As you can imagine, SSH keypairs – combinations of private and public keys – are vital elements of your digital identity as a sysadmin or a developer. And since they can be used for accessing source code repositories and for deploying changes to production environments, you usually have more than one SSH key. That’s why it’s important to know how to inspect SSH key fingerprints.

SSH Key Fingerprints

Key fingerprints are special checksums generated based on the public SSH key. Run against the same key, ssh-keygen command will always generate the same fingerprint.

Because of this property, you can use SSH key fingerprints for three things:

1. Identify SSH key – fingerprint will stay the same even if you rename the file
2. Confirm integrity of the SSH key  – if you get the same fingerprint from your private SSH key, you can be sure it’s still valid and intact
3. Validate identity of the SSH key – same fingerprint means you’re dealing with the same key (that you or your solution trusted for specific functionality)

How to Check SSH Fingerprint of a Key

ssh-keygen command takes the identity (SSH key) filename and calculates the fingerprint.

You can start by changing directory into .ssh and checking if you have any SSH keys there already. If not, you should generate a new SSH key.

greys@server:~$ cd .ssh
greys@server:~/.ssh$ ls -la
total 24
drwx------  3 greys greys 4096 Feb 17 21:11 .
drwxr-xr-x 15 greys greys 4096 Feb 17 21:13 ..
-rw-------  1 greys greys 1766 Feb 17 21:11 id_rsa
-rw-r--r--  1 greys greys  394 Feb 17 21:11 id_rsa.pub

Let’s run ssh-keygen to confirm the fingerprint of the id_rsa keypair:

greys@server:~/.ssh$ ssh-keygen -l -f id_rsa
2048 SHA256:z96jtEGIqfLoaq1INIBFI/3K2M+f9xZUyupsm3itgvI no comment (RSA)

Check Fingerprint of the Private SSH Key

By default this command looks for the public key portion (id_rsa.pub file), so it’s not a very good test of integrity or identity of the private key. There is a very real possibility that you have one private key and a separate public key, that are not related to each other.

That’s why for checking the private key you must take it a step further and copy private key (id_rsa) into some other directory where you can use ssh-keygen again:

greys@server:~/.ssh$ cp id_rsa ..
greys@server:~/.ssh$ cd ..

this time, because there’s no public key file found nearby, the ssh-keygen command will have to open private key. And if it’s passphrase protected (as it always should be), you’ll be asked for the SSH key passphrase:

greys@server:~$ ssh-keygen -l -f id_rsa
Enter PEM pass phrase:
2048 SHA256:z96jtEGIqfLoaq1INIBFI/3K2M+f9xZUyupsm3itgvI no comment (RSA)

Old-school SSH fingerprints

If you’ve been using Linux/Unix for more than a couple of years, you probably noticed that ssh-keygen now shows you a different looking fingerprints: they used to be these semicolon-delimited sequences like this:

06:6e:bc:f4:4e:03:90:b7:ba:99:8d:a5:71:1e:dc:22

… instead they now are shown as this:

z96jtEGIqfLoaq1INIBFI/3K2M+f9xZUyupsm3itgvI

The reason for this is that by default fingerprints are shown as SHA256 sequences, while in the past they were MD5.

In order to show the SSH fingerprint in MD5 format, just specify this in the command line:

greys@server:~$ ssh-keygen -l -E md5 -f id_rsa
Enter PEM pass phrase:
2048 MD5:06:6e:bc:f4:4e:03:90:b7:ba:99:8d:a5:71:1e:dc:22 no comment (RSA)

See Also

• How To: Generate SSH key
• How To: Change SSH key passphrase
• SSH port
• SSH port forwarding
• SSH
• Important SSH server configuration options

I’ve been decommissioning some old servers recently and this generated quite a bunch of monitoring alerts. So many, in fact, that I have maxed out the free Sendgrid plan I use for sending email alerts. Part of the troubleshooting involved working with Postfix mail server queue, I figured some of you might find this useful.

How To Show Postfix Queue

I wanted to review messages in Postfix mail queue to understand if there was indeed an issue with my free Sendgrid account:

root@m:/ # postqueue -p | less
...
D2704A84E3 604 Wed Feb 6 14:46:31 [email protected]
(delivery temporarily suspended: SASL authentication failed; server smtp.sendgrid.net[159.122.219.55] said: 451 Authentication failed: Maximum credits exceeded)
[email protected]

D0842A7563 587 Sun Feb 3 20:30:07 [email protected]
(delivery temporarily suspended: SASL authentication failed; server smtp.sendgrid.net[159.122.219.55] said: 451 Authentication failed: Maximum credits exceeded)
[email protected]

D36ABA77F6 546 Mon Feb 4 12:39:23 [email protected]
(delivery temporarily suspended: SASL authentication failed; server smtp.sendgrid.net[159.122.219.55] said: 451 Authentication failed: Maximum credits exceeded)
[email protected]

...

-- 7631 Kbytes in 6971 Requests.

Ouch! Almost 7 thousand emails which I’ll never get (in reasonable time) and don’t really need (I know the reason for alerts). So what do to? Let’s destroy these.

How To Remove All Messages from Postfix Queue

I’ll use the postsuper command and specify option d (means delete) and ALL (means REALLY DELETE ALL MESSAGES IN MY QUEUE):

root@m:/ # postsuper -d ALL
postsuper: Deleted: 6971 messages

That’s much better:

root@m:/ # postqueue -p
Mail queue is empty

That’s it for now! Hope you enjoyed this short article. Let me know if you’re using Postfix mail server!

See Also

• Mail commands in Unix/Linux
• Unix Reference
• Unix Commands
• Postfix website

There are many ways of migrating Docker containers to a different server, today I’ll show you one of the possible approaches.

IMPORTANT: it’s a beginner’s tutorial for copying basic Docker containers (no external dependencies like additional networks or storage volumes).

If you have filesystem volumes attached to your original Docker container, this procedure will not be enough. I’ll publish a more advanced tutorial soon – stay tuned.

This is a simple enough procedure. Steps 1, 2 and 3 should be done on the old server, Steps 4, 5 and 6 should be done on the new server. All you need is root access on both servers and a way to transfer images between the two servers (scp, for instance).

Step 1: Stop Docker container

I’m hoping to transfer the database container called db (container id c745794419a9 below):

root@oldserver:/ # docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1b8b1657736e datadog/agent:latest "/init" 9 months ago Up 26 hours (healthy) 8125/udp, 8126/tcp dd-agent
c745794419a9 mariadb:latest "docker-entrypoint.s…" 9 months ago Up 29 minutes 3306/tcp db
32cd3e477546 nginx:latest "nginx -g 'daemon of…" 12 months ago Up 26 hours 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp nginx

Let’s stop the container:

root@oldserver:/ # docker stop db
db

…then make sure it’s down:

root@oldserver:/ # docker ps --all | grep c745794419a9
c745794419a9 mariadb:latest "docker-entrypoint.s…" 9 months ago Exited (0) About an hour ago db

Step 2. Commit Docker container to image

root@oldserver:/ # docker commit c745794419a9
sha256:9d07849ed7c73f8fecd1e5e3e2aedc3592eea6b02f239fa6efba903f1a1ef835

Step 3: Save Docker image to a file

root@oldserver:/ # docker save 9d07849ed7c73f8fecd1e5e3e2aedc3592eea6b02f239fa6efba903f1a1ef835 > s5-db.tar

Step 4: Transfer Docker image file

Step 5: Load Docker image from a file

On the new server, we docker load the image. Note how it is the same image ID:

root@newserver:/ # cat s5-db.tar | docker load
4bcdffd70da2: Loading layer [==================================================>] 129.3MB/129.3MB
ae12d30e1dfc: Loading layer [==================================================>] 345.1kB/345.1kB
7a065b613dee: Loading layer [==================================================>] 3.178MB/3.178MB
cb2872ddbc2c: Loading layer [==================================================>] 1.536kB/1.536kB
328a5e02ea3f: Loading layer [==================================================>] 15.05MB/15.05MB
736f4a72442b: Loading layer [==================================================>] 25.6kB/25.6kB
3fbb3db5b99e: Loading layer [==================================================>] 5.12kB/5.12kB
fbf207c08d17: Loading layer [==================================================>] 5.12kB/5.12kB
c61ded92b25c: Loading layer [==================================================>] 257MB/257MB
74569dcf2238: Loading layer [==================================================>] 8.704kB/8.704kB
b954e0840314: Loading layer [==================================================>] 1.536kB/1.536kB
9b819b273348: Loading layer [==================================================>] 2.56kB/2.56kB
Loaded image ID: sha256:9d07849ed7c73f8fecd1e5e3e2aedc3592eea6b02f239fa6efba903f1a1ef835

Step 6: Start Docker container

Now let’s start a Docker container from this image:

root@newserver:/ # docker run -d --name db-new 9d07849ed7c73f8fecd1e5e3e2aedc3592eea6b02f239fa6efba903f1a1ef835
1ca6041d6e1e6c661234e24b16c0d23b0a302586f8628809020d5469e3acd405

As you can see, it’s running now:

root@newserver:/ # docker ps | grep db-new
1ca6041d6e1e 9d07849ed7c7 "docker-entrypoint..." 5 seconds ago Up 3 second

See Also

• Docker – Stop All Containers
• Docker – List Containers
• Docker

SSH is such an integral part of everyday Linux/Unix life now, that it makes sense to use it for as many remote access and automation tasks as you can. As you probably know, you shouldn’t be using password SSH authentication unless you have a pretty good reason to do so. By default, always use SSH keys. Today I’ll show you how to generate SSH keys.

Generate SSH key with ssh-keygen

ssh-keygen is a standard utility supplied with SSH package. If you have ssh command on your system, you probably have the ssh-keygen command as well.

Without any command line options, ssh-keygen will ask you a few questions and create the key with default settings:

[greys@rhel8 ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/greys/.ssh/id_rsa):
Created directory '/home/greys/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/greys/.ssh/id_rsa.
Your public key has been saved in /home/greys/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:Seu7UBogeX+g9+iv01CDJqiXAby740JKZGrZtu1T3oQ greys@rhel8
The key's randomart image is:
+---[RSA 2048]----+
|. |
|.. . |
| .+.o ... |
| +oo.+oooo |
|+.+o.o+.S. |
|o*oo ..E . |
|=.o o *o= |
|oo . +.o.o |
|o.. ..+++. |
+----[SHA256]-----+
[greys@rhel8 ~]$

Specify SSH key size for ssh-keygen

Most likely you’ll have your preferences for SSH keys and it is much easier to just specify them when running the ssh-keygen command.

This is how one can generate 4096-bit key, for example:

[greys@rhel8 ~]$ ssh-keygen -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/home/greys/.ssh/id_rsa): /home/greys/.ssh/rsa-4k
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/greys/.ssh/rsa-4k.
Your public key has been saved in /home/greys/.ssh/rsa-4k.pub.
The key fingerprint is:
SHA256:4rf1AGIc99L57/xC1PWu7pJpwhkn5YCmZQqua/XdmGA greys@rhel8
The key's randomart image is:
+---[RSA 4096]----+
| |
| .|
| . .. .o|
| .. o=o... . o|
| . .=*S ++ . . |
| ooEo oo.o . .|
| o o.o.=o=.+ . |
| o ..+o=o=oo |
| ... . o.=*o.|
+----[SHA256]-----+

See Also

• SSH
• SSH port
• SSH command
• SSH port forwarding
• Change SSH key passphrase

For those of you using GRUB boot loader, there’s a very cool way of confirming what boot parameters your boot loader supplied when booting your current OS instance:

greys@server:~$ cat /proc/cmdline
BOOT_IMAGE=/boot/vmlinuz-4.17.0-041700-generic root=/dev/mapper/ubuntu--vg-root ro quiet splash vt.handoff=1

This is super useful for verifying changes to such boot parameters, that you usually make in GRUB or another bootloader.

After making the changes and rebooting your OS, check the same file again, and it should show new parameters.

See Also

• GRUB Bootloader
• How To: updating GRUB bootloader config
• Unix Reference

Now and then, especially when working on a development environment, you need to stop multiple Docker containers. Quite often, you need to stop all of the currently running containers. I’m going to show you one of the possible ways.

Docker: Stop a Container

You need to use a container name or container ID with the docker stop command.

For example, I have an nginx load balancer container:

root@s5:~ # docker ps -f name=nginx
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
32cd3e477546 nginx:latest "nginx -g 'daemon of…" 11 months ago Up About a minute 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp nginx

Based on this output, I can stop my nginx container like this:

root@s5:~ # docker stop nginx
nginx

… or like that:

root@s5:~ # docker stop 32cd3e477546
32cd3e477546

Docker: Stop Multiple Containers

Since I also have a MariaDB container named db, I might need stop it together with nginx.

Here’s the info on the db container:

root@s5:~ # docker ps -f name=db
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c745794419a9 mariadb:latest "docker-entrypoint.s…" 9 months ago Up 4 seconds 3306/tcp db

If I ever decide to stop both nginx and db together, I can do it like this:

root@s5:~ # docker stop nginx db
nginx
db

Docker: Stop All Containers

As you can see from previous examples, docker stop simply takes a list of containers to stop. If there’s more than one container, just use space as a delimiter between container names or IDs.

This also allows us to use a clever shell expansion trick: you can some other command, and pass its output to the docker stop container.

For instance, this shows us the list of all the IDs for currently running Docker containers:

root@s5:~ # docker ps -q
510972d55d8c
1b8b1657736e
c745794419a9
32cd3e477546

What we can do now is pass the result of this command as the parameter for the docker stop command:

root@s5:~ # docker stop $(docker ps -q)
510972d55d8c
1b8b1657736e
c745794419a9
32cd3e477546

And just to check, running docker ps now won’t show any running containers:

root@s5:~ # docker ps -q

IMPORTANT: make sure you double-check what you’re doing! Specifically, run docker ps -q, compare it to docker ps, this kind of thing. Because once containers stopped you may not have an easy way to generate the list of same containers to restart.

In my case, I’m just specifying them manually as the parameters for docker start:

root@s5:~ # docker start 510972d55d8c 1b8b1657736e c745794419a9 32cd3e477546
510972d55d8c
1b8b1657736e
c745794419a9
32cd3e477546

That’s it for today! Hope you enjoyed this quick how-to, let me know if you have any questions, Docker and whatnot!

See Also

• Docker Software
• List containers in Docker
• Restart Stopped Docker containers
• Docker Inspect
• Remove Unused Docker volumes

If you’re hosting a website using the popular LAMP stack (Linux/Apache/MySQL/PHP), you’re going to have your services restart from time to time as part of maintenace. In this short post I’ll show you how to restart MySQL database.

As you will see from some of the data, I’m actually using MariaDB which aims to stay MySQL compatible in most of the ways, including the name and the syntax of running startup/shutdown scripts.

Confirm Status of MySQL service

On most of the modern Linux systems, you should probably use the systemctl command to confirm MySQL status:

root@dbm1:~ # systemctl status mysql
● mariadb.service - MariaDB database server
Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/mariadb.service.d
└─migrated-from-my.cnf-settings.conf, timeout.conf
Active: active (running) since Mon 2018-08-20 00:43:33 IST; 4 months 27 days ago
Process: 11534 ExecStartPost=/bin/sh -c systemctl unset-environment _WSREP_START_POSITION (code=exited, status=0/SUCCESS)
Process: 11414 ExecStartPre=/bin/sh -c [ ! -e /usr/bin/galera_recovery ] && VAR= || VAR=`/usr/bin/galera_recovery`; [ $? -eq 0 ] && systemctl set-environment _WSREP_START_POSITION=$VAR || exit 1 (code=exited, status=0/SUCCESS)
Process: 11411 ExecStartPre=/bin/sh -c systemctl unset-environment _WSREP_START_POSITION (code=exited, status=0/SUCCESS)
Main PID: 11501 (mysqld)
Status: "Taking your SQL requests now..."
CGroup: /system.slice/mariadb.service
└─11501 /usr/sbin/mysqld --wsrep_start_position=b70c6b82-9064-11e5-9c67-3e39fe556c8b:45091479

Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable.

What you’re looking for is the Active line of the output, which shows that the MySQL service is happily running since August 2018. Now, if it was stopped just now, you would see that the service is actually inactive:

root@dbm1:~ # systemctl status mysql
● mariadb.service - MariaDB database server
Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/mariadb.service.d
└─migrated-from-my.cnf-settings.conf, timeout.conf
Active: inactive (dead) since Tue 2019-01-15 23:03:39 GMT; 8s ago
Process: 11534 ExecStartPost=/bin/sh -c systemctl unset-environment _WSREP_START_POSITION (code=exited, status=0/SUCCESS)
Process: 11501 ExecStart=/usr/sbin/mysqld $MYSQLD_OPTS $_WSREP_NEW_CLUSTER $_WSREP_START_POSITION (code=exited, status=0/SUCCESS)
Process: 11414 ExecStartPre=/bin/sh -c [ ! -e /usr/bin/galera_recovery ] && VAR= || VAR=`/usr/bin/galera_recovery`; [ $? -eq 0 ] && systemctl set-environment _WSREP_START_POSITION=$VAR || exit 1 (code=exited, status=0/SUCCESS)
Process: 11411 ExecStartPre=/bin/sh -c systemctl unset-environment _WSREP_START_POSITION (code=exited, status=0/SUCCESS)
Main PID: 11501 (code=exited, status=0/SUCCESS)
Status: "MariaDB server is down"

Jan 15 23:03:34 dbm1.ts.im systemd[1]: Stopping MariaDB database server...
Jan 15 23:03:39 dbm1.ts.im systemd[1]: Stopped MariaDB database server.
Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable.

Restart MySQL with systemctl

Just run this command to restart MySQL. If there are any issues, you’ll probably get an error:

root@dbm1:~ # systemctl restart mysql
root@dbm1:~ #

Restart MySQL using startup script

A more traditional and rather old-school approach is to stop or start MySQL using the /etc/init.d/mysql script. There is no point doing it in the systemctl-enabled Linux distros though, because this /etc/init.d/mysql script will actually use systemctl to manage the service, anyway:

root@dbm1:~ # /etc/init.d/mysql stop
Stopping mysql (via systemctl): [ OK ]
root@dbm1:~ # /etc/init.d/mysql start
Starting mysql (via systemctl): [ OK ]

That’s it for today!

See Also

• Unix Tutorials
• basic Unix/Linux commands

Did you know that most of the DVDs and CDs have the same filesystem type? Regardless of the actual OS you’re hoping to install, that installer DVD image you downloaded is likely to be readable in both Linux and Windows.

Today I’ll show you how simple it is to mount ISO image in Linux in case you want to inspect the CD/DVD contents before burning the ISO image onto USB or DVD disc.

Mount ISO in Linux

I’ve got a recent enough OpenIndiana image on one of my servers – still really like my Solaris roots, you know!

Here’s the image:

root@centos:/ # ls -al /dist/OI-hipster-text-20180427.iso
-rw-r--r-- 1 root root 696750080 Apr 28 2018 /dist/OI-hipster-text-20180427.iso

Let’s mount it under the /mnt directory:

root@centos:/ # mount /dist/OI-hipster-text-20180427.iso -o loop /mnt
mount: /dev/loop0 is write-protected, mounting read-only

If we check, /mnt now has the disc mounted:

root@centos:/ # df -h /mnt
Filesystem Size Used Avail Use% Mounted on
/dev/loop0 665M 665M 0 100% /mnt

The files listing confirms it’s the OpenIndiana Solaris installer I’m planning to research:

root@centos:/ # ls -la /mnt
total 504603
drwxr-xr-x 16 root root 4096 Apr 27 2018 .
drwxr-xr-x 24 root root 4096 Jan 5 16:27 ..
lrwxrwxrwx 1 root root 9 Apr 27 2018 bin -> ./usr/bin
drwxr-xr-x 10 root sys 4096 Apr 27 2018 boot
-r--r--r-- 1 root root 2048 Apr 27 2018 .catalog
drwxr-xr-x 2 root sys 2048 Apr 27 2018 .cdrom
drwxr-xr-x 14 root sys 6144 Apr 27 2018 dev
drwxr-xr-x 3 root sys 2048 Apr 27 2018 devices
drwxr-xr-x 2 root sys 2048 Apr 27 2018 export
dr-xr-xr-x 2 root root 2048 Apr 27 2018 home
-rw-r--r-- 1 root root 19 Apr 27 2018 .image_info
drwxr-xr-x 5 65432 wheel 2048 Apr 27 2018 jack
-rw-r--r-- 1 root root 6707 Apr 27 2018 .livecd-cdrom-content
drwxr-xr-x 3 root sys 2048 Apr 27 2018 mnt
drwxr-xr-x 5 root sys 2048 Apr 27 2018 platform
dr-xr-xr-x 2 root root 2048 Apr 27 2018 proc
-rw-r--r-- 1 root root 0 Apr 27 2018 reconfigure
drwx------ 2 root root 2048 Apr 27 2018 root
drwxr-xr-x 3 root root 2048 Apr 27 2018 save
-rw-r--r-- 1 root root 21997056 Apr 27 2018 solarismisc.zlib
-rw-r--r-- 1 root root 494662656 Apr 27 2018 solaris.zlib
drwxr-xr-x 5 root root 2048 Apr 27 2018 system
drwxrwxrwt 2 root sys 2048 Apr 27 2018 tmp
-r--r--r-- 1 root root 37 Apr 27 2018 .volsetid

You can’t edit ISO image directly

If you look closer, you’ll see that /mnt is actually mounted read-only:

root@centos:/ # mount | grep /mnt
/dist/OI-hipster-text-20180427.iso on /mnt type iso9660 (ro,relatime)

So no, it won’t be possible to just edit the files you like and end up with the updated ISO image. For that you’ll need to how learn creating ISO images from directory in Linux (I’ll show you how to do that soon enough).

See Also

• ISO to USB in MacOS
• How To: mount ISO image
• mount command
• Unix Commands

If you’re just getting started with Docker containers, you may be a bit confused how there doesn’t seem to be a command called “list” to show the containers available on your system. There is ineed no such command, but listing functionality is certainly there.

List currently running Docker containers

You need the docker ps command – it lists containers in a readable table:

root@dcs:~ # docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1b8b1657736e datadog/agent:latest "/init" 8 months ago Up 8 months (healthy) 8125/udp, 8126/tcp dd-agent
c745794419a9 mariadb:latest "docker-entrypoint.s…" 8 months ago Up 8 months 3306/tcp db
32cd3e477546 nginx:latest "nginx -g 'daemon of…" 11 months ago Up 4 months 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp nginx

Executed without any command line options, docker ps shows only the active containers – the ones running at this very moment.

List all the Docker containers

In case you experience some trouble with one of the containers, where the Docker container will start and immediately go offline, your docker ps won’t help – by the time you run it the container will disappear from the list.

This is where you need to use the –all command line option:

root@dcs:~ # docker ps --all
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f4b4ae616898 wordpress "docker-entrypoint.s…" 7 months ago Exited (0) 7 months ago competent_johnson
1b8b1657736e datadog/agent:latest "/init" 8 months ago Up 8 months (healthy) 8125/udp, 8126/tcp dd-agent
c745794419a9 mariadb:latest "docker-entrypoint.s…" 8 months ago Up 8 months 3306/tcp db
4c82fa3d5d1c mariadb:latest "docker-entrypoint.s…" 9 months ago Exited (1) 9 months ago mysql
78fd23e82bba confluence:latest "/sbin/tini -- /entr…" 11 months ago Exited (143) 10 months ago wiki_https
73c9ca67c77b confluence:latest "/sbin/tini -- /entr…" 11 months ago Exited (143) 11 months ago wiki
56728d0f1ab5 mariadb:latest "docker-entrypoint.s…" 11 months ago Exited (0) 10 months ago mariadb
32cd3e477546 nginx:latest "nginx -g 'daemon of…" 11 months ago Up 4 months 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp nginx
496b0d371a70 hello-world "/hello" 11 months ago Exited (0) 11 months ago stoic_brattain

List containers filtered by a specified criteria

You’ll soon realise that on a busy Docker host you probably need to apply some filter when listing containers. This functionality allows you to filter lists by many common Docker container properties.

For example, this is how we can list just the containers with a specific name:

root@dcs:~ # docker ps -f name=nginx
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
32cd3e477546 nginx:latest "nginx -g 'daemon of…" 11 months ago Up 4 months 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp nginx

And this is how you can show just the Docker containers with “exited” status:

root@dcr:~ # docker ps -f status=exited
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f4b4ae616898 wordpress "docker-entrypoint.s…" 7 months ago Exited (0) 7 months ago competent_johnson
4c82fa3d5d1c mariadb:latest "docker-entrypoint.s…" 9 months ago Exited (1) 9 months ago mysql
78fd23e82bba confluence:latest "/sbin/tini -- /entr…" 11 months ago Exited (143) 10 months ago wiki_https
73c9ca67c77b confluence:latest "/sbin/tini -- /entr…" 11 months ago Exited (143) 11 months ago wiki
56728d0f1ab5 mariadb:latest "docker-entrypoint.s…" 11 months ago Exited (0) 10 months ago mariadb
496b0d371a70 hello-world "/hello" 11 months ago Exited (0) 11 months ago stoic_brattain

That’s it for today! Let me know if you’re using Docker and whether you need help with anything!

See Also

• Official Docker page
• docker ps documentation

I’m pretty used to how ls command shows pretty colorized output on most modern Linux distros, but somehow its default behaviour in MacOS is still plain white – no different colours.

I decided to look for command line option to change that, and sure enough – ls command in MacOS has -G option for colorizing output.

So, instead of running this:

$ ls /etc

you’ll run this:

$ ls -G /etc

Check out the different it makes below!

Plain ls /etc in MacOS

Colorized ls -G /etc in MacOS

Make colorized alias for ls command

If you like this enough, I suggestt you make an alias for ls -G:

$ alias ls='ls -G'

what this does is you can run ls, but your bash shell will be recognizing it as alias name and running ls -G instead. Any additional command line options will work, of course:

Add ls alias to .bash_profile

To make this permanent, add ls alias to your .bash_profile:

$ echo "alias ls='ls -G'" >> $HOME/.bash_profile

What this will do is any new Terminal windows you open on your Mac will have the ls command alias preconfigured, so you’ll always have the output colorized.

See Also

• ls command
• Basic Unix commands
• MacOS