Changes

Jump to: navigation, search

OPS245 Lab 7

1,201 bytes added, 20:35, 8 April 2021
m
Part 1: Generating Private and Public Keys (Public Key Infrastructure)
:'''Perform the following steps:'''
Some tasks in this part of the investigation require you to be connected ot Seneca's VPN.
*If you are running your installation through VMWare, then you can use [https://inside.senecacollege.ca/its/services/vpn/studentvpn.html the instructions provided by ITS] to connect to it from your Windows machine (your c7host and its nested VMs will use the VPN through the windows machine without further configuration).
*If you installed your c7host directly onto a machine without using VMWare as an intermediary (or the steps above do not work for you), use the following instructions:
::*Install the package openconnect
::*Run the following command as root (or with sudo): openconnect --protocol=gp studentvpn.senecacollege.ca -b
::*This should prompt you for your username and password (you could also put the user name in the command with -p)
::*You'll know it is working if you check your ip address and see something in the 10.0.0.0/8 range.
::*To disconnect, as root (or with sudo): killall openconnect
Once you have connected to the VPN with either method you may continue
# Launch your '''c7host machine''' and your '''centos1''' and '''centos3''' VMs.
# Switch to your '''c7host''' VM.
# Create a file in your current directory of your c7host machine with some text in it called: '''myfile.txt'''
# Ensure you've successfully connected to the VPN required for Matrix (https://inside.senecacollege.ca/its/services/vpn/studentvpn.html). Then issue Issue the following command (using your Matrix login id):<br><b><code><span style="color:#3366CC;font-size:1.2em;">scp &nbsp; myfile.txt &nbsp; yourmatrixid@matrix.senecac.onsenecacollege.ca:/home/yourmatrixid</span></code></b><br>(followed by your Matrix password)<br>What did this command do?# Issue the following single command (arguments are separated by a space - use your Matrix login id):<br><b><code><span style="color:#3366CC;font-size:1.2em;">ssh &nbsp; yourmatrixid@matrix.senecac.onsenecacollege.ca &nbsp; ls /home/yourmatrixid/myfile.txt</span></code></b><br>(followed by your Matrix password)<br>What did this command do?<br>Issue the following Linux command:<br><b><code><span style="color:#3366CC;font-size:1.2em;">ssh &nbsp; yourmatrixid@matrix.senecac.onsenecacollege.ca &nbsp; cat /home/yourmatrixid/myfile.txt</span></code></b><br>How do these commands differ from using issuing the ssh command without the ls or cat command? How is this useful?<br><br>The client ssh application contains the utlities: '''ssh''', '''scp''' and '''sftp''' (learned in ULI101) to connect to remote Linux servers in order to issue commands or transfer files between Linux servers. You can install the SSH service on your Linux server, although this has already been performed upon installation. We will now confirm that the ssh service is running on all of your VMs.<br><br>
# OpenSSH should have been installed by default. Let's confirm this by issuing the command:<br /> <b><code><span style="color:#3366CC;font-size:1.2em;">rpm -qa | grep ssh</span></code></b>
# You should see a number of packages installed including <b>openssh-clients</b> and <b>openssh-server</b>
<pre style="font-family:monospace;background-color:white;border-style:none;padding-left:50px;">
Generating public/private rsa key pair.
Enter file in which to save the key (/home/ops245yoursenecaid/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter passphrase again:
Your public key has been saved in /home/ops245yoursenecaid/.ssh/id_rsa.pub.
The key fingerprint is:
ef:de:31:67:f7:15:a4:43:39:15:5d:78:1b:e8:97:74 ops245yoursenecaid@centos3centos2
The key's randomart image is:
+--[ RSA 2048]----+
# Verify that the file '''/etc/sysconfig/iptables''' exists.
# Restart your iptables service and test your configuration.
# Restart the libvirtd service, and note the rules it adds to your iptables. It will do this automatically every time it starts.
# Run the shell script and if there are any warnings, make fixes and re-run shell script until you receive "congratulations" message.
#Arrange proof of the following on the screen:<br><blockquote><span style="color:green;font-size:1.5em;">&#x2713;</span> '''centos2''' VM:<blockquote><ul><li>have logged into centos3 VM using '''public key authentication''' (with a pass-phrase)</li></ul></blockquote><span style="color:green;font-size:1.5em;">&#x2713;</span> '''c7host''' Machine:<blockquote><ul><li>have tunneled Xwindows application from '''centos1''' via ssh</li><li>Run the '''lab7-check.bash''' script in front of your instructor (must have all <b><code><span style="color:#66cc00;border:thin solid black;font-size:1.2em;">&nbsp;OK&nbsp;</span></code></b> messages)</li></ul></blockquote><span style="color:green;font-size:1.5em;">&#x2713;</span> '''Lab7''' log-book filled out.
#Upload a screenshot of proof from the previous step, along with the file generated by '''lab7-check.bash'''.
= Practice For Quizzes, Tests, Midterm &amp; Final Exam =
572
edits

Navigation menu