10 helpful tools for a sys admin's toolbox

No readers like this yet.
Open Source Yearbook icons


Sys admins, no matter what platforms they work on, are awash in great open source software tools. In this article, we highlight well-known—and not-so-well-known—tools that have released new versions in 2015.


Managing secrets is tough, especially when the secrets need to end up on a server. That's why Stack Exchange developed the BlackBox utility. BlackBox uses GNU Privacy Guard (GPG) to securely encrypt secrets, such as passwords and private keys, and store them in a version control system. BlackBox also provides a mechanism for configuration management tools (specifically Puppet) to extract the secrets when needed.

The plugin architecture of BlackBox makes it easy to extend. Although BlackBox was originally designed to work with git repos, support for Mercurial, Subversion, and Perforce has been added. BlackBox supports Linux, OS X, and Windows (via Cygwin), so it can be used in mixed environments.


Managing secrets gets a little easier when they don't have to go anywhere. Years ago, I started using KeePass because it had been ported to the Maemo platform. If abandoned mobile operating systems aren't your thing, KeePass is available for Linux, OS X, Windows, Android, and iOS.

When I was a newly minted sys admin, I had a notebook of rarely used passwords that I kept in a locked safe. KeePass is like that, except easier to back up and sync across locations. KeePass entries store URLs, user names, passwords, and free text. Entries can be sorted into groups and given custom icons for ease of use. Recent releases have focused on improving performance and UX.


Need a way to synchronize your KeePass database? ownCloud's recent 8.2 release brings improved design and ease of administration. For those who can't or won't use third-party services, ownCloud provides a great way to share documents, photos, calendars, and other data securely. A community-developed application repository allows admins to extend the capabilities in a wide variety of ways, including receiving SMS messages from Android phones. If you need to give your users (or yourself) the ability to collaborate while keeping control over your data, this is a can't-miss package.


Any day that I have to resort to analyzing packet captures is a bad day, but the venerable Wireshark always helps make it a little easier. Although the project is almost old enough to vote in the US, Wireshark 2.0 was released in November 2015. To say 2.0 is a major change is an understatement: The UI was rewritten in Qt, and many of the interactions have been simplified. This new release brings a lot of improvements, but it's still the same Wireshark you've known for years.


Desktop virtualization comes in many flavors these days, but I find that I always come back to Oracle's VirtualBox. At work, having the same operating system and version of our software as a customer runs is valuable to me, so quick-and-easy virtual machines save me a lot of time. VirtualBox 5.0, released in July, added the ability to start VMs in "headless" mode, which works for me because I generally SSH into my virtual machines for interactions. 5.0 also brings paravirtualization support for better guest performance, disk encryption, and USB 3 support.

Visual Studio Code

The editor wars had reached a somewhat uneasy truce, but then a new kid appeared on the block. Microsoft released Visual Studio Code for Windows, Linux, and OS X under the MIT license, which was big news for a company typically seen as hostile to open source software. Although Visual Studio Code is designed as a code editor, don't take that to mean it's not useful for sys admins (after all, every sys admin must do some coding). Visual Studio Code offers built-in git interactions and Docker language support.


Even if you've never interacted directly with RRDtool, chances are good you've used a project that incorporates it. RRDtool is a great package for storing and graphing time series data, which is why it's commonly used in performance monitoring systems, such as Cacti and Xymon. If static PNGs aren't your thing, Tobi Oetiker has also developed a JavaScript library for generating RRD graphs.


Being away from the desk can't stop the modern sys admin from keeping the bits flowing. Unfortunately, not all networks are created equal. If you've ever tried to do an SSH session over a mobile phone tether or an overburdened conference WiFi network, you know how painful it can be. Mosh eases that pain. Mosh allows for roaming network connections, and makes slow connections more tolerable by locally echoing as you type and allowing the connection to catch up. After almost two years of silence, Mosh 1.2.5 was released in July. Along with the usual bug fixes and improvements in platform support, the latest release adds IPv6 support.


In a small environment, the sys admin may know exactly where every server is without having to think about it. In my first job, the department had about half a rack of gear. Easy peasy. When I moved to a larger group, suddenly there were 4,000 machines to know about. At that sort of scale, a tool like RackTables becomes invaluable. RackTables is a tool for documenting hardware information, rack space, network configuration, and more. Think of RackTables as that terrible spreadsheet you're keeping, except less terrible.


Certainly you've heard all about Docker by now. Containers are the next big thing in the devops world, and Docker is the container platform. The 1.9 release, which shipped at the beginning of November, adds several new features. Multi-host networking allows virtual networks to span hosts, giving admins more flexibility in their network topology. Persistent storage support is improved, as well. Docker brings a level of flexibility and scalability to infrastructure that will have big impacts on sys admins and users in the coming year.

Did we leave your favorite open source tool for sys admins off the list? Tell us about it in the comments.

User profile image.
Ben Cotton is a meteorologist by training, but weather makes a great hobby. Ben works as the Fedora Program Manager at Red Hat. He is the author of Program Management for Open Source Projects. Find him on Twitter (@FunnelFiasco) or at FunnelFiasco.com.


They're not open source, but the freeware tools from AdRem Software are pretty sweet. WMI Tools gives you local and remote access to WMI information and lets you run custom queries, whereas NetCrunch Tools gives you a ton of powerful features in one package.

6/10, I have to try the rest of them too! BackBox seems quite interesting.

When mentioning a tool from Data Center Infrastructure Management (DCIM), http://opendcim.org/, I would recommend to have a look at openDCIM. It seems to me far easier to use than RackTables. You can try the tool online via http://opendcim.org/demo.html. Documentation is unfortunately not the strongest point of this open source project but the email list is very reactive.

Screen for accessing console/serial ports. I ditched minicom for "screen /dev/ttyUSB0 115200".

WMI Tools gives you local and remote access to WMI information and lets you run custom queries, whereas NetCrunch Tools gives you a ton of powerful features in one package>

Creative Commons LicenseThis work is licensed under a Creative Commons Attribution-Share Alike 4.0 International License.