TWpower Reading time ~1 minute

Find IP address of QEMU KVM VM instance by using virsh command


Environment and Prerequisite

  • Linux
  • QEMU
  • KVM
  • virsh


Usage

  • Choose network
  • Use virsh net-list command
$ virsh net-list
 Name                 State      Autostart     Persistent
----------------------------------------------------------
 default              active     yes           yes
  • Check IP address of VM instance in chosen network
  • Use virsh net-dhcp-leases [network name] command
$ virsh net-dhcp-leases default
 Expiry Time          MAC address        Protocol  IP address                Hostname        Client ID or DUID
-------------------------------------------------------------------------------------------------------------------
 2022-12-04 12:00:03  52:54:00:d2:2f:78  ipv4      192.168.123.163/24        twpower-vm      01:52:54:00:d2:2f:78


Reference

TWpower Reading time ~1 minute

netstat을 사용해 특정 포트를 사용하는 프로세스의 프로세스 아이디를 찾아보자


환경

  • Ubuntu
  • CentOS
  • netstat(8)


netstat을 사용해 특정 포트를 사용하는 프로세스의 프로세스 아이디 찾기

netstat

netstat -nltup | grep [port_number]

예시

twpower@twpower-private-server:~$ netstat -nltup | grep 8888
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        0      0 127.0.0.1:8888          0.0.0.0:*               LISTEN      622522/python3.9


netstat과 옵션

netstat

  • 네트워크 연결, 라우팅 테이블, 인터페이스 통계, 마스커레이드 연결 그리고 멀티캐스트 멤버십을 출력해준다.
NETSTAT(8)               Linux System Administrator's Manual              NETSTAT(8)

NAME
       netstat  -  Print  network connections, routing tables, interface statistics, masquerade connections, and multicast memberships

사용한 옵션

  • n: 호스트명이 아니라 숫자의 IP주소로 보여준다.
  • l: LISTEN 상태의 네트워크 연결과 유닉스 소켓을 보여준다.
  • t: TCP 프로토콜 데이터를 보여준다.
  • u: UDP 프로토콜 데이터를 보여준다.
  • p: 프로세스 아이디와 프로세스명을 보여준다.


참고자료

TWpower Reading time ~1 minute

Find process id of process using specific port with netstat


Environment and Prerequisite

  • Ubuntu
  • CentOS
  • netstat(8)


Find process id of process using specific port with netstat

netstat

netstat -nltup | grep [port_number]

Usage

twpower@twpower-private-server:~$ netstat -nltup | grep 8888
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        0      0 127.0.0.1:8888          0.0.0.0:*               LISTEN      622522/python3.9


netstat and option

netstat

  • Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships
NETSTAT(8)               Linux System Administrator's Manual              NETSTAT(8)

NAME
       netstat  -  Print  network connections, routing tables, interface statistics, masquerade connections, and multicast memberships

Used Options

  • n: Show numeric IP address not hostname.
  • l: Show LISTEN state of network connections and unix sockets.
  • t: Show TCP protocol datas.
  • u: Show UDP protocol datas.
  • p: Show process id and name.


Reference

TWpower Reading time ~1 minute

ProxyJump를 사용하여 프록시 서버나 점프 호스트를 통해 서버에 접속해보자


환경

  • Linux
  • SSH


ProxyJump

목적

보안을 위해 실서버 접속시 프록시 혹은 점프 호스트를 통해서만 접속할 수 있는 구조가 많이 사용되는데 번거롭게 ssh 명령어를 각각 사용하는것보다 ProxyJump를 사용하면 한번의 설정으로 보다 쉽게 접속이 가능하다.


사용법

  • 형태
Host [proxy server name]
    HostName [proxy or jump host domain or ip address]
    Port [port number]
    User [username]
    IdentityFile [proxy or jump host identity key file]

Host [remote server name]
    HostName [server domain or ip address]
    Port [port number]
    User [username]
    IdentityFile [server identity key file]
    ProxyJump [proxy server name]


예제

  • Local -> proxy-server -> remote-server
  • 접속시 사용하는 IdentityFile은 둘 다 Local에 있어야 한다.
  • 아래는 예제 용도로 운영시에는 아래와 달리 Local -> proxy-server는 외부망으로 연결되어 있고 proxy-server -> remote-server는 내부망으로만 연결되어있는 경우가 많다.
Host proxy-server
    HostName 192.168.64.3
    Port 22
    User twpower
    IdentityFile ~/.ssh/proxy-server

Host remote-server
    HostName 192.168.64.4
    Port 22
    User twpower
    IdentityFile ~/.ssh/remote-server
    ProxyJump proxy-server
  • 바로 remote-server로 접속
ssh remote-server


참고자료

TWpower Reading time ~1 minute

Access server via proxy server or jump host using ProxyJump


Environment and Prerequisite

  • Linux
  • SSH


ProxyJump

Purpose

Many systems use proxy or jump host to connect production server due to security. It is comfortable to use ProxyJump rather than use ssh command separately.


Usage

  • Format
Host [proxy server name]
    HostName [proxy or jump host domain or ip address]
    Port [port number]
    User [username]
    IdentityFile [proxy or jump host identity key file]

Host [remote server name]
    HostName [server domain or ip address]
    Port [port number]
    User [username]
    IdentityFile [server identity key file]
    ProxyJump [proxy server name]


Example

  • Local -> proxy-server -> remote-server
  • Both IdentityFile should be located in Local.
  • Below case is only for example. In real production, Local -> proxy-server is usually public network and proxy-server -> remote-server is usually private network.
Host proxy-server
    HostName 192.168.64.3
    Port 22
    User twpower
    IdentityFile ~/.ssh/proxy-server

Host remote-server
    HostName 192.168.64.4
    Port 22
    User twpower
    IdentityFile ~/.ssh/remote-server
    ProxyJump proxy-server
  • Access direct to remote-server
ssh remote-server


Reference