- What is SSH and explain it?
SSH is stands for Secure Shell. It was designed and created to provide the best security when accessing another computer remotely. Not only does it encrypt the session, it also provides better authentication facilities. On windows systems install the putty software and through putty we can access the remote system by configuring ssh. SSh is protocol which facilitates secu
communication between two systems using Client-Server architecture and allows users to login to the server host systems remotely. It is used to connect to remote system and perform administrative task or jobs. By default ssh takes password authentication mechanism and its port no. is 22. Through ssh the data will be transferred in encrypted format.
- What is remote administration and explain it?
(i) Remote administration means administration of servers which are located remotely.
(ii) Normally servers are placed in datacenters like books arranged in a rack.
(iii)These datacentres are normally located in US, UK, and Australia … etc.,
(iv) Generally we login as normal user in local systems and get the remote desktop or console using remote desktop tools like putty, VNC server, … etc.,
(v) If it is through remote desktop, we can manage the servers using the GUI tools.
(vi) If it is through putty, we can manage the serves using command line interface only. In both ways we should give server name or IP address, port no., username, and password.
- What is telnet?
Telnet is a mechanism to connect and to administrate the remote system from local system. This is the oldest program which is available on most network capable operating systems. Accessing a remote shell account through the telnet method is danger because in that everything that you send or receive over that telnet session is visible in plain text on your local network and the local network of the machine you are connecting to. So, anyone can sniff the connection in-between can see our username, password, email and other messages that we read and command that we run. For these reasons we need a more sophisticated program than telnet to connect to a remote host.
- What are the differences between Telnet and SSH?
Telnet | SSH |
(a) Through telnet we can connect to a remote system, but any network hacker may see the transferred data. Telnet uses port no. 23 . | (a) Through SSH, we can also connect to a remote system, but nobody can see the transferred data. SSH uses port no. 22. |
(b) Data will be transferred in non-encrypted format. | (b) Data will be transferred in encrypted format. |
(c) Telnet connection is not secure. | (c) SSH connection is secure. |
(d) Trust cannot be placed on a telnet connection. | (d) Trust can be placed on an SSH connection. |
(e) Snooping or sniffing technologies can be used to intercept the data including system or hostname, login name, password, and other data, making it insecure. | (e) Snooping or sniffing technologies cannot intercept the data including system or hostname, login name, password, and other data, making it secure. |
(f) # telnet <IP address of the remote system> (provide login name and password) | (f) # ssh <IP address of the remote system> (provide login name and password) |
- In how many ways we can connect the remote host through ssh?
Through ssh we can connect the remote host by two methods.
(i) Command Line Interface (CLI).
Example :
# ssh <IP address of the remote system>
(ii) Graphical User Interface (GUI).
Example: open VNS server window and provide remote hostname, login name and password.
- What are the requirements for ssh?
(i) Remote systems IP address.
(ii) Remote systems username and password
(iii) A proper network ie., our local and remote systems should be in the same network.
(iv) Open ssh package to configure the ssh.
- In how many ways we can connect the remote system?
- telnet
- ssh
- rlogin
- rcp
- ftp
- scp
- sftp
- tftp
- What is the syntax for ssh?
# ssh <IP address of the remote system> -l <username>
# ssh <username>@<IP address of the remote system>
# ssh <username>@<remote hostname with fully qualified domain name>
* After executing any of the above commands, it may ask username and password. Then type username and passwords to connect the remote systems.
- How to configure the ssh with keybased authentication or explain the ssh trusting?
(i) SSH keybased authentication is used to access the remote system without asking any passwords.
(ii) For that, first we have to generate the public and private keys by executing # ssh-keygen
command on our system. Then the public and private keys are generated in /home/<username>/.ssh
location. ie., .ssh
directory in users home directory. And the keys are id_rsa
(private key) and id_rsa.pub
(public key).
(iii) Then copy the public key id_rsa.pub
on the remote system by executing the below command.
# ssh-copy-id -i <username>@<IP address of the remote system>
(iv) Go to remote system and check whether the above key is copied or not by # cat /home/<username>/.ssh/authorized_keys
file. And the private key should be in our system.
(v) Whenever we are trying to establish a connection the public key on remote system should be matched with the private key on our system. otherwise, there is no connection is established.
(vi) If both public and private keys are matched then connection will be established and first time it will ask the password. Once the connection is established, next time onwards it won’t ask any passwords.
# ssh <username>@<remote hostname or IP address> ---(first time it will asks the password)
(vii) The authentication is done through the public and private keys, so this type of authentication is called keybased authentication.
- How to prevent the remote login root user or how to configure the ssh to prevent the remote login for root?
(i) The location of the ssh configuration file is /etc/ssh/sshd_config
(ii) Open the configuration file by
# vim /etc/ssh/sshd_config -----> Find "PermitRootLogin yes" and uncomment that line and type as " no " in place of " yes " and save and exit this file. using :wq
(iii) Then restart the or reload the sshd deamon and enable the sshd deamon at next reboot by
# systemctl restart sshd # systemctl enable sshd # systemctl reload sshd
(iv) Then no root user cannot access our system remotely through ssh service.
- How to allow the remote users to run GUI commands through ssh?
(i) Open ssh configuration file by and go to line no. 117 in RHEL – 7 X11 Forwarding no
# vim /etc/ssh/sshd_config ----->type as " yes " in place of " no " then save and exit this file.
* If it is yes, then GUI commands can be executed on the remote system.
* If it is no, then GUI commands cannot be executed on the remote system.
(ii) Then restart the sshd service or deamon to affect the above modification and enable the sshd deamon at next reboot by
# systemctl restart sshd # systemctl enable sshd # systemctl reload sshd
(iii) # gedit (to open the gedit editor on remotely)
- How to allow empty password through ssh?
(i) Open the ssh configuration file by
# vim /etc/ssh/sshd_config -----> go to line no. 77 in RHEL - 7 PermitEmptyPassword no and type as " yes " in place of " no " then save and exit this file.
* If it is yes, then the remote system will be allow the users with empty password ie., without password.
* If it is no, then the remote system will not be allow the users with empty passwords.
(ii) Then restart the sshd service or deamon to effect the above modifications and enable the sshd deamon at next rebootby
# systemctl restart sshd
# systemctl enable sshd
# systemctl reload sshd
(iii) Now, the users who are having empty passwords are also access the remote systems through ssh.
- How to prevent the password authentication mechanism in ssh?
(i) Open the ssh configuration file by
# vim /etc/ssh/sshd_config -----> go to line no. 78 in RHEL - 7 PasswordAuthentication no and type as " no " in place of " yes " then save and exit this file.
* If it is yes, then the remote system will ask the password.
* If it is no, then the remote system will not ask any type of passwords.
(ii) Then restart the sshd service or deamon to effect the above modifications by
# systemctl restart sshd
# systemctl enable sshd
# systemctl reload sshd
(iii) Now, we can access the remote systems through ssh without Password Authentication mechanism.
- How to allow or deny the uses or group to access the remote systems through ssh?
(i) If we want to allow or deny the particular users then go to last line of the ssh configuration file and type as
# vim /etc/ssh/sshd_config
DenyUsers <user 1><user 2><user3> …etc.,
– Allow users for ssh service access
AllowUsers <student><user 4><user 5> …etc.,
– To deny groups for the ssh service access
DenyGroup <group 1><group 2><group 3> …etc.,
– Allow groups for ssh service access
AllowGroup <group 1><group 2><group 3> …etc.,
(ii) Then restart the sshd service or deamon to effect the above modifications by
# systemctl restart sshd
# systemctl enable sshd
# systemctl reload sshd
- How allow the specified no. of users to access remote system at a time?
(i) Open the ssh configuration file by
# vim /etc/ssh/sshd_config
Then go to MaxAuthTries
line and type as, MaxAuthTries <no.>
(type any numeric value equal to Max. users to allow at a time in place of <no.>, then save and exit this file)
(ii) Then restart the sshd service or deamon to effect the above modifications by
# systemctl restart sshd # systemctl enable sshd # systemctl reload sshd
- How to allow or deny the hosts or networks to use the ssh?
To deny IP addresses or hostnames:
– Open the /etc/hosts.deny
file by running the command:
# vim /etc/hosts.deny
– Scroll to the last line and type the following to deny specific IP addresses:
sshd: <IP address 1> <IP address 2> <IP address 3> ...
– To deny specific hostnames, type the following:
sshd: <hostname 1> <hostname 2> <hostname 3> ...
– To deny all hosts from certain domains, type the following:
sshd: *.example.com *.my133t.org ...
– To deny entire networks, type the following:
sshd: 192.168.0. 172.25.0. ...
– To deny all hosts or IP addresses except for a specific one in the network, type the following:
sshd: ALL EXCEPT <hostname or IP address>
– Save and exit the /etc/hosts.deny
file.
(ii) Then restart the sshd service or deamon to affect the above modifications by
# systemctl restart sshd or # systemctl reload sshd
To allow IP addresses or hostnames:
(i) Open /etc/hosts.allow file by # vim /etc/hosts.allow and go to the last line and type:
sshd: <IP address 1> <IP address 2> <IP address 3>… (to allow IP 1, IP 2, IP 3, etc.)
sshd: <hostname 1> <hostname 2> <hostname 3>… (to allow hostname 1, hostname 2, hostname 3, etc.)
sshd: *.example.com *.my133t.org… (to allow all hosts from these domains)
sshd: 192.168.0. 172.25.0…. (to allow 192.168.0 and 172.25.0 networks)
sshd: ALL EXCEPT <hostname or IP address> (to allow all hosts or IP addresses except the specified one in that network) and save and exit the file.
(ii) Then restart the sshd service or deamon to effect the above modifications by
# systemctl restart sshd # systemctl reload sshd
- How to check whether the ssh is running or not on remote host?
– Use below command to see the ssh is running or not on remote system.
# nmap -p 22 <IP address of the remote host>
- How to troubleshoot if the client has complained that I am not accessing the server using ssh?
(i) First check the pinging of the client system. If it is not pinging, then check the IP address of the client system.
If client system and sever system are in different domains or networks it will not ping. So, bring the client system into the network of the server system. Check the network is working or not and also check whether the network cable is connected or not.
(ii) If both systems are pinging then check whether the openssh
package is installed or not. If not installed then install that package and configure ssh on the client system and restart the sshd deamon.
(iii) Check the client <IP address or hostname> in /etc/hosts.deny
files. If there is an entry of the client system in this file, then remove that entry and restart the sshd deamon.
(iv) Finally open the ssh configuration file by # vim /etc/ssh/sshd_config
and see any client user name is present or not and check other lines for client entries in this file, if present remove those entries, save that file and restart the sshd service.
(v) Finally check whether the client user is there in the server or not, if not create the client user, assign the password share those details to client. If user is there then check whether the client user’s password is locked, account expired and any other or not, if locked then remove the lock, if client account is expired then activate that account, assign the password and make the ssh trusting between client and server systems.
- How to copy the file from our system to remote system?
Syntax
# scp <source file name with full path> <IP address of the remote system>:<destination location>
Example :
– To Copy /root/script1 file into 192.168.1.1 system
#scp /root/script1 192.168.1.1:/root/script1
– To copy /root/raju directory to remote system
#scp -r /root/raju/ 192.168.1.1:/root/raju/
* scp means secured copy to copy the files or directories from local system to remote system.
- What is rsync and explain it?
rsync is a very good program for backing up or mirroring a directory tree of files from one machine to another machine and for keeping the two machines “in sync“. It is designed to speed up file transfer by coping the differences between two files rather than coping an entire file every time.
If rsync is combined with ssh, it makes a great utility to sync the data securely otherwise by sniffing any one can see our data ie., no security for our data.
A system is able to ping locally but not out site. Why?
(i) May be there is no access to outside.
(ii) May be outside is in different network from the local.
(iii) May be permission is denied for that system to access outside.
(iv) If there is access, but router or modem or network switch or NIC may not be working to access the outside.
(v) May be outside is not available temporarily.
- A system is echoing the ping, but not able to login via telnet. Why?
(i) Check telnet service is started or not. If not started, start the telnet service.
(ii) May be telnet service is disabled, if so, enable the telnet service.
(iii) May be telnet port is blocked, if so, release that port no.
(iv) May be telnet permission is denied, if so, change the permissions to allow the telnet service.
(v) Check all the files whether the telnet service is blocked or not, if blocked remove those entries.
- How will you login or start the system in what mode if you don’t know the root password?
(i) If the user having sudo permissions, then login as sudo user.
(ii) If no sudo permissions then boot with CDROM in single user mode and start the system. Then provide the root password to root user if there is no root password.
(iii) Even though if it is not possible then finally break the root password.
Other useful commands :
– Connect to the specified remote system through telnet
– Connect to the specified remote system through ssh
– Connect to the remote system using username
– Connect to this remote system as root user
– Connect to this remote system as root user
– Connect to the server1 system in example.com domain
– See all the users who are login to our system
– To see all the users who are login to our system with other details
– If we did not specify the user name, then it will ask the current users password and search the current account in remote system
– To see the ssh trusting remote hosts fingerprint information:
– To run a command on remote host without login to that system
– To run GUI commands on the remote system because by default the ssh is configured as command line interface, X is capital
– To see the login failed tries
– To see the date and time of the system’s last shutdown