Prerequisites

Figure 936. Shell / Bash Slide presentation

Bash Guide for Beginners


Figure 937. Secure Shell Slide presentation

The definitive guide, also available at SafariOnline

  • Public/private keys, pass phrases

  • Trusted hosts

  • Port forwarding

  • X11 forwarding

  • ssh agent


Figure 938. Working with files Slide presentation

Figure 939. Gathering network related information Slide presentation

Figure 940. Handle processes Slide presentation

Figure 941. vim text editor introduction Slide presentation

Vim Introduction and Tutorial


Figure 942. Creating a ssh public/private key pair Slide presentation 
ssh-keygen 
Generating public/private rsa key pair.
Enter file in which to save the key (/home/goik/.ssh/id_rsa): 
Created directory '/home/goik/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/goik/.ssh/id_rsa.
Your public key has been saved in /home/goik/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:mi/5CaYsND/Dc+qr8CJ9Yji/zzP1SwuES/OmlnqvvK0 goik@bw-lehrpool
The key's randomart image is:
+---[RSA 2048]----+
|                 |
|                 |
|                 |
|     .           |
|    + . S        |
|  o. =.o         |
|.+ +.oOo.        |
|=o=+&*+=.o       |
|.=*%E#oo*.       |
+----[SHA256]-----+

Figure 943. Configuration file permissions on windows network file systems Slide presentation 
cd .ssh 

touch known_hosts 
cp id_rsa.pub authorized_keys 

setfacl -R --remove-all . * 

chmod go-w . * 
chmod ugo-x * 
chmod go-r id_rsa

Enter secure shell client configuration directory.

Creating an empty file known_hosts being subsequently populated by ssh public host keys during remote logins. This allows for remote system identification.

The authorized_keys file contains the set of public keys providing remote log in authorization to the current system.

This invocation pays tribute when using a Windows network share: The extended ACLs are too open with respect to security considerations.

Only the owner is allowed to read .ssh directory content and files being contained within.

Configuration files do not necessitate execution privileges.

The ssh private key should only be accessible by its respective owner.


Figure 944. Resulting permissions and configuration test Slide presentation 
ls -al

drwxr-xr-x+  2 goik fb1prof    0 Oct 13 16:03 .
drwxr-xr-x+ 30 goik fb1prof    0 Oct 13 16:04 ..
-rw-r--r--+  1 goik fb1prof  398 Oct 13 16:02 authorized_keys
-rw-------+  1 goik fb1prof 1675 Oct 13 16:02 id_rsa
-rw-r--r--+  1 goik fb1prof  398 Oct 13 16:02 id_rsa.pub
-rw-r--r--+  1 goik fb1prof  222 Oct 13 16:03 known_hosts

Testing ssh private key based logins to your local system: 

~> ssh localhost
Welcome to Ubuntu 18.04.3 LTS ...

exercise No. 1

Enabling index based file search

Q:

  • Install the mlocate package.

  • Index your current file system using the updatedb command

  • Use the locate aptitude command to search for filenames containing the string »aptitude«.

  • Create a new file mylocaltest.txt.

  • Use locate localtest. What do you observe?

  • Rebuild the index again.

  • Use locate again searching for files containing the »localtest« string again.

A:

The first locate localtest call fails since the mylocaltest.txt file is not part of the index yet. After rebuilding it will be found.

exercise No. 2

Using the tail -f command

Q:

  • Login to your VM

  • Issue tail -f /var/log/auth.log.

  • Ask your partner to log into the same VM and watch for incoming changes.

Prev  Up  Next
UNIX / LINUX Basics  Home  Ubuntu / Debian Package management