Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

--- know-how:usefull_commands [2024/03/07 14:30] – [SSH Server aktivieren] cc
+++ know-how:usefull_commands [2024/03/28 13:56] (aktuell) – [List wireless hardware capabilities hostapd/wpad] cc
@@ Zeile 1543: / Zeile 1543: @@
 <code>
 iw dev wlan0 station dump
+</code>
+====== List wireless hardware capabilities hostapd/wpad ======
+<code>
+-> iw list
+root@foo:~# iw list
+Wiphy phy1
+	wiphy index: 1
+	max # scan SSIDs: 4
+	max scan IEs length: 2257 bytes
+	max # sched scan SSIDs: 0
+	max # match sets: 0
+	Retry short limit: 7
+	Retry long limit: 4
+	....
+Wiphy phy0
+	wiphy index: 0
+	max # scan SSIDs: 16
+	max scan IEs length: 199 bytes
+	max # sched scan SSIDs: 0
+...
+</code>
+====== List/scan wireless access points hostapd/wpad ======
+  * WLANs anzeigen cli
+<code>
+ggf. ip li set dev wlanxx up
+iw dev wlanxx scan
 </code>
@@ Zeile 2470: / Zeile 2502: @@
 the way, when you do init=/bin/sh (or bash), it isn't strictly necessary to reboot afterwards (well, depending on what you change I suppose), you can just do an 'exec /sbin/init' to continue the boot process. Make sure the state of the system is as it would normally be though (e.g. umount /usr, make / readonly again etc).
+</code>
+====== cryptsetup ======
+  * Interesting read **argon2id**: https://mjg59.dreamwidth.org/66429.html?thread=2120573 , https://dys2p.com/en/2023-05-luks-security.html  , https://neilzone.co.uk/2023/04/updating-the-luks-key-derivation-function-on-debian/  , https://www.linkedin.com/pulse/how-utilize-argon2-kdf-configuration-secure-things-know-chung-mba#:~:text=%23Argon2id%20is%20much%20more%20modern,for%20CPU%20and%20RAM%20usage
+  * Getestet auf Debian Bookworm / ursprünglich **argon2i** / Stand der Technik (2024-03-11): **argon2id** / erfolgreicher **reboot** :)
+<code>
+root@mrWhiteGhost:/home/urnilxfgbez# cryptsetup luksHeaderBackup /dev/crypted_partition_info  --header-backup-file /tmp/header_backup_crypted_partition_info.img
+root@mrWhiteGhost:/home/urnilxfgbez# file /tmp/header_backup_crypted_partition_info.img
+/tmp/header_backup_crypted_partition_info.img: LUKS encrypted file, ver 2, header size 16384, ID 3, algo sha256, salt 0x9838482c38d968d1..., UUID: 123-123-123, crc 0xff.....
+root@mrWhiteGhost:/home/urnilxfgbez# cryptsetup luksDump /dev/nvme0n1p3
+LUKS header information
+Version:       	2
+Epoch:         	3
+Metadata area: 	16384 [bytes]
+Keyslots area: 	16744448 [bytes]
+UUID:          	123-123-123
+Label:         	(no label)
+Subsystem:     	(no subsystem)
+Flags:       	(no flags)
+Data segments:
+: crypt
+	offset: 16777216 [bytes]
+	length: (whole device)
+	cipher: aes-xts-plain64
+	sector: 512 [bytes]
+Keyslots:
+: luks2
+	Key:        512 bits
+	Priority:   normal
+	Cipher:     aes-xts-plain64
+	Cipher key: 512 bits
+	PBKDF:      argon2i
+	Time cost:  4
+	Memory:     966868
+	Threads:    4
+	AF stripes: 4000
+	AF hash:    sha256
+	Area offset:32768 [bytes]
+	Area length:258048 [bytes]
+	Digest ID:  0
+Tokens:
+Digests:
+: pbkdf2
+	Hash:       sha256
+	Iterations: 85780
+root@mrWhiteGhost:/home/urnilxfgbez# cryptsetup luksConvertKey /dev/nvme0n1p3 --pbkdf argon2id
+Enter passphrase for keyslot to be converted:
+root@mrWhiteGhost:/home/urnilxfgbez# echo $?
+root@mrWhiteGhost:/home/urnilxfgbez# cryptsetup luksDump /dev/nvme0n1p3
+LUKS header information
+Version:       	2
+Epoch:         	5
+Metadata area: 	16384 [bytes]
+Keyslots area: 	16744448 [bytes]
+UUID:          	123-123-123
+Label:         	(no label)
+Subsystem:     	(no subsystem)
+Flags:       	(no flags)
+Data segments:
+: crypt
+	offset: 16777216 [bytes]
+	length: (whole device)
+	cipher: aes-xts-plain64
+	sector: 512 [bytes]
+Keyslots:
+: luks2
+	Key:        512 bits
+	Priority:   normal
+	Cipher:     aes-xts-plain64
+	Cipher key: 512 bits
+	PBKDF:      argon2id
+	Time cost:  5
+	Memory:     1048576
+	Threads:    4
+	AF stripes: 4000
+	AF hash:    sha256
+	Area offset:290816 [bytes]
+	Area length:258048 [bytes]
+	Digest ID:  0
+Tokens:
+Digests:
+: pbkdf2
+	Hash:       sha256
+	Iterations: 85780
 </code>
 ====== encrypted zip ======
@@ Zeile 2742: / Zeile 2867: @@
 </code>
   * Routing: ** ip route ** {{ :know-how:ip_route_commands.pdf |}} (https://www.cisco.com/c/en/us/td/docs/routers/nfvis/switch_command/b-nfvis-switch-command-reference/ip_route_commands.pdf)
+  * IPV6 enable: ipv6 unicast-routing
 <code>
 ip route
@@ Zeile 2800: / Zeile 2926: @@
 Router(config)# line vty 0 15
 Router(config-line)# transport input ssh
+</code>
+===== show / infos anzeigen =====
+<code>
+show running-config
+To verify the current configuration and settings
+show interfaces
+To verify the interface status and see if there are any error messages
+show ip interface
+To verify the Layer 3 information of an interface
+show arp
+To verify the list of known hosts on the local Ethernet LANs
+show ip route
+To verify the Layer 3 routing information
+show protocols
+To verify which protocols are operational
+show version
+To verify the memory, interfaces, and licences of the device
 </code>