Open main menu

CDOT Wiki β

Changes

OPS235 Lab 7 - CentOS7

318 bytes removed, 06:41, 5 May 2015
no edit summary
=== Part 2: Establishing an ssh connection. / Public Key Authentication ===
{|width="40%" align="right"
|}
# Use your '''centos2 ''' VM to complete this section.
# Establish an ssh connection to your centos3 VM using the command:<br /><code>ssh ops235@centos3</code> (Where 'ops235' is the account on centos3 and 'centos3' is the hostname of the centos3 VM.)
# You should receive a message similar to the following:<br><br>
<li>Check the state of the connection after logging out. Wait a few minutes and then check again. Record your observations.</li>
<li>Make certain to exit all connections, and that your shell is located in your <u>centos3</u> server. You can verify this by entering the command: <code>hostname</code>
<li>Use the Internet to search for "TCP 3 way handshake" to see how TCP connections are established and closed.<br><br></li></ol>{{Admon/tip | Methods of Authenticating User Identity | In this part of the lab you established an ssh connection to another host using a password to establish your identity. But passwords are not the only or even the best way of authenticating your identity. We can also use Public/Private key encryption. We will be looking at Public Key Authentication in the next investigation}}
'''Answer Part 2 observations / questions Public Key authentication''' is a method of establishing identity using a pair of encryption keys that are designed to work together. One key is known as your private key (which as the name suggests should remain private and protected) and the other is known as the public key. (which as the name suggests can be freely distributed) The keys are designed to work together to encrypt data asymmetrically, that is to say that when we encrypt data with one of the keys it can only be decrypted with the other key from the pair. This means that when we connect, ssh can use the private key that only exists on my system in your lab log bookmy account, to encrypt a message. That message can be decrypted by anybody with the corresponding public key.While it doesn'''t mean the message is secure as anybody could decrypt it with the public key, it does establish my identity, if the host can successfully decrypt the message then it must have come from the one person in possession of the private key. This basic method of authentication is used extensively in many network communications protocols that require the ability to authenticate identity.
=== Part 3: Establishing an ssh connection using Public Key Authentication. ===<ol>{{Admon/note | Use your centos2 VM | Complete this investigation on your centos2 VM.}} {{Admon/note | | '''Public Key authentication''' is a method of establishing identity using a pair of encryption keys that are designed to work together. One key is known as your private key (which as the name suggests should remain private and protected) and the other is known as the public key. (which as the name suggests can be freely distributed) The keys are designed to work together to encrypt data asymmetrically, that is to say that when we encrypt data with one of the keys it can only be decrypted with the other key from the pair. This means that when we connect, ssh can use the private key that only exists on my system in my account, to encrypt a message. That message can be decrypted by anybody with the corresponding public key. While it doesn't mean the message is secure as anybody could decrypt it with the public key, it does establish my identity, if the host can successfully decrypt the message then it must have come from the one person in possession of the private key. This basic method of authentication is used extensively in many network communications protocols that require the ability to authenticate identity.}}# <li>Start by generating a keypair as your learn account on centos2 using the command:<br /><code>ssh-keygen</code></li># <li>That should generate output similar to the following:</li></ol>
<pre>
Generating public/private rsa key pair.
13,420
edits