Temporarily interrupting an SSH session to run local commands

2025-02-28 21:16:00

I was today-years-old when I realized something about SSH that I hadn't realized before. 

A student of mine was using SSH to connect between two Linux hosts and he wondered if it's possible to temporarily pause or interrupt the SSH session, so he can run a few commands on the source / originating host. 

I thought, surely there must be! And there is! I just never realized before. :)

Way way way back, twenty years ago, we used Cyclades terminal servers at ${Customer}. Nifty rackmounted boxes that hook up to the network and provide SSH access to 24 or more serial ports. 

I remembered from back then that SSH had a command to immediately kill an SSH connection: ~. 

The tilde being the stop / escape character for SSH and the dot being the kill command. You could also quickly type ~? in an SSH session to pull up a menu. 

To answer my student's question, I hopped into my Fedora box from Windows with SSH and then did another SSH to Ubuntu. That's one SSH after connecting using another. 

You can stack multiple tildes to indicate which SSH client you're talking to. Typing ~. kills the Windows to Fedora connection, while ~~. kills the Fedora to Ubuntu connection. 

Looking at the ~? menu I noticed a few neat options, including ~^Z. 

In Unix terminals, ^Z (ctrl Z) is used to send a suspend / SIGSTOP to your running process. So indeed, the following happened:

tess@ubuntu $ hostname
ubuntu

tess@ubuntu $ ~^Z
bash: suspended ssh

tess@fedora $ hostname
fedora

tess@fedora $ fg

tess@ubuntu

It works! :D

kilala.nl tags: work, mentor, studies,

View or add comments (curr. 0)

Introspection, with a little help

2025-02-27 11:21:00

The cards shown in the image above are from the Eldritch Overload tarot deck, by weird.works.

Last summer I did some soul-searching, some introspection, to figure out which direction I could or should take my career. I learned a lot about myself, by asking myself a few simple questions and then mind mapping my answers. 

• Which things do I like which are good for ...
  • My ego?
  • Others?
  • Fun?
• Which things am I bad at?
• Which things do I dislike?
• What are my pitfalls?

At the time I, once again, determined that Discord is a big pitfall for me (as is Reddit). So this week I quit Discord cold turkey; it's done me a lot of good!

Another big issues which I found for myself is trying to do too many things at the same time. And I'm doing it again!

I'm currently teaching three classes and juggling three different consulting customers. I also have our household and my business to run and I have my own studies to keep up with. 

Today I turned to another introspection tool: tarot. 

I'm not one for mysticism or esotery (that changed since my early late teenage years), I don't believe in some unseen force telling me stuff through pieces of cardboard. What I do find in tarot, is another way of asking myself questions. These cards and their suggested meanings provide me another point of view on a situation.

I posited the following:

"I feel that I must learn and study, to keep up with the times, to keep my career and employability viable. I even started making less billable hours to make more time for studying! I'm generating a lot less income, while trying to rush for certifications. This isn't a problem yet, but can I keep up with this?"

I pulled the cards shown at the top of this post:

• Past: VI of potions.
• Present: Queen of coins, reversed.
• Future: Knight of swords.

The Eldritch Overload cyberpunk tarot deck is lovely and the accompanying guide is both gorgeous and helpful. 

My interpretation of these pulls:

• The more we learn, the more we grow. (knight)
• Beware your priorities, do not lose sight of your loved ones. (rev. queen)
• Find what used to bring you joy and energy. Re-find the fun and wonder. (VI)
• Don't keep chasing the lastest and newest. Take time to grow and consume. (knight)

Taking an hour to mull things over, I decided that:

• I should hold off on taking on even more work, customers and projects.
• I should drop a few of my latest projects, like contributing to a book someone else is writing.
• I should continue with the CPTS learning path that I started in January.
• But I should lower my own stress levels by accepting that I won't finish it in time for my OSCP+ exam. Like the first time I took OSCP, I'll just do it and I'll see how things end up. 

kilala.nl tags: life,

View or add comments (curr. 1)

Keeping learning accessible

2025-02-23 10:23:00

I'm on various IT-learning Discords, to my own detriment sometimes, that's no secret. 

On one of the servers, three or four of us experienced folks have been coaching one particular learner who's been on A+ 1101 for six months now. Along the way, the student has had a much lower pace than the average student and almost every topic leads to days-long discussions on intricacies or on misunderstandings of the topic.

It's to such a point that some of the new faces (whom join the server every week) utter things like "surely you're trolling" and "you can't be serious".

Among the seniors we've discussed the matter and we're sure this learner is not a troll. Instead there are a number of clues that point at either a learning disability, neurodivergence or simply a somewhat lower cognitive capability. These include:

• Highly repetitive speech patterns.
• Confusion caused by sentences with complex grammar or vocabulary.
• Taking learning content or written or spoken word absolutely literally. 
• When asked to summarize what they learned on a certain topic, they will combine copy/paste of what was told to them with injections of random terms and concepts that are seemingly unrelated or provably false.
• A seeming lack of capabilities in visualization and in cause-effect or complex pattern thinking.
• Spending countless hours taking notes and trying to summarize a 5-15 minute video. To quote: "[I spent 2 days] going over the transcript [of a 23 minute video] and copying stuff there, making a reference page for each slide, etc then making questions to test myself on the material from the vids"

Recognizing such indicators is one thing, knowing how to deal with them is another thing entirely. Unfortunately we're not quite equipped for it. 

For one, each of us is just another visitor of the Discord server. We do this in our spare time, to help others and to have a little fun along the way. It's not within our capabilities to spend 4+ hours every day providing 1:1 coaching to this learner. 

Sub-optimal factors for the learner:

• They attend an online degree programme, with zero learner-teacher interaction. It's all self-study. 
• They use the professor Messer free YouTube videos to learn for the A+ certification. 
• They mostly interact with us through written chat messages, on their phone. 
• Seemingly all the learning and note taking also occurs on their phone. 

I have theorized that the learner in question surely would be better served by attending a "real" school: brick & mortar buildings, full-on interaction between students and teachers, a teacher who can immediately notice that a student is struggling. Unfortunately, going to such a school is not always an option given factors like location, region, personal budget and their social situation or upbringing.

It's been an interesting journey.

Just today I've had to remind some of the others in the server that not every brain operates in the same fashion. Case in point:

• Not everyone grasps language at the same level and introductory level teaching should ideally take place at A2/B1 levels of language proficiency. For example, when another member stated "“a single drive failure breaks the array with data loss” and “array will work as long as one drive is operational” aren’t hard to understand", they were wrong. That's not A2/B1 level writing. 
• Aphantasia is a real thing. I just did the comparison with myself and Marli: I'm a 5 (I can vividly "see" an apple in my mind, turn it over, heck even take a bit out of it and remember how that feels and tastes). Marli is a 3 on that scale. This is why we need diagrams in teaching, next to just spoken or written word. 

kilala.nl tags: work, mentor,

View or add comments (curr. 0)

The impact of DOGE and a case for non-political case studies

2025-02-12 19:52:00

On the CompTIA Instructor's Network, Greg wondered whether DOGE (the newly minted NGO in the US) is actually a threat to national security. A lively discussion broke out, where Hank remarked:

"In this case, I am not sure how to discuss the technical issues without politics."

I suggested that we can discuss the issue, from the point of view of the aspects of infosec which we teach: Risk management. Threat modeling. Assumed breach. Access controls. Data destruction.

So here's a threat modeling exercise:

• Business process: monthly social security payments
• Protected assets: PII, financial data, database with past and current transactions, credentials for authorizing payments
• Business interest: continue primary business process, maintain CIA of assets per SLA or requirements.
• Related infrastructure: office terminal, office network, database server, bank payment API
• Related personnel: office workers, customer support, database admin, server admin, bank personnel

The case:

• Threat actor: unauthorized party from outside the organisation, acting with assumed yet unverified authority.
• Threat entry: forced access to office or data center.
• Threat interests: PII, financial data, disrupting primary business process.
• Threat activities: assume control of office terminals, assume control of office worker credentials, assume control of administrator credentials, remove hardware from data center for destruction or for data retrieval.

Question to the students:

Which security controls can we put in place to disrupt the threat actor's activities and to prevent or mitigate the threat actor's interests and activities?

kilala.nl tags: work, mentor,

View or add comments (curr. 0)