From f55681031039ce47e79b8283e9539067df3ad260 Mon Sep 17 00:00:00 2001
From: Rudi <rudi.klein@rudiklein.nl>
Date: Mon, 28 Oct 2024 17:24:23 +0100
Subject: [PATCH] Added SSH and Wireshark topics. Updates shortcuts on
 Frontpage

---
 KleinDocs.tree                                |  7 ++-
 topics/FrontPage.md                           | 25 ++++-----
 .../{-gebruik.md => Paperless-gebruik.md}     |  0
 .../network/Remote-Wireshark-on-Linux.md      | 52 +++++++++++++++++++
 topics/KleinOps/network/Server-addresses.md   | 10 ++++
 topics/KleinOps/os/Linux/SSH-keys.md          | 33 ++++++++++++
 topics/KleinOps/servers/KleinServer.md        | 13 -----
 7 files changed, 113 insertions(+), 27 deletions(-)
 rename topics/KleinArchives/documents/{-gebruik.md => Paperless-gebruik.md} (100%)
 create mode 100644 topics/KleinOps/network/Remote-Wireshark-on-Linux.md
 create mode 100644 topics/KleinOps/os/Linux/SSH-keys.md

diff --git a/KleinDocs.tree b/KleinDocs.tree
index 52c180b..d529525 100644
--- a/KleinDocs.tree
+++ b/KleinDocs.tree
@@ -10,12 +10,14 @@
     <toc-element topic="KleinOps.md">
         <toc-element topic="OS.md">
             <toc-element topic="Windows.md"/>
-            <toc-element topic="Linux.md"/>
+            <toc-element topic="Linux.md">
+                <toc-element topic="SSH-keys.md"/>
+            </toc-element>
         </toc-element>
         <toc-element topic="Apps.md">
             <toc-element topic="Overview.md"/>
             <toc-element topic="Github.md"/>
-            <toc-element topic="-gebruik.md"/>
+            <toc-element topic="Paperless-gebruik.md"/>
             <toc-element topic="Containerrr.md"/>
             <toc-element topic="Wazuh.md"/>
         </toc-element>
@@ -23,6 +25,7 @@
             <toc-element topic="HomeAssistant.md"/>
         </toc-element>
         <toc-element topic="Network.md">
+            <toc-element topic="Remote-Wireshark-on-Linux.md"/>
             <toc-element topic="Networking.md"/>
             <toc-element topic="CloudflareConfig.md"/>
             <toc-element topic="Endpoints.md"/>
diff --git a/topics/FrontPage.md b/topics/FrontPage.md
index 58064f5..10c9b75 100644
--- a/topics/FrontPage.md
+++ b/topics/FrontPage.md
@@ -11,16 +11,17 @@ Select the subject you're looking for in the left menu bar, or use the [](#short
 ### Alphabetical shortcuts
 {#shorts}
 
-| Link to page                      | Link to page       | Link to page             |
-|-----------------------------------|--------------------|--------------------------|
-| [](Apps.md)                       | [](Linux.md)       | [](Overview.md)          |
-| [](CloudflareConfig.md)           | [](KleinServer.md) | [](-gebruik.md)          |
-| [](Documents.md)                  | [](KleinSense.md)  | [](Router-addresses.md)  |
-| [](Endpoints.md)                  | [](KleinOps.md)    | [](Routers.md)           |
-| [](Familie-Klein-foto-archief.md) | [](KleinHole.md)   | [](Server-addresses.md)  |
-| [](Github.md)                     | [](Media.md)       | [](Servers.md)           |
-| [](Home_automation.md)            | [](Network.md)     | [](Switch-addresses.md)  |
-| [](HomeAssistant.md)              | [](Networking.md)  | [](ToDo.md)              |
-| [](KleinArchives.md)              | [](OS.md)          | [](Wazuh.md)             |
-| [](Klein-Familiearchief.md)       | [](Other.md)       | [](Windows.md)           |
+| Shortcut to page                  | Shortcut to page         | Shortcut to page                 |
+|-----------------------------------|--------------------------|----------------------------------|
+| [](Apps.md)                       | [](KleinServer.md)       | [](Remote-Wireshark-on-Linux.md) |
+| [](CloudflareConfig.md)           | [](KleinSense.md)        | [](Routers.md)                   |           
+| [](Documents.md)                  | [](KleinOps.md)          | [](Router-addresses.md)          |
+| [](Endpoints.md)                  | [](KleinHole.md)         | [](Server-addresses.md)          |
+| [](Familie-Klein-foto-archief.md) | [](Media.md)             | [](Servers.md)                   |
+| [](Github.md)                     | [](Network.md)           | [](SSH-keys.md)                  |
+| [](Home_automation.md)            | [](Networking.md)        | [](Switch-addresses.md)          |
+| [](HomeAssistant.md)              | [](OS.md)                | [](ToDo.md)                      |
+| [](KleinArchives.md)              | [](Other.md)             | [](Wazuh.md)                     |
+| [](Klein-Familiearchief.md)       | [](Overview.md)          | [](Windows.md)                   |
+| [](Linux.md)                      | [](Paperless-gebruik.md) |                                  |
 
diff --git a/topics/KleinArchives/documents/-gebruik.md b/topics/KleinArchives/documents/Paperless-gebruik.md
similarity index 100%
rename from topics/KleinArchives/documents/-gebruik.md
rename to topics/KleinArchives/documents/Paperless-gebruik.md
diff --git a/topics/KleinOps/network/Remote-Wireshark-on-Linux.md b/topics/KleinOps/network/Remote-Wireshark-on-Linux.md
new file mode 100644
index 0000000..12e6d4b
--- /dev/null
+++ b/topics/KleinOps/network/Remote-Wireshark-on-Linux.md
@@ -0,0 +1,52 @@
+<primary-label ref="document"/>
+
+# Remote Wireshark
+
+This page contains the procedure to set up Remote packet sniffing on Linux with Wireshark.
+## ___________________
+_*Linux target*_ (NOT possible on OPNsense/Freebsd)  
+Add a capture group and add yourself to it.
+```
+$ sudo groupadd pcap
+$ sudo usermod -a -G pcap $USER
+```
+Next, add the pcap group and set permissions to tcpdump
+```
+$ sudo chgrp pcap /usr/sbin/tcpdump
+$ sudo chmod 750 /usr/sbin/tcpdump
+```
+*OR* (depending on the distro)
+```
+$ sudo chgrp pcap /usr/bin/tcpdump
+$ sudo chmod 750 /usr/bin/tcpdump
+``` 
+Finally, use setcap to give tcpdump the necessary permissions:
+```
+$ sudo setcap cap_net_raw,cap_net_admin=eip /usr/sbin/tcpdump
+```
+_*Windows system running Wireshark*_
+
+(re-)Install the latest Wireshark and make sure you tick _*sshdump*_ option during the installation process.  
+
+Click the _*SSH remote capture*_ icon and fill out the following fields:  
+
+Server tab
+```
+Remote SSH server address: <remote system's IP address>
+Remote SSH server port: <SSH port> (most likely: 22)
+```
+Authentication tab
+```
+Remote SSH server username: <username for capture process>
+Remote SSH server password: <password for username>
+```
+Capture tab
+```
+Remote capture command selection: tcpdump
+Gain capture privilege on the remote machine: sudo
+Privileged user name for sudo or doas: <username for capture process> (as above)
+```
+
+Check the "Save parameter(s) on capture start" tick box.
+
+Exit and start the sniffer by clicking the _*SSH remote capture*_ caputure device.
\ No newline at end of file
diff --git a/topics/KleinOps/network/Server-addresses.md b/topics/KleinOps/network/Server-addresses.md
index 6faa8f2..76bf357 100644
--- a/topics/KleinOps/network/Server-addresses.md
+++ b/topics/KleinOps/network/Server-addresses.md
@@ -5,6 +5,16 @@
 This page contains server address information.
 ## ___________________________
 
+### Preferred port ranges
+
+| Purpose                  | From | To   |
+|--------------------------|------|------|
+| Misc standalone services | 3000 | 3099 |
+| Public Websites          | 4000 | 4099 |
+| Backend                  | 4100 | 4199 |
+| Databases                | 5000 | 5099 |
+| Internal web GUI         | 8000 | 8099 |
+
 ```
 ### KleinServer
 {#kleinserver}
diff --git a/topics/KleinOps/os/Linux/SSH-keys.md b/topics/KleinOps/os/Linux/SSH-keys.md
new file mode 100644
index 0000000..e651dc4
--- /dev/null
+++ b/topics/KleinOps/os/Linux/SSH-keys.md
@@ -0,0 +1,33 @@
+<primary-label ref="document"/>
+
+# Set up SSH keys
+
+How to setup access to Linux systems using SSK keys.
+## ___________________
+
+Linux server:
+```
+cd ~/.ssh
+$ ssh-keygen -t ed25519
+```
+Put id_ed25519.pub key content -> ~/.ssh/authorized_keys
+```
+$ chmod 700 ~/.ssh
+$ chmod 600 ~/.ssh/authorized_keys
+$ chown $USER:$USER ~/.ssh -R
+```
+Windows client:
+```
+copy Linux server: id_ed25519 -> Windows: C:\users\<user>\.ssh\id_ed25519_<server name>_<server user>  
+
+In Solar-putty:  
+Left-top menu-dots: Generate certificates  
+
+In Putty keygen:  
+Conversions/import key: C:\users\<user>\.ssh\id_ed25519_<server name>_<server user>  
+
+Save private key: 
+id_ed25519_<server name>_<server user>.ppk  
+
+Solar-putty: Settings/Credentials/Private key: 
+id_ed25519_<server name>_<server user>.ppk  
diff --git a/topics/KleinOps/servers/KleinServer.md b/topics/KleinOps/servers/KleinServer.md
index f5db070..4a816c0 100644
--- a/topics/KleinOps/servers/KleinServer.md
+++ b/topics/KleinOps/servers/KleinServer.md
@@ -26,19 +26,6 @@
 | xrdp      | Dedicated account for service                      |
 | Azure     | Dedicated account for service                      |
 
-
-
-### Preferred port ranges
-
-| Purpose                  | From | To   |
-|--------------------------|------|------|
-| Misc standalone services | 3000 | 3099 |
-| Public Websites          | 4000 | 4099 |
-| Backend                  | 4100 | 4199 |
-| Databases                | 5000 | 5099 |
-| Internal web GUI         | 8000 | 8099 |
-
-
 ### Ports & containers (by name)
 
 | Process                     | (Published) IP port | Remarks |