Difference between revisions of "OPS235 Lab 7 - Fedora17"
Brian.gray (talk | contribs) |
Brian.gray (talk | contribs) |
||
Line 29: | Line 29: | ||
=== Investigation 1: How do you enable the sshd service. === | === Investigation 1: How do you enable the sshd service. === | ||
− | {{Admon/note | Note! | Complete the following steps on your fedora host | + | {{Admon/note | Note! | Complete the following steps on your fedora host.}} |
* OpenSSH should have been installed by default. Lets confirm this by issuing the command: | * OpenSSH should have been installed by default. Lets confirm this by issuing the command: | ||
Line 49: | Line 49: | ||
* The <code>n</code> option tells netstat to list everything with numerical values, without it netstat resolves IP addresses and port numbers to host names and protocol names using the files <code>/etc/hosts</code> and <code>/etc/services</code> | * The <code>n</code> option tells netstat to list everything with numerical values, without it netstat resolves IP addresses and port numbers to host names and protocol names using the files <code>/etc/hosts</code> and <code>/etc/services</code> | ||
* <code>netstat</code> is a very useful command for anything to do with networking. Read its man page and make sure you understand its output. | * <code>netstat</code> is a very useful command for anything to do with networking. Read its man page and make sure you understand its output. | ||
+ | * Make sure your <code>sshd</code> service is running on all 3 of your VM's | ||
+ | * Answer the Investigation 1 question in your lab log book. |
Revision as of 18:05, 15 March 2010
Contents
Setup and Configure Secure Shell Services (ssh) Using Virtual Machines
Objectives
- To set up, configure Secure Shell Services (ssh/sshd)
- To use the ssh, scp, and sftp clients to access another host securely
- Use ssh to tunnel X applications
- Use ssh to tunnel other traffic
- To customize sshd to create a more private, secure system
Reference
- man pages for ssh, ssh-keygen, sshd_config, ssh_config, scp, netstat, sftp, ifconfig, ping, arp, netstat, service
- A good ssh tutorial
- A good HOW-TO to make ssh more secure
Required materials
- Fedora 12 Live CD or a classmate on the same pod
- One SATA hard disk in a removable drive tray with Fedora host and 3 Fedora Virtual Machines installed
- Completion of Lab 6
Lab Preparation
Lab Investigations
Investigation 1: How do you enable the sshd service.
- OpenSSH should have been installed by default. Lets confirm this by issuing the command:
-
rpm -qa | grep ssh
-
- You should see a number of packages installed including
openssh-clients
andopenssh-server
-
openssh-server<code> installs a service called <code>sshd
, confirm this service is running by issuing the command:-
service sshd status
-
- Now check that the sshd service is configured to start for runlevels 2, 3, 4, & 5, by issuing the command:
-
chkconfig --list sshd
-
- If the service is not configured correctly fix it by issuing the command:
-
chkconfig --level 2345 sshd on
-
- Now that you know the service is running investigate what port number and protocol sshd uses by issuing the command:
-
netstat -atunp
-
- What protocol and port is the sshd process using?
- What is the state of the port?
- Why do UDP ports not have a state?
- Reissue the
netstat
command without then
option. - What is the difference?
- The
n
option tells netstat to list everything with numerical values, without it netstat resolves IP addresses and port numbers to host names and protocol names using the files/etc/hosts
and/etc/services
-
netstat
is a very useful command for anything to do with networking. Read its man page and make sure you understand its output. - Make sure your
sshd
service is running on all 3 of your VM's - Answer the Investigation 1 question in your lab log book.