Arch Linux

Lightweight rolling-release distribution

Arch Linux is an independently developed, x86-64 general-purpose Linux distribution that strives to provide the latest stable versions of most software by following a rolling-release model.
The default installation is a minimal base system, configured by the user to only add what is purposely required. Pacman, a package manager written specifically for Arch Linux, is used to install, remove and update software packages.
Arch Linux uses a rolling release model, meaning there are no “major releases” of completely new versions of the system; a regular system update is all that is needed to obtain the latest Arch software; the installation images released every month by the Arch team are simply up-to-date snapshots of the main system components.
Arch Linux has comprehensive documentation, consisting of a community-run wiki known as the ArchWiki.
read more…

Installation

How to install an Arch Linux base system

Desktop environment

A desktop environment (DE) is made of a bundle of programs, which share a common graphical user interface (GUI).

How to install and configure KDE Plasma as your desktop environment

GNOME

How to install and configure GNOME as your desktop environment

Pacman

How to use the Pacman package manager and fix common errors

Hardware video acceleration

How to enable hardware video acceleration

issue

How to customize the tty login screen and SSH banner

How to switch to Zsh and configure it as your default shell

Alacritty

How to install and configure Alacritty, a fast, cross-platform, OpenGL terminal emulator

How to setup Secure Shell Protocol public key authentication

How to connect to a remote desktop environment with VNC graphical desktop-sharing system

How to automatically connect to a Virtual private network system to create secure point-to-point or site-to-site connections

Kill switch

How to create a VPN kill switch with UFW firewall rules that will stop all internet traffic if your VPN connection drops

Bluetooth

How to install and configure Bluetooth

libvirt

How to setup and run KVM/QEMU virtual machines

USB autosuspend

How to disable autosuspend of specific USB devices

Flash android

How to flash an android factory image and uninstall bloat packages without rooting the phone

Network administration

Commands for Network administration

Subnetting

List of IPv4 and IPv6 ranges, subnet size tables and special address types

Gaming

How to install Steam, DXVK

nVidia

How to install and configure nVidia drivers and setup a default resolution and refresh rate

Gamemode

How to install and use Feral gamemode

MangoHud

How to install and use the MangoHud overlay layer for monitoring system performance in Vulkan and OpenGL applications

Base system Installation

How to install an Arch Linux base system

Download the ISO and create a bootable USB Device

Option	Download
Arch Linux	https://archlinux.org/download/
balenaEtcher	https://www.balena.io/etcher/
Rufus	https://rufus.ie/

Note

If you experience glitches on booting the installation medium with a nVidia graphics card and do not see the command line
edit USBDEVICE/loader/entries/01-archiso-x86_64-linux.conf on your installation medium device
and add nomodeset as boot parameter

Tip

Press E during systemd-boot selection and pass nomodeset

Boot the installation medium and ensure that you’re using EFI

ls /sys/firmware/efi

Ensure you have internet connectivity

Plug in a ethernet cable or if you use Wi-Fi

wifi-menu

ip a s

Check the Network Connection

ping -c 3 1.1.1.1

Set USB installation media password for the root user

passwd

Enable SSH on the installation medium

systemctl start sshd

systemctl status sshd

Tip

You may continue the installation through SSH from another Computer

ssh root@IPADRESS

Check the avaible devices

lsblk -f

Choose the device you want to install Arch Linux

Partition disk

cfdisk /dev/nvme1n1

Select GPT label type, then select Free Space then hit on New from bottom menu.
Type the partition size in GiB (1G) and press enter key, select Type from bottom menu and choose EFI System partition type.
For /(root) partition use the following configuration: New -> Size: 100G-> Type Linux root.
For /home partition use the following configuration: New -> Size: rest of free space -> Type Linux home.

Option	Size	Type
/boot	1G	EFI System partition
/(root)	100G	Linux root
/home	Rest	Linux home

Warning

All previous files on the device will be erased

After you review the partition table select Write, answer with yes in order to apply disk changes and then, type quit to exit cfdisk utility.

Tip

You can also review the partition table summary by running fdisk command.

fdisk -l

Format partitions

mkfs.fat -F32 /dev/nvme1n1p1

mkfs.xfs /dev/nvme1n1p2

mkfs.xfs /dev/nvme1n1p3

Check partitions

lsblk -f

Mount partitions

Mount root partition

mount /dev/nvme1n1p2 /mnt

Mount boot partition

mkdir -pv /mnt/boot

chmod 0700 /mnt/boot

mount -o fmask=0137,dmask=0027 /dev/nvme1n1p1 /mnt/boot

Mount home partition

mkdir -pv /mnt/home

mount /dev/nvme1n1p3 /mnt/home

Install arch base running package installs against mount

pacstrap -i /mnt linux linux-firmware base base-devel amd-ucode sudo zsh zsh-autosuggestions zsh-completions zsh-syntax-highlighting

Tip

Install intel-ucode for Intel processors

Generate a Filesystem Table (fstab)

genfstab -U -p /mnt >> /mnt/etc/fstab

Note

# Static information about the filesystems.
# See fstab(5) for details.

# <device> <dir> <type> <options> <dump> <fsck>
# If the root file system is btrfs or XFS, the fsck order should be set to 0 instead of 1.

# /dev/nvme1n1p2
UUID=1314508c-df47-4972-822c-7e60c9cd12eb / xfs defaults 0 0
# /dev/nvme1n1p1
UUID=1DE1-20E9 /boot vfat rw,relatime,fmask=0137,dmask=0027,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro	0 2
# /dev/nvme1n1p3
UUID=3650e797-e902-4c6a-a704-6aa3b3b448a9 /home xfs defaults 0 0


# /dev/sda1
UUID=07f20613-d710-4141-831d-60ca79f7dbd2 /mnt/sda1 ext4 defaults,noatime,noauto,x-systemd.automount 0 0
# /dev/sdb1
UUID=ca5f78a9-71db-408f-9148-b3add8dd7c80 /mnt/sdb1 ext4 defaults,noatime,noauto,x-systemd.automount 0 0


# ntfs3
# /dev/nvme0n1p2
# UUID=CCB22606B225F59C /mnt/nvme0n1p2 ntfs3 defaults,discard,noatime,noauto,x-systemd.automount 0 0
# /dev/nvme0n1p3
# UUID=0125876E5D886075 /mnt/nvme0n1p3 ntfs3 defaults,discard,noatime,noauto,x-systemd.automount 0 0
# /dev/nvme2n1p1
# UUID=73C99ED2175A3468 /mnt/nvme2n1p1 ntfs3 defaults,discard,noatime,noauto,x-systemd.automount 0 0
# /dev/nvme3n1p1
# UUID=0436AA0013BB9B40 /mnt/nvme3n1p1 ntfs3 defaults,discard,noatime,noauto,x-systemd.automount 0 0

# /dev/sdc1
# UUID=43B0754E6391E844 /mnt/sdc1 ntfs3 defaults,noatime,noauto,x-systemd.automount 0 0
# /dev/sdd1
# UUID=72B601494AED575D /mnt/sdd1 ntfs3 defaults,noatime,noauto,x-systemd.automount 0 0

# nfs
10.0.1.11:/srv/nfs/music /mnt/nfs/music nfs noauto,x-systemd.automount,x-systemd.device-timeout=10,timeo=14,x-systemd.idle-timeout=1min 0 0

# hugepages
# hugetlbfs /dev/hugepages hugetlbfs mode=01770,gid=kvm 0 0

Chroot to install directory

arch-chroot /mnt

Set the machine hostname

echo "archlinux" >> /etc/hostname

Set timezone

Remove old localtime

rm /etc/localtime

ln -s /usr/share/zoneinfo/Europe/Berlin /etc/localtime

Set hardware clock to UTC

hwclock --systohc --utc

Synchronize the system clock

/etc/systemd/timesyncd.conf

[Time]
NTP=ptbtime1.ptb.de ptbtime2.ptb.de ptbtime3.ptb.de
FallbackNTP=0.arch.pool.ntp.org 1.arch.pool.ntp.org 2.arch.pool.ntp.org 3.arch.pool.ntp.org
RootDistanceMaxSec=5
PollIntervalMinSec=32
PollIntervalMaxSec=2048
ConnectionRetrySec=30
SaveIntervalSec=60

systemctl enable systemd-timesyncd

timedatectl show-timesync --all

Edit locale

/etc/locale.gen

uncomment en_US.UTF-8 UTF8

locale-gen

echo LANG=en_US.UTF-8 >> /etc/locale.conf

Customize pacman & enable multilib and Arch AUR community repositories

/etc/pacman.conf

uncomment [multilib]; Include = /etc/pacman.d/mirrorlist
uncomment Color
add ILoveCandy

Installing the systemd bootloader

bootctl install

bootctl --path=/boot install

Note

Whenever there is a new version of systemd-boot, the boot manager must be updated by the user.

bootctl update

Tip

Create an automatic bootctl update hook for pacman

/etc/pacman.d/hooks/100-systemd-boot.hook

[Trigger]
Type = Package
Operation = Upgrade
Target = systemd

[Action]
Description = Updating systemd-boot
When = PostTransaction
Exec = /usr/bin/bootctl update

Setup the systemd bootloader

/boot/loader/loader.conf

default arch.conf
timeout 0
console-mode max
editor no
auto-entries 0
auto-firmware 1

Add an entry for Arch Linux

/boot/loader/entries/arch.conf

title Arch Linux
linux /vmlinuz-linux
initrd /amd-ucode.img
initrd /initramfs-linux.img
options root=UUID=1314508c-df47-4972-822c-7e60c9cd12eb rw quiet

Info

If you are dual booting Windows you can add an manual entry for it

/boot/loader/entries/windows.conf

title Microsoft Windows
efi /EFI/Microsoft/Boot/bootmgfw.efi

Set root password

passwd

Change root shell

usermod -s /usr/bin/zsh root

Create non-privileged user and add him to the wheel group

Warning

Create a normal user for daily use. Do not use the root user for daily use.

useradd -m -G wheel -s /usr/bin/zsh USER

Set user password

passwd USER

Edit sudoers

/etc/sudoers

# Enable insults
Defaults insults

# Ask for the root password instead of the user password
Defaults targetpw

# Infinite password timeout
Defaults passwd_timeout=0

# # Password timeout
# Defaults passwd_timeout=1800

uncomment root ALL=(ALL) ALL
uncomment %wheel ALL=(ALL:ALL) ALL

Warning

Set Sudoers default file permissions The owner and group for the sudoers file must both be 0.
The file permissions must be set to 0440.
These permissions are set by default, but if you accidentally change them,
they should be changed back immediately or sudo will fail.

chown -c root:root /etc/sudoers

chmod -c 0440 /etc/sudoers

Networking

Disable systemd-networkd and istall Network Manager

rm /etc/systemd/network/*

pacman -Syu networkmanager

systemctl disable systemd-resolved

systemctl disable systemd-networkd

systemctl enable NetworkManager

Disable IPv6

/etc/sysctl.d/40-ipv6.conf

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

Configure Connection

nmcli connection edit Wired\ connection\ 1

set connection.id enp1s0

set ipv6.method disabled

save persistent

quit

Local hostname resolution

/etc/hosts

# Static table lookup for hostnames.
# See hosts(5) for details.
127.0.0.1        localhost
::1              localhost

Networking through wired adapter using DHCP

/etc/systemd/network/20-wired.network

[Match]
Name=en*

[Network]
DHCP=yes

Wireless Network using DHCP

/etc/systemd/network/25-wireless.network

[Match]
Name=wl*

[Network]
DHCP=yes

[DHCPv4]
RouteMetric=20

Wireless network configuration

Enable systemd network

systemctl enable systemd-resolved -f

systemctl enable systemd-networkd -f

Tip

NetworkManager prefers known wireless networks and has the ability to switch to the most reliable network.

Warning

You must ensure that only one service that wants to configure the network is running.
Multiple networking services will conflict.
You can find a list of the currently running services with systemctl --type=service and then stop them.

Exit chroot, unmount and reboot

exit

umount -R /mnt

reboot now

Autoupdate mirrorlist

Install reflector

pacman -Syu reflector

Edit reflector configuration

/etc/xdg/reflector/reflector.conf

# Recommended Options

# Set the output path where the mirrorlist will be saved (--save).
--save /etc/pacman.d/mirrorlist

# Select the transfer protocol (--protocol).
--protocol https

# Select the country (--country).
# Consult the list of available countries with "reflector --list-countries" and
# select the countries nearest to you or the ones that you trust. For example:
--country Switzerland,Germany

# Use only the  most recently synchronized mirrors (--latest).
--latest 10

# Sort the mirrors by synchronization time (--sort).
--sort rate

Enable reflector timer and start reflector service

systemctl start reflector.service

systemctl enable reflector.timer

Discard unused packages weekly to prevent the directory to grow indefinitely in size

systemctl enable paccache.timer

Update system

pacman -Syu

Install base programs

pacman -Syu xfsprogs pacman-contrib openssh curl wget rsync git htop tldr fd ack ncdu duf man-db tree logrotate net-tools btop pwgen nfs-utils neofetch

Install additional kernel

pacman -Syu linux-lts linux-zen

Remove fallback from presets

/etc/mkinitcpio.d/linux-zen.preset

# mkinitcpio preset file for the 'linux-zen' package

#ALL_config="/etc/mkinitcpio.conf"
ALL_kver="/boot/vmlinuz-linux-zen"
ALL_microcode=(/boot/*-ucode.img)

PRESETS=('default')

#default_config="/etc/mkinitcpio.conf"
default_image="/boot/initramfs-linux-zen.img"
#default_uki="/efi/EFI/Linux/arch-linux-zen.efi"
#default_options="--splash /usr/share/systemd/bootctl/splash-arch.bmp"

#fallback_config="/etc/mkinitcpio.conf"
fallback_image="/boot/initramfs-linux-zen-fallback.img"
#fallback_uki="/efi/EFI/Linux/arch-linux-zen-fallback.efi"
fallback_options="-S autodetect"

Install fonts

pacman -Syu ttf-ubuntu-font-family ttf-jetbrains-mono noto-fonts-emoji

Install AMDGPU driver

pacman -Syu lib32-mesa mesa xf86-video-amdgpu lib32-vulkan-radeon vulkan-radeon lib32-libva-mesa-driver libva-mesa-driver lib32-mesa-vdpau mesa-vdpau

Setup AUR

Enable compiler using all CPU threads

/etc/makepkg.conf

uncomment and edit MAKEFLAGS="-j $(nproc)"
uncomment and edit COMPRESSXZ=(xz -c -T $(nproc) -z -)

Download AUR Helper

git clone https://aur.archlinux.org/yay.git

cd yay

makepkg -si

Modify intiramfs

/etc/mkinitcpio.conf

MODULES=(amdgpu)
...
HOOKS=(base udev autodetect modconf kms keyboard keymap block filesystems fsck)

Tip

Install optional firmware for the default linux kernel to get rid of the annoying
‘WARNING: Possibly missing firmware for module:’ message

yay -Syu mkinitcpio-firmware

Note

Despite XFS supporting async discard since kernel 4.7, xfs still recommends “that you use the fstrim application to discard unused blocks rather than the discard mount option because the performance impact of this option is quite severe.”

Enable weekly TRIM service for SSD devices

systemctl enable fstrim.timer

Enable Logrotate

systemctl enable logrotate.timer

/etc/logrotate.conf

# uncomment this if you want your log files compressed
compress
compresscmd /usr/bin/zstd
compressext .zst
compressoptions -T0 --long
uncompresscmd /usr/bin/unzstd

Remove memory limit

mkdir -pv /etc/security/limits.d

/etc/security/limits.d/10-gcr.conf

*               hard    memlock         unlimited
*               soft    memlock         unlimited
*               hard    nofile          1048576

Run ulimit -l to check limits

Set max user watches

echo fs.inotify.max_user_watches=524288 | tee /etc/sysctl.d/50-max_user_watches.conf && sysctl --system

Run cat /proc/sys/fs/inotify/max_user_watches to check it’s working

Enable Nano syntax highlighting

/etc/nanorc

uncomment include "/usr/share/nano/*.nanorc"

Disabling automatic core dumps

/etc/sysctl.d/50-coredump.conf

kernel.core_pattern=/dev/null

Reducing shutdown timeout for “a stop job is running”

/etc/systemd/system.conf

uncomment DefaultTimeoutStartSec=30s
uncomment DefaultTimeoutStopSec=30s

Add additional tty virtual consoles (CTRL+ALT+F1 - CTRL+ALT+F11)

/etc/systemd/logind.conf

NAutoVTs=11

Forward journald to /dev/tty12 (CTRL+ALT+F12)

Create a drop-in directory

mkdir -pv /etc/systemd/journald.conf.d

create a config file in it

/etc/systemd/journald.conf.d/fw-tty12.conf

[Journal]
ForwardToConsole=yes
TTYPath=/dev/tty12
MaxLevelConsole=info

Change persistent journal size limit

Create a drop-in directory

mkdir -pv /etc/systemd/journald.conf.d

/etc/systemd/journald.conf.d/00-journal-size.conf

[Journal]
SystemMaxUse=50M

Swap

Revome swap file

swapon --show

swapoff /swapfile

/etc/fstab

remove /swapfile swap swap defaults 0 0

rm /swapfile

Install Zram-generator package

pacman -Syu zram-generator

Configure Zram

/etc/systemd/zram-generator.conf

# This config file enables a /dev/zram0 device with the default settings:
# — size — same as available RAM or 8GB, whichever is less
# — compression — most likely lzo-rle
#
# To disable, uninstall zram-generator-defaults or create empty
# /etc/systemd/zram-generator.conf file.
[zram0]
zram-size = min(ram, 8192)

Enable service

systemctl enable systemd-zram-setup@

Create a swap file

dd if=/dev/zero of=/swapfile bs=1M count=8192 status=progress

chmod 600 /swapfile

mkswap /swapfile

swapon /swapfile

Edit the fstab configuration to add an entry for the swap file

/etc/fstab

/swapfile swap swap defaults 0 0

Check the current swappiness value

sysctl vm.swappiness

To set the swappiness value permanently, edit a sysctl configuration file

/etc/sysctl.d/99-swappiness.conf

vm.swappiness=10

Hibernation into swap file

Identify swap device

findmnt -no UUID -T /swapfile

Identify swap file offset

filefrag -v /swapfile | awk '$1=="0:" {print substr($4, 1, length($4)-2)}'

Add the values to the systemd bootloader options

resume=UUID=eb22c14f-a1f2-4843-ae88-c8fee6113d9d resume_offset=3762176

Desktop environment

A desktop environment (DE) is made of a bundle of programs, which share a common graphical user interface (GUI).

A desktop environment bundles together a variety of components to provide common graphical user interface elements such as icons, toolbars, wallpapers, and desktop widgets. Additionally, most desktop environments include a set of integrated applications and utilities. Most importantly, desktop environments provide their own window manager, which can however usually be replaced with another compatible one.

How to install and configure KDE Plasma as your desktop environment

GNOME

How to install and configure GNOME as your desktop environment

KDE desktop environment

How to install and configure KDE Plasma as your desktop environment

Install audio

pacman -Syu pipewire pipewire-alsa pipewire-jack pipewire-pulse wireplumber pipewire-docs helvum

Install KDE Plasma

pacman -Syu xorg plasma plasma-wayland-session kdeconnect xdg-desktop-portal sshfs fwupd packagekit-qt5 sonnet

systemctl enable sddm

pacman -Rscn flatpak plymouth

Tip

Disabling capslock key in KDE

System Settings > Input Devices > Keyboard > Advanced > Caps Lock key behavior > Caps Lock is disabled

Tip

KDE Plasma tiling

Activate it in System Settings > Workspace Behavior > Desktop Effects
and then you can tile a window dragging it while holding down the Shift key.
To create custom tile layouts, hold down the Meta key, and then press T.

Tip

KDE fix Firefox fonts

fc-match sans
fc-match serif
fc-cache --really-force

List of applications

Visual Studio Code

yay -Syu visual-studio-code-bin

Tip

Fix VS Code remote connection uses 100% CPU of remote machine

Set settingsSync.keybindingsPerPlatform to false
Set search.followSymlinks to false

Image Viewer

yay -Syu nomacs

PDF Viewer

pacman -Syu okular kdegraphics-mobipocket khtml chmlib calligra

VNC

pacman -Syu remmina freerdp libvncserver spice-gtk webkit2gtk-4.1

Image Editing

pacman -Syu gimp krita inkscape

Audio editing

pacman -Syu audacity

Video editing

pacman -Syu kdenlive

Office Suite

pacman -Syu libreoffice-fresh ttf-caladea ttf-carlito ttf-dejavu ttf-liberation hunspell hunspell-en_us hunspell-de

sane: for scanner access

Static Webpages

pacman -Syu hugo

GNOME desktop environment

How to install and configure GNOME as your desktop environment

Install audio

pacman -Syu pipewire pipewire-alsa pipewire-jack pipewire-pulse wireplumber pipewire-docs helvum

Install GNOME

pacman -Syu gnome gnome-extra gnome-themes-extra gnome-power-manager qt5ct libsecret seahorse

Install extensions and additional themes

yay -Syu gnome-shell-extension-dash-to-panel gnome-shell-extension-arc-menu gnome-shell-extension-no-overview gnome-shell-extension-tray-icons-reloaded xcursor-pro-cursor-theme adwaita-qt

Optional MacOS theme

yay -Syu whitesur-icon-theme whitesur-gtk-theme

Remove bloat

pacman -Rscn baobab gnome-recipes gnome-books gnome-boxes gnome-builder gnome-chess gnome-connections tali gnome-games geary ipython gnome-nibbles totem epiphany gnome-software polari iagno lightsoff four-in-a-row gnome-robots hitori gnome-klotski gnome-mines gnome-mahjongg gnome-sudoku quadrapassel swell-foop gnome-tetravex gnome-taquin gnome-remote-desktop

Configuration of Qt5 apps under environments other than KDE Plasma

/etc/environment

export QT_QPA_PLATFORMTHEME=qt5ct

Run qt5ct to set an Qt5 icon theme

Use Xorg backend by default

/etc/gdm/custom.conf

uncomment WaylandEnable=false

Enable display manager

systemctl enable gdm.service -f

To hide a ordinary users from the login list create or edit a file named after the user

/var/lib/AccountsService/users/username

[User]
SystemAccount=true

Info

GNOME login using tty (GDM disabled)
Sessions are stored in /usr/share/xsessions

~/.xinitrc

#!/bin/sh

userresources=$HOME/.Xresources
usermodmap=$HOME/.Xmodmap
sysresources=/etc/X11/xinit/.Xresources
sysmodmap=/etc/X11/xinit/.Xmodmap

# merge in defaults and keymaps

if [ -f $sysresources ]; then
    xrdb -merge $sysresources
fi

if [ -f $sysmodmap ]; then
    xmodmap $sysmodmap
fi

if [ -f "$userresources" ]; then
    xrdb -merge "$userresources"
fi

if [ -f "$usermodmap" ]; then
    xmodmap "$usermodmap"
fi

# start some nice programs

if [ -d /etc/X11/xinit/xinitrc.d ] ; then
 for f in /etc/X11/xinit/xinitrc.d/?*.sh ; do
  [ -x "$f" ] && . "$f"
 done
 unset f
fi

export XDG_SESSION_TYPE=x11
export GDK_BACKEND=x11
exec gnome-session

# redirect output to /dev/null.
>/dev/null 2>&1

Start an Xorg display server

~/.zprofile

#
# ~/.zprofile
#
[[ -f ~/.zshrc ]] && . ~/.zshrc

if [[ -z $DISPLAY && $(tty) == /dev/tty1 ]]; then
    XDG_SESSION_TYPE=x11 GDK_BACKEND=x11 exec startx
fi

Tip

Disable caps lock

Tweaks > Keyboard & mouse > additional layout options > Caps Lock behaivior

Confusingly, it is shown as Disabled
But this means that any customization on that is disabled
In the dropdown choose Caps Lock is disabled option and you are done

Unlock the keyring for a display manager

/etc/pam.d/login

#%PAM-1.0

auth       required     pam_securetty.so
auth       requisite    pam_nologin.so
auth       include      system-local-login
auth       optional     pam_gnome_keyring.so
account    include      system-local-login
session    include      system-local-login
session    optional     pam_gnome_keyring.so auto_start

~/.local/share/keyrings/default

login

Automatically change default keyring password with user password

#%PAM-1.0
#password       required        pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
#password       required        pam_unix.so sha512 shadow use_authtok
password        required        pam_unix.so sha512 shadow nullok
password        optional        pam_gnome_keyring.so

Complete initialization automatically

~/.zprofile

[[ -f ~/.zshrc ]] && . ~/.zshrc

if [ -n "$DESKTOP_SESSION" ];then
    eval $(gnome-keyring-daemon --start)
    export SSH_AUTH_SOCK
fi

Pacman

How to use the Pacman package manager and fix common errors

Upgrading packages

pacman -Syu

Uninstall packages

pacman -Rscn

Remove orphaned packages

pacman -Qtdq | pacman -Rns -

Remove all the cached packages that are not currently installed, and the unused sync database

pacman -Sc

To remove all files from the cache, use the clean switch twice, this is the most aggressive approach and will leave nothing in the cache folder

pacman -Scc

Create a hook to remove cached packages automatically after every pacman transaction

pacman -Syu pacman-contrib

/etc/pacman.d/hooks/90-remove-cache.hook

[Trigger]
Operation = Upgrade
Operation = Install
Operation = Remove
Type = Package
Target = *

[Action]
Description = Cleaning the package cache...
When = PostTransaction
Exec = /usr/bin/paccache -rvk2

List files installed by a package

pacman -Ql

Force remove package

pacman -Rdd

Downgrade package

pacman -U /var/cache/pacman/pkg/NAME

Update your archlinux-keyring before upgrading your system

pacman -Sy archlinux-keyring && pacman -Su

Skip a specific package when upgrading the system

pacman -Syu --ignore=PACKAGE

Error: failed to commit transaction (conflicting files)

pacman -Syu PACKAGE --overwrite FILEPATH

Error: unable to lock database

rm /var/lib/pacman/db.lck

Create list of installed packages

pacman -Qqen > pkglist

pacman --overwrite -S $(< pkglist

pacman -Qqdn > pkglist_deps

pacman --overwrite --asdeps -S $(< pkglist_deps

Script to update the system

~/bin/update

#!/bin/bash
sudo /root/bin/update

chmod 700 ~/bin/update

/root/bin/update

#!/bin/bash
GREEN='\033[0;32m'
echo -e "${GREEN}Updating keyring" &&
pacman -Sy archlinux-keyring --noconfirm &&
echo -e "${GREEN}Running pacman updates" &&
pacman -Syu --noconfirm &&
echo -e "${GREEN}Running AUR updates" &&
sudo -u wildw1ng yay -Syu --devel --needed --removemake --noconfirm --answerclean All --answerdiff None &&
echo -e "${GREEN}Checking for orphans and dropped packages" &&
pacman -Qdt
pacman -Qtdq | pacman -Rscn -

echo -e "${GREEN}System is up to date"
PS3="Please select an option: "
options=(reboot shutdown continue)
select menu in "${options[@]}";
do
  echo -e "\nyou picked $menu ($REPLY)"
  if [[ $menu == "reboot" ]]; then
    reboot; break;
  elif [[ $menu == "shutdown" ]]; then
    shutdown now The system is going down for required maintenance. Please save any important work you are doing now!; break;
  else
    break;
  fi
done

chmod 700 /root/bin/update

Hardware video acceleration

How to enable hardware video acceleration

Enable encoding with NVENC

NVENC requires the nvidia_uvm module and the creation of related device nodes under /dev.
Manually loading the nvidia_uvm module will not create the device nodes, but invoking the nvidia-modprobe utility will.

/etc/udev/rules.d/70-nvidia.rules

ACTION=="add", DEVPATH=="/bus/pci/drivers/nvidia", RUN+="/usr/bin/nvidia-modprobe -c0 -u"

Install Video Acceleration API (VA-API) and Video Decode and Presentation API for Unix (VDPAU)

pacman -Syu libva-utils vdpauinfo && yay -Syu libva-nvidia-driver

pacman -Syu libva-mesa-driver mesa-vdpau libva-vdpau-driver libvdpau-va-gl libva-utils vdpauinfo

Verify VA-API settings

vainfo

Verify VDPAU settings

vdpauinfo

grep -iE 'vdpau | dri driver' ~/.local/share/xorg/Xorg.0.log

Enable VA-API in Firefox

about:support

Verify WebRender is enabled under Compositing and ensure you are not running Software WebRender.
It should be enabled by default in GNOME and other desktop environments.

about:config

Set flags
gfx.webrender.all to true to force enable Hardware WebRender.
media.ffmpeg.vaapi.enabled to true in order to enable the use of VA-API with FFmpeg.
media.ffvpx.enabled to false to disable the internal decoders for VP8/VP9. This is necessary despite this bug being fixed.
media.navigator.mediadatadecoder_vpx_enabled to true to enable hardware VA-API decoding for WebRTC.
media.rdd-vpx.enabled to false to disable the remote data decoder process for VP8/VP9.
image.webp.enabled to fasle to stop images from saving in WebP.

Enable VA-API in GStreamer

pacman -Syu gstreamer-vaapi gst-plugins-bad

Verify VA-API support

gst-inspect-1.0 vaapi

gst-inspect-1.0 nvcodec

issue

How to customize the tty login screen and SSH banner

Customization

/etc/issue

                 \e{red}-@\e{reset}
                \e{red}.##@\e{reset}
               \e{red}.####@\e{reset}
               \e{red}@#####@\e{reset}
             \e{red}. *######@\e{reset}
            \e{red}.##@o@#####@\e{reset}
           \e{red}/############@\e{reset}                  \e{red}\S{PRETTY_NAME} \e{reset}\m \r\e{reset}
          \e{red}/##############@\e{reset}                 \e{red}Date \e{reset}\d\e{reset}
         \e{red}@######@**%######@\e{reset}                \e{red}Logged in users \e{reset}\u\e{reset}
        \e{red}@######`     %#####o\e{reset}               \e{red}Terminal \e{reset}\l\e{reset}
       \e{red}@######@       ######%\e{reset}
     \e{red}-@#######h       ######@.`\e{reset}
    \e{red}/#####h**``       `**%@####@\e{reset}
   \e{red}@H@*`                    `*%#@\e{reset}
  \e{red}*`                            `*\e{reset}

/etc/issue.net


                -@
               .##@
              .####@
              @#####@
            . *######@
           .##@o@#####@                       _                 ___       ____  ___   ___   ___
          /############@        __ _ _ __ ___| |__        _ __ / _ \     | ___|/ _ \ / _ \ / _ \__  __
         /##############@      / _` | '__/ __| '_ \ _____| '__| (_) |____|___ \ (_) | | | | | | \ \/ /
        @######@**%######@    | (_| | | | (__| | | |_____| |   \__, |_____|__) \__, | |_| | |_| |>  <
       @######`     %#####o    \__,_|_|  \___|_| |_|     |_|     /_/     |____/  /_/ \___/ \___//_/\_\
      @######@       ######%
    -@#######h       ######@.`
   /#####h**``       `**%@####@
  @H@*`                    `*%#@
 *`                            `*


                -@
               .##@
              .####@
              @#####@
            . *######@
           .##@o@#####@             _      _               _                        _     _
          /############@     __   _(_)_ __| |_ _   _  __ _| |  _ __ ___   __ _  ___| |__ (_)_ __   ___
         /##############@    \ \ / / | '__| __| | | |/ _` | | | '_ ` _ \ / _` |/ __| '_ \| | '_ \ / _ \
        @######@**%######@    \ V /| | |  | |_| |_| | (_| | | | | | | | | (_| | (__| | | | | | | |  __/
       @######`     %#####o    \_/ |_|_|   \__|\__,_|\__,_|_| |_| |_| |_|\__,_|\___|_| |_|_|_| |_|\___|
      @######@       ######%
    -@#######h       ######@.`
   /#####h**``       `**%@####@
  @H@*`                    `*%#@
 *`                            `*

/etc/ssh/sshd_config

uncomment Banner /etc/issue.net

ASCII Font

pacman -Syu figlet

figlet arch-r9-5900x >> /etc/issue.net

Tip

Additional SSH banner customization using ASCII art generator

Zsh

How to switch to Zsh and configure it as your default shell

~/.zprofile

#
# ~/.zprofile
#
[[ -f ~/.zshrc ]] && . ~/.zshrc

if [ -n "$DESKTOP_SESSION" ];then
    eval $(gnome-keyring-daemon --start)
    export SSH_AUTH_SOCK
fi

~/.zshrc

# ~/.zshrc file for zsh interactive shells.
# see /usr/share/doc/zsh/examples/zshrc for examples

setopt autocd              # change directory just by typing its name
setopt correct             # auto correct mistakes
setopt interactivecomments # allow comments in interactive mode
setopt magicequalsubst     # enable filename expansion for arguments of the form ‘anything=expression’
setopt nonomatch           # hide error message if there is no match for the pattern
setopt notify              # report the status of background jobs immediately
setopt numericglobsort     # sort filenames numerically when it makes sense
setopt promptsubst         # enable command substitution in prompt

WORDCHARS=${WORDCHARS//\/} # Don't consider certain characters part of the word

# hide EOL sign ('%')
PROMPT_EOL_MARK=""

# configure key keybindings
bindkey -e                                        # emacs key bindings
bindkey ' ' magic-space                           # do history expansion on space
bindkey '^U' backward-kill-line                   # ctrl + U
bindkey '^[[3;5~' kill-word                       # ctrl + Supr
bindkey '^[[3~' delete-char                       # delete
bindkey '^[[1;5C' forward-word                    # ctrl + ->
bindkey '^[[1;5D' backward-word                   # ctrl + <-
bindkey '^[[5~' beginning-of-buffer-or-history    # page up
bindkey '^[[6~' end-of-buffer-or-history          # page down
bindkey '^[[H' beginning-of-line                  # home
bindkey '^[[F' end-of-line                        # end
bindkey '^[[Z' undo                               # shift + tab undo last action
bindkey "^R" history-incremental-search-backward  # ctrl + r
bindkey "\e[A" history-beginning-search-backward  # arrow up
bindkey "\e[B" history-beginning-search-forward   # arrow down

# enable completion features
autoload -Uz compinit
compinit -d ~/.cache/zcompdump
zstyle ':completion:*:*:*:*:*' menu select
zstyle ':completion:*' auto-description 'specify: %d'
zstyle ':completion:*' completer _expand _complete
zstyle ':completion:*' format 'Completing %d'
zstyle ':completion:*' group-name ''
zstyle ':completion:*' list-colors ''
zstyle ':completion:*' list-prompt %SAt %p: Hit TAB for more, or the character to insert%s
zstyle ':completion:*' matcher-list 'm:{a-zA-Z}={A-Za-z}'
zstyle ':completion:*' rehash true
zstyle ':completion:*' select-prompt %SScrolling active: current selection at %p%s
zstyle ':completion:*' use-compctl false
zstyle ':completion:*' verbose true
zstyle ':completion:*:kill:*' command 'ps -u $USER -o pid,%cpu,tty,cputime,cmd'

# Help command
autoload -Uz run-help
(( ${+aliases[run-help]} )) && unalias run-help
alias help=run-help
autoload -Uz run-help-git run-help-ip run-help-openssl run-help-p4 run-help-sudo run-help-svk run-help-svn

# History configurations
HISTFILE=~/.zsh_history
HISTSIZE=1000
SAVEHIST=2000
setopt hist_expire_dups_first # delete duplicates first when HISTFILE size exceeds HISTSIZE
setopt hist_ignore_dups       # ignore duplicated commands history list
setopt hist_ignore_space      # ignore commands that start with space
setopt hist_verify            # show command with history expansion to user before running it
#setopt share_history         # share command history data

# force zsh to show the complete history
alias history="history 0"

# configure `time` format
TIMEFMT=$'\nreal\t%E\nuser\t%U\nsys\t%S\ncpu\t%P'

# make less more friendly for non-text input files, see lesspipe(1)
#[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"

# set a fancy prompt (non-color, unless we know we "want" color)
case "$TERM" in
    xterm-color|*-256color) color_prompt=yes;;
esac

# uncomment for a colored prompt, if the terminal has the capability; turned
# off by default to not distract the user: the focus in a terminal window
# should be on the output of commands, not on the prompt
force_color_prompt=yes

if [ -n "$force_color_prompt" ]; then
    if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
        # We have color support; assume it's compliant with Ecma-48
        # (ISO/IEC-6429). (Lack of such support is extremely rare, and such
        # a case would tend to support setf rather than setaf.)
        color_prompt=yes
    else
        color_prompt=
    fi
fi

configure_prompt() {
    prompt_symbol=🤓
    [ "$EUID" -eq 0 ] && prompt_symbol=💀
    case "$PROMPT_ALTERNATIVE" in
        twoline)
            PROMPT=$'%F{%(#.blue.green)}┌──${:+($)─}${VIRTUAL_ENV:+($(basename $VIRTUAL_ENV))─}(%B%F{%(#.red.blue)}%n$prompt_symbol%m%b%F{%(#.blue.green)})-[%B%F{reset}%(6~.%-1~/…/%4~.%5~)%b%F{%(#.blue.green)}]\n└─%B%(#.%F{red}#.%F{blue}$)%b%F{reset} '
            RPROMPT=$'%(?.. %? %F{red}%B⨯%b%F{reset})%(1j. %j %F{yellow}%B⚙%b%F{reset}.)'
            ;;
        oneline)
            PROMPT=$'${:+($)}${VIRTUAL_ENV:+($(basename $VIRTUAL_ENV))}%B%F{%(#.red.blue)}%n@%m%b%F{reset}:%B%F{%(#.blue.green)}%~%b%F{reset}%(#.#.$) '
            RPROMPT=
            ;;
        backtrack)
            PROMPT=$'${:+($)}${VIRTUAL_ENV:+($(basename $VIRTUAL_ENV))}%B%F{red}%n@%m%b%F{reset}:%B%F{blue}%~%b%F{reset}%(#.#.$) '
            RPROMPT=
            ;;
    esac
}

# The following block is surrounded by two delimiters.
# These delimiters must not be modified. Thanks.
# START CONFIG VARIABLES
PROMPT_ALTERNATIVE=twoline
NEWLINE_BEFORE_PROMPT=yes
# STOP CONFIG VARIABLES

if [ "$color_prompt" = yes ]; then
    # override default virtualenv indicator in prompt
    VIRTUAL_ENV_DISABLE_PROMPT=1

    configure_prompt

    # enable syntax-highlighting
    if [ -f /usr/share/zsh/plugins/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh ] && [ "$color_prompt" = yes ]; then
        . /usr/share/zsh/plugins/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh
        ZSH_HIGHLIGHT_HIGHLIGHTERS=(main brackets pattern)
        ZSH_HIGHLIGHT_STYLES[default]=none
        ZSH_HIGHLIGHT_STYLES[unknown-token]=fg=red,bold
        ZSH_HIGHLIGHT_STYLES[reserved-word]=fg=cyan,bold
        ZSH_HIGHLIGHT_STYLES[suffix-alias]=fg=green,underline
        ZSH_HIGHLIGHT_STYLES[global-alias]=fg=magenta
        ZSH_HIGHLIGHT_STYLES[precommand]=fg=green,underline
        ZSH_HIGHLIGHT_STYLES[commandseparator]=fg=blue,bold
        ZSH_HIGHLIGHT_STYLES[autodirectory]=fg=green,underline
        ZSH_HIGHLIGHT_STYLES[path]=underline
        ZSH_HIGHLIGHT_STYLES[path_pathseparator]=
        ZSH_HIGHLIGHT_STYLES[path_prefix_pathseparator]=
        ZSH_HIGHLIGHT_STYLES[globbing]=fg=blue,bold
        ZSH_HIGHLIGHT_STYLES[history-expansion]=fg=blue,bold
        ZSH_HIGHLIGHT_STYLES[command-substitution]=none
        ZSH_HIGHLIGHT_STYLES[command-substitution-delimiter]=fg=magenta
        ZSH_HIGHLIGHT_STYLES[process-substitution]=none
        ZSH_HIGHLIGHT_STYLES[process-substitution-delimiter]=fg=magenta
        ZSH_HIGHLIGHT_STYLES[single-hyphen-option]=fg=magenta
        ZSH_HIGHLIGHT_STYLES[double-hyphen-option]=fg=magenta
        ZSH_HIGHLIGHT_STYLES[back-quoted-argument]=none
        ZSH_HIGHLIGHT_STYLES[back-quoted-argument-delimiter]=fg=blue,bold
        ZSH_HIGHLIGHT_STYLES[single-quoted-argument]=fg=yellow
        ZSH_HIGHLIGHT_STYLES[double-quoted-argument]=fg=yellow
        ZSH_HIGHLIGHT_STYLES[dollar-quoted-argument]=fg=yellow
        ZSH_HIGHLIGHT_STYLES[rc-quote]=fg=magenta
        ZSH_HIGHLIGHT_STYLES[dollar-double-quoted-argument]=fg=magenta
        ZSH_HIGHLIGHT_STYLES[back-double-quoted-argument]=fg=magenta
        ZSH_HIGHLIGHT_STYLES[back-dollar-quoted-argument]=fg=magenta
        ZSH_HIGHLIGHT_STYLES[assign]=none
        ZSH_HIGHLIGHT_STYLES[redirection]=fg=blue,bold
        ZSH_HIGHLIGHT_STYLES[comment]=fg=black,bold
        ZSH_HIGHLIGHT_STYLES[named-fd]=none
        ZSH_HIGHLIGHT_STYLES[numeric-fd]=none
        ZSH_HIGHLIGHT_STYLES[arg0]=fg=green
        ZSH_HIGHLIGHT_STYLES[bracket-error]=fg=red,bold
        ZSH_HIGHLIGHT_STYLES[bracket-level-1]=fg=blue,bold
        ZSH_HIGHLIGHT_STYLES[bracket-level-2]=fg=green,bold
        ZSH_HIGHLIGHT_STYLES[bracket-level-3]=fg=magenta,bold
        ZSH_HIGHLIGHT_STYLES[bracket-level-4]=fg=yellow,bold
        ZSH_HIGHLIGHT_STYLES[bracket-level-5]=fg=cyan,bold
        ZSH_HIGHLIGHT_STYLES[cursor-matchingbracket]=standout
    fi
else
    PROMPT='${:+($)}%n@%m:%~%# '
fi
unset color_prompt force_color_prompt

toggle_oneline_prompt(){
    if [ "$PROMPT_ALTERNATIVE" = oneline ]; then
        PROMPT_ALTERNATIVE=twoline
    else
        PROMPT_ALTERNATIVE=oneline
    fi
    configure_prompt
    zle reset-prompt
}
zle -N toggle_oneline_prompt
bindkey ^P toggle_oneline_prompt

# If this is an xterm set the title to user@host:dir
case "$TERM" in
xterm*|rxvt*|Eterm|aterm|kterm|gnome*|alacritty)
    TERM_TITLE=$'\e]0;${:+($)}${VIRTUAL_ENV:+($(basename $VIRTUAL_ENV))}%n@%m: %~\a'
    ;;
*)
    ;;
esac

precmd() {
    # Print the previously configured title
    print -Pnr -- "$TERM_TITLE"

    # Print a new line before the prompt, but only if it is not the first line
    if [ "$NEWLINE_BEFORE_PROMPT" = yes ]; then
        if [ -z "$_NEW_LINE_BEFORE_PROMPT" ]; then
            _NEW_LINE_BEFORE_PROMPT=1
        else
            print ""
        fi
    fi
}

# This is where you put your hand rolled scripts (remember to chmod them)
PATH="$HOME/bin:$PATH"

# enable color support of ls, less and man, and also add handy aliases
if [ -x /usr/bin/dircolors ]; then
    test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
    alias ls='ls --color=auto'
    #alias dir='dir --color=auto'
    #alias vdir='vdir --color=auto'

    alias grep='grep --color=auto'
    alias fgrep='fgrep --color=auto'
    alias egrep='egrep --color=auto'
    alias diff='diff --color=auto'
    alias ip='ip --color=auto'

    export LESS_TERMCAP_mb=$'\E[1;31m'     # begin blink
    export LESS_TERMCAP_md=$'\E[1;36m'     # begin bold
    export LESS_TERMCAP_me=$'\E[0m'        # reset bold/blink
    export LESS_TERMCAP_so=$'\E[01;33m'    # begin reverse video
    export LESS_TERMCAP_se=$'\E[0m'        # reset reverse video
    export LESS_TERMCAP_us=$'\E[1;32m'     # begin underline
    export LESS_TERMCAP_ue=$'\E[0m'        # reset underline

    # Take advantage of $LS_COLORS for completion as well
    zstyle ':completion:*' list-colors "${(s.:.)LS_COLORS}"
    zstyle ':completion:*:*:kill:*:processes' list-colors '=(#b) #([0-9]#)*=0=01;31'
fi

if [ "$TERM" = "linux" ]; then
    echo -en "\e]P0000000"  # background
    echo -en "\e]P87f7f7f"  # grey
    echo -en "\e]P1cc0000"  # red
    echo -en "\e]P9cc0000"  # lightred
    echo -en "\e]P2a2e22e"  # green
    echo -en "\e]PAa2e22e"  # lightgreen
    echo -en "\e]P3ffb000"  # yellow
    echo -en "\e]PBffb000"  # lightyellow
    echo -en "\e]P4007acc"  # blue
    echo -en "\e]PC007acc"  # lightblue
    echo -en "\e]P5d4038a"  # magenta
    echo -en "\e]PDd4038a"  # lightmagenta
    echo -en "\e]P670b596"  # cyan
    echo -en "\e]PE70b596"  # lightcyan
    echo -en "\e]P7a5a5a5"  # text
    echo -en "\e]PFcacecd"  # white
    clear                   # for background artifacting
fi

# Aliases
alias ls='ls -h --color=auto'
alias ll='ls -alh --color=auto'
alias la='ls -Ah --color=auto'
alias l='ls -CFlh --color=auto'
alias diff='diff --color=auto'
alias dir='dir --color=auto'
alias vdir='vdir --color=auto'
alias grep='grep --color=auto'
alias fgrep='fgrep --color=auto'
alias egrep='egrep --color=auto'
alias ..='cd ..'
alias ...='cd ../..'
alias s='ssh -l root'
alias reboot="systemctl reboot"
alias shutdown='shutdown now'
alias cp='cp -iv'
alias mv='mv -iv'
alias rm='rm -rfv'
alias df='df -h'
alias free='free -m'
alias sudo='sudo '
alias clear='clear && neofetch'
alias rsync='rsync -avhP'

# This is GOLD for finding out what is taking so much space on your drives!
alias diskspace="du -S | sort -n -r |more"
# Command line mplayer movie watching for the win.
alias mp="mplayer -fs"
# Show me the size (sorted) of only the folders in this directory
alias folders="find . -maxdepth 1 -type d -print | xargs du -sk | sort -rn"

# enable auto-suggestions based on the history
source /usr/share/zsh/plugins/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh
source /usr/share/zsh/plugins/zsh-autosuggestions/zsh-autosuggestions.zsh
ZSH_AUTOSUGGEST_HIGHLIGHT_STYLE='fg=#ffb000'

# pacman -F "command not found" handler
function command_not_found_handler {
    local purple='\e[1;35m' bright='\e[0;1m' green='\e[1;32m' reset='\e[0m'
    printf 'zsh: command not found: %s\n' "$1"
    local entries=(
        ${(f)"$(/usr/bin/pacman -F --machinereadable -- "/usr/bin/$1")"}
    )
    if (( ${#entries[@]} ))
    then
        printf "${bright}$1${reset} may be found in the following packages:\n"
        local pkg
        for entry in "${entries[@]}"
        do
            # (repo package version file)
            local fields=(
                ${(0)entry}
            )
            if [[ "$pkg" != "${fields[2]}" ]]
            then
                printf "${purple}%s/${bright}%s ${green}%s${reset}\n" "${fields[1]}" "${fields[2]}" "${fields[3]}"
            fi
            printf '    /%s\n' "${fields[4]}"
            pkg="${fields[2]}"
        done
    fi
}

# source /usr/share/doc/pkgfile/command-not-found.zsh

# color man pages
man() {
    env LESS_TERMCAP_mb=$'\E[01;31m' \
    LESS_TERMCAP_md=$'\E[01;38;5;74m' \
    LESS_TERMCAP_me=$'\E[0m' \
    LESS_TERMCAP_se=$'\E[0m' \
    LESS_TERMCAP_so=$'\E[38;5;246m' \
    LESS_TERMCAP_ue=$'\E[0m' \
    LESS_TERMCAP_us=$'\E[04;38;5;146m' \
    man "$@"
}

# Saving ssh passphrase for this session
if [ ! -S ~/.ssh/ssh_auth_sock ]; then
  eval `ssh-agent`
  ln -sf "$SSH_AUTH_SOCK" ~/.ssh/ssh_auth_sock
fi
export SSH_AUTH_SOCK=~/.ssh/ssh_auth_sock
ssh-add -l > /dev/null || ssh-add

cd $HOME

Alacritty

How to install and configure Alacritty, a fast, cross-platform, OpenGL terminal emulator

Installation

pacman -Syu alacritty

Configuration

~/.config/alacritty.yml

# Configuration for Alacritty, the GPU enhanced terminal emulator.

env:
  TERM: xterm-256color

window:
  # Window dimensions (changes require restart)
  #
  # Specified in number of columns/lines, not pixels.
  # If both are `0`, this setting is ignored.
  dimensions:
    columns: 128
    lines: 24

  # Window position (changes require restart)
  #
  # Specified in number of pixels.
  # If the position is not set, the window manager will handle the placement.
  position:
    x: 3836
    y: 4

  # Background opacity
  #
  # Window opacity as a floating point number from `0.0` to `1.0`.
  # The value `0.0` is completely transparent and `1.0` is opaque.
  opacity: 0.8

# Font configuration
font:
  # Normal (roman) font face
  normal:
    # Font family
    #
    # Default:
    #   - (macOS) Menlo
    #   - (Linux/BSD) monospace
    #   - (Windows) Consolas
    family: JetBrains Mono

    # The `style` can be specified to pick a specific face.
    style: Regular

  # Bold font face
  bold:
    # Font family
    #
    # If the bold family is not specified, it will fall back to the
    # value specified for the normal font.
    family: JetBrains Mono

    # The `style` can be specified to pick a specific face.
    style: Bold

  # Italic font face
  italic:
    # Font family
    #
    # If the italic family is not specified, it will fall back to the
    # value specified for the normal font.
    family: JetBrains Mono

    # The `style` can be specified to pick a specific face.
    style: Italic

  # Bold italic font face
  bold_italic:
    # Font family
    #
    # If the bold italic family is not specified, it will fall back to the
    # value specified for the normal font.
    family: JetBrains Mono

    # The `style` can be specified to pick a specific face.
    style: Bold Italic

  # Point size
  size: 11.0

selection:
  #semantic_escape_chars: ",│`|:\"' ()[]{}<>\t"

  # When set to `true`, selected text will be copied to the primary clipboard.
  save_to_clipboard: false

# Allow terminal applications to change Alacritty's window title.
#dynamic_title: true

cursor:
  # Cursor style
  #
  # Values for `style`:
  #   - ▇ Block
  #   - _ Underline
  #   - | Beam
  style:
      blinking: Always
  blink_interval: 500

key_bindings:
  - { key: F,   mods: Control,           action: SearchForward    }
  - { key: C,   mods: Control,           action: Copy }
  - { key: V,   mods: Control,           action: Paste }

colors:
   # Default colors
   primary:
   # background: '#ffffff'
   # foreground: '#222222'
    background: '#000000'
   # background: '#111213'
    foreground: '#cacecd'
   # Normal colors
   normal:
     black:   '#222222'
     red:     '#cc0000'
     green:   '#a2e22e'
     yellow:  '#ffb000'
     blue:    '#007acc'
     magenta: '#d4038a'
     cyan:    '#70b596'
     white:   '#ffffff'

   # Bright colors
   bright:
     black:   '#7f7f7f'
     red:     '#cc0000'
     green:   '#a2e22e'
     yellow:  '#ffb000'
     blue:    '#007acc'
     magenta: '#d4038a'
     cyan:    '#70b596'
     white:   '#ffffff'

SSH

How to setup Secure Shell Protocol public key authentication

Generate key pairs on client

Ed25519 elliptic curve

ssh-keygen -t ed25519 -C "$(whoami)@$(uname -n)-$(date -I)"

chmod 400 ~/.ssh/id_ed25519*

Default configuration

mv /etc/ssh/sshd_config.pacnew /etc/ssh/sshd_config

/etc/ssh/sshd_config

PermitRootLogin yes

systemctl restart sshd

Unlock Server authorized_keys file on remote server before copy

chmod 666 ~/.ssh/authorized_keys

ll ~/.ssh/authorized_keys

Copying public key to remote server as non privileged user

ssh-copy-id root@localhost

Lock authorized_keys file on remote server

chmod 400 ~/.ssh/authorized_keys

ll ~/.ssh/authorized_keys

Enable public key authentication on remote server

/etc/ssh/sshd_config.d/20-force_publickey_auth.conf

# localhost configuration
# Edit SSH Configuration
AddressFamily inet
PermitRootLogin no
MaxAuthTries 3
PubkeyAuthentication no
PasswordAuthentication no
PermitEmptyPasswords no
AllowTcpForwarding no
X11Forwarding no
KbdInteractiveAuthentication no
UsePAM no
PrintMotd no
KerberosAuthentication no
GSSAPIAuthentication no
# Overriding settings on a per-user basis
Match User root Address 127.0.0.1
    PermitRootLogin prohibit-password
    PubkeyAuthentication yes
    AuthenticationMethods publickey
    AllowTcpForwarding yes
    Banner /etc/issue.net

Create local ssh config as non privileged user

~/.ssh/config

Host *
    AddKeysToAgent yes
    IdentityFile ~/.ssh/id_ed25519

Host localhost
    HostName localhost
    Port 22
    User root

┌──(wildw1ng🤓arch-r9-5900x)-[~]
└─$ ssh localhost

Saving ssh passphrase for current session on client

.zshrc

# Saving ssh passphrase for current session
if [ ! -S ~/.ssh/ssh_auth_sock ]; then
  eval `ssh-agent`
  ln -sf "$SSH_AUTH_SOCK" ~/.ssh/ssh_auth_sock
fi
export SSH_AUTH_SOCK=~/.ssh/ssh_auth_sock
ssh-add -l > /dev/null || ssh-add

VNC

How to connect to a remote desktop environment with VNC graphical desktop-sharing system

Install VNC server

pacman -Syu tigervnc

Create a password

vncpasswd

Define user mappings

/etc/tigervnc/vncserver.users

# TigerVNC User assignment
#
# This file assigns users to specific VNC display numbers.
# The syntax is <display>=<username>. E.g.:
#
# :2=andrew
# :3=lisa
:1=user

Each user defined in this file will have a corresponding port on which its session will run.
The number in the file corresponds to a TCP port. By default, :1 is TCP port 5901 (5900+1).
If another parallel server is needed, a second instance can then run on the next highest,
free port, i.e 5902 (5900+2).

Issuing x509 certificates using OpenSSL

openssl req -x509 -newkey rsa:4096 -nodes -keyout /home/wildw1ng/.vnc/x509key.pem -out /home/wildw1ng/.vnc/x509cert.pem -subj '/CN=192.168.0.100' -addext "subjectAltName=IP:192.168.0.100"

~/.vnc/config

session=gnome
geometry=1920x1080
alwaysshared
securitytypes=x509vnc
x509key=/home/wildw1ng/.vnc/x509key.pem
x509cert=/home/wildw1ng/.vnc/x509cert.pem

Client machine

x509cert=/home/wildw1ng/.vnc/x509cert.pem

vncviewer 192.168.0.245 -X509CA /home/wildw1ng/.vnc/x509cert.pem

Accessing vncserver via SSH tunnel

Issuing x509 certificates using OpenSSL

openssl req -x509 -newkey rsa:4096 -nodes -keyout /home/wildw1ng/.vnc/x509key.pem -out /home/wildw1ng/.vnc/x509cert.pem -subj '/CN=localhost' -addext "subjectAltName=IP:127.0.0.1"

Push the key to client machine

rsync -ra --info=progress2 /home/wildw1ng/.vnc/x509cert.pem 192.168.0.101:/home/wildw1ng/.vnc/

Server configuration

~/.vnc/config

session=gnome
geometry=1920x1080
localhost
alwaysshared
securitytypes=x509vnc
x509key=/home/wildw1ng/.vnc/x509key.pem
x509cert=/home/wildw1ng/.vnc/x509cert.pem

Remmina Client Settings

Basic >

Server: localhost:5901

SSH Tunnel > Enable SSH Tunnel

Custom: arch-r5-3600x
Authentification type: Public key (automatic)
Username: wildw1ng

VPN

How to automatically connect to a Virtual private network system to create secure point-to-point or site-to-site connections

Installation

Remove systemd-networkd configuration and install NetworkManager

rm /etc/systemd/network/*

pacman -Syu networkmanager networkmanager-openvpn

systemctl disable systemd-networkd

systemctl enable NetworkManager

Download OpenVPN configuration files from VPN provider

wget https://privadovpn.com/apps/ovpn_configs.zip

unzip ovpn_configs.zip 'zrh*'

/home/wildw1ng/.vpn/zrh-001.ovpn

comment: route 0.0.0.0 0.0.0.0 # vpn_gateway

Import OpenVPN configuration files to NetworkManager

nmcli connection import type openvpn file /home/wildw1ng/.vpn/zrh-001.ovpn

Modify new NetworkManager VPN configuration

/etc/NetworkManager/system-connections/zrh-001.nmconnection

password-flags=0
username=USERNAME
[vpn-secrets]
password=PASSWORD

Modify NetworkManager connection to reconnect indefinitely

nmcli connection edit zrh-001

nmcli> set connection.autoconnect yes
nmcli> set connection.autoconnect-retries 0
nmcli> save persistent
nmcli> quit

Automatically start a VPN connection

nmcli connection

NAME	UUID	TYPE	DEVICE
zrh-001	`d46e4a92-778e-4792-b085-e1f638ecb8e3`	vpn	enp1s0
enp1s0	1715b889-3c47-3e21-a86f-94ce207297a9	ethernet	enp1s0

Copy UUID of VPN connection you want to connect automatically

nmcli connection edit enp1s0

nmcli> set connection.secondaries d46e4a92-778e-4792-b085-e1f638ecb8e3
nmcli> save persistent
nmcli> quit

systemctl restart NetworkManager

Manual VPN connection

nmcli connection up zrh-001

nmcli connection down zrh-001

nmcli connection delete id zrh-001

Check public IP address

ip route

curl ifconfig.co

curl ifconfig.me

curl icanhazip.com

whois $(curl ifconfig.co)

Kill switch

How to create a VPN kill switch with UFW firewall rules that will stop all internet traffic if your VPN connection drops

Installation

pacman -Syu ufw

systemctl enable ufw

systemctl start ufw

Disable IPv6

/etc/sysctl.d/40-ipv6.conf

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

Modify UFW configuration

/etc/default/ufw

IPV6=no

Modify NetworkManager connection

nmcli connection modify enp1s0 ipv6.method "disabled"

Firewall configuration

ufw --force reset

Allow local traffic

ufw allow in to 10.0.0.0/22

ufw allow out to 10.0.0.0/22

Allow VPN tunnel traffic

ufw allow out on tun0 from any to any

ufw allow in on tun0 from any to any

Allow connection to the VPN server to establish the tunnel

ufw allow out to 185.156.175.0/24 port 1194 proto udp

Set the default policy to deny all traffic

ufw default deny outgoing

ufw default deny incoming

Enable firewall

ufw enable

ufw status verbose

Disable logging

ufw logging off

Bluetooth

How to install and configure Bluetooth

Enable bluetooth

pacman -Syu bluez bluez-utils bluez-plugins blueman perl-net-dbus

systemctl enable bluetooth

Connect to a bluetooth device

bluetoothctl

[bluetooth]# power on
[bluetooth]# scan on
[bluetooth]# pair MACADDRESS
[bluetooth]# connect MACADDRESS
[bluetooth]# trust MACADDRESS

Auto power-on after boot/resume

By default, the Bluetooth adapter does not power on after a reboot or resuming from suspend.

/etc/bluetooth/main.conf

[Policy]
AutoEnable = true

Discoverable on startup

/etc/bluetooth/main.conf

[General]
DiscoverableTimeout = 0

Make sure that the bluetooth device is not blocked by rfkill

rfkill list

rfkill unblock bluetooth

libvirt

How to setup and run KVM/QEMU virtual machines

Install packages

pacman -Syu libvirt qemu edk2-ovmf virt-manager

If using the default NAT/DHCP networking instead of a bridge

pacman -Syu iptables-nft dnsmasq

Access permissions qemu:///system

usermod -aG libvirt-qemu USER

Enable service

systemctl enable libvirtd.service -f

Create a network bridge

Warning

Check /etc/systemd/network/ for conflicting files

nmcli connection add type bridge ifname br0 stp no

nmcli connection add type bridge-slave ifname enp5s0 master br0

nmcli connection down enp5s0

nmcli connection up bridge-br0

nmcli connection up bridge-slave-enp5s0

nmcli connection edit br0

set bridge.mac-address

save persistent

quit

/etc/systemd/network/mybridge.netdev

[NetDev]
Name=br0
Kind=bridge
MACAddress=a8:5e:45:a7:09:99

/etc/systemd/network/bind.network

[Match]
Name=en*

[Network]
Bridge=br0

/etc/systemd/network/mybridge.network

[Match]
Name=br0

[Network]
DHCP=ipv4

systemctl enable systemd-networkd -f

ps aux | grep -i dnsmasq

virsh list --all

ip a s

virsh net-dhcp-leases default

route

virsh net-destroy default

virsh net-list --all

ip link set enp4s0 down

ip addr del 192.168.0.100/24 dev enp4s0

systemctl disable NetworkManager

systemctl disable dhcpcd.service

systemctl stop systemd-networkd

ip link add name br0 type bridge

ip link set enp4s0 master br0

ip addr add 192.168.0.100/24 dev br0 brd 192.168.255.255

ip link set up enp4s0

ip link set up br0

From another device

arping 192.168.0.100 -I enp4s0

route add default gw 192.168.0.1

Add network bridge to virt-manager

bridged-network.xml

<network>
    <name>bridged-network</name>
    <forward mode="bridge" />
    <bridge name="br0" />
</network>

virsh net-define bridged-network.xml

virsh net-start bridged-network

virsh net-autostart bridged-network

virsh net-list

Create a dynamic virtual disk from scratch

qemu-img create -f qcow2 -o preallocation=off diskname.qcow2 1T

Disable virtual disk preallocation

qemu-img convert -f qcow2 -O qcow2 -o preallocation=off /home/user/directory/diskname-old.qcow2 /home/user/directory/diskname.qcow2

Resize virtual disk

qemu-img info diskname.qcow2

qemu-img resize diskname.qcow2 +180G

Shrink virtual disk

Noop conversion (qcow2-to-qcow2) removes sparse space.
Shrink your disk without compression (better performance, larger disk size).

qemu-img convert -O qcow2 diskname.qcow2_backup diskname.qcow2

Shrink your disk with compression (smaller disk size, takes longer to shrink, performance impact on slower systems)

qemu-img convert -O qcow2 -c diskname.qcow2_backup diskname.qcow2

Enable huge pages

/etc/fstab

hugetlbfs /dev/hugepages hugetlbfs mode=01770,gid=kvm 0 0

Dynamic huge pages

/etc/sysctl.d/40-hugepage.conf

vm.nr_hugepages = 0
vm.nr_overcommit_hugepages = 6144

Static huge pages

/etc/sysctl.d/40-hugepage.conf

vm.nr_hugepages = 6144

Determine the number of hugepages needed. Huge pages will be automatically allocated, and freed after VM stops.

Check the size of the hugepages

grep Hugepagesize /proc/meminfo

Tip

It is hardly recommended to drop caches, compact memory and wait couple of seconds before starting VM, as there could be not enough free contiguous memory for required huge pages blocks. Especially after some uptime of the host system.

echo 3 > /proc/sys/vm/drop_caches

echo 1 > /proc/sys/vm/compact_memory

Virt-manager

Make sure that Chipset: Q35 is selected. Under Firmware, select the 64 bit UEFI firmware UEFI x86_64: OVMF_CODE.fd

<memoryBacking>
  <hugepages/>
</memoryBacking>

<features>
  <acpi/>
  <apic/>
  <hyperv>
    <relaxed state="on"/>
    <vapic state="on"/>
    <spinlocks state="on" retries="8191"/>
    <vpindex state='on'/>
    <runtime state="on"/>        
    <synic state='on'/>
    <stimer state="on">
      <direct state="on"/>
    </stimer>
    <reset state="on"/>
    <vendor_id state="on" value="0123456789ab"/>
    <frequencies state="on"/>
    <reenlightenment state="on"/>
    <tlbflush state="on"/>
    <ipi state="on"/>
    <evmcs state="off"/>
  </hyperv>
  <kvm>
    <hidden state='on'/>
  </kvm>
  <vmport state="off"/>
</features>
<cpu mode="host-passthrough" check="none" migratable="on">
  <topology sockets="1" dies="1" cores="4" threads="2"/>
  <cache mode="passthrough"/>
  <feature policy="require" name="topoext"/>
</cpu>
<clock offset="utc">
  <timer name="rtc" tickpolicy="catchup"/>
  <timer name="pit" tickpolicy="delay"/>
  <timer name="hpet" present="no"/>
  <timer name="hypervclock" present="yes"/>
  <timer name="tsc" present="yes" mode="native"/>
</clock>

<memballoon model="none"/>

<cpu mode="host-passthrough" check="none" migratable="on">
  <numa>
    <cell memory='2097152' unit='KiB' memAccess='shared'/>
  </numa>
</cpu>

<filesystem type='mount' accessmode='passthrough'>
  <driver type='virtiofs'/>
  <source dir='/mnt/sdc1'/>
  <target dir='sdc1'/>
</filesystem>

It should now be possible to mount the folder in the shared machine

mount -t virtiofs sdc1 /mnt/sdc1

Add the following fstab entry to mount the folder automatically at boot

/etc/fstab

sdc1 /mnt/sdc1 virtiofs rw,noatime,_netdev 0 0

USB autosuspend

How to disable autosuspend of specific USB devices

Find bus via vendor id

lsusb

Bus 001 Device 002: ID 1b1c:1b65 Corsair Harpoon Wireless Dongle
Bus 001 Device 005: ID 1038:0617 SteelSeries ApS SteelSeries Apex M750 TKL

grep 1b1c /sys/bus/usb/devices/*/idVendor

/sys/bus/usb/devices/1-2/idVendor:1b1c

grep 1038 /sys/bus/usb/devices/*/idVendor

/sys/bus/usb/devices/1-4.1/idVendor:1038

Manual toggle

cat /sys/bus/usb/devices/usb1/1-2/power/control

echo 'on' | sudo tee cat /sys/bus/usb/devices/usb1/1-2/power/control

cat /sys/bus/usb/devices/usb1/1-4/1-4.1/power/control

echo 'on' | sudo tee cat /sys/bus/usb/devices/usb1/1-4/1-4.1/power/control

Script to disable USB autosuspend for mouse and keyboard

~/bin/usbautosuspend

#!/bin/sh
# Disable USB autosuspend for mouse and keyboard
sleep 5;
# Corsair Harpoon Wireless Dongle
MOUSE="/sys/bus/usb/devices/usb1/1-2/power/control";
# SteelSeries ApS SteelSeries Apex M750 TKL
KEYBOARD="/sys/bus/usb/devices/usb1/1-4/1-4.1/power/control";
if [ -f "$MOUSE" ]; then
        echo 'on' | sudo tee cat $MOUSE;
fi
if [ -f "$KEYBOARD" ]; then
        echo 'on' | sudo tee cat $KEYBOARD;
fi

chmod 700 ~/bin/usbautosuspend

Service to automate the process on startup

/etc/systemd/system/usbautosuspend.service

[Unit]
Description=Disable USB autosuspend for mouse and keyboard

[Service]
ExecStart=/home/USER/bin/usbautosuspend

[Install]
WantedBy=multi-user.target

systemctl enable usbautosuspend.service

Flash android factory image

How to flash an android factory image and uninstall bloat packages without rooting the phone

Install package

pacman -Syu android-tools

Enable Developer Mode

Connect your phone to your computer.
Launch the Settings app > About phone
Tap build number seven times.

Enable USB Debugging

Settings > System > Developer options > enable USB Debugging
Authorize your computer connection on your phone when the prompt comes up on your phone,
if this is the first time you are connecting with this ADB computer.

Unlock bootloader

Settings > Developer Options > enable OEM unlocking
Reboot the phone into Fastboot mode.

adb reboot bootloader

fastboot flashing unlock

Vol up to select option on phone > press power button to confirm After reboot press power button to start.

Flash full Factory Image via Fastboot

Download the latest Factory Image

adb devices

Reboot the phone into Fastboot mode.

adb reboot bootloader

Info

Retain personal data by deleting the “-w” wipe attribute from the command within the script.
To avoid compatibility issues, a data wipe is recommended though.

./flash-all.sh

Once the script finishes, your device will reboot into the new OS.

Uninstall bloat packages

adb shell

pm list packages

Tip

Search for the package name in the url on Google Play Store

pm uninstall -k com.google.android.apps.youtube.music

pm uninstall -k --user 0 com.google.android.apps.youtube.music

pm uninstall -k com.google.android.youtube

pm uninstall -k --user 0 com.google.android.youtube

pm uninstall -k com.google.android.googlequicksearchbox

pm uninstall -k --user 0 com.google.android.googlequicksearchbox

pm uninstall -k com.google.android.gm

pm uninstall -k --user 0 com.google.android.gm

pm uninstall -k com.google.vr.apps.ornament

pm uninstall -k com.google.android.apps.wearables.maestro.companion

pm uninstall -k --user 0 com.google.android.apps.wearables.maestro.companion

pm uninstall -k --user 0 com.google.android.calendar

pm uninstall -k com.google.android.calendar

pm uninstall -k --user 0 com.android.chrome

pm uninstall -k com.android.chrome

pm uninstall -k --user 0 com.google.ar.core

pm uninstall -k com.google.ar.core

pm uninstall -k --user 0 com.google.android.videos

pm uninstall -k com.google.android.videos

Lock bootloader

Reboot the phone into Fastboot mode.

adb reboot bootloader

fastboot flashing lock

Vol up to select option on phone > press power button to confirm.
After reboot press power button to start.
Settings > Developer Options > disable OEM unlocking

Transfer media files

pacman -S mtpfs gvfs-mtp gvfs-gphoto2

/etc/fuse.conf

uncomment user_allow_other

Mount your device

mtpfs -o allow_other ~/mnt

Network administration

Commands for Network administration

Install tools

pacman -S curl wget tcpdump rsync nmap iperf bmon socat mtr ipcalc duf ncdu

Inspect the current network

ip a

Use ICMP packages to check if two machines are connected

ping -c3 <network-ID>

Show the path from your current machine to your remote server/system and each hop along the way

traceroute -I <network-ID>

Combines the functionality of traceroute and ping into one tool

mtr <network-ID>

Display or modify the routing table

route

HTTP request with header

curl -IL <network-ID>

Download a file

wget <network-ID>

whois <network-ID>

See what services are running and listening on your machine

ss -lt

ss -tupln

Captures packets off a network interface and interprets them for you

tcpdump -i <network-DEVICE>

ARP (Address Resolution Protocol) is useful to view / add the contents of the kernel’s ARP tables:

arp

Assess the bandwidth available between two computers

Client agent

iperf -s <server-network-ID>

Server agent

iperf -c <client-network-ID>

bmon

Securely copy files from one server to another over SSH

scp </path/to/file/or/directory/> <username>@<network-ID>:/home/user/directory/

rsync -avhP </path/to/file/or/directory/> <username>@<network-ID>:/home/user/directory/

List physical ethernet ports

lspci | grep -i ethernet

Find IP addresses on a network

nmap -sn <network-ID>/<network-prefix>

Print only the IP addresses and remove other information

nmap -sn <network-ID>/<network-prefix> | grep report | awk '{ print $5 }'

Find the OS information associated with these IP addresses

nmap -sT -O <network-ID>/<network prefix>

SYN stealth scan

nmap -sS <network-ID>/<network-prefix>

Cloak a scan with decoys

nmap -sS -D <decoy1,decoy2[,ME],...> <network-ID>/<network-prefix>

OS detection, version detection, script scanning, and traceroute

nmap -v -A <network-ID>/<network-prefix>

Common vulnerabilities and exposures scan

nmap --script vuln <network-ID>/<network-prefix>

-p- scan all ports
-Pn
-sA ACK scan
-sF FIN scan
-sl IDLE scan
-sL DNS(list-) scan
-sN NULL scan
-sO Protocol scan
-sP Ping scan
-sR RPC scan
-sS SYN scan (SYN > SYN ACK)
-sT TCP connect scan (three way handshake: SYN > SYN ACK > ACK)
-sW Window scan
-sX XMAS scan
-PI ICMP ping
-Po No ping
-PS SYN ping
-PT TCP ping
-oN Normal output
-oX XML output
-T0 through -T5 scan speed from very slow (-T0) to extremely aggressive ( -T5).
-v Increase verbosity level (use -vv or more for greater effect)

ncat

If you use it in client mode, it’s similar to telnet, and you can create a TCP connection to a specific port and send anything that you type.
You can also use it to open a TCP/IP port and read from standard input. That makes it an easy way to transfer files between two computers. Another use case is testing whether your firewall is blocking certain traffic. For example,
execute netcat in server mode on a host behind your firewall and then execute netcat in client mode from outside the firewall. If you can read on the server whatever you type on the client, then the firewall is not filtering the connection.

ncat -l -p <port>

This executes Netcat in server mode on port and waits for incoming connections.

ncat -lnvp <port> -s <network-ID>

ncat <network-ID> <port>

This executes Netcat in client mode and connects to TCP port on remote host .

You can also use Netcat with pipe commands. For example you can compress a file before sending it to the remote host with Netcat.

tar cpf - /some/dir | compress -c | ncat -w 3 <network-ID> <port>

Subnetting

List of IPv4 and IPv6 ranges, subnet size tables and special address types

Calculate subnet masks

ipcalc 10.0.0.1/22 -s 254 254 254 254

IPv4 ranges

Scope	Class	First	Last	Netmask
Public	A	1.0.0.0	126.255.255.255	255.0.0.0
Public	B	128.0.0.0	192.255.0.0	255.255.0.0
Public	C	192.0.0.0	223.255.255.0	255.255.255.0
Public	D	224.0.0.0	239.255.255.255
Public	E	240.0.0.0	255.255.255.255
Private	A	10.0.0.0	10.255.255.255	255.0.0.0
Private	B	172.16.0.0	172.31.255.255	255.255.0.0
Private	C	192.168.0.0	192.168.255.255	255.255.255.0

Special address types

Type	CIDR	IPv4	IPv6
Default	0.0.0.0/0	0.0.0.0	::
Loopback (localhost)	127.0.0.0/8	127.0.0.1 - 127.255.255.254	::1
Link-local	169.254.0.0/16	169.254.0.1 - 169.254.255.254	FE80::/64
Global broadcast		255.255.255.255	using multicast
Multicast	224.0.0.0/4	224.0.0.0 - 224.0.0.255	FF00::/8
Unique Local Unicast			FC00::/7 FD00::/8

IPv6 Anycast

Routers direct packets addressed to this destination to the location nearest the sender
Anycast-addresses may have any random prefix and are formally indistinguishable from unicast addresses

IPv4 subnet sizes

IPv4 CIDR mask	Dotted decimal mask	Amount of usable host addresses
/1	128.0.0.0	2147483646
/2	192.0.0.0	1073741822
/3	224.0.0.0	536870910
/4	240.0.0.0	268435454
/5	248.0.0.0	134217726
/6	252.0.0.0	67108862
/7	254.0.0.0	33554430
/8	255.0.0.0	16777214
/9	255.128.0.0	8388606
/10	255.192.0.0	4194302
/11	255.224.0.0	2097150
/12	255.240.0.0	1048574
/13	255.248.0.0	524286
/14	255.252.0.0	262142
/15	255.254.0.0	131070
/16	255.255.0.0	65534
/17	255.255.128.0	32766
/18	255.255.192.0	16382
/19	255.255.224.0	8190
/20	255.255.240.0	4094
/21	255.255.248.0	2046
/22	255.255.252.0	1022
/23	255.255.254.0	510
/24	255.255.255.0	254
/25	255.255.255.128	126
/26	255.255.255.192	62
/27	255.255.255.224	30
/28	255.255.255.240	14
/29	255.255.255.248	6
/30	255.255.255.252	2
/31	255.255.255.254	no net, 2 hosts
/32	255.255.255.255	no net, one host

IPv6 subnet sizes

IPv6 CIDR mask	Amount of networks or addresses
/1	9223372036854775808 networks of size /64
/2	4611686018427387904 networks of size /64
/3	2305843009213693952 networks of size /64
/4	1152921504606846976 networks of size /64
/5	576460752303423488 networks of size /64
/6	288230376151711744 networks of size /64
/7	144115188075855872 networks of size /64
/8	72057594037927936 networks of size /64
/9	36028797018963968 networks of size /64
/10	18014398509481984 networks of size /64
/11	9007199254740992 networks of size /64
/12	4503599627370496 networks of size /64
/13	2251799813685248 networks of size /64
/14	1125899906842624 networks of size /64
/15	562949953421312 networks of size /64
/16	281474976710656 networks of size /64
/17	140737488355328 networks of size /64
/18	70368744177664 networks of size /64
/19	35184372088832 networks of size /64
/20	17592186044416 networks of size /64
/21	8796093022208 networks of size /64
/22	4398046511104 networks of size /64
/23	2199023255552 networks of size /64
/24	1099511627776 networks of size /64
/25	549755813888 networks of size /64
/26	274877906944 networks of size /64
/27	137438953472 networks of size /64
/28	68719476736 networks of size /64
/29	34359738368 networks of size /64
/30	17179869184 networks of size /64
/31	8589934592 networks of size /64
/32	4294967296 networks of size /64
/33	2147483648 networks of size /64
/34	1073741824 networks of size /64
/35	536870912 networks of size /64
/36	268435456 networks of size /64
/37	134217728 networks of size /64
/38	67108864 networks of size /64
/39	33554432 networks of size /64
/40	16777216 networks of size /64
/41	8388608 networks of size /64
/42	4194304 networks of size /64
/43	2097152 networks of size /64
/44	1048576 networks of size /64
/45	524288 networks of size /64
/46	262144 networks of size /64
/47	131072 networks of size /64
/48	65536 networks of size /64
/49	32768 networks of size /64
/50	16384 networks of size /64
/51	8192 networks of size /64
/52	4096 networks of size /64
/53	2048 networks of size /64
/54	1024 networks of size /64
/55	512 networks of size /64
/56	256 networks of size /64
/57	128 networks of size /64
/58	64 networks of size /64
/59	32 networks of size /64
/60	16 networks of size /64
/61	8 networks of size /64
/62	4 networks of size /64
/63	2 networks of size /64
/64	18446744073709551616 addresses
/65	9223372036854775808 addresses
/66	4611686018427387904 addresses
/67	2305843009213693952 addresses
/68	1152921504606846976 addresses
/69	576460752303423488 addresses
/70	288230376151711744 addresses
/71	144115188075855872 addresses
/72	72057594037927936 addresses
/73	36028797018963968 addresses
/74	18014398509481984 addresses
/75	9007199254740992 addresses
/76	4503599627370496 addresses
/77	2251799813685248 addresses
/78	1125899906842624 addresses
/79	562949953421312 addresses
/80	281474976710656 addresses
/81	140737488355328 addresses
/82	70368744177664 addresses
/83	35184372088832 addresses
/84	17592186044416 addresses
/85	8796093022208 addresses
/86	4398046511104 addresses
/87	2199023255552 addresses
/88	1099511627776 addresses
/89	549755813888 addresses
/90	274877906944 addresses
/91	137438953472 addresses
/92	68719476736 addresses
/93	34359738368 addresses
/94	17179869184 addresses
/95	8589934592 addresses
/96	4294967296 addresses
/97	2147483648 addresses
/98	1073741824 addresses
/99	536870912 addresses
/100	268435456 addresses
/101	134217728 addresses
/102	67108864 addresses
/103	33554432 addresses
/104	16777216 addresses
/105	8388608 addresses
/106	4194304 addresses
/107	2097152 addresses
/108	1048576 addresses
/109	524288 addresses
/110	262144 addresses
/111	131072 addresses
/112	65536 addresses
/113	32768 addresses
/114	16384 addresses
/115	8192 addresses
/116	4096 addresses
/117	2048 addresses
/118	1024 addresses
/119	512 addresses
/120	256 addresses
/121	128 addresses
/122	64 addresses
/123	32 addresses
/124	16 addresses
/125	8 addresses
/126	4 addresses
/127	2 addresses
/128	1 address

Determine the necessary network mask for the network size in CIDR notation

750 Hosts
11111111 11111111 11111100 00000000
2^8 = 256 2^8 = 256 128 + 64 +32 +16 + 8 + 4 + 2 + 1
fits in 10 Bits = 2^10 1024 (zeros) = 32-10 = /22 (22 ones)

Binary to Decimal

255 . 255 . 252 . 0
100 fits in 2^7 = 128 32-7= /25
14000 fits in 2^14 = 16384 32-14= /18
3789 fits in 2^12 = 4096 32-12=/20

Gaming

How to install Steam, DXVK

Steam Launch Options

DO=(%command%); “${DO[@]/%FalloutNVLauncher.exe/FalloutNV.exe}”
Enable GameMode
LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libgamemodeauto.so
Disable ESYNC
PROTON_NO_ESYNC=1
Disable DX11 or 10
PROTON_NO_D3D11=1
Get Cool States
DXVK_HUD=fps,frametimes
DXVK Other options: devinfo, submissions, drawcalls, pipelines, memory, version, api
Always end with this command
%command%
nVidia Caching options
__GL_THREADED_OPTIMIZATION=1
__GL_SHADER_DISK_CACHE_PATH=/path/to/location

WINEARCH="win64" WINEPREFIX=~/DIRECTORY winecfg
WINEARCH="win64" WINEPREFIX=~/DIRECTORY winetricks corefonts
WINEARCH="win64" WINEPREFIX=~/DIRECTORY /usr/share/dxvk/setup_dxvk.sh install

ln -s ~/.local/share/Steam/steamapps/common/Proton*/dist ~/.local/share/lutris/runners/wine/proton

battle.net

pacman -Syu lib32-gnutls lib32-libldap lib32-libgpg-error lib32-sqlite lib32-libpulse lib32-alsa-plugins

nVidia

How to install and configure nVidia drivers and setup a default resolution and refresh rate

Install nVidia driver

pacman -S nvidia nvidia-libgl lib32-nvidia-libgl nvidia-settings

Enable persistence

systemctl enable nvidia-persistenced.service -f

systemctl start nvidia-persistenced.service

Enable runtime power management for nVidia VGA/3D controller devices on driver bind

/etc/udev/rules.d/80-nvidia-pm.rules

ACTION=="bind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030000", TEST=="power/control", ATTR{power/control}="auto"
ACTION=="bind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030200", TEST=="power/control", ATTR{power/control}="auto"

/etc/modprobe.d/nvidia-pm.conf

options nvidia "NVreg_DynamicPowerManagement=0x02"

xrandr -q

xrandr --output DP-0 --mode 3440x1440 --rate 200

cvt

Make nVidia Settings permanent

nvidia-settings first config /etc/X11/xorg.conf.d/20-nvidia.conf second config /home/wildw1ng/.nvidia-settings-rc

/etc/X11/xorg.conf.d/20-nvidia.conf

Section "Screen"
    Option         "Coolbits" "28"
    Option         "TripleBuffer" "off"

/etc/X11/xorg.conf.d/10-monitor.conf

Section "Monitor"
        Identifier "Monitor0"
        Modeline "3440x1440_200.00"  1569.78  3440 3760 4144 4848  1440 1441 1444 1619  -HSync +Vsync
        Option "Primary" "true"
        Option "PreferredMode" "3440x1440_200"
EndSection

Section "Screen"
    Identifier "Screen0"
    Monitor "Monitor0"
    DefaultDepth 24
    Option         "Coolbits" "28"
    Option         "TripleBuffer" "off"
    Option         "metamodes" "3440x1440_200 +0+0 {AllowGSYNCCompatible=On}"
    SubSection "Display"
        Modes "3440x1440_200"
    EndSubSection
EndSection

Section "Device"
    Identifier "Device0"
    Driver "nvidia"
EndSection

Custom TDP Limit on boot (without driver persistence)

/etc/systemd/system/nvidia-tdp.timer

[Unit]
Description=Set NVIDIA power limit on boot

[Timer]
OnBootSec=5

[Install]
WantedBy=timers.target

/etc/systemd/system/nvidia-tdp.service

Description=Set NVIDIA power limit

[Service]
Type=oneshot
ExecStart=/usr/bin/nvidia-smi -pl 320

systemctl enable nvidia-tdp.timer -f

~/.config/autostart/nvidia-powermizer.desktop

[Desktop Entry]
Type=Application
Encoding=UTF-8
Name=nVidia Performance Profile
Comment=Configure nVidia PowerMizer Settings
Exec=/usr/bin/nvidia-settings -c :0 -a '[gpu:0]/GPUPowerMizerMode=1'
Icon=/usr/share/pixmaps/nvidia-settings.png
Categories=__NVIDIA_SETTINGS_DESKTOP_CATEGORIES__

lspci | grep -i nvidia

nvidia-smi -q -d power

export DISPLAY=:0

X :0 &

Configure nVidia performance profile Settings

/usr/bin/nvidia-settings -c :0 -a '[gpu:0]/GPUPowerMizerMode=2'

GPUPowerMizerMode=0 Adaptive
GPUPowerMizerMode=1 Performance
GPUPowerMizerMode=2 Auto

nvidia-settings -q [gpu:0]/GPUPowerMizerMode

(sleep 20 && DISPLAY=":0.0" nvidia-settings -a [gpu:0]/GPUPowerMizerMode=2) &

GPU usage monitoring

watch -d -n 1 nvidia-smi

GWE GUI to control cooling and overclock of nVidia cards flatpak run com.leinardi.gwe –hide-window

/usr/lib/modprobe.d/zz-nvidia-modeset.conf

options nvidia_drm modeset=0

/etc/mkinitcpio.conf

MODULES=(nvidia nvidia_modeset nvidia_uvm nvidia_drm)

Feral gamemode

How to install and use Feral gamemode

pacman -S meson systemd git dbus

git clone https://github.com/FeralInteractive/gamemode.git

./bootstrap.sh

systemctl --user status gamemoded.service

git clone https://github.com/gicmo/gamemode-extension.git

./make-zip.sh install

gamemoded -v

gamemoded -s

cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor

You must manually request GameMode when running the game.
This can be done by launching the game through gamemoderun gamemoderun ./game
Or edit the Steam launch options gamemoderun %command%
Lutris find /usr/ -name libgamemodeauto.so
Lutris Values

Key = LD_PRELOAD
Value = /usr/lib/libgamemodeauto.so

MangoHud

How to install and use the MangoHud overlay layer for monitoring system performance in Vulkan and OpenGL applications

yay -Syu mangohud lib32-mangohud

Start a game with overlay

mangohud /path/to/app

For Lutris games, go to the System options in Lutris (make sure that advanced options are enabled) and add this to the Command prefix setting

mangohud

For Steam games, you can add this as a launch option

mangohud %command%

Or alternatively, add MANGOHUD=1 to your shell profile (Vulkan only).