DEV Community: Baraa Mohamed

Rename Functions, Variables, or Any Text Across Multiple Files with One Command! 🔍🔄

Baraa Mohamed — Tue, 10 Dec 2024 14:58:24 +0000

I’ve come into situation before while I was building Employee Management System Full-stack website, Where I needed to change name of variable and some functions but the issue was that they are used in many files.

For them being used in multiple files it wasn’t logically to manually detect them in each file and replace them.

One solution I found is using Linux commands :

find . \( -path "./node_modules"  \) -prune -o -name "*.js" -exec sed -i "s/old_text/new_text/g" {} +

find : is used to find certain files, here we use it to find all .js files
 : the backslashes are used for Linux to execute what’s inside instead of giving an error
-path : To specify certain path which we will prune
-prune : To ignore certain paths from this command’s execution
-o : Is or option so if left side is executed ( which is ignoring “node_modules” ) we skip executing rest of command after -o .
-name "*.js" : to find any file that is .js when it’s not “node_modules” folder.
-exec sed : To execute replacing command which is sed.
-i : to actually change text in file.
{} is a placeholder for the file or directory name that the find command matches.
+ : Called batch mode tells find to pass multiple matched files to the command in batches instead of running the command once per file.

Usage Example

I have 2 test.js files one of them is in “node_modules” folder, Both of them has text “baraa mohamed”.

So we execute following command.

find . \( -path "./node_modules"  \) -prune -o -name "*.js" -exec sed -i "s/baraa/XBaraaX/g" {} +

After execution result of test.js outside “node_modules” :

XBaraaX mohamed

Also after executing we find test.js inside “node_modules” :

baraa mohamed

As you can see it did not change as we pruned ( ignored ) the whole “node_modules” directory.

🤍 I'd love to connect with you on LinkedIn—let's grow our network and share ideas! here

What is the difference between NAT Gateway & Internet Gateway? 🤔

Baraa Mohamed — Tue, 10 Dec 2024 08:00:38 +0000

This is likely the first question that comes to mind when dealing with a VPC.

Let’s use the architecture in the image to simplify things further.

Internet Gateway:

The Internet Gateway is essentially the gateway to the external world for your VPC.

Without it, you won’t be able to access any server you deploy in the VPC, nor will the servers be able to access the internet.

Here’s what it allows you to do:

✅ SSH into any public subnet's server, but only if it has a public IP.

✅ Download tools you need onto that server by accessing outside internet.

NAT Gateway:

You could still ssh from your public subnet to the private subnet but what if you need that private subnet to access the outside world (internet)?

The NAT Gateway enables your private subnets to access the internet, but nothing from the internet can directly access your private servers.

IMPORTANT NOTE : NAT Gateway must be placed in public subnet itself for it to be able to access outside internet, because remember any thing inside private subnet can not access internet by default.

Here’s why this is useful:

✅ Increased security ⬆️

✅ You can download tools from the internet onto your server in the private subnet.

Accessing Your Private Server:

To access a private server in this setup, you’ll follow these steps:

SSH into your server in the public subnet (referred to as "Bastion" in the image).
From the Bastion server, SSH again into your server in the private subnet (referred to as "Private App").

🤍 I'd love to connect with you on LinkedIn—let's grow our network and share ideas! here

SSH Tunnel: Forwarding Traffic between hosts

Baraa Mohamed — Tue, 26 Nov 2024 14:25:29 +0000

In cloud environments, you might encounter scenarios where you need to forward traffic securely between hosts. SSH tunneling, also known as port forwarding, is a technique that allows you to create a secure communication tunnel between two hosts over specific ports.

What is SSH Tunneling?

SSH tunneling enables secure access to remote services that are not directly accessible. For instance, you can access a private service on a cloud server through a public host. This approach helps maintain security by keeping sensitive services private.

Example: Accessing Jenkins Dashboard on AWS

Suppose you have Jenkins running on an EC2 instance in AWS, and you want to access its dashboard on port 8080. Using SSH tunneling, you can securely forward traffic from your local machine to the Jenkins instance.

Pre-requisites:

Ensure the Jenkins EC2 instance allows TCP traffic on port 8080 and HTTP traffic in its security group.
Have the access key for the Jenkins EC2 instance.

Command to Create the Tunnel:

ssh -i <access-key> -L <your-host-port>:<Jenkins-ip>:<Jenkins-port> <public-Jenkins-instance>

Example:

ssh -i "myKey.pem" -L 4040:localhost:8080 ubuntu@ec2

Explanation of Flags:

i: Includes the access key file required for authentication.
L: Specifies the local port (4040), remote host (localhost or the private IP of Jenkins), and remote port (8080) for the tunnel.
localhost: Refers to the Jenkins instance. SSH forwards traffic to port 8080 on the Jenkins EC2 instance.

Accessing Jenkins Locally

After running the command, open your browser and navigate to http://localhost:4040. You should see the Jenkins dashboard, as traffic on port 4040 of your machine is securely forwarded to port 8080 on the EC2 instance.

Conclusion

By leveraging SSH tunneling, you can securely access remote services like Jenkins dashboards without exposing them to the public internet. This technique is versatile and applicable to many cloud-based workflows.

🤍 I'd love to connect with you on LinkedIn—let's grow our network and share ideas! here

SSH-Agent: Simplifying SSH Key Management

Baraa Mohamed — Tue, 26 Nov 2024 14:24:22 +0000

SSH-Agent is one of the tools in the SSH suite that simplifies managing access keys for secure server connections.

You can think of the SSH-Agent as a "bag" that holds your access keys, allowing you to access servers conveniently through other servers.

Starting the SSH-Agent

Begin by running the following command to start the SSH-Agent:

eval "$(ssh-agent -s)"

This initializes the agent — think of it as "opening the bag."

Adding Access Keys

Next, add your access keys to the agent. Each key represents a credential for accessing different servers:

ssh-add <file1>
ssh-add <file2>
ssh-add <file3>

This is like placing keys into your bag.

Connecting to Servers

To connect to a server using a specific access key:

ssh -v -i <access-key1> -A <server1>

v: Verbose mode — displays loading steps in the terminal (optional).
i: Specifies the access key file for authentication.
A: Forwards the SSH-Agent, allowing access to additional servers without re-entering keys.

Accessing Additional Servers

If you need to SSH from server1 to server2, simply run:

ssh -v -i <access-key2> <server2>

Add the -A flag only if you plan to SSH further from server2.

Best Practices

Use ssh-add to securely load private keys into the agent.
Forward the SSH-Agent (A) only when necessary to minimize security risks.
Regularly clean up your agent by running ssh-add -D to remove all keys after your session.

Conclusion

By using SSH-Agent, you can simplify secure server access while reducing repetitive key management tasks.

🤍 I'd love to connect with you on LinkedIn—let's grow our network and share ideas! here

Accessing EC2 In Private Subnet | Bastion | VPC | AWS

Baraa Mohamed — Tue, 26 Nov 2024 14:20:55 +0000

Accessing Private EC2 Instances in AWS: A Guide

Cloud architectures commonly use public and private subnets to balance accessibility and security. Public subnets host resources like bastion hosts or load balancers, while private subnets house sensitive workloads such as application servers. This setup ensures a secure environment, as private EC2 instances are only accessible through specific configurations.

Two Approaches to Access Private EC2 Instances

Depending on your requirements, you can access an EC2 instance in a private subnet through one of two methods: SSH access or traffic forwarding.

Method 1: SSH Access to a Private EC2

This method is ideal for performing configurations or debugging directly on the private EC2 instance.

Steps:

Start the SSH-Agent to manage your private keys:
```
eval "$(ssh-agent -s)"
```
Add the private EC2 key to the agent:
```
ssh-add <file-key-of-private-app>
```
Connect to the bastion host in the public subnet, forwarding the SSH-Agent:
```
ssh -v -i <file-key-of-bastion> -A <public-instance>
```

From the bastion host, SSH into the private EC2:

ssh -v -i <file-key-of-private-app> <private-instance>

By forwarding the agent (-A), you securely authenticate to the private instance without transferring your private keys.

Method 2: Port Forwarding

If you need to access a service (e.g., Jenkins) running on the private EC2, port forwarding allows you to securely forward traffic through the bastion host.

Example: Forwarding Jenkins Dashboard

Start the SSH-Agent and add the private key:

eval "$(ssh-agent -s)"
ssh-add <file-key-of-private-app>

Forward traffic from port 8080 on the private EC2 to port 4040 on your local machine:

ssh -v -i <file-key-of-bastion> -A -L 4040:<ip-of-private-jenkins-ec2>:8080 <public-instance>

Open http://localhost:4040 in your browser to access the Jenkins dashboard.

Note:

To retrieve the Jenkins setup password, use:

sudo cat /var/lib/jenkins/secrets/initialAdminPassword

This approach avoids exposing Jenkins to the internet, improving security.

Best Practices

Use SSH-Agent to securely store keys during your session.
Enable agent forwarding (A) only when necessary to minimize security risks.
Clean up your SSH session by removing keys after use:
```
ssh-add -D
```

Conclusion

With these methods, you can securely access private EC2 instances while maintaining a robust and secure cloud architecture.

🤍 I'd love to connect with you on LinkedIn—let's grow our network and share ideas! here