1,576
edits
Changes
m
When complete, show your instructor Submit to Blackboard full-desktop screenshots (PNG/JPG) of the following in-class:# Log Logging in to your Linux VM without a password on port 22222.
[[Category:Fall 2022]]
Chris.johnson moved page OPS705 Lab 3 to OPS705 Lab 3 (2227) without leaving a redirect
== Part 3: Adding a Firewall Rule for the Custom SSH Port ==
[[Image:Ops705_sshd_custom_rule.png|right|500px|thumb|Adding a firewall rule for our new SSH custom port.]]
As mentioned, we want to change what port the system uses to allow incoming SSH connections. To do that, we have to add an extra rule to our firewall to allow it through:
# Review your current rules for reference: <code>sudo iptables -nvL --line</code>
=== SSH Listen Port ===
[[Image:Ops705_sshd_listenport_custom.png|right|400px|thumb|Setting the custom listen port for SSHd.]]
# Using vim, open the SSH configuration file: <code>sudo vim /etc/ssh/sshd_config</code>
# Find the line (near the top) containing the words: '''Port 22'''
=== Switching to SSH keypair authentication: ===
[[Image:Ops705_filezilla-connect.png|right|400px|thumb|Connection information for FileZilla using the custom port.]]# First, download and install Filezilla FileZilla on your personal computer.
# On your Linux VM as a regular user, generate your SSH keypair (accept all defaults): <code>ssh-keygen</code>
# Install the new keys on the system: <code>ssh-copy-id -p 22222 localhost</code># Using Filezilla FileZilla on your personal computer, log into the Linux VM and download your new public key:
#* On Windows, store the downloaded key here: <code>C:\Users\[yoursenecaid]\.ssh\</code>
#* On Mac, store the downloaded key here: <code>~/.ssh/</code>
# With a second terminal, verify that you can login to your VM's SSH from your personal computer without a password (keypair authentication). Do not move on to the next step until you’re sure.
#* Login the same way as before. '''If you aren't asked for a password, then keypair authentication has succeeded.'''
=== Disabling SSH password authentication: ===
[[Image:Ops705_sshd_passauth_no.png|right|300px|thumb|Disabling password-based authentication in SSHd.]]
# Make sure you have two SSH separate terminals connected to you Azure Linux VM.
# In your control terminal, use '''vim''' to open the SSH configuration file: <code>sudo vim /etc/ssh/sshd_config</code>
= Lab Submission =
# Run the <code>yum update</code> command to show there are no further updates to install and screenshot the result.
# Service status of ''firewalld'' and ''iptables''.
[[Category:OPS705 Labs]]
[[Category:Digital Classroom]]
