SSH

Stands for “Secure Shell”

Used to access a computer securely over an insecure network.

This prevents packets from being exposed and understood from other computers connected to the same network (unless it’s the computer you’re ssh-ing to).

It does this (usually) with public key pairs (asymmetric cryptography) to authenticate devices to each other.

It go like:

1. alice: send package to bob w/ alice’s lock on it (pkg 🔒^A)
2. bob: receives package and adds bob’s lock, sends back to alice (pkg 🔒^A🔒^B)
3. alice: receives package and unlocks alice’s lock 🔓^A, then sends back to bob (pkg 🔒^B)
4. bob: receives package and unlocks bob’s lock 🔓^B, reads data (pkg)

Review web terms with internet basics.

How it work?

• When you ssh into pc, you open a TCP connection* (unencrypted) between the source and destination pc.
  • Channel(s) are created to send the data (and enable multipex??? 😕)
• SSH breaks data down into packets
• payload (important data in packet) is encrypted
• server receives packets and decrypts data

* you can use other connection types like web sockets.

SSH can mean either:

• protocol
• suite of implementation utilities

Can do:

• Secure file transer
• Remote device management and account control
• Tunneling

• Forwarding TCP ports an X11 connections

• good video

• also good video

• TCP Forwarding
• X11 connections

The ssh or secure shell is a network protocol for operating networking services securely over a network. It uses encryption standards to securely connect and login to the remote system.

It stores a public key in the remote system and private key in the client system. Thes keys are produced as a pair mathematically. When both are applied to a bi-variable function, it will result in a value which will be used to check whether the pair is valid or invalid. This is the simplest explanation possible. To Learn more, please refer to this page.

Usage

Generate ssh key

ssh-keygen

It will prompt for a key-location (where the key will be saved) and passphrase (i.e. password). The passphrase is optional.

Use to generate public key for GitHub or Heroku to push/deploy commits without entering password.

If the key-location is DIR_PATH/keypairforssh, there will be two files

1. DIR_PATH/keypairforssh
2. DIR_PATH/keypairforssh.pub

The .pub is the public key you can share with remote systems. DO NOT share the private key.

Add private key to the key-agent

When the key pair is created, it justs exists as a set of two files. In order to connect to the remote system, it has to use the private key.

Use this

ssh-add DIR_PATH/keypairforssh

Connecting to remote host via SSH

username should be a valid user on the remote system and hostname is DNS-recognizable or an IP address so that ssh can contact the remote system and request for connection.

ssh [username]@hostname

This uses the private key on the local system and public key on the remote system and verifies these are valid pairs. It allows login if and only if key pair is valid and spawns a shell (type depends on the configuration for the user on the remote system) for your use. You can use the remote system as you are using the local system.

If the private key is not added to the key agent:

ssh -i /path/to/private/key/file username@hostname

The silly stuff

copying files

scp is the thing. It works like ssh and requires key-pair to work.

scp SOURCE_DIR_PATH DESTINATION_DIR_PATH
scp ~/Documents/source.txt [username]@[hostname]:~/Documents

Mounting remote filesystem

A better way to describe “mount” is “attach”.

The filesystem being mounted is attached to an empty directory of the existing filesystem. That is, the top level directory of the mounted filesystem becomes the directory on the existing filesystem.

Subdirectories of the mounted filesystem become the subdirectories of the former directory on the existing filesystem, and so on.

(The directory that was mounted on doesn’t really have to be empty, but after mounting any contents it had are inaccessible, until the filesystem is unmounted). — SO

sshfs is the tool for this

sshfs name@server:/path/to/remote/folder /path/to/local/mount/point

name is the username accepted on remote system and server is the remote hostname.

The nohup command allows you to keep on running commands even after you disconnect your SSH connection.

SSH Basics

Internet Basics

Brushing up on the fundamentals that I was taught a while ago and haven’t really thought too deeply about since!

The Internet is a global network of computers connected to each other which communicate through a standardized set of protocols.

When referring to The Internet™️, a network means a “group of computers that are connected to each other”.

For example, at your house the network could consist of a laptop, desktop, smart phone, and game console. Together, the networks from everyone’s home makes up the internet. Consider it a “network of networks”.

Overview

The core of the internet is a global network of interconnected routers, which are responsible for directing traffic between different devices and systems. When you send data over the internet, it is broken up into small packets that are sent from your device to a router. The router examines the packet and forwards it to the next router in the path towards its destination. This process continues until the packet reaches its final destination.

Terms

• Packet¹: A small unit of data transmitted over the internet.*
• Router: Device that directs packets between different networks.
• IP Address: Unique ID assigned to each device on a network. It’s used to route data to the correct destination.
• Domain Name: Human-readable name used to identify websites in place of an IP Address.
• DNS: Doman Name System, responsible for converting domain name into an IP address.
• HTTP: Hypertext Transfer Protocol, used to transfer data between client (browser) and server (web app/computer hosting it).
• HTTPS: An encrypted verison of HTTP. Used to provide secure communication between client and server.
• SSL/TLS: Secure Sockets Layer and Transport Layer Security protocols, used to provide secure communication over the network*.

Protocols

A protocol is a set of rules and standards that define how information is exchanged between devices and systems.

Aside from HTTP, HTTPS, SSL, TLS, and DNS mentioned earlier, other important ones include:

• IP: (Internet Protocol) responsible for routing packets to their correct destination.
• TCP: (Transmission Control Protocol) responsible for transmitting packets reliably and in correct order.
• UDP: (User Datagram Protocal) responsible for sending messages to other devices on an IP network.

Having these “rules” (standards and protocols) is what allows for devices and systems to be created from different manufacturers and vendors and they can still work and function together properly.

IP Addresses and Domain Names

An IP address is a unique identifier assigned to each device on a network. It’s used to route data to the correct destination, ensuring that information is sent to the intended recipient. IP addresses are typically represented as a series of four numbers separated by periods, such as “192.168.1.1”.

Domain names, on the other hand, are human-readable names used to identify websites and other internet resources. They’re typically composed of two or more parts, separated by periods. For example, “google.com” is a domain name. Domain names are translated into IP addresses using the Domain Name System (DNS).

• How the Internet Works: An Overview
• More about DNS
• More about internet/router settings
• More about networking

form_with multipart data

This whole time I thought I needed to do this for supporting files in forms:

  form_with(model: attachment, html: { enctype: "multipart/form-data"} ) 

but it turns out you can actually just do this:

form_with(model: attachment, multipart: true)

which is cleaner and easier to remember.

When to use DB Indexes

Indexes are something I don’t really think about a lot, but know that they can have dramatic impacts on performance.

A good rule of thumb is to create database indexes for everything that is referenced in the WHERE, HAVING and ORDER BY parts of your SQL queries. — Igor Šarčević

You should pretty much add indexes to all foreign keys.

An index for a certain column/columns in a database works similarly to an index in a book. Instead of scanning every page of a book for all instances of a subject, we flip to the index, which is usually alphabetized in some fashion, and find the subject in there. The subject entry points us to the relevant pages of the book. — source

Another case is for uniqueness.

For example, if a users table has a uniqueness validation for combination email and username.

(i.e. there cannot be more than one user with the same email/username combo)

Indexing the email attribute will allow our database to abort any save operation on a non-unique email, giving us a second line of defense against the wild users of your site.

add_index :table_name, [:column_name_a, :column_name_b], unique: true

source

Ruby Refinements

Whenever I’ve had a predifined class and wanted to add/modify a method to it, I’ve always patched it or seen people make a Concern or something.

Apparently, Ruby has a built in thing for this exactly that is better called Refinements.

# Instead of a monkey patch

class String
  def to_a
    return [] if blank?

    str = dup
    str.slice!("[")
    str.slice!("]")
    str.split(",")
  end
end

# Do this instead


module StringToArray
  refine String do
    def to_a
      return [] if blank?

      str = dup
      str.slice!("[")
      str.slice!("]")
      str.split(",")
    end
  end
end

# Then in module or class that you use it
module ResourceCreator
  using StringToArray
end

• Mastering refinements in Ruby
• Ruby Refinements