3 commands for working with remote machines

These days I’m playing a bit with 5 Raspberries 2B (4 cores and 1 GB of RAM) in order to build a Docker cluster. There are different options: Docker Swarm over Consul/Etcd/Zookeper, Kubernetes by Google, etc. I just want to share some interesting commands for working with remote machines that have helped me to build such a cluster: ssh-copy-id, nmap and csshx.

1. ssh-copy-id

Because I’m accessing my raspberries via SSH, I don’t want to enter password all the time, so I want to use public/private keys to do so. ssh-copy-id to the rescue.

Installs your public key in a remote machine’s authorized_keys. For MacOS, you will need to install it, for example, using “brew install ssh-copy-id”.

ssh-copy-id is a script that uses ssh to log into a remote machine (presumably using a login password, so password authentication should be enabled, unless you’ve done some clever use of multiple identities) It also changes the permissions of the remote user’s home, ~/.ssh, and ~/.ssh/authorized_keys to remove group writability (which would otherwise prevent you from logging in, if the remote sshd has StrictModes set in its configuration). If the -i option is given then the identity file (defaults to ~/.ssh/id_rsa.pub) is used, regardless of whether there are any keys in your ssh-agent. Otherwise, if this: ssh-add -L provides any output, it uses that in preference to the identity file. If the -i option is used, or the ssh-add produced no output, then it uses the contents of the identity file. Once it has one or more fingerprints (by whatever means) it uses ssh to append them to ~/.ssh/authorized_keys on the remote machine (creating the file, and directory, if necessary).

Screen Shot 2015-12-13 at 13.51.52

2. nmap

After pluging my Rasberry PIs in, I don’t exactly know what are their IPs, so I need a way to discover that. Nmap to the rescue.

Nmap (“Network Mapper”) is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping). On MacOS, install it using “brew install nmap”.

Because I have my Mac running as a DHCP server on net, I can discover Raspberry IPs, pluging and scanning.

Screen Shot 2015-12-13 at 13.59.12

3. csshx

Sometimes, I need to perform a task in all the PIs (install python for running ansible, for example, check some configuration, etc.). csshX is a Cluster SSH tool using Mac OS X Terminal.app

csshX is a tool to allow simultaneous control of multiple ssh sessions. host1, host2, etc. are either remote hostnames or remote cluster names. csshX will attempt to create an ssh session to each remote host in separate Terminal.app windows. A master window will also be created. All keyboard input in the master will be sent to all the slave windows. To specify the username for each host, the hostname can be prepended by user@. Similarly, appending :port will set the port to ssh to. You can also use hostname ranges, to specify many hosts. “brew install csshx”.

Screen Shot 2015-12-13 at 14.06.06

Screen Shot 2015-12-13 at 14.07.48
You can type in the red terminal and all the keys will be repeated into all the terminals. If you want to perform something in a specific terminal, just click on it and do it. Then go back into the red terminal.

Hope it helps!