konsthol/SecDep
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3c168336d9addd40c4f1311d622eda2b58512b49
SecDep/assets/pages/tips_tricks/tips_n_tricks.md

2.3 KiB
Raw Blame History

Put cloned repository to PATH 👣

By putting it in the path, you can use it from anywhere in the terminal.

For bash, you could run something like this:

echo 'export PATH="$PATH:/path/to/SecDep"' >> ~/.bashrc

For zsh, you could run something like this:

echo 'export PATH="$PATH:/path/to/SecDep"' >> ~/.zshrc

Make it executable 🪄

chmod +x /path/to/SecDep/secdep.py

Make an alias 🧙

For bash

echo "alias secdep='python3 /path/to/SecDep/secdep.py'" >> ~/.bashrc

For zsh

echo "alias secdep='python3 /path/to/SecDep/secdep.py'" >> ~/.zshrc

Or if it is in the path:

For bash

echo "alias secdep='secdep.py'" >> ~/.bashrc

For zsh

echo "alias secdep='secdep.py'" >> ~/.zshrc

Usage after those steps 📖

We can now use the tool by running secdep in the terminal.

For example secdep -h will show the help menu.

Easier ssh command 💪

If the repository is in the path, you can make a zsh or bash function in your .zshrc or .bashrc respectively as:

function secdepssh {
ssh -i $(whereis secdep) secdep@$1
}

Where $1 will be the instance's ip address.

Then it is only a matter of secdepssh <ip>

Specific aws use case

When using aws as provider value, you can use the --awsregion flag to specify the region on which we operate. That decreases the speed of some actions because it no longer needs to go through all of the regions to check if there are any nodes there.

Example usage:

secdep -P aws -l --awsregion us-east-2

secdep -P aws -a deleteall --awsregion us-east-2

Usage with Ansible 🤖

If you have Ansible installed, you can use the hosts file generated by SecDep to run commands on all of the instances simultaneously. This file is located in the SecDep directory and is being updated every time you create or delete an instance. All instances have a secdep user created and you automatically have an ssh key to use for the connection so as long as you create all instances with or without the --deploy flag you can easily use Ansible. That is because this flag calls the hardening script which among the hardening steps changes the default ssh port.

Example usage with ansible from the same directory as the hosts file:

ansible all -i hosts --private-key=secdep -u secdep -a 'echo "This text was created by Ansible" > /home/secdep/ansible.txt'

Reference in New Issue View Git Blame Copy Permalink