13,420
edits
Changes
no edit summary
:We can use the '''netstat''' utility as a trouble-shooting / confirmation tool to view the SSH service and determine which STATE the SSH service is performing: '''LISTENING''', '''ESTABLISHED''', '''CLOSED''' , or '''WAITING''' <br><br>
<ol><li value="2">Run the '''netstat -atunp''' command (pipe to "grep sshd") to check the state of a possible ''ssh connection''. What is the state (i.e. LISTENING or ESTABLISHED)?</li>
<li>Open another terminal and establish an ssh connection to While in your '''centos3''' VM using , issue the following commandto connect to the same VM via ssh: <b><code><span style="color:#3366CC;font-size:1.2em;">ssh ops235@centos3</span></code></b></li><li>You Enter yes at the prompt, and enter your OPS235 password.<br>The output should receive a message appear similar to the followingas what is shown below:<br><br>
:<span style="font-family:courier">The authenticity of host 'centos3 (192.168.235.13)' can't be established.</span><br>
:<span style="font-family:courier">RSA key fingerprint is 53:b4:ad:c8:51:17:99:4b:c9:08:ac:c1:b6:05:71:9b.</span><br>
:<span style="font-family:courier">Are you sure you want to continue connecting (yes/no)? yes</span><br>
:<span style="font-family:courier">Warning: Permanently added 'centos3' (RSA) to the list of known hosts.</span><br><br></li>
<li>Issue the following command to confirm that you connected to your centos3 VM: <b><code><span style="color:#3366CC;font-size:1.2em;">hostname</span></code></b></li></ol>
[[Image:spoof.png|thumb|right|485px|If you receive a message like the one displayed above, you should investigate why it is happening as it could indicate a '''serious security issue''', or it could just mean that something on '''the host has changed'''(i.e. the OS was <u>reinstalled</u>)]]
<ol><li value="7">Switch back to your '''centos3''' VM and reRe-run that same '''netstat pipeline command'''. Any change to the connection status?</li><li>Return to the second terminal, and logLog-out of your ssh connection by typing <b><code><span style="color:#3366CC;font-size:1.2em;">exit</span></code></b>.<li>Run that same '''netstat''' command in the original terminal and check the state of the connection after logging outagain. Wait a few minutes and then check again. Record your observations.</li><li>Make certain to exit all connections, and remain in your '''centos2''' VM. When using ssh to connect to other servers, it is very easy to forget which server you are currently using. Verify that you are in your '''centos2''' VM by entering the command: <b><code><span style="color:#3366CC;font-size:1.2em;">hostname</span></code></b><li>Use the Internet to search for '''TCP 3 way handshake''' to see how TCP connections are established and closed.<br><br></li>
</ol>
So far, we have learned to establish an ssh connection to another host using a password to establish your identity. But '''passwords are not the only or even the best way of authenticating your identit'''y. We can also use '''Public/Private key encryption'''.
<ol>
<li value="12">Switch to your '''centos2''' VM.</li><li>Confirm you are in your centos2 VM by entering the command: <b><code><span style="color:#3366CC;font-size:1.2em;">hostname</span></code></b> Make <u>certain</u> that you are in your centos you are NOT logged in as root!''' (you have been warned!)</li>
<li>To generate a keypair (public/private keys), issue the following command: <b><code><span style="color:#3366CC;font-size:1.2em;">ssh-keygen</span></code></b></li>
<li>That should generate output similar to the following:</li>