linux shell 踢人下线, kill or terminate unwanted tty/pts

How to kill or terminate unwanted tty/pts sessions in Linux?

Did you ever face this situation, a lot of terminal connections to your server?

Before starting, we have a brief discussion on TTY. The word tty stands for teletype terminals. Some years ago, user terminals were connected to computers’ electromechanical teleprinters or teletypewriters (TeleTYpewriter, TTY), since then the name TTY has continued to be used as the name for the text-only console. Here CryBit going to explain the command-line option to kill unwanted or unused or idle ttys.

We need the PID (Process ID) of that particular terminal (tty). First check the active connections server using the command “w.” Please see the sample output pasted below:

[email protected] [~]# w
 02:05:41 up 234 days, 23:46,  3 users,  load average: 1.47, 1.89, 1.98
USER     TTY      FROM              [email protected]   IDLE   JCPU   PCPU WHAT
root     pts/0    w3-oc.lolipop-i   23:51   53:49   0.04s  0.04s -bash
root     pts/2    w3-oc.lolipop-i   01:11    0.00s  0.01s  0.01s w
root     pts/3    w3-oc.lolipop-i   01:12   53:32   0.00s  0.00s -bash

Here, you can see three tty connections to your server, pts/0, pts/2 and pts/3 where PTS stands for pseudo terminal. You can also see which processes are currently executing for those tty connections. In this command we could not see the process ID (PID) of those ttys.

We can use the PS command to find out the process ID. Here is the sample output:

# ps -ft tty


[email protected] [~]# ps -ft pts/0
UID          PID    PPID  C STIME TTY          TIME CMD
root      331857  331761  0 Oct09 pts/0    00:00:00 -bash

Here You will get the user info and process ID. Then use kill command to terminate that tty connection.

# kill 

For the above example

# kill 331857

If the process doesn’t gracefully terminate, just as a last option you can forcefully kill by sending a SIGKILL

# kill -9 

Another way; single command to kill tty connections

You can also use the PKILL command along with the switch “-t” to kill a tty connection forcefully. Please see the commend pasted below:

# pkill -9 -t 


# pkill -9 -t pts/0

How to check the current tty/pts session where you connected?

Yup, before going with the kill command, you must have an idea about your tty/pts session. This can be simply checked using the command ps or tty. See the usages pasted below:

Using ps

[[email protected] ~]# ps
  PID TTY          TIME CMD
29849 pts/0    00:00:00 bash
29996 pts/0    00:00:00 ps

Using tty

[[email protected] ~]# tty

tty is the best command!!

That’s it!! Go ahead and kill _/\_

Recovering From a Kernel Panic Using a Custom ISO linux 急救

There are times when we modify our kernels to optimize them, upgrade them, or tinker around with them. Unfortunately for Linux-based operating systems, this means that there is the possibility of kernel panics – the equivalent to a “blue screen of death” on Windows. It’s important that you know how to recover from these, as any KVM VPS (including Vultr) or dedicated server that you use has its own kernel.

For this article, I’ll explain how to recover from a kernel panic on a Vultr VPS. I will be using an ISO from the SystemRescueCd project.

Step 1: Finding the error

From the Vultr control panel, select your VPS and hit VNC console. Attempt to boot the server, and you’ll be able to see the error. Take note of this so that you can repair it.

Step 2: Mounting a custom ISO from the control panel

Click the “ISO” option, and input the SystemRescueCd ISO URL. You may visit the official site for newer images.


From there, head back to your VPS controls and click “Mount ISO”.

You will be greeted with a pop-up screen by pressing the VNC console. Click “Enter” on the first option, and your system will start up.


Step 3: Rescuing your kernel

Now that you have access to a shell prompt, create a directory to mount your VPS’s disk.

mkdir /rescuedisk

Now, mount the disk.

mount /dev/vda1 /rescuedisk

You now have access to your files. At this point, you can choose whether to copy your files to a remote server, or research the kernel panic’s message that you took note of earlier.

An example of a kernel panic issue would be a missing /etc/shadow file, or any missing system file. You could replace a missing file with a backup by copying over /etc/shadow- to /etc/shadow. For example:

cd /rescuedisk
cp etc/shadow- etc/shadow

Once you have finished fixing the issue, unmount the ISO from the Vultr control panel and reboot your VPS by typing reboot in the prompt. If your issue was fixed, then your VPS will boot normally.














curl -i -X POST \

-H "Accept: application/json" \

-d ‘{

  "auth": {

    "passwordCredentials": {

      "username": "API用户名",

      "password": "API用户密码(请自己在面板里添加)"


    "tenantId": "店铺ID"


}’ \ 这是东京的API,其它地区的自己按照地址格式改。



  "access": {

    "token": {

      "issued_at": "2015-05-19T07:08:21.927295",

      "expires": "2015-05-20T07:08:21Z",

      "id": "sample00d88246078f2bexample788f7",





curl -i -X POST \

-H ‘Content-Type: application/json’ \

-H "Accept: application/json" \

-H "X-Auth-Token: (前面有个空格)这里是啥不用我说了吧" \

-d ‘{

    "iso-image": {

        "url": "ftp格式的ISO地址" 


}’ \店铺ID/iso-images 同样,这个是东京的API地址,其它地区的




curl -i -X GET \

-H ‘Content-Type: application/json’ \

-H "Accept: application/json" \

-H "X-Auth-Token: (同样前面有个空格)" \店铺ID/iso-images



  "iso-images": [


      "url": "",

      "path": "/mnt/isos/repos/tenant_iso_data/43b36734a9e541fd91a62fc63ee93fed/CentOS-6.6-x86_64-minimal.iso",

      "ctime": "Fri Oct 24 23:22:57 2014",

      "name": "CentOS-6.6-x86_64-minimal.iso",

      "size": 401604608



      "url": "",

      "path": "/mnt/isos/repos/tenant_iso_data/43b36734a9e541fd91a62fc63ee93fed/CentOS-7.0-1406-x86_64-Everything.iso",

      "ctime": "Sat Jul  5 07:16:46 2014",

      "name": "CentOS-7.0-1406-x86_64-Everything.iso",

      "size": 7062159360






curl -i -X POST \

-H "Accept: application/json" \

-H "X-Auth-Token: 不说了" \

-d ‘{"mountImage": "前面查看已上传的ISO里的path"}’ \店铺ID/servers/VPS的UUID(点开vps管理,在VPS设置里和网址上有)/action


curl -i -X GET \

-H "Accept: application/json" \

-H "X-Auth-Token: 不说了" \店铺ID/servers/上一步里的UUID






curl -i -X POST \

-H "Accept: application/json" \

-H "X-Auth-Token: 不说了" \

-d ‘{"unmountImage": ""}’ \店铺ID/servers/VPS的UUID/action







1. 首选VPN


2. 通过ssh反向隧道

树莓派上运行: ssh -NfR 80: [email protected][中转服务器公网IP] -p [中转服务器的ssh端口]

中转服务器还可以 将GatewayPorts参数设为yes






google: 访问内网 树莓派

putty winscp 登录后切换到 root


很多linux 默认都没有开放 root 登录,操作的时候会因为权限的问题很麻烦。

sudo -i            /        -su root      ,可以在 putty 里面切换到root

winscp 其实也可以:



Use sudo on Login

In some cases (with Unix/Linux server) you may be able to use sudo command straight after login to change a user, before file transfer session starts.

FTP protocol does not allow this.

The SFTP and SCP protocols allow for this, but the actual method is platform dependent.

With SFTP protocol, you can use SFTP server option on SFTP page of Advanced Site Settings dialog to execute SFTP binary under a different user. With OpenSSH server, you can specify:

sudo /bin/sftp-server

Note that SFTP server binary may be located elsewhere2) (e.g. in /usr/lib/sftp-server/usr/lib/openssh/sftp-server or /usr/libexec/openssh/sftp-server).

With SCP protocol, you can specify following command as custom shell on the SCP/Shell page of Advanced Site Settings dialog:

sudo -s

Change default network name to old “eth0″ on RHEL 7 / Fedora


Red Hat Enterprise 7 is based on fedora 19 and upstream of kernel 3.10

Ever wanted to change back to the default network device name like "ethX"

This is based on VMware installation i have the default nic name as"en01677736"

 [[email protected] ~]# ip addr show

1: lo: mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eno16777736: mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:92:78:40 brd ff:ff:ff:ff:ff:ff
inet XX.X.XX.XX/24 brd scope global dynamic eno16777736
valid_lft 85931sec preferred_lft 85931sec
inet6 fe80::20c:29ff:fe92:7840/64 scope link
valid_lft forever preferred_lft forever

[[email protected] ~]# vi /etc/default/grub

GRUB_DISTRIBUTOR=”$(sed ‘s, release .*$,,g’ /etc/system-release)”
GRUB_CMDLINE_LINUX=” crashkernel=auto vconsole.font=latarcyrheb-sun16 rhgb quiet”

Look for this line “GRUB_CMDLINE_LINUX” and add the following: “net.ifnames=0 biosdevname=0″

Should look like this:
GRUB_CMDLINE_LINUX=” crashkernel=auto vconsole.font=latarcyrheb-sun16 rhgb quiet net.ifnames=0 biosdevname=0

[[email protected] ~]# grub2-mkconfig -o /boot/grub2/grub.cfg
Generating grub configuration file …
Found linux image: /boot/vmlinuz-3.10.0-121.el7.x86_64
Found initrd image: /boot/initramfs-3.10.0-121.el7.x86_64.img
Found linux image: /boot/vmlinuz-0-rescue-df30d92ad3eb414583d85bb471003eb4
Found initrd image: /boot/initramfs-0-rescue-df30d92ad3eb414583d85bb471003eb4.img

If you didn’t put any names during the installation, you will need to rename the interface files by renaming the file /etc/sysconfig/network-scripts/ifcfg-*.

[[email protected] ~]# mv /etc/sysconfig/network-scripts/ifcfg-eno16777736 /etc/sysconfig/network-scripts/ifcfg-eth0
[[email protected] ~]# shutdown -r now

After system reboot

[[email protected] ~]# ip addr show
1: lo: mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:92:78:40 brd ff:ff:ff:ff:ff:ff
inet brd scope global dynamic eth0
valid_lft 86141sec preferred_lft 86141sec
inet6 fe80::20c:29ff:fe92:7840/64 scope link
valid_lft forever preferred_lft forever

Linux 下用 speedtest-cli 进行测速

 Windows 下我们可以很方便的直接浏览器访问 进行网速测试,在没有图形管理界面的 Linux 系统下,我们也可以用一个小脚本 speedtest-cli 进行测速。

本文使用的小脚本在 CentOS 6、Debian 7、Ubuntu 12.04/14.04 下均测试通过,因为这些发行版都默认包含了 Python 2.7.* 使用起来灰常方便。



wget -O speedtest-cli
chmod +x speedtest-cli

curl -o speedtest-cli
chmod +x speedtest-cli








(转)DDoS deflate – Linux下防御/减轻DDOS攻击


DDoS deflate介绍

DDoS deflate是一款免费的用来防御和减轻DDoS攻击的脚本。它通过netstat监测跟踪创建大量网络连接的IP地址,在检测到某个结点超过预设的限 制时,该程序会通过APF或IPTABLES禁止或阻挡这些IP.

DDoS deflate官方网站:



netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n



li88-99:~# netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
1 Address
1 servers)
8    VPS侦探


1、安装DDoS deflate

wget   //下载DDoS  deflate
chmod 0700    //添加权限
./             //执行

2、配置DDoS deflate

下面是DDoS deflate的默认配置位于/usr/local/ddos/ddos.conf ,内容如下:

##### Paths of the script and other files
IGNORE_IP_LIST="/usr/local/ddos/ignore.ip.list"  //IP地址白名单
CRON="/etc/cron.d/ddos.cron"    //定时执行程序

##### frequency in minutes for running the script
##### Caution: Every time this setting is changed, run the script with --cron
#####          option so that the new frequency takes effect
FREQ=1   //检查时间间隔,默认1分钟

##### How many connections define a bad IP? Indicate that below.
NO_OF_CONNECTIONS=150     //最大连接数,超过这个数IP就会被屏蔽,一般默认即可

##### APF_BAN=1 (Make sure your APF version is atleast 0.96)
##### APF_BAN=0 (Uses iptables for banning ips instead of APF)
APF_BAN=1        //使用APF还是iptables。推荐使用iptables,将APF_BAN的值改为0即可。

##### KILL=0 (Bad IPs are'nt banned, good for interactive execution of script)
##### KILL=1 (Recommended setting)
KILL=1   //是否屏蔽IP,默认即可

##### An email is sent to the following address when an IP is banned.
##### Blank would suppress sending of mails
EMAIL_TO="root"   //当IP被屏蔽时给指定邮箱发送邮件,推荐使用,换成自己的邮箱即可

##### Number of seconds the banned ip should remain in blacklist.
BAN_PERIOD=600    //禁用IP时间,默认600秒,可根据情况调整



netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -nr > $BAD_IP_LIST


netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sed -n ‘/[0-9]/p’ | sort | uniq -c | sort -nr > $BAD_IP_LIST

喜欢折腾的可以用Web压力测试软件测试一下效果,相信DDoS deflate还是能给你的VPS或服务器抵御一部分DDOS攻击,给你的网站更多的保护。

tc 基于 port 的控制


9.6. Classifying packets with filters

To determine which class shall process a packet, the so-called ‘classifier chain’ is called each time a choice needs to be made. This chain consists of all filters attached to the classful qdisc that needs to decide.

To reiterate the tree, which is not a tree:

                    root 1:
                   /  |  \
                  /   |   \
                 /    |    \
               10:   11:   12:
              /   \       /   \
           10:1  10:2   12:1  12:2

When enqueueing a packet, at each branch the filter chain is consulted for a relevant instruction. A typical setup might be to have a filter in 1:1 that directs a packet to 12: and a filter on 12: that sends the packet to 12:2.

You might also attach this latter rule to 1:1, but you can make efficiency gains by having more specific tests lower in the chain.

You can’t filter a packet ‘upwards’, by the way. Also, with HTB, you should attach all filters to the root!

And again – packets are only enqueued downwards! When they are dequeued, they go up again, where the interface lives. They do NOT fall off the end of the tree to the network adaptor!

9.6.1. Some simple filtering examples

As explained in the Classifier chapter, you can match on literally anything, using a very complicated syntax. To start, we will show how to do the obvious things, which luckily are quite easy.

Let’s say we have a PRIO qdisc called ’10:’ which contains three classes, and we want to assign all traffic from and to port 22 to the highest priority band, the filters would be:


# tc filter add dev eth0 protocol ip parent 10: prio 1 u32 match \ 
  ip dport 22 0xffff flowid 10:1
# tc filter add dev eth0 protocol ip parent 10: prio 1 u32 match \
  ip sport 80 0xffff flowid 10:1
# tc filter add dev eth0 protocol ip parent 10: prio 2 flowid 10:2


What does this say? It says: attach to eth0, node 10: a priority 1 u32 filter that matches on IP destination port 22 *exactly* and send it to band 10:1. And it then repeats the same for source port 80. The last command says that anything unmatched so far should go to band 10:2, the next-highest priority.

You need to add ‘eth0’, or whatever your interface is called, because each interface has a unique namespace of handles.

To select on an IP address, use this: