How to find your motherboard from cli
dmidecode -t 2
Installed memory info
dmidecode -t memory
How to check if TRIM is enabled
hdparm -I /dev/sda
How to revoke acme-client letsencrypt cert
php bin/acme revoke --name example.com --server letsencrypt
Handy chmod/chown reference
7=rwx , 6=rw , 5=rx , 4=r , 3=wx , 2=w, 1=x , 0=none
https://chmod-calculator.com/
Most common use:
#read write execute only by me.
chmod 700 file
#read and write only by me.
chmod 600 file
#read write execute by me, read only by the rest of the group users, no rights for everyone else.
chmod 740 file
#make a script executable
chmod +x plexanalyze.sh
Take ownership if we belong to sudoers users or give to someone else(no going back there):
sudo chown user:ofgroup file
sudo chown -R user:ofgroup /mnt/downloads
Proper iptables config
sudo iptables -L
sudo iptables -S
default input policy should be accept, we place allow rules in the chain and then deny the rest.That way we can flush rules off a chain or all rules and not lose access to the server with
sudo iptables -F INPUT
sudo iptables -F
First rule should be
sudo iptables -A INPUT -i lo -j ACCEPT
to allow services to communicate with each other through the loopback interface of the linux host.
Next rule ,usually active by default in a clean iptables config, should be
sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
which adds a rule to the input chain to retain current connections, like the current ssh session.
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
to allow ssh connections on port 22.
Last rule should be
sudo iptables -A INPUT -j DROP
which drops every packet not matching the previous allow rules.
#check iptables with line numbers
sudo iptables -L --line-numbers
#persist rules after reboot
sudo apt-get install iptables-persistent
chmod calculator – https://wtools.io/chmod-calculator