INCXI – command line sys info tool

inxi is a full featured CLI system information tool. It is available in most Linux distribution repositories, and also runs somewhat on BSDs.

Get the latest version from Github see below, or install from distro package e.g.

sudo apt install inxi

then simply run inxi


$ inxi
CPU~Single core Intel Xeon E5-2670 v2 (-MCP-) speed~2494 MHz (max) Kernel~4.4.0-116-generic x86_64 Up~22 days Mem~336.5/990.4MB HDD~12.9GB(36.9% used) Procs~146 Client~Shell inxi~2.2.35




apt vs apt-get

I use apt all the time now, even on 14.04 Ubuntu servers (except for apt autoremove) and from 16.04 up I never touch apt-get. What’s the main difference, just Google it and you will found out specific details, for a quick run down read this below.

From the man page:

The apt command is meant to be pleasant for end users and does not need
to be backward compatible like apt-get(8). Therefore some options are

· The option DPkg::Progress-Fancy is enabled.
· The option APT::Color is enabled.
· A new list command is available similar to dpkg –list.
· The option upgrade has –with-new-pkgs enabled by default.


Here is a table outline:

Function apt-get apt
Install package apt-get install <package> apt install <package>
Remove package apt-get remove <package> apt remove <package>
Remove package including configuration apt-get purge <package> apt purge <package>
Update sources apt-get update apt update
Update packages (without removing or reinstalling) apt-get upgrade apt upgrade1
Update packages (with removing and reinstalling) apt-get dist-upgrade apt full-upgrade
Remove unnecessary dependencies apt-get autoremove apt autoremove
Search package apt-get search <package> apt search <package>
Display package information apt-cache show <package> apt show <package>
Display active package sources in detail apt-cache policy apt policy
Display available and installed package versions apt-cache policy <package> apt policy <package>
New Commands
Edit packages sources apt edit-sources
List packages by criteria dpkg –get-selections > list.txt apt list
Set/change package status echo <package> hold | dpkg –set-selections apt-mark <package>

PDFsam – OpenSource PDF Utility

PDFsam is a free and open source desktop application to split, merge, extract pages, rotate and mix PDF files.

There are 3 products, PDFsam Basic, PDFsam Enhanced and PDFsam Visual:

PDFsam Basic

  • Merge
    Merge PDF files, select the pages, merge bookmarks and interactive forms
  • Split
    Split a PDF file at given page numbers, at given bookmarks level or in files of a given size
  • Extract from PDF
    Extract pages from PDF files
  • Rotate
    Rotate PDF files, every page or just the selected pages
  • Mix
    Merge PDF files together taking pages alternatively from one and the other. The perfect tool if you have a single-sided scanner

PDFsam Enhanced

  • Edit
    Modify the PDF content without the need to export it or copy to another format
  • Insert
    Insert pages or hyperlinks and update page numbers once you are done
  • Convert
    Convert PDF files to a number of popular formats like doc, docx, xls, xlsx and many others
  • Review
    Collaborate with your peers by adding notes, highlighting text and drawing on your document with the pencil
  • Forms
    Create fillable forms from scratch or pre designed, import and export data, add actions to print the document, send it by email and other
  • Security
    Protect PDF files with 256 bits AES encryption, set permissions on them and add a digital signature
  • OCR
    An Optical Character Recognition module to extract text from images

PDFsam Visual

  • Combine and Reorder
    Visually reorder pages, move them, rotate them or combine PDF files dragging and dropping pages from multiple documents
  • Split by text
    Split PDF files at pages where text in a selected area changes
  • Crop
    Crop PDF files by drawing the rectangular area you want to keep
  • Split
    Split PDF files visually selecting pages to split at, or split at given bookmarks level or in files of a given size
  • Protect and Unprotect
    Add permissions and encrypt PDF files using AES 256bits or 128bits. Decrypt PDF files supplying a password and create an unprotected version
  • Extract
    Visually select the pages you want to extract from a PDF file
  • More
    Mix PDF files, Rotate PDF files, Merge PDF files…


Amazon Time Sync Service

The Amazon Time Sync Service provides a highly accurate and reliable time reference that is natively accessible from Amazon EC2 instances.

Built on Amazon’s proven network infrastructure, the service utilises a fleet of redundant satellite-connected and atomic reference clocks in AWS regions to deliver current time readings of the Coordinated Universal Time (UTC) global standard. The service is designed to be highly available with a continuously monitored time infrastructure and provides a low variance reference time source. Leap seconds are known to cause application errors, and can be a concern for developers and system administrators. The Amazon Time Sync Service automatically smooths out (smears) leap seconds that are periodically added to UTC, so that customers do not have to worry about application errors due to their addition.

Setting the Time for Your Linux Instance

The Amazon Time Sync Service is available through NTP at the IP address for any instance running in a VPC. Your instance does not require access to the internet, and you do not have to configure your security group rules or your network ACL rules to allow access. Use the following procedures to configure the Amazon Time Sync Service on your instance using the chrony client.

To configure your Ubuntu or Debian derivative instance to use the Amazon Time Sync Service

Connect to your instance and use apt to install the chrony package.

ubuntu:~$ sudo apt install chrony 
If necessary, update your instance first by running sudo apt update.

Open the /etc/chrony/chrony.conf file using a text editor (such as vim or nano). Add the following line after any other server or pool statements that are already present in the file, and save your changes:

 server prefer iburst 

Restart the chrony service.

 ubuntu:~$ sudo /etc/init.d/chrony restart
[ ok ] Restarting chrony (via systemctl): chrony.service.

Verify that chrony is using the IP address to synchronize the time.

 ubuntu:~$ chronyc sources -v
210 Number of sources = 7

.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
^* 3 6 17 12 +15us[ +57us] +/- 320us
^- 1 6 17 13 -3488us[-3446us] +/- 1779us
^- 2 6 17 13 +893us[ +935us] +/- 7710us
^? 2a05:d018:c43:e312:ce77:6 0 6 0 10y +0ns[ +0ns] +/- 0ns
^? 2a05:d018:d34:9000:d8c6:5 0 6 0 10y +0ns[ +0ns] +/- 0ns
^? 0 6 0 10y +0ns[ +0ns] +/- 0ns
^? 0 6 0 10y +0ns[ +0ns] +/- 0ns 

In the output that’s returned, ^* indicates the preferred time source. Verify the time synchronization metrics that are reported by chrony.

 ubuntu:~$ chronyc tracking
Reference ID : (
Stratum : 4
Ref time (UTC) : Wed Nov 29 07:41:57 2017
System time : 0.000000011 seconds slow of NTP time
Last offset : +0.000041659 seconds
RMS offset : 0.000041659 seconds
Frequency : 10.141 ppm slow
Residual freq : +7.557 ppm
Skew : 2.329 ppm
Root delay : 0.000544 seconds
Root dispersion : 0.000631 seconds
Update interval : 2.0 seconds
Leap status : Normal 

Setting the Time for a Windows Instance

ipcalc – bash IP Calculator

ipcalc takes an IP address and netmask and calculates the resulting broadcast, network, Cisco wildcard mask, and host range. By giving a second netmask, you can design subnets and supernets. It is also intended to be a teaching tool and presents the subnetting results as easy-to-understand binary values.

Enter your netmask(s) in CIDR notation (/25) or dotted decimals ( Inverse netmasks are recognized. If you omit the netmask ipcalc uses the default netmask for the class of your network. Look at the space between the bits of the addresses: The bits before it are the network part of the address, the bits after it are the host part. You can see two simple facts: In a network address all host bits are zero, in a broadcast address they are all set.




ipcalc is available from most Linux distro’s repo’s and from brew on mac’s.

man ipcalc


httpstat visualizes curl statistics in a way of beauty and clarity.

You can use to measure the speed of your webserver and see how long it takes to load up static or dynamic html pages. It’s a Python script that can be installed onto any Linux system with Python installed and also available with brew on Macs.



There are three ways to get httpstat:



python <a href=""></a> 



Anacron or Cron

If you use cron to schedule jobs on a server that might be scheduled for shutdown and startup e.g. AWS or Cloud VPS server then anacron may be a better fit. In addition anacron would be better suited to a laptop/desktop computer.

From the man page:

Anacron can be used to execute commands periodically, with a frequency specified in days. Unlike cron(8), it does not assume that the machine is running continuously. Hence, it can be used on machines that aren’t running 24 hours a day, to control daily, weekly, and monthly jobs that are usually controlled by cron. When executed, Anacron reads a list of jobs from a configuration file, normally /etc/anacrontab (see anacrontab(5)). This file contains the list of jobs that Anacron controls. Each job entry specifies a period in days, a delay in minutes, a unique job identifier, and a shell command.

For example I use anacron to schedule an image of the disk with “Image for Linux” by TeraByte Unlimited – if the computer is not on or hasn’t ran for sometime anacron will take care of it.


I want to run an image job every 7 days and if my computer is not on during the 7th day, anacron will kick it off 20 minutes after the computer/server has started.

edit /etc/anacrontab

 7   20   /etc/ 

For Cron or crontab see

Man page for anacron:


Google Chrome: Clear or flush the DNS cache

Google Chrome browser has inbuilt caching server to improve performance. You can quickly clean out or flush out DNS entries manually on Google Chrome:

Open a new tab.
Type the url in the search box: chrome://net-internals/#dns
Hit the “Clear host cache” button.









Flush out socket pools
Open a new tab and type the following in search box:

Password protect a VIM file

You can password protect a file using VIM – it’s built right in. To do this either edit a current file or create a new file e.g. testdata.txt and press :X

Enter a password and confirm it, now save the file with a :w and finally quit the file. When you reopen the file you will need to enter the password in order to view the contents.



If the password is entered incorrectly, you can’t read the contents:



You can also create a file with encryption turned on by including the -x switch e.g.

 vim -x test2.txt 

man vim for more details.


Anchore – Container Security Analysis

Anchore provides you with insight and control over the contents of your containers from the start of development all the way to production. Anchore delivers container security solutions for developers, operations, and security teams to deliver insight and control over the contents, security and compliance of containers from the start of development all the way to production. By allowing the creation of policies for security and compliance that are evaluated by Anchore at each stage of the build pipeline, Anchore ensures that only images containers that adhere to an organisation’s policies are deployed.

What’s Inside Your Container Images?
With Docker and containers it’s never been easier to deploy and run any application. Developers now have access to thousands of applications ready to run right “off the shelf” and the ability to quickly build and publish their own images.

In addition to the application, the container image may contain hundreds of packages and thousands of files including binaries, shared libraries, configuration files, and 3rd party modules. Any one of these components may contain a security vulnerability, an outdated software module, a misconfigured configuration file or simply fail to comply with your operational or security best practices.

For more details and to download/install: