Open main menu

CDOT Wiki β

Changes

OPS235 Lab 7 - CentOS7

575 bytes added, 06:58, 5 May 2015
no edit summary
# OpenSSH should have been installed by default. Lets confirm this by issuing the command:<br /> <code>rpm -qa | grep ssh</code>
# You should see a number of packages installed including <code>openssh-clients</code> and <code>openssh-server</code>
# <b><code><span style="color:#3366CC;font-size:1.2em;">service network stop</span></code><code>openssh-server</code> installs a service called <code>sshd</code>, confirm this service is running by issuing the command:<br /><b><code><span style="color:#3366CC;font-size:1.2em;">service network stop</span></code><code>service sshd status</code># Now check that the sshd service is configured to start automatically: <b><code><span style="color:#3366CC;font-size:1.2em;">service network stop</span></code><code>chkconfig --list sshd</code># Now that you know the service is running investigate what port number and protocol sshd uses by issuing the command:<br /><b><code><span style="color:#3366CC;font-size:1.2em;">service network stop</span></code><code>netstat -atunp</code>
# What protocol and port is the sshd process using?
# What is the state of the port?
# Why do UDP ports not have a state?
# Reissue the <b><code>netstat<span style="color:#3366CC;font-size:1.2em;">service network stop</span></code> command without the <code>nnetstat</code> command without the '''-n''' option. # What is the difference? How is the file '''/etc/services ''' related to the difference?# <code>'''netstat</code> ''' is a very useful command for anything to do with networking. Read its man page and make sure you understand its output.# Make sure your <code>'''sshd</code> ''' service is running on all 3 of your VM's
'''Answer Part 1 observations / questions in your lab log book.'''
<ol><li value="6">Logout of your ssh connection by typing <code>exit</code>.
<li>Check the state of the connection after logging out. Wait a few minutes and then check again. Record your observations.</li>
<li>Make certain to exit all connections, and that your shell is located in your <u>centos3</u> server. You can verify this by entering the command: <b><code><span style="color:#3366CC;font-size:1.2em;">hostname</span></code>
<li>Use the Internet to search for "TCP 3 way handshake" to see how TCP connections are established and closed.<br><br></li>
</ol>
<br><br>
<ol>
<li value="10">Start by generating a keypair as your learn account on centos2 using the command:<br /><b><code><span style="color:#3366CC;font-size:1.2em;">ssh-keygen</span></code></li>
<li>That should generate output similar to the following:</li>
</ol>
::<span style="font-family:courier">93:58:20:56:72:d7:bd:14:86:9f:42:aa:82:3d:f8:e5 user1@centos2</span><br><br>
<ol><li value="12"> After generating the keys it prompts you for the location to save the keys. The default is <code>'''~/.ssh</code> ''' Your private key will be saved as <code>id_rsa</code> and your public key will be saved as <code>'''id_rsa.pub</code>'''</li><li>You will then be prompted for a passphrasepass-phrase. The passphrase pass-phrase must be entered in order to use your private key. Passphrases Pass-phrases are more secure than passwords and should be lengthy, hard to guess and easy to remember. For example one passphrase pass-phrase that meets this criteria might be "seneca students like fish at 4:00am". Avoid famous phrases such as "to be or not to be" as they are easy to guess. It is possible to leave the passphrase pass-phrase blank but this is dangerous. It means that if a hacker were able to get into your account they could then use your private key to access other systems you use.<br><br></li><li>Now issue the command <b><code><span style="color:#3366CC;font-size:1.2em;">ssh-copy-id -i ~/.ssh/id_rsa.pub centos3</span></code></li>
<li>Now we can ssh into centos3 from centos2 using two different authentication methods.</li>
<li>Make certain to logout of your centos3 system. Use the <code>'''hostname</code> ''' command to verify you are back in your centos2 server.</li>
</ol>
13,420
edits