Temporarily interrupting an SSH session to run local commands

2025-02-28 21:16:00

I was today-years-old when I realized something about SSH that I hadn't realized before. 

A student of mine was using SSH to connect between two Linux hosts and he wondered if it's possible to temporarily pause or interrupt the SSH session, so he can run a few commands on the source / originating host. 

I thought, surely there must be! And there is! I just never realized before. :)

Way way way back, twenty years ago, we used Cyclades terminal servers at ${Customer}. Nifty rackmounted boxes that hook up to the network and provide SSH access to 24 or more serial ports. 

I remembered from back then that SSH had a command to immediately kill an SSH connection: ~. 

The tilde being the stop / escape character for SSH and the dot being the kill command. You could also quickly type ~? in an SSH session to pull up a menu. 

To answer my student's question, I hopped into my Fedora box from Windows with SSH and then did another SSH to Ubuntu. That's one SSH after connecting using another. 

You can stack multiple tildes to indicate which SSH client you're talking to. Typing ~. kills the Windows to Fedora connection, while ~~. kills the Fedora to Ubuntu connection. 

Looking at the ~? menu I noticed a few neat options, including ~^Z. 

In Unix terminals, ^Z (ctrl Z) is used to send a suspend / SIGSTOP to your running process. So indeed, the following happened:

tess@ubuntu $ hostname
ubuntu

tess@ubuntu $ ~^Z
bash: suspended ssh

tess@fedora $ hostname
fedora

tess@fedora $ fg

tess@ubuntu

It works! :D

kilala.nl tags: work, mentor, studies,

View or add comments (curr. 0)

Keeping learning accessible

2025-02-23 10:23:00

I'm on various IT-learning Discords, to my own detriment sometimes, that's no secret. 

On one of the servers, three or four of us experienced folks have been coaching one particular learner who's been on A+ 1101 for six months now. Along the way, the student has had a much lower pace than the average student and almost every topic leads to days-long discussions on intricacies or on misunderstandings of the topic.

It's to such a point that some of the new faces (whom join the server every week) utter things like "surely you're trolling" and "you can't be serious".

Among the seniors we've discussed the matter and we're sure this learner is not a troll. Instead there are a number of clues that point at either a learning disability, neurodivergence or simply a somewhat lower cognitive capability. These include:

• Highly repetitive speech patterns.
• Confusion caused by sentences with complex grammar or vocabulary.
• Taking learning content or written or spoken word absolutely literally. 
• When asked to summarize what they learned on a certain topic, they will combine copy/paste of what was told to them with injections of random terms and concepts that are seemingly unrelated or provably false.
• A seeming lack of capabilities in visualization and in cause-effect or complex pattern thinking.
• Spending countless hours taking notes and trying to summarize a 5-15 minute video. To quote: "[I spent 2 days] going over the transcript [of a 23 minute video] and copying stuff there, making a reference page for each slide, etc then making questions to test myself on the material from the vids"

Recognizing such indicators is one thing, knowing how to deal with them is another thing entirely. Unfortunately we're not quite equipped for it. 

For one, each of us is just another visitor of the Discord server. We do this in our spare time, to help others and to have a little fun along the way. It's not within our capabilities to spend 4+ hours every day providing 1:1 coaching to this learner. 

Sub-optimal factors for the learner:

• They attend an online degree programme, with zero learner-teacher interaction. It's all self-study. 
• They use the professor Messer free YouTube videos to learn for the A+ certification. 
• They mostly interact with us through written chat messages, on their phone. 
• Seemingly all the learning and note taking also occurs on their phone. 

I have theorized that the learner in question surely would be better served by attending a "real" school: brick & mortar buildings, full-on interaction between students and teachers, a teacher who can immediately notice that a student is struggling. Unfortunately, going to such a school is not always an option given factors like location, region, personal budget and their social situation or upbringing.

It's been an interesting journey.

Just today I've had to remind some of the others in the server that not every brain operates in the same fashion. Case in point:

• Not everyone grasps language at the same level and introductory level teaching should ideally take place at A2/B1 levels of language proficiency. For example, when another member stated "“a single drive failure breaks the array with data loss” and “array will work as long as one drive is operational” aren’t hard to understand", they were wrong. That's not A2/B1 level writing. 
• Aphantasia is a real thing. I just did the comparison with myself and Marli: I'm a 5 (I can vividly "see" an apple in my mind, turn it over, heck even take a bit out of it and remember how that feels and tastes). Marli is a 3 on that scale. This is why we need diagrams in teaching, next to just spoken or written word. 

kilala.nl tags: work, mentor,

View or add comments (curr. 0)

The impact of DOGE and a case for non-political case studies

2025-02-12 19:52:00

On the CompTIA Instructor's Network, Greg wondered whether DOGE (the newly minted NGO in the US) is actually a threat to national security. A lively discussion broke out, where Hank remarked:

"In this case, I am not sure how to discuss the technical issues without politics."

I suggested that we can discuss the issue, from the point of view of the aspects of infosec which we teach: Risk management. Threat modeling. Assumed breach. Access controls. Data destruction.

So here's a threat modeling exercise:

• Business process: monthly social security payments
• Protected assets: PII, financial data, database with past and current transactions, credentials for authorizing payments
• Business interest: continue primary business process, maintain CIA of assets per SLA or requirements.
• Related infrastructure: office terminal, office network, database server, bank payment API
• Related personnel: office workers, customer support, database admin, server admin, bank personnel

The case:

• Threat actor: unauthorized party from outside the organisation, acting with assumed yet unverified authority.
• Threat entry: forced access to office or data center.
• Threat interests: PII, financial data, disrupting primary business process.
• Threat activities: assume control of office terminals, assume control of office worker credentials, assume control of administrator credentials, remove hardware from data center for destruction or for data retrieval.

Question to the students:

Which security controls can we put in place to disrupt the threat actor's activities and to prevent or mitigate the threat actor's interests and activities?

kilala.nl tags: work, mentor,

View or add comments (curr. 0)