Added SSH and Wireshark topics. Updates shortcuts on Frontpage

KleinDocs.tree

@@ -10,12 +10,14 @@
     <toc-element topic="KleinOps.md">
         <toc-element topic="OS.md">
             <toc-element topic="Windows.md"/>
-            <toc-element topic="Linux.md"/>
+            <toc-element topic="Linux.md">
+                <toc-element topic="SSH-keys.md"/>
+            </toc-element>
         </toc-element>
         <toc-element topic="Apps.md">
             <toc-element topic="Overview.md"/>
             <toc-element topic="Github.md"/>
-            <toc-element topic="-gebruik.md"/>
+            <toc-element topic="Paperless-gebruik.md"/>
             <toc-element topic="Containerrr.md"/>
             <toc-element topic="Wazuh.md"/>
         </toc-element>
@@ -23,6 +25,7 @@
             <toc-element topic="HomeAssistant.md"/>
         </toc-element>
         <toc-element topic="Network.md">
+            <toc-element topic="Remote-Wireshark-on-Linux.md"/>
             <toc-element topic="Networking.md"/>
             <toc-element topic="CloudflareConfig.md"/>
             <toc-element topic="Endpoints.md"/>

topics/FrontPage.md

@@ -11,16 +11,17 @@ Select the subject you're looking for in the left menu bar, or use the [](#short
 ### Alphabetical shortcuts
 {#shorts}
 
-| Link to page                      | Link to page       | Link to page             |
+| Shortcut to page                  | Shortcut to page         | Shortcut to page                 |
-|-----------------------------------|--------------------|--------------------------|
+|-----------------------------------|--------------------------|----------------------------------|
-| [](Apps.md)                       | [](Linux.md)       | [](Overview.md)          |
+| [](Apps.md)                       | [](KleinServer.md)       | [](Remote-Wireshark-on-Linux.md) |
-| [](CloudflareConfig.md)           | [](KleinServer.md) | [](-gebruik.md)          |
+| [](CloudflareConfig.md)           | [](KleinSense.md)        | [](Routers.md)                   |           
-| [](Documents.md)                  | [](KleinSense.md)  | [](Router-addresses.md)  |
+| [](Documents.md)                  | [](KleinOps.md)          | [](Router-addresses.md)          |
-| [](Endpoints.md)                  | [](KleinOps.md)    | [](Routers.md)           |
+| [](Endpoints.md)                  | [](KleinHole.md)         | [](Server-addresses.md)          |
-| [](Familie-Klein-foto-archief.md) | [](KleinHole.md)   | [](Server-addresses.md)  |
+| [](Familie-Klein-foto-archief.md) | [](Media.md)             | [](Servers.md)                   |
-| [](Github.md)                     | [](Media.md)       | [](Servers.md)           |
+| [](Github.md)                     | [](Network.md)           | [](SSH-keys.md)                  |
-| [](Home_automation.md)            | [](Network.md)     | [](Switch-addresses.md)  |
+| [](Home_automation.md)            | [](Networking.md)        | [](Switch-addresses.md)          |
-| [](HomeAssistant.md)              | [](Networking.md)  | [](ToDo.md)              |
+| [](HomeAssistant.md)              | [](OS.md)                | [](ToDo.md)                      |
-| [](KleinArchives.md)              | [](OS.md)          | [](Wazuh.md)             |
+| [](KleinArchives.md)              | [](Other.md)             | [](Wazuh.md)                     |
-| [](Klein-Familiearchief.md)       | [](Other.md)       | [](Windows.md)           |
+| [](Klein-Familiearchief.md)       | [](Overview.md)          | [](Windows.md)                   |
+| [](Linux.md)                      | [](Paperless-gebruik.md) |                                  |
 

topics/KleinOps/network/Remote-Wireshark-on-Linux.md

@@ -0,0 +1,52 @@
+<primary-label ref="document"/>
+
+# Remote Wireshark
+
+This page contains the procedure to set up Remote packet sniffing on Linux with Wireshark.
+## ___________________
+_*Linux target*_ (NOT possible on OPNsense/Freebsd)  
+Add a capture group and add yourself to it.
+```
+$ sudo groupadd pcap
+$ sudo usermod -a -G pcap $USER
+```
+Next, add the pcap group and set permissions to tcpdump
+```
+$ sudo chgrp pcap /usr/sbin/tcpdump
+$ sudo chmod 750 /usr/sbin/tcpdump
+```
+*OR* (depending on the distro)
+```
+$ sudo chgrp pcap /usr/bin/tcpdump
+$ sudo chmod 750 /usr/bin/tcpdump
+``` 
+Finally, use setcap to give tcpdump the necessary permissions:
+```
+$ sudo setcap cap_net_raw,cap_net_admin=eip /usr/sbin/tcpdump
+```
+_*Windows system running Wireshark*_
+
+(re-)Install the latest Wireshark and make sure you tick _*sshdump*_ option during the installation process.  
+
+Click the _*SSH remote capture*_ icon and fill out the following fields:  
+
+Server tab
+```
+Remote SSH server address: <remote system's IP address>
+Remote SSH server port: <SSH port> (most likely: 22)
+```
+Authentication tab
+```
+Remote SSH server username: <username for capture process>
+Remote SSH server password: <password for username>
+```
+Capture tab
+```
+Remote capture command selection: tcpdump
+Gain capture privilege on the remote machine: sudo
+Privileged user name for sudo or doas: <username for capture process> (as above)
+```
+
+Check the "Save parameter(s) on capture start" tick box.
+
+Exit and start the sniffer by clicking the _*SSH remote capture*_ caputure device.

topics/KleinOps/network/Server-addresses.md

@@ -5,6 +5,16 @@
 This page contains server address information.
 ## ___________________________
 
+### Preferred port ranges
+
+| Purpose                  | From | To   |
+|--------------------------|------|------|
+| Misc standalone services | 3000 | 3099 |
+| Public Websites          | 4000 | 4099 |
+| Backend                  | 4100 | 4199 |
+| Databases                | 5000 | 5099 |
+| Internal web GUI         | 8000 | 8099 |
+
 ```
 ### KleinServer
 {#kleinserver}

topics/KleinOps/os/Linux/SSH-keys.md

@@ -0,0 +1,33 @@
+<primary-label ref="document"/>
+
+# Set up SSH keys
+
+How to setup access to Linux systems using SSK keys.
+## ___________________
+
+Linux server:
+```
+cd ~/.ssh
+$ ssh-keygen -t ed25519
+```
+Put id_ed25519.pub key content -> ~/.ssh/authorized_keys
+```
+$ chmod 700 ~/.ssh
+$ chmod 600 ~/.ssh/authorized_keys
+$ chown $USER:$USER ~/.ssh -R
+```
+Windows client:
+```
+copy Linux server: id_ed25519 -> Windows: C:\users\<user>\.ssh\id_ed25519_<server name>_<server user>  
+
+In Solar-putty:  
+Left-top menu-dots: Generate certificates  
+
+In Putty keygen:  
+Conversions/import key: C:\users\<user>\.ssh\id_ed25519_<server name>_<server user>  
+
+Save private key: 
+id_ed25519_<server name>_<server user>.ppk  
+
+Solar-putty: Settings/Credentials/Private key: 
+id_ed25519_<server name>_<server user>.ppk  

topics/KleinOps/servers/KleinServer.md

@@ -26,19 +26,6 @@
 | xrdp      | Dedicated account for service                      |
 | Azure     | Dedicated account for service                      |
 
-
-
-### Preferred port ranges
-
-| Purpose                  | From | To   |
-|--------------------------|------|------|
-| Misc standalone services | 3000 | 3099 |
-| Public Websites          | 4000 | 4099 |
-| Backend                  | 4100 | 4199 |
-| Databases                | 5000 | 5099 |
-| Internal web GUI         | 8000 | 8099 |
-
-
 ### Ports & containers (by name)
 
 | Process                     | (Published) IP port | Remarks |