# Diet-pi





### Dropbear

```bash
systemctl status dropbear.service
```

Fichier de configuration: `/etc/default/dropbear`

```bash
# The TCP port that Dropbear listens on
DROPBEAR_PORT=51322
```

```bash
systemctl status dropbear.service
● dropbear.service - Lightweight SSH server
     Loaded: loaded (/lib/systemd/system/dropbear.service; enabled; preset: enabled)
     Active: active (running) since Sat 2024-02-10 09:07:47 GMT; 7s ago
       Docs: man:dropbear(8)
   Main PID: 3107 (dropbear)
      Tasks: 5 (limit: 1069)
        CPU: 68ms
     CGroup: /system.slice/dropbear.service
             ├─3060 /usr/sbin/dropbear -EF -p 22 -W 65536 -2 8
             ├─3061 -bash
             ├─3107 /usr/sbin/dropbear -EF -p 51322 -W 65536
             ├─3109 systemctl status dropbear.service
             └─3110 "(pager)"

```



```bash
# disallow root login
DROPBEAR_EXTRA_ARGS=“-w -g”
```

Editer et redémarrer Dropbear:

```bash
root@PiHole1:~# nano /etc/default/dropbear
root@PiHole1:~# systemctl restart dropbear.service
```



#### --help

```bash
Dropbear server v2022.83 https://matt.ucc.asn.au/dropbear/dropbear.html
Usage: dropbear [options]
-b bannerfile	Display the contents of bannerfile before user login
		(default: none)
-r keyfile      Specify hostkeys (repeatable)
		defaults:
		- dss /etc/dropbear/dropbear_dss_host_key
		- rsa /etc/dropbear/dropbear_rsa_host_key
		- ecdsa /etc/dropbear/dropbear_ecdsa_host_key
		- ed25519 /etc/dropbear/dropbear_ed25519_host_key
-R		Create hostkeys as required
-F		Don't fork into background
-e		Pass on server process environment to child process
-E		Log to stderr rather than syslog
-m		Don't display the motd on login
-w		Disallow root logins
-G		Restrict logins to members of specified group
-s		Disable password logins
-g		Disable password logins for root
-B		Allow blank password logins
-t		Enable two-factor authentication (both password and public key required)
-T		Maximum authentication tries (default 10)
-j		Disable local port forwarding
-k		Disable remote port forwarding
-a		Allow connections to forwarded ports from any host
-c command	Force executed command
-p [address:]port
		Listen on specified tcp port (and optionally address),
		up to 10 can be specified
		(default port is 22 if none specified)
-P PidFile	Create pid file PidFile
		(default /var/run/dropbear.pid)
-i		Start for inetd
-W <receive_window_buffer> (default 24576, larger may be faster, max 10MB)
-K <keepalive>  (0 is never, default 0, in seconds)
-I <idle_timeout>  (0 is never, default 0, in seconds)
-z    disable QoS
-V    Version
```



#### Passwordless:

```bash
cat ~/.ssh/id_rsa.pub | ssh -p65535 root@192.168.12.116 'cat>> ~/.ssh/authorized_keys'
```



### Log

```bash
# journalctl --no-pager | grep 'cron'
```



| Command                                       | Remark                                                       |
| :-------------------------------------------- | :----------------------------------------------------------- |
| `journalctl -u UNITNAME` (`--unit UNITNAME`)  | Displays messages of the given unit                          |
| `journalctl _PID=<process_id>`                | Displays messages of process with PID equals to <process_id> |
| `journalctl -r` (`--reverse`)                 | Displays list in reverse order, i.e. newest messages first   |
| `journalctl -f` (`--follow`)                  | Displays the tail of the log message list and shows new entries *live* |
| `journalctl -b` (`--boot`)                    | Displays messages since the last boot (i.e. no older messages). See also option `--list-boots` |
| `journalctl -k` (`--dmesg`)                   | Displays kernel messages                                     |
| `journalctl -p PRIORITY` (–priority PRIORITY) | Displays messages with the given priority. PRIORITY may be `merg`, `alert`, `crit`, `err`, `warning`, `notice`, `info` and `debug`. Also numbers as PRIORITY are possible |
| `journalctl -o verbose`                       | Displays additional meta data                                |
| `journalctl --disk-usage`                     | Displays the amount of disk space used by the logging messages |
| `journalctl --no-pager | grep <filter>`       | Filters log messages (filtering with `grep`)                 |



#### Quand sont exécutés les scripts cron.hourly, cron.daily, cron.montly...

```bash
grep run-parts /etc/crontab
#*/0 * * * * root cd / && run-parts --report /etc/cron.minutely
17 * * * * root cd / && run-parts --report /etc/cron.hourly
25 1 * * * root test -x /usr/sbin/anacron || { cd / && run-parts --report /etc/cron.daily; }
47 1 * * 7 root test -x /usr/sbin/anacron || { cd / && run-parts --report /etc/cron.weekly; }
52 1 1 * * root test -x /usr/sbin/anacron || { cd / && run-parts --report /etc/cron.monthly; }

```

#### Exécuter les scripts cron.hourly, cron.daily, cron.montly...

```bash
run-parts --test /etc/cron.hourly/
```

#### Ajouter un script à cron.hourly

```bash
root@PiHole1:/etc/cron.hourly# l
total 16
-rw-r--r-- 1 root root  102 Mar  2  2023 .placeholder
-rwxr-xr-x 1 root root 1311 Aug 27 19:49 dietpi
-rwxr-xr-x 1 root root  191 Feb 22  2012 fake-hwclock
-rwxr-xr-x 1 root root   60 Sep  5 09:47 pihole
```

```bash
nano /etc/cron.hourly/pihole

#!/bin/bash

#Look for pihole update
/root/update_pihole.sh
```



```bash
*/2 * * * *		# toutes les 2 minutes
* */2 * * *		# toutes les 2 heures

0 1 * * 1,3,5	# At 01:00 on Monday, Wednesday, and Friday
```