Jump to: navigation, search

OPS235 Lab 7

161 bytes removed, 07:41, 28 June 2016
no edit summary
So far, you have learned to use the ssh utility to establish a secure connection to a remote server to perform tasks, administer the server, etc. For these common operations, you have issued the ssh command, which is the client application for ssh. In order to connect to a remote server (like your VMs, Matrix, etc) they need to be running the SSH service. In this lab, you will learn how to run an SSH server in a VM, then confirm that you can connect into the server by using the ssh client application.
We can use the '''netstat''' utility as a trouble-shooting / confirmation tool to view the SSH service and determine which STATE the SSH service is performing:*'''LISTENING''' (waiting for a ssh connection attempt)*'''ESTABLISHED''' (connection established)*'''CLOSED''' (connection is closed)*'''WAITING''' (time between connection closed, and changing to LISTENING mode)
# OpenSSH should have been installed by default. Let's confirm this by issuing the command:<br /> <b><code><span style="color:#3366CC;font-size:1.2em;">rpm -qa | grep ssh</span></code></b>
# You should see a number of packages installed including <b>openssh-clients</b> and <b>openssh-server</b>
# <b><code><span style="color:#3366CC;font-size:1.2em;">openssh-server</span></code></b> installs a service called '''sshd'''. Confirm that this service is running by issuing the command:<br /><b><code><span style="color:#3366CC;font-size:1.2em;">systemctl status sshd</span></code></b><br><br>'''NOTE:''' We can use the '''netstat'' command is ' utility as a very useful command for anything trouble-shooting / confirmation tool to do with networking. Read view the man pages SSH service and make sure you understand determine which STATE the netstat commandSSH service is performing:*'''LISTENING''' (waiting for a ssh connection attempt)*'''ESTABLISHED''' (connection established)*'''CLOSED''' (connection is closed)*'''WAITING'''s output.(time between connection closed, and changing to LISTENING mode)<br><br>
# Now that you know the service is running, investigate what '''port number''' and '''protocol''' sshd uses by issuing the command:<br /><b><code><span style="color:#3366CC;font-size:1.2em;">netstat -atunp | grep sshd</span></code></b>
# What protocol and port is the sshd process using? What is the state of the port? Why would you think that UDP ports don't have a state?
As a system administrator, you have the ability to generate or create public and private keys to ensure safe and secure ssh connections. The system administer can generate these keys for the first time, of if they suspect that a hacker has compromised the server, can remove the existing keys and generate new keys. A common type of attack, Arp Poisoning (Man in the Middle Attack), can be used to redirect packets to a third party while maintaining the illusion that the connection is secure. Therefore, understanding about the generation and management of public/private keys are important to the security of servers.
'''Perform the following steps:'''

Navigation menu