Pannonia IT Knowledgebase

Benutzer-Werkzeuge

Webseiten-Werkzeuge

Zuletzt angesehen:
know-how:usefull_commands

Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

Beide Seiten der vorigen RevisionVorhergehende Überarbeitung
Nächste Überarbeitung		Vorhergehende Überarbeitung
Letzte ÜberarbeitungBeide Seiten der Revision
know-how:usefull_commands [2024/03/09 15:22] – [netstat / Dienste deaktivieren] ccknow-how:usefull_commands [2024/03/28 13:55] – [List /scan wireless access points hostapd/wpad] cc
Zeile 1543: Zeile 1543:
 <code> <code>
 iw dev wlan0 station dump iw dev wlan0 station dump
 +</code>
 +
 +====== List wireless hardware capabilities hostapd/wpad ======
 +
 +<code>
 +iw list
 +
 +root@ilo:~# iw list
 +Wiphy phy1
 + wiphy index: 1
 + max # scan SSIDs: 4
 + max scan IEs length: 2257 bytes
 + max # sched scan SSIDs: 0
 + max # match sets: 0
 + Retry short limit: 7
 + Retry long limit: 4
 + Coverage class: 0 (up to 0m)
 + Device supports AP-side u-APSD.
 + Device supports T-DLS.
 + Available Antennas: TX 0x7 RX 0x7
 + Configured Antennas: TX 0x7 RX 0x7
 + Supported interface modes:
 + * IBSS
 + * managed
 + * AP
 + * AP/VLAN
 + * monitor
 + * mesh point
 + * P2P-client
 + * P2P-GO
 + * outside context of a BSS
 + Band 1:
 + Capabilities: 0x11ee
 + HT20/HT40
 + SM Power Save disabled
 + RX HT20 SGI
 + RX HT40 SGI
 + TX STBC
 + RX STBC 1-stream
 + Max AMSDU length: 3839 bytes
 + DSSS/CCK HT40
 + Maximum RX AMPDU length 65535 bytes (exponent: 0x003)
 + Minimum RX AMPDU time spacing: 8 usec (0x06)
 + HT TX/RX MCS rate indexes supported: 0-23
 + Frequencies:
 + * 2412 MHz [1] (24.0 dBm)
 + * 2417 MHz [2] (24.0 dBm)
 + * 2422 MHz [3] (24.0 dBm)
 + * 2427 MHz [4] (24.0 dBm)
 + * 2432 MHz [5] (24.0 dBm)
 + * 2437 MHz [6] (24.0 dBm)
 + * 2442 MHz [7] (24.0 dBm)
 + * 2447 MHz [8] (24.0 dBm)
 + * 2452 MHz [9] (24.0 dBm)
 + * 2457 MHz [10] (24.0 dBm)
 + * 2462 MHz [11] (24.0 dBm)
 + * 2467 MHz [12] (disabled)
 + * 2472 MHz [13] (disabled)
 + * 2484 MHz [14] (disabled)
 + valid interface combinations:
 + * #{ managed } <= 2048, #{ AP, mesh point } <= 8, #{ P2P-client, P2P-GO } <= 1, #{ IBSS } <= 1,
 +    total <= 2048, #channels <= 1, STA/AP BI must match, radar detect widths: { 20 MHz (no HT), 20 MHz, 40 MHz }
 +
 + HT Capability overrides:
 + * MCS: ff ff ff ff ff ff ff ff ff ff
 + * maximum A-MSDU length
 + * supported channel width
 + * short GI for 40 MHz
 + * max A-MPDU length exponent
 + * min MPDU start spacing
 + max # scan plans: 1
 + max scan plan interval: -1
 + max scan plan iterations: 0
 + Supported extended features:
 + * [ RRM ]: RRM
 + * [ CQM_RSSI_LIST ]: multiple CQM_RSSI_THOLD records
 + * [ CONTROL_PORT_OVER_NL80211 ]: control port over nl80211
 + * [ TXQS ]: FQ-CoDel-enabled intermediate TXQs
 + * [ AIRTIME_FAIRNESS ]: airtime fairness scheduling
 + * [ SCAN_RANDOM_SN ]: use random sequence numbers in scans
 + * [ SCAN_MIN_PREQ_CONTENT ]: use probe request with only rate IEs in scans
 + * [ CAN_REPLACE_PTK0 ]: can safely replace PTK 0 when rekeying
 + * [ CONTROL_PORT_NO_PREAUTH ]: disable pre-auth over nl80211 control port support
 + * [ DEL_IBSS_STA ]: deletion of IBSS station support
 + * [ MULTICAST_REGISTRATIONS ]: mgmt frame registration for multicast
 + * [ SCAN_FREQ_KHZ ]: scan on kHz frequency support
 + * [ CONTROL_PORT_OVER_NL80211_TX_STATUS ]: tx status for nl80211 control port support
 +Wiphy phy0
 + wiphy index: 0
 + max # scan SSIDs: 16
 + max scan IEs length: 199 bytes
 + max # sched scan SSIDs: 0
 + max # match sets: 0
 + Retry short limit: 7
 + Retry long limit: 4
 + Coverage class: 0 (up to 0m)
 + Device supports AP-side u-APSD.
 + Available Antennas: TX 0x7 RX 0x7
 + Configured Antennas: TX 0x7 RX 0x7
 + Supported interface modes:
 + * IBSS
 + * managed
 + * AP
 + * AP/VLAN
 + * monitor
 + * mesh point
 + * P2P-client
 + * P2P-GO
 + * P2P-device
 + Band 2:
 + Capabilities: 0x19ef
 + RX LDPC
 + HT20/HT40
 + SM Power Save disabled
 + RX HT20 SGI
 + RX HT40 SGI
 + TX STBC
 + RX STBC 1-stream
 + Max AMSDU length: 7935 bytes
 + DSSS/CCK HT40
 + Maximum RX AMPDU length 65535 bytes (exponent: 0x003)
 + Minimum RX AMPDU time spacing: 8 usec (0x06)
 + HT TX/RX MCS rate indexes supported: 0-23
 + VHT Capabilities (0x338001b2):
 + Max MPDU length: 11454
 + Supported Channel Width: neither 160 nor 80+80
 + RX LDPC
 + short GI (80 MHz)
 + TX STBC
 + RX antenna pattern consistency
 + TX antenna pattern consistency
 + VHT RX MCS set:
 + 1 streams: MCS 0-9
 + 2 streams: MCS 0-9
 + 3 streams: MCS 0-9
 + 4 streams: not supported
 + 5 streams: not supported
 + 6 streams: not supported
 + 7 streams: not supported
 + 8 streams: not supported
 + VHT RX highest supported: 0 Mbps
 + VHT TX MCS set:
 + 1 streams: MCS 0-9
 + 2 streams: MCS 0-9
 + 3 streams: MCS 0-9
 + 4 streams: not supported
 + 5 streams: not supported
 + 6 streams: not supported
 + 7 streams: not supported
 + 8 streams: not supported
 + VHT TX highest supported: 0 Mbps
 + Frequencies:
 + * 5180 MHz [36] (23.0 dBm)
 + * 5200 MHz [40] (23.0 dBm)
 + * 5220 MHz [44] (23.0 dBm)
 + * 5240 MHz [48] (23.0 dBm)
 + * 5260 MHz [52] (23.0 dBm) (radar detection)
 + * 5280 MHz [56] (23.0 dBm) (radar detection)
 + * 5300 MHz [60] (23.0 dBm) (radar detection)
 + * 5320 MHz [64] (23.0 dBm) (radar detection)
 + * 5500 MHz [100] (23.0 dBm) (radar detection)
 + * 5520 MHz [104] (23.0 dBm) (radar detection)
 + * 5540 MHz [108] (23.0 dBm) (radar detection)
 + * 5560 MHz [112] (23.0 dBm) (radar detection)
 + * 5580 MHz [116] (23.0 dBm) (radar detection)
 + * 5600 MHz [120] (23.0 dBm) (radar detection)
 + * 5620 MHz [124] (23.0 dBm) (radar detection)
 + * 5640 MHz [128] (23.0 dBm) (radar detection)
 + * 5660 MHz [132] (23.0 dBm) (radar detection)
 + * 5680 MHz [136] (23.0 dBm) (radar detection)
 + * 5700 MHz [140] (23.0 dBm) (radar detection)
 + * 5720 MHz [144] (23.0 dBm) (radar detection)
 + * 5745 MHz [149] (30.0 dBm)
 + * 5765 MHz [153] (30.0 dBm)
 + * 5785 MHz [157] (30.0 dBm)
 + * 5805 MHz [161] (30.0 dBm)
 + * 5825 MHz [165] (30.0 dBm)
 + * 5845 MHz [169] (27.0 dBm) (no IR)
 + * 5865 MHz [173] (27.0 dBm) (no IR)
 + valid interface combinations:
 + * #{ managed, P2P-client } <= 16, #{ P2P-GO } <= 3, #{ AP } <= 16, #{ IBSS } <= 1,
 +    total <= 16, #channels <= 1, STA/AP BI must match, radar detect widths: { 20 MHz (no HT), 20 MHz, 40 MHz, 80 MHz, 80+80 MHz, 160 MHz }
 +
 + HT Capability overrides:
 + * MCS: ff ff ff ff ff ff ff ff ff ff
 + * maximum A-MSDU length
 + * supported channel width
 + * short GI for 40 MHz
 + * max A-MPDU length exponent
 + * min MPDU start spacing
 + max # scan plans: 1
 + max scan plan interval: -1
 + max scan plan iterations: 0
 + Maximum associated stations in AP mode: 0
 + Supported extended features:
 + * [ VHT_IBSS ]: VHT-IBSS
 + * [ RRM ]: RRM
 + * [ SET_SCAN_DWELL ]: scan dwell setting
 + * [ CQM_RSSI_LIST ]: multiple CQM_RSSI_THOLD records
 + * [ CONTROL_PORT_OVER_NL80211 ]: control port over nl80211
 + * [ TXQS ]: FQ-CoDel-enabled intermediate TXQs
 + * [ AIRTIME_FAIRNESS ]: airtime fairness scheduling
 + * [ AQL ]: Airtime Queue Limits (AQL)
 + * [ CONTROL_PORT_NO_PREAUTH ]: disable pre-auth over nl80211 control port support
 + * [ DEL_IBSS_STA ]: deletion of IBSS station support
 + * [ SCAN_FREQ_KHZ ]: scan on kHz frequency support
 + * [ CONTROL_PORT_OVER_NL80211_TX_STATUS ]: tx status for nl80211 control port support
 +
 +
 +</code>
 +====== List/scan wireless access points hostapd/wpad ======
 +  * WLANs anzeigen cli
 +
 +<code>
 +ggf. ip li set dev wlanxx up
 +iw dev wlanxx scan
 </code> </code>
  
Zeile 2470: Zeile 2686:
  
 the way, when you do init=/bin/sh (or bash), it isn't strictly necessary to reboot afterwards (well, depending on what you change I suppose), you can just do an 'exec /sbin/init' to continue the boot process. Make sure the state of the system is as it would normally be though (e.g. umount /usr, make / readonly again etc). the way, when you do init=/bin/sh (or bash), it isn't strictly necessary to reboot afterwards (well, depending on what you change I suppose), you can just do an 'exec /sbin/init' to continue the boot process. Make sure the state of the system is as it would normally be though (e.g. umount /usr, make / readonly again etc).
 +</code>
 +====== cryptsetup ======
 +  * Interesting read **argon2id**: https://mjg59.dreamwidth.org/66429.html?thread=2120573 , https://dys2p.com/en/2023-05-luks-security.html  , https://neilzone.co.uk/2023/04/updating-the-luks-key-derivation-function-on-debian/  , https://www.linkedin.com/pulse/how-utilize-argon2-kdf-configuration-secure-things-know-chung-mba#:~:text=%23Argon2id%20is%20much%20more%20modern,for%20CPU%20and%20RAM%20usage 
 +
 +  * Getestet auf Debian Bookworm / ursprünglich **argon2i** / Stand der Technik (2024-03-11): **argon2id** / erfolgreicher **reboot** :)
 +<code>
 +root@mrWhiteGhost:/home/urnilxfgbez# cryptsetup luksHeaderBackup /dev/crypted_partition_info  --header-backup-file /tmp/header_backup_crypted_partition_info.img
 +
 +root@mrWhiteGhost:/home/urnilxfgbez# file /tmp/header_backup_crypted_partition_info.img
 +/tmp/header_backup_crypted_partition_info.img: LUKS encrypted file, ver 2, header size 16384, ID 3, algo sha256, salt 0x9838482c38d968d1..., UUID: 123-123-123, crc 0xff.....
 +
 +root@mrWhiteGhost:/home/urnilxfgbez# cryptsetup luksDump /dev/nvme0n1p3
 +LUKS header information
 +Version:        2
 +Epoch:          3
 +Metadata area: 16384 [bytes]
 +Keyslots area: 16744448 [bytes]
 +UUID:          123-123-123
 +Label:          (no label)
 +Subsystem:      (no subsystem)
 +Flags:        (no flags)
 +
 +Data segments:
 +  0: crypt
 + offset: 16777216 [bytes]
 + length: (whole device)
 + cipher: aes-xts-plain64
 + sector: 512 [bytes]
 +
 +Keyslots:
 +  0: luks2
 + Key:        512 bits
 + Priority:   normal
 + Cipher:     aes-xts-plain64
 + Cipher key: 512 bits
 + PBKDF:      argon2i
 + Time cost:  4
 + Memory:     966868
 + Threads:    4
 + AF stripes: 4000
 + AF hash:    sha256
 + Area offset:32768 [bytes]
 + Area length:258048 [bytes]
 + Digest ID:  0
 +Tokens:
 +Digests:
 +  0: pbkdf2
 + Hash:       sha256
 + Iterations: 85780
 +
 +root@mrWhiteGhost:/home/urnilxfgbez# cryptsetup luksConvertKey /dev/nvme0n1p3 --pbkdf argon2id
 +Enter passphrase for keyslot to be converted: 
 +root@mrWhiteGhost:/home/urnilxfgbez# echo $?
 +0
 +root@mrWhiteGhost:/home/urnilxfgbez# cryptsetup luksDump /dev/nvme0n1p3
 +LUKS header information
 +Version:        2
 +Epoch:          5
 +Metadata area: 16384 [bytes]
 +Keyslots area: 16744448 [bytes]
 +UUID:          123-123-123
 +Label:          (no label)
 +Subsystem:      (no subsystem)
 +Flags:        (no flags)
 +
 +Data segments:
 +  0: crypt
 + offset: 16777216 [bytes]
 + length: (whole device)
 + cipher: aes-xts-plain64
 + sector: 512 [bytes]
 +
 +Keyslots:
 +  0: luks2
 + Key:        512 bits
 + Priority:   normal
 + Cipher:     aes-xts-plain64
 + Cipher key: 512 bits
 + PBKDF:      argon2id
 + Time cost:  5
 + Memory:     1048576
 + Threads:    4
 + AF stripes: 4000
 + AF hash:    sha256
 + Area offset:290816 [bytes]
 + Area length:258048 [bytes]
 + Digest ID:  0
 +Tokens:
 +Digests:
 +  0: pbkdf2
 + Hash:       sha256
 + Iterations: 85780
 +
 </code> </code>
 ====== encrypted zip ====== ====== encrypted zip ======
Zeile 2742: Zeile 3051:
 </code> </code>
   * Routing: ** ip route ** {{ :know-how:ip_route_commands.pdf |}} (https://www.cisco.com/c/en/us/td/docs/routers/nfvis/switch_command/b-nfvis-switch-command-reference/ip_route_commands.pdf)   * Routing: ** ip route ** {{ :know-how:ip_route_commands.pdf |}} (https://www.cisco.com/c/en/us/td/docs/routers/nfvis/switch_command/b-nfvis-switch-command-reference/ip_route_commands.pdf)
 +  * IPV6 enable: ipv6 unicast-routing
 <code> <code>
 ip route ip route
know-how/usefull_commands.txt · Zuletzt geändert: 2024/03/28 13:56 von cc