• Skip to main content

Uly.me

cloud engineer

  • Home
  • About
  • Archives

key

Bash Any Key

November 29, 2022

Here’s the script to add pauses in your Bash script.

echo "please wait until web page loads ... "
read -p "Press any key to continue... " -n1 -s

echo "please wait until web page loads ... " read -p "Press any key to continue... " -n1 -s

You can also put it inside a function and call it multiple times.

function press_any_key {
  echo "please wait until web page loads ... "
  read -p "Press any key to continue... " -n1 -s
}
press_any_key

function press_any_key { echo "please wait until web page loads ... " read -p "Press any key to continue... " -n1 -s } press_any_key

Filed Under: Linux Tagged With: any, bash, key, pause, press

AWS Get Access Key Info

June 28, 2022

How to look for an access key in AWS. Find the account.

$ aws sts get-access-key-info --access-key-id AKIA8XXXXXXXXXXXXXXX
{
    "Account": "XXXXXXXXXXXX"
}

$ aws sts get-access-key-info --access-key-id AKIA8XXXXXXXXXXXXXXX { "Account": "XXXXXXXXXXXX" }

Filed Under: Cloud Tagged With: access, account, aws, get, key

Allow Key Access for user in SSH

January 16, 2022

Allow shared key access only for one user in SSH.

Disable the password authentication for one user in your SSH config. Edit /etc/ssh/sshd_config.

Match User username
  PasswordAuthentication no

Match User username PasswordAuthentication no

Restart the SSH service.

service ssh restart

service ssh restart

Copy user’s public key to the destination server’s authorized file in ~/.ssh/authorized_keys.

ssh-rsa AAAAxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx <-- public key goes on for miles

ssh-rsa AAAAxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx <-- public key goes on for miles

Back on your client, login via SSH. User will not be prompted for password since public key is already authorized on server.

ssh username@server

ssh username@server

Filed Under: Linux Tagged With: authentication, key, password, ssh

GCP Activate Service Account

December 10, 2021

How to activate a GCP service account for other users in Linux.

First generate a key for the service account. Save as key.json.

Login to the server as that user and copy the key there. Activate the service account.

$ gcloud auth activate-service-account [ACCOUNT] --key-file=key.json

$ gcloud auth activate-service-account [ACCOUNT] --key-file=key.json

Once authenticated, you should be able to check if service account is active.

$ gcloud config list

$ gcloud config list

A better option without needing a key.

gcloud config set core/account service-account@project-id.iam.gserviceaccount.com

gcloud config set core/account service-account@project-id.iam.gserviceaccount.com

Filed Under: Cloud Tagged With: activate, gcp, json, key, service account

Cross Account KMS keys

February 2, 2021

If you have multiple AWS accounts, you can setup a customer-managed KMS (key management service) in the AWS Key Management Service, to secure requests or services between the two AWS accounts. The customer-managed KMS key is tied to an identity such as an IAM user or role. In addition to users and roles, other AWS accounts can be added to grant access. KMS can be symmetric or asymmetric. It’s symmetric be default. To grant access to the other account, you need to add the AWS Account Id to the key. It’s 12 digit number unique to each AWS account.

Once a key is created, the valid key ID can be used in a AWS SDK to access resources from the other AWS account.

Filed Under: Cloud Tagged With: aws, cross-account, key, kms

EFS Encryption

December 3, 2020

If you have an existing EFS that’s unencrypted, you can encrypt it be creating a snapshot using AWS Backup, and then restoring the file system to a new EFS with encryption. If you choose to restore in a directory in the same file system, it will not be encrypted. It has to be a new EFS. In addition, you’ll be asked to select which encryption key to use. The default key will work, unless you have your own.

Filed Under: Cloud Tagged With: aws, backup, efs, encryption, key, restore, unencrypted

SCP with a Key

October 22, 2020

SCP is a secure copy utility in Linux. You’ll need access to your system. In this example, a pem key is used to authenticate to a host. SCP copies filename.ext to the home directory of ec2-user. It’s important to add the target directory, otherwise it will not work.

Here’s how to use SCP with a key from local to server.

scp -i key.pem filename.ext user@server:/home/user

scp -i key.pem filename.ext user@server:/home/user

From server to local. Run the command from local machine.

scp user@server:/home/user/file.txt /local/directory

scp user@server:/home/user/file.txt /local/directory

Filed Under: Linux Tagged With: copy, ec2-user, key, pem, scp

Copy SSH Key to Server

June 16, 2020

Here’s the command to copy a secret key to a remote server.

ssh-copy-id user@servername

ssh-copy-id user@servername

This assumes you already generated a key.

Filed Under: Linux Tagged With: copy, key, secret, server, ssh, ssh-copy-id

  • Go to page 1
  • Go to page 2
  • Go to Next Page »
  • Home
  • About
  • Archives

Copyright © 2023