*0:00* - Introduction to Terminals, PTY, and TTY
*0:08* - Running Commands and the Role of the Shell (e.g., Zsh, Bash)
*1:50* - What is TTY (Teletypewriter)?
*2:09* - Virtual Consoles and Terminal Emulators
*2:41* - Pseudo-Terminals (PTY) and Terminal Simulation
*2:50* - ANSI Escape Codes for Formatting (Color, Underline, Bold)
*3:57* - Interpretation of ANSI Codes by Terminal Emulators
*4:46* - Parsing ANSI Codes (Example with `pyte` and HTML)
*6:29* - Processes, Controlling Terminals, and Signals (Ctrl+C, SIGHUP)
*7:47* - How PTY Works and Why it's Needed
*8:32* - Line Discipline: Cooked Mode (Canonical) vs. Raw Mode
*9:40* - Line Discipline: Echoing
*9:53* - Changing Terminal Options with `stty` (Disabling Canonical Mode and Echoing)
*10:41* - Signal Management and Flow Control (Ctrl+S, Ctrl+Q)
*11:49* - Window Size and Resizing Events (SIGWINCH)
*13:47* - PTY and Remote Connections (SSH and PTY)
*14:58* - Summary

In the popular imagination, the transition from the world of typewriters to the universe of computers was orderly and simple: at some point in the 20th century, someone attached a CPU and a screen to a typewriter, and that turned it into a computer.

But the reality is much more fascinating and convoluted. The transition was meandering and lengthy, and traces of its many battles and decisions remain scattered across keyboards today. And no key might better represent the complexity of that journey than the Return key.

The TTY subsystem is central to the design of Linux, and UNIX in general. Unfortunately, its importance is often overlooked, and it is difficult to find good introductory articles about it. I believe that a basic understanding of TTYs in Linux is essential for the developer and the advanced user.

Beware, though: What you are about to see is not particularly elegant. In fact, the TTY subsystem — while quite functional from a user's point of view — is a twisty little mess of special cases. To understand how this came to be, we have to go back in time.

The instructions here describe how to create systemd service and timers to automate updating both user and system Flatpak installations. The system systemd units will only update the system Flatpaks, whereas the user systemd units will update both the user’s Flatpaks and the system’s. In most cases, having both user and system services to update Flatpaks is unnecessary. The system systemd units are handy for the default Flatpak behavior, which installs Flatpaks system-wide. The user systemd units are great for users who opt to install Flatpaks in their user-specific installation, such as Flatpak developers.

SSH tunneling (also known as SSH port forwarding) is powerful technique that allows system administrators to create secure encrypted connections between servers, bypass firewalls, and access services securely across networks. Its also known as SSH magics! Whether you’re trying to securely access internal services, create SOCKS proxies, or establish reverse tunnels to overcome network restrictions, SSH tunnels provide flexible solutions for modern networking challenges. This comprehensive guide explores essential SSH tunneling commands that every system administrator should know, complete with practical examples and use cases to enhance your network security toolkit. So let’s get on with some SSH magics, shall we?

It's 2024! Please avoid writing SSH commands like that.

Instead, configure your ~/.ssh/config with LocalForward, RemoteForward, and ProxyJump. This can save you a significant amount of time, especially when using ssh, scp, or rsync to transfer data from a remote server that requires multiple intermediate SSH connections.

SH tunneling and port forwarding can be used to forward TCP traffic over a secure SSH connection from the SSH client to the SSH server, or vice versa. TCP ports or UNIX sockets can be used, but in this post I’ll focus on TCP ports only.

I won’t go into details, but the following post should show enough examples and options to find use in your day-to-day work.

Ever need to work on a remote computer which is behind a typical firewall. Well if there is no inbound connectivity, you can play a bit of leap frog using ssh in order to gain access to that server. Here’s a quick example.
For this example we’ll assume you are sitting at Host A and would like to have access to Internal Host C. Both firewalls are assumed to allow ssh traffic out.
Our goal here is to have the Internal Host C machine start an ssh session to External Host B (which is on the internet).
SSH -R 2200:localhost:22 User@ExternalHostB
This will start an ssh session from Internal Host C to External Host B and ask the ssh daemon to forward all traffic on External Host B’s port 2200 back to Internal Host C’s port 22 over the established ssh session.
Now If I were on External Host B, to get a shell on Internal Host C all I’d have to do is:
SSH -p 2200 User@localhost
Now the USER in the above statement would have to be a valid user on Internal Host C, not External Host B.
To connect from Host A to Internal Host C you can do several things. The easiest is to leap frog.
SSH USER@ExternalHostB
Then
SSH -p 2200 USER@localhost
The first session opens a shell on External Host B. The second opens a shell on Internal Host C by connecting to the reverse shell we started in the first command.
This has been a simple reverse shell ssh post. Stay tuned for more port forwarding fun.

he OED’s earliest listed usage of “log in” in the modern sense of “to open one’s on-line access to a computer” is from the 1963 publication Compatible Time-Sharing System from the MIT Computation Center. [2] I’m not sure if this is truly the first usage of “log in”, but it would make sense if it was, as CTSS, started in 1961, was arguably the first time-sharing operating systems, and so possibly the first system that you needed to log in to. (Before that we only had batch processing systems).

A lot of new hardware security keys (Yubikey, Nitrokey, Titan, etc.) now support FIDO2 (aka U2F aka Webauthn aka Passkey; yes it’s a mess).

So does OpenSSH.

This spells good news for us, because it is far easier to use than previous hardware security types (eg, PKCS#11 and OpenPGP) with ssh.

A key benefit of all this, if done correctly, is that it is actually impossible to access the raw SSH private key, and impossible to use it without the presence of the SK and a human touching it.

Also, ssh agent forwarding becomes safer again, and what’s more, it can be used to let you tap your local key to authenticate even when sshing from remote machine A to remote machine B.

I’m going to call these hardware security keys “SKs” within this article.

I’ve been annoyed at the material out there, which often doesn’t explain what’s happening and suggests insecure practices.

So, I’m going to introduce SKs and FIDO2, show how to use the keys with SSH, explain the role of ssh-agent with all of this, and walk you through all of the steps.

• They employed folks like Nyquist and Shannon, who laid the foundations of modern information theory and electronic engineering while they were employees at Bell.
• They discovered the first evidence of the black hole at the center of our galaxy in the 1930s while analyzing static noise on shortwave transmissions.
• They developed in 1937 the first speech codec and the first speech synthesizer.
• They developed the photovoltaic cell in the 1940, and the first solar cell in the 1950s.
• They built the first transistor in 1947.
• They built the first large-scale electronic computers (from Model I in 1939 to Model VI in 1949).
  -They employed Karnaugh in the 1950s, who worked on the Karnaugh maps that we still study in engineering while he was an employee at Bell.
• They contributed in 1956 (together with AT&T and the British and Canadian telephone companies) to the first transatlantic communications cable.
  -They developed the first electronic musics program in 1957.
  -They employed Kernighan, Thompson and Ritchie, who created UNIX and the C programming language while they were Bell employees.

/via https://manganiello.social/notice/AukwkbWFAQDB0uXM80

Decided to do some #Linux terminal hopping.

This is my completely unscientific test: maximised window, tmux with a NeoVim session, paging quickly through some code. I wanted to see what the most CPU usage would be for these terminals. I'm testing on a Ryzen 7 7840U.

Why worry about CPU? Laptop users and low-power machine users will care about CPU usage. I'm trying to eke as much life out of my equipment as possible.

Mein persönlicher Kommentar zum Thema "Limux-Ende".

Die SPD-Politikerin Anne Hübner hat die Richtung von München ganz klar definiert: "Wir brauchen den Windows-10-Client".

Lasst diesen Satz mal wirken.

Coworker: ...and the IP address are compared with a string match.
Me: grinning manically
Coworker: Why are you looking at me like that?
Me: Open up a terminal and type ping 4.2.514 and hit enter.
Coworker: ...what's the fourth number?
Me: grin widens Just hit enter.
Coworker: WTF!?

The following are lines from ~rsyncer/.ssh/authorized-keys on my dbclone host – which gathers database backups from various hosts.

from="x8dtu.example.org,10.1.1.1",command="/usr/local/sbin/rrsync -ro /usr/home/rsyncer/backups/bacula-database/postgresql/" ssh-ed25519
AAAAC3thisisalsonotmyrealpublickeybcxpFeUMAC2LOitdpRb9l0RoW7vt5hnzwt rsyncer@x8dtu.example.org

The above appears on two lines to make it easier to read without horizontal scrolling – in the file, it’s all on one line.

This says:

• when an ssh connection comes in from a client at x8dtu.example.org, or 10.1.1.1
• run /usr/local/sbin/rrsync -ro /usr/home/rsyncer/backups/bacula-database/postgresql/
• and that client must have this key (as shown)
• rsyncer@x8dtu.example.org is a comment, and has no effect

"What kind of script is it?"

• "A Bäsch script."
  "Bash?"
• "No, its German cousin."
  "???"
• "???"

Become an irreplaceable 10x developer in 30 seconds flat

Why learn actual skills when you can just look impressive instead?

Introducing rust-stakeholder - a CLI tool that generates absolutely meaningless but impressive-looking terminal output to convince everyone you're a coding genius without writing a single line of useful code.

https://github.com/giacomo-b/rust-stakeholder

Yesterday I learned that #ghostty, the terminal emulator supports custom shaders. So here is a little retro/crt shader: https://gist.github.com/lukad/d979a36ed9a83020bd6fa3fa0d5d7c89

blinry - I also learned that the "grep" command is called like that because it performs the same function as running "g/re/p" in the original editor "ed" (and "QED" before that, I think): It gets all lines from a file that match the regular expression "re", and prints them!

And through that same heritage, :g/re/p still works in my Neovim today! ^_^ I love learning stuff like this!~

This paper presents an indirect methodology to assess IRQ overhead by constructing preliminary approaches to reduce the impact of IRQs. While these approaches are not suitable for general deployment, their corresponding performance observations indirectly confirm the conjecture. Based on these findings, a small modification of a vanilla Linux system is devised that improves the efficiency and performance of traditional kernel-based networking significantly, resulting in up to 45% increased throughput without compromising tail latency