[el7_blog]
/dev/urandom

Cisco CCNA Cyber Ops SECOPS 210-255

Basic Shell Skills
Executing Commands
The purpose of the Linux shell is that it provides an environment in which commands can be executed. The shell takes care of interpreting the commands that a user has entered. The shell make a difference between three kinds of commands:

  • Aliases
  • Internal Commands
  • External Commands

An alias is a command that a user can define as needed. Type the alias command to get an overview.

[root@el7_blog.local ~]# alias
alias cp='cp -i'
alias l.='ls -d .* --color=auto'
alias ll='ls -l --color=auto'
alias ls='ls --color=auto'
alias mv='mv -i'
alias rm='rm -i'
alias which='alias | /usr/bin/which --tty-only --read-alias --show-dot --show-tilde'

To define an alias, use alias NEWCOMMAND='OLDCOMMAND', as in alias ll='ls -l --color=auto'

An internal command is a command that is a part of the shell itself. It is available when the shell is loaded and can be executed from memory without any lookup from disk.

An external command is a command that exists as an executable file on disk; because is has to be read from disk, it’s a bit slower.

To find out whether a command is a bash internal, or an executable file on disk, use the type command.

[root@el7_blog.local ~]# type time
time is a shell keyword

[root@el7_blog.local ~]# which time
/usr/bin/time

[root@el7_blog.local ~]# type /usr/bin/time
/usr/bin/time is /usr/bin/time

To look up external commands, the $PATH variable is used. This variable defines a list of directories that is searched for a matching filename when a users enters a command. You can use the which command to find the exact command the shell will be using. For security reasons the current directory is not in the $PATH variable, and Linux does not look in the current directory to see whether a specific command is available from that directory. That is why you need to start a command that is in the current directory but nowhere in the $PATH by including a ./ in front of it. The dot stands for the current directory, and by running it as ./, you’ll tell bash to look for the command in the current directory.

I/O Redirection
There are always three default files open, STDIN, STDOUT, and STDERR. These, and any other open files, can be redirected. Redirection simply means capturing output from a file, command, program, script, or even code block within a script and sending it as input to another file, command, program, or script.

Name Default Destination Redirection Use File Descriptor Number
STDIN Keyboard < 0
STDOUT Monitor > 1
STDERR Monitor 2> 2

In I/O redirection, files can be used to replace the default STDIN, STDOUT, and STDERR. You can also redirect to device files. A device file on Linux is a file that is used to access specific hardware. The hard disk for instance can be referred to as /dev/sda, the console as /dev/console or /dev/tty, and if you want to discard a commands output, you can redirect to /dev/null.

Redirector Explanation Example
> -or- 1> Redirect STDOUT > stdout.txt
>> -or- 1>> Redirect and append STDOUT >> stdout.txt
2> Redirect STDERR 2> stderr.txt
2>> Redirect and append STDERR 2>> stderr.txt
&> Redirect both STDOUT and STDERR &> stdout_err.txt
&>> Redirect and append both STDOUT and STDERR &>> stdout_err.txt


Using Pipes
A pipe | can be used to catch the output of one command and use that as input for a second command. A pipe | can be useful for chaining commands, scripts, files, and programs together.


 cat *.txt | sort | uniq > result-file
 # Sorts the output of all the .txt files and deletes duplicate lines, saving results to "result-file".


History
Bash is configured to keep the last 1,000 commands you have used. When a shell session is closed, the history of that session is updated to the history file .bash_history. The .bash_history file is created in the home directory of the user who started a specific shell session. The history file is closed only when the shell session is closed; until that moment, all commands in the history are kept in memory.

The history feature makes it easy to repeat complex commands. There are several ways of working history:

  • Type history to show a list of all commands in the bash history
  • Use Ctrl+r to open the prompt from which you can do backward searches in the commands that you have previously used. Use Ctrl+r again to search further backward based on the same search criteria.
  • Type !number to execute a command with a specific number from history.
  • Type !sometext to execute the last command that starts with sometext. Notice: !sometext is potentially dangerous because the command that was found is executed immediately!

Note: The history -c command wipes all history that is currently in memory, but it doesn’t remove the .bash_history file from the home directory.
 *  The history -w command writes the current history to the history file, overwriting the history file’s contents.
 * Use rm -fr ~/.bash_history to delete the history file. As an alternative to deleting the history file, you can use history -w after using history -c, i.e.history -c && history -w.

Bash Completion
Another useful feature of the bash shell is automatic completion. This feature helps you in finding the commands you need, and it also works on variables and filenames.

Just type the beginning of a command and press the Tab key on you keyboard. If there is only one option for completion, bash will complete the command automatically for you. If there are several options, you need to press the Tab key once more to get an overview of all available options.

Editing Files w/vi and/or vim
The only text editor that is always available is vi. An important concept when working with vi/vim is that it uses different modes. Two of them are particularly important: command mode and input mode. These modes often cause confusion because in command mode you can just enter a command and you cannot change the contents of a text file. To change the contents of a text file, you need to get to input mode.

vi/vim command Explanation
Esc Switches from input mode to command mode. Use this before typing any command.
i, a Switches from command mode to input mode at (i) or after (a) the current cursor position
o Opens a new line below the current cursor position and goes to input mode.
:wq Writes the current file and quits.
:q! Quits the file without applying any changes. The ! forces the command to do its work.
:w filename Writes the current file with a new filename
dd Deletes the current line.
yy Copies the current line.
P Pastes the current selection.
v Enters visual mode, allowing you to select a block of text using the arrow keys. Use d to cut, or y to copy the selection.
u Undoes the last command, repeat as needed.
Ctrl+r Redoes the last undo.
gg Goes to the first line in the document.
G Goes to the last line in the document.
/string Searches for string from the current cursor position forward.
?string Searches for string from the current cursor position backward.
^ Goes to the first position in the current line.
$ Goes to the last position in the current line.
!ls Adds the output of ls (or any other command) in the current file.
:%s/old/new/g Replaces ALL occurrences of old with new.
:9 Goes to line number 9.


Understanding the Shell Environment
Understanding Variables
Variables are fixed names that can be assigned dynamic values. The advantage for scripts and programs of working with variables is that the program only has to use the name of the variable without taking interest in the specified value that is assigned the the variable. Because the needs for different users are different, the variables that are set in a user environment will differ. The env command will give you an overview of the current variables defined in your shell.

Environment Configuration Files
When a user logs in, an environment is created for that user automatically. This happens on four different files where some script code can be specified and where variables can be defined for use by one specific user:

  • /etc/profile This is the generic file that is processed by all users upon login.
  • /etc/bashrc This file is processed when subshells are started.
  • ~/.bash_profile In this file, user-specific login shell variables can be defined.
  • ~/.bashrc In this file, subshell variables can be defined.

In these files a difference is made between a login shell and a subshell. A login shell is the first shell that is opened for a user after the user has logged in. From the login shell, a user may run scripts, which will start a subshell of that login shell. Bash allows for the creation of a different environment in the login shell and in the subshell but to make sure the same settings are used in all shells, it’s a good idea to include subshell settings in the login shell as well.

Using /etc/motd and /etc/issue
Bash offers an option to include messages in the /etc/motd and the /etc/issue files. Messages in the /etc/motd display after a user has sucessfully logged in to a shell. Another way to send information to users is by using /etc/issue. The contents of this file display before the user logs in.

Finding Help
Using --help