + +Also, add the following as a last line of your .bashrc: + +. ~/.keychain/$HOSTNAME-sh + +This will let the shell know where to reach the SSH agent managed + by keychain. Make sure that .bashrc is sourced from .profile. + +However, it seems that cron jobs still don't see this. As a + remedy, include the line above in the crontab, just before + your actual command: + +* * * * * . ~/.keychain/$HOSTNAME-sh; your-actual-command + + +\end{verbatim} +The only thing that I needed to do here was + +keychain --nogui id\_rsa + +The rest of it (notes about crontab) was not required. + +\section{What Did NOT Work} +Here's some things I tried that did not work. +\begin{itemize} +\item https://github.com/obfusk/autossh-init - This init script, didn't do much for me. Remember, I'm stuck with systemd in Ubuntu 19.04...\footnote{The scourge of deleting software history. Keep backwards compatibility at ALL COSTS, developers.} +\item Reverse proxy with Apache - As I said, my website \footnote{Some people might call it a web application. I will not.} was too complex, and I didn't want to go down that rabbit hole. +\item Starting AutoSSH in rc.local. Didn't work. + +\end{itemize} + + +\end{document} diff --git a/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/1.tex~ b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/1.tex~ new file mode 100644 index 0000000..4b8ff1b --- /dev/null +++ b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/1.tex~ @@ -0,0 +1,28 @@ +\documentclass[11pt]{article} +%Gummi|065|=) +\title{\textbf{Router Fail - Network Down!}} +\usepackage{graphicx} +\usepackage{caption } +\author{Steak Electronics} +\date{06/4/19} +\begin{document} + +%\maketitle +\textbf{Router Fail - Network Down} +%\textbf{Todo} +\section{Overview} +A company had the internet go down. The way their system was built, they had a 2nd firewall behind a cable company router. I was able to access the network before the firewall, which meant that their firewall might've failed. +\section{Diagnosis} +The internal firewall had no LED power light or activity. So, no internet. + +First, their network was a 192.168.0.0/24 subnet. I first put them behind a second wireless router which was upstream of the cable modem and not offline. However the network of that internet router was 192.168.1.0/24. This means a few things. 1) All computers (Windows unfortunately), must be set to DHCP (in this case they were all static), and leases must be renewed. So, at least you need a reboot of computers in this situation. 2) They had server software in the LAN that depended upon the 192.168.0.0/24 subnet to work. I didn't find this out until later. + +Originally, I started with the default wireless network of 192.168.1.0/24 but I found that the server software wasn't working. In this case, the most efficient way to rebuild the network, with all the statics intact, was to set the new (temporary) replacement router to be the same subnet. I didn't have the password for the wireless router, so a simple factory reset enabled me access (although lucky for me, the default subnet was in fact 192.168.0.0/24). + +\section{Conclusion} +When replacing a failed router in a situation like this, the new router should ideally have the same subnet. You might be able to get away without this in smaller offices, but if there is any server software, or if the computers have static IPs \footnote{Or if any other device hsa a static ip, e.g. CCTV camera} you will run into a few more minutes of work. + +There are no rules; this is not set in stone, however, it's the easiest path. As this was only a temporary router replacement, it was not important to have the network 1:1 with the original. In my setups, (this network was not mine) I prefer to have redundant hardware, so you can replace a broken firewall, with a similarly configured duplicate. + + +\end{document} diff --git a/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/2.aux b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/2.aux new file mode 100644 index 0000000..d2a5ca7 --- /dev/null +++ b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/2.aux @@ -0,0 +1,6 @@ +\relax +\@writefile{toc}{\contentsline {section}{\numberline {1}Overview}{1}} +\@writefile{toc}{\contentsline {section}{\numberline {2}Work Log}{1}} +\@writefile{toc}{\contentsline {subsection}{\numberline {2.1}Crontab}{1}} +\@writefile{toc}{\contentsline {subsection}{\numberline {2.2}Bash Script}{1}} +\@writefile{toc}{\contentsline {section}{\numberline {3}What Did NOT Work}{3}} diff --git a/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/2.log b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/2.log new file mode 100644 index 0000000..eb04819 --- /dev/null +++ b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/2.log @@ -0,0 +1,252 @@ +This is pdfTeX, Version 3.14159265-2.6-1.40.15 (TeX Live 2015/dev/Debian) (preloaded format=pdflatex 2018.11.28) 5 JUN 2019 00:28 +entering extended mode + restricted \write18 enabled. + %&-line parsing enabled. +**/home/layoutdev/Desktop/code/documentation_general/IT_Articles/2019/AutoSSH_a +nd_Reverse_Proxy_Alternative/docs/2.tex + +(/home/layoutdev/Desktop/code/documentation_general/IT_Articles/2019/AutoSSH_an +d_Reverse_Proxy_Alternative/docs/2.tex +LaTeX2e <2014/05/01> +Babel <3.9l> and hyphenation patterns for 2 languages loaded. +(/usr/share/texlive/texmf-dist/tex/latex/base/article.cls +Document Class: article 2014/09/29 v1.4h Standard LaTeX document class +(/usr/share/texlive/texmf-dist/tex/latex/base/size11.clo +File: size11.clo 2014/09/29 v1.4h Standard LaTeX file (size option) +) +\c@part=\count79 +\c@section=\count80 +\c@subsection=\count81 +\c@subsubsection=\count82 +\c@paragraph=\count83 +\c@subparagraph=\count84 +\c@figure=\count85 +\c@table=\count86 +\abovecaptionskip=\skip41 +\belowcaptionskip=\skip42 +\bibindent=\dimen102 +) +(/usr/share/texlive/texmf-dist/tex/latex/graphics/graphicx.sty +Package: graphicx 2014/04/25 v1.0g Enhanced LaTeX Graphics (DPC,SPQR) + +(/usr/share/texlive/texmf-dist/tex/latex/graphics/keyval.sty +Package: keyval 2014/05/08 v1.15 key=value parser (DPC) +\KV@toks@=\toks14 +) +(/usr/share/texlive/texmf-dist/tex/latex/graphics/graphics.sty +Package: graphics 2009/02/05 v1.0o Standard LaTeX Graphics (DPC,SPQR) + +(/usr/share/texlive/texmf-dist/tex/latex/graphics/trig.sty +Package: trig 1999/03/16 v1.09 sin cos tan (DPC) +) +(/usr/share/texlive/texmf-dist/tex/latex/latexconfig/graphics.cfg +File: graphics.cfg 2010/04/23 v1.9 graphics configuration of TeX Live +) +Package graphics Info: Driver file: pdftex.def on input line 91. + +(/usr/share/texlive/texmf-dist/tex/latex/pdftex-def/pdftex.def +File: pdftex.def 2011/05/27 v0.06d Graphics/color for pdfTeX + +(/usr/share/texlive/texmf-dist/tex/generic/oberdiek/infwarerr.sty +Package: infwarerr 2010/04/08 v1.3 Providing info/warning/error messages (HO) +) +(/usr/share/texlive/texmf-dist/tex/generic/oberdiek/ltxcmds.sty +Package: ltxcmds 2011/11/09 v1.22 LaTeX kernel commands for general use (HO) +) +\Gread@gobject=\count87 +)) +\Gin@req@height=\dimen103 +\Gin@req@width=\dimen104 +) +(/usr/share/texlive/texmf-dist/tex/latex/caption/caption.sty +Package: caption 2013/05/02 v3.3-89 Customizing captions (AR) + +(/usr/share/texlive/texmf-dist/tex/latex/caption/caption3.sty +Package: caption3 2013/05/02 v1.6-88 caption3 kernel (AR) +Package caption3 Info: TeX engine: e-TeX on input line 57. +\captionmargin=\dimen105 +\captionmargin@=\dimen106 +\captionwidth=\dimen107 +\caption@tempdima=\dimen108 +\caption@indent=\dimen109 +\caption@parindent=\dimen110 +\caption@hangindent=\dimen111 +) +\c@ContinuedFloat=\count88 +) +No file 2.aux. +\openout1 = `2.aux'. + +LaTeX Font Info: Checking defaults for OML/cmm/m/it on input line 8. +LaTeX Font Info: ... okay on input line 8. +LaTeX Font Info: Checking defaults for T1/cmr/m/n on input line 8. +LaTeX Font Info: ... okay on input line 8. +LaTeX Font Info: Checking defaults for OT1/cmr/m/n on input line 8. +LaTeX Font Info: ... okay on input line 8. +LaTeX Font Info: Checking defaults for OMS/cmsy/m/n on input line 8. +LaTeX Font Info: ... okay on input line 8. +LaTeX Font Info: Checking defaults for OMX/cmex/m/n on input line 8. +LaTeX Font Info: ... okay on input line 8. +LaTeX Font Info: Checking defaults for U/cmr/m/n on input line 8. +LaTeX Font Info: ... okay on input line 8. +(/usr/share/texlive/texmf-dist/tex/context/base/supp-pdf.mkii +[Loading MPS to PDF converter (version 2006.09.02).] +\scratchcounter=\count89 +\scratchdimen=\dimen112 +\scratchbox=\box26 +\nofMPsegments=\count90 +\nofMParguments=\count91 +\everyMPshowfont=\toks15 +\MPscratchCnt=\count92 +\MPscratchDim=\dimen113 +\MPnumerator=\count93 +\makeMPintoPDFobject=\count94 +\everyMPtoPDFconversion=\toks16 +) (/usr/share/texlive/texmf-dist/tex/generic/oberdiek/pdftexcmds.sty +Package: pdftexcmds 2011/11/29 v0.20 Utility functions of pdfTeX for LuaTeX (HO +) + +(/usr/share/texlive/texmf-dist/tex/generic/oberdiek/ifluatex.sty +Package: ifluatex 2010/03/01 v1.3 Provides the ifluatex switch (HO) +Package ifluatex Info: LuaTeX not detected. +) +(/usr/share/texlive/texmf-dist/tex/generic/oberdiek/ifpdf.sty +Package: ifpdf 2011/01/30 v2.3 Provides the ifpdf switch (HO) +Package ifpdf Info: pdfTeX in PDF mode is detected. +) +Package pdftexcmds Info: LuaTeX not detected. +Package pdftexcmds Info: \pdf@primitive is available. +Package pdftexcmds Info: \pdf@ifprimitive is available. +Package pdftexcmds Info: \pdfdraftmode found. +) +(/usr/share/texlive/texmf-dist/tex/latex/oberdiek/epstopdf-base.sty +Package: epstopdf-base 2010/02/09 v2.5 Base part for package epstopdf + +(/usr/share/texlive/texmf-dist/tex/latex/oberdiek/grfext.sty +Package: grfext 2010/08/19 v1.1 Manage graphics extensions (HO) + +(/usr/share/texlive/texmf-dist/tex/generic/oberdiek/kvdefinekeys.sty +Package: kvdefinekeys 2011/04/07 v1.3 Define keys (HO) +)) +(/usr/share/texlive/texmf-dist/tex/latex/oberdiek/kvoptions.sty +Package: kvoptions 2011/06/30 v3.11 Key value format for package options (HO) + +(/usr/share/texlive/texmf-dist/tex/generic/oberdiek/kvsetkeys.sty +Package: kvsetkeys 2012/04/25 v1.16 Key value parser (HO) + +(/usr/share/texlive/texmf-dist/tex/generic/oberdiek/etexcmds.sty +Package: etexcmds 2011/02/16 v1.5 Avoid name clashes with e-TeX commands (HO) +Package etexcmds Info: Could not find \expanded. +(etexcmds) That can mean that you are not using pdfTeX 1.50 or +(etexcmds) that some package has redefined \expanded. +(etexcmds) In the latter case, load this package earlier. +))) +Package grfext Info: Graphics extension search list: +(grfext) [.png,.pdf,.jpg,.mps,.jpeg,.jbig2,.jb2,.PNG,.PDF,.JPG,.JPE +G,.JBIG2,.JB2,.eps] +(grfext) \AppendGraphicsExtensions on input line 452. + +(/usr/share/texlive/texmf-dist/tex/latex/latexconfig/epstopdf-sys.cfg +File: epstopdf-sys.cfg 2010/07/13 v1.3 Configuration of (r)epstopdf for TeX Liv +e +)) +Package caption Info: Begin \AtBeginDocument code. +Package caption Info: End \AtBeginDocument code. + +Overfull \hbox (30.91077pt too wide) in paragraph at lines 46--46 +[]\OT1/cmtt/m/n/10.95 autossh -L 0.0.0.0:2:localhost:80 -f user@ipaddress sle +ep 31536000[] + [] + + +Overfull \hbox (36.65945pt too wide) in paragraph at lines 46--46 +[]\OT1/cmtt/m/n/10.95 #autossh -M 0 -o "ServerAliveInterval 30" -o "ServerAliv +eCountMax 3"[] + [] + +[1 + +{/var/lib/texmf/fonts/map/pdftex/updmap/pdftex.map}] +LaTeX Font Info: External font `cmex10' loaded for size +(Font) <10.95> on input line 47. +LaTeX Font Info: External font `cmex10' loaded for size +(Font) <8> on input line 47. +LaTeX Font Info: External font `cmex10' loaded for size +(Font) <6> on input line 47. +LaTeX Font Info: External font `cmex10' loaded for size +(Font) <9> on input line 47. +LaTeX Font Info: External font `cmex10' loaded for size +(Font) <5> on input line 47. + +Overfull \hbox (25.16208pt too wide) in paragraph at lines 93--93 +[]\OT1/cmtt/m/n/10.95 solves this in a painless way. It's in the repos for Debi +an/Ubuntu:[] + [] + + +Overfull \hbox (2.16733pt too wide) in paragraph at lines 93--93 +[]\OT1/cmtt/m/n/10.95 and perhaps for many other distros (it looks like it orig +inated[] + [] + + +Overfull \hbox (19.41339pt too wide) in paragraph at lines 93--93 +[] \OT1/cmtt/m/n/10.95 provide shell scripts that can be sourced and connect th +e current[] + [] + + +Overfull \hbox (2.16733pt too wide) in paragraph at lines 93--93 +[]\OT1/cmtt/m/n/10.95 For bash, with a private key named id_rsa, add the follow +ing to[] + [] + + +Overfull \hbox (7.91602pt too wide) in paragraph at lines 93--93 +[]\OT1/cmtt/m/n/10.95 This will start an ssh-agent and add the id_rsa key on th +e first[] + [] + + +Overfull \hbox (7.91602pt too wide) in paragraph at lines 93--93 +[] \OT1/cmtt/m/n/10.95 login after reboot. If the key is passphrase-protected, +it will[] + [] + +[2] +Overfull \hbox (13.6647pt too wide) in paragraph at lines 93--93 +[]\OT1/cmtt/m/n/10.95 This will let the shell know where to reach the SSH agent + managed[] + [] + +LaTeX Font Info: Try loading font information for OMS+cmr on input line 103. + +(/usr/share/texlive/texmf-dist/tex/latex/base/omscmr.fd +File: omscmr.fd 2014/09/29 v2.5h Standard LaTeX font definitions +) +LaTeX Font Info: Font shape `OMS/cmr/m/n' in size <10.95> not available +(Font) Font shape `OMS/cmsy/m/n' tried instead on input line 103. + [3] (./2.aux) ) +Here is how much of TeX's memory you used: + 2554 strings out of 495020 + 40741 string characters out of 6181323 + 95820 words of memory out of 5000000 + 5770 multiletter control sequences out of 15000+600000 + 8977 words of font info for 32 fonts, out of 8000000 for 9000 + 14 hyphenation exceptions out of 8191 + 38i,8n,38p,438b,241s stack positions out of 5000i,500n,10000p,200000b,80000s + +Output written on 2.pdf (3 pages, 106593 bytes). +PDF statistics: + 46 PDF objects out of 1000 (max. 8388607) + 32 compressed objects within 1 object stream + 0 named destinations out of 1000 (max. 500000) + 1 words of extra memory for PDF output out of 10000 (max. 10000000) + diff --git a/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/2.pdf b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/2.pdf new file mode 100644 index 0000000..a9fc79c Binary files /dev/null and b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/2.pdf differ diff --git a/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/2.tex b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/2.tex new file mode 100644 index 0000000..4dee84a --- /dev/null +++ b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/2.tex @@ -0,0 +1,110 @@ +\documentclass[11pt]{article} +%Gummi|065|=) +\title{\textbf{AutoSSH - a Reverse Proxy Alternative}} +\usepackage{graphicx} +\usepackage{caption } +\author{Steak Electronics} +\date{06/4/19} +\begin{document} + +%\maketitle +\textbf{AutoSSH - a Reverse Proxy Alternative} + +\vspace{0.2in} +This document is best read printed out on paper. +%\textbf{Todo} +\section{Overview} +I recently added another apache server to an existing infrastructure, and I wanted it to be accessible under a similar IP as another server. Due to the complexity of the website, it was not possible to simply do a reverse proxy without knowing the correct settings (e.g. X-Forwarded for). Instead, AutoSSH was used. + +\section{Work Log} +Ok, I'm going to get right to the configs that I used. You want the tool, you don't need to know all the details. + +\subsection{Crontab} +Here is the crontab script I used. I put this in /etc/crontab, so it has root after the times. I only use /etc/crontab, as it's easier to manage. +\begin{verbatim} +* * * * * root pgrep autossh > /dev/null || \ + /usr/local/bin/autosshzm/autosshzm.sh +\end{verbatim} +A few notes about this. Pgrep will search for autossh. If it doesn't find it, then it will try the next command. (|| is an OR). Put the bash script wherever you want. + +\subsection{Bash Script} + +This script is obviously what the crontab calls. +\begin{verbatim} +#!/bin/bash +logger " /usr/local/bin/autosshzm script started." +#source $HOME/.bash_profile #not needed. +source $HOME/.keychain/$HOSTNAME-sh +logger " /usr/local/bin/autosshzm sourced." + +autossh -L 0.0.0.0:2:localhost:80 -f user@ipaddress sleep 31536000 + &> /var/log/autosshzm/autosshzm.log +#autossh -M 0 -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" + -L 0.0.0.0:2:localhost:80 user@ipaddress &> + /var/log/autosshzm/autosshzm.log +logger "auto ssh ran" +\end{verbatim} +Note that the second autossh does not work, as it's missing the sleep and the -f command. \footnote{Figuring this kind of stuff out can take about an hour.} In order for this to work, you'll also need the following commands: + +\begin{verbatim} +apt-get install keychain autossh +\end{verbatim} +There were some more setup steps required for keychain... +From stackexchange: +\begin{verbatim} +25 +keychain +solves this in a painless way. It's in the repos for Debian/Ubuntu: + +sudo apt-get install keychain + +and perhaps for many other distros (it looks like it originated +from Gentoo). + +This program will start an ssh-agent if none is running, and + provide shell scripts that can be sourced and connect the current + shell to this particular ssh-agent. + +For bash, with a private key named id_rsa, add the following to + your .profile: + +keychain --nogui id_rsa + +This will start an ssh-agent and add the id_rsa key on the first + login after reboot. If the key is passphrase-protected, it will + also ask for the passphrase. No need to use unprotected keys + anymore! For subsequent logins, it will recognize the agent + and not ask for a passphrase again. + +Also, add the following as a last line of your .bashrc: + +. ~/.keychain/$HOSTNAME-sh + +This will let the shell know where to reach the SSH agent managed + by keychain. Make sure that .bashrc is sourced from .profile. + +However, it seems that cron jobs still don't see this. As a + remedy, include the line above in the crontab, just before + your actual command: + +* * * * * . ~/.keychain/$HOSTNAME-sh; your-actual-command + + +\end{verbatim} +The only thing that I needed to do here was + +keychain --nogui id\_rsa + +The rest of it (notes about crontab) was not required. + +\section{What Did NOT Work} +Here's some things I tried that did not work. +\begin{itemize} +\item https://github.com/obfusk/autossh-init - This init script, didn't do much for me. Remember, I'm stuck with systemd in Ubuntu 19.04...\footnote{The scourge of deleting software history. Keep backwards compatibility at ALL COSTS, developers.} +\item Reverse proxy with Apache - As I said, my website \footnote{Some people might call it a web application. I will not.} was too complex, and I didn't want to go down that rabbit hole. +\item Starting AutoSSH in rc.local. Didn't work. + +\end{itemize} + + +\end{document} diff --git a/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/2.tex~ b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/2.tex~ new file mode 100644 index 0000000..a1a9365 Binary files /dev/null and b/2019/AutoSSH_and_Reverse_Proxy_Alternative/docs/2.tex~ differ