Ch 5 Connecting to Red Hat Enterprise Linux 9

Question 1

What is the difference between a console and a terminal?

Answer 1

console: the environment a user is looking at – what you see when you looking at your screen

terminal: an environment opened ON the console, and provides access to a nongraphical shell – usually Bash. Terminal, aka the shell, aka the Command Line Interface, aka the CLI

Question 2

Where are a console and terminal the same thing, and where are they not?

Answer 2

in a text environment only environment, they are the same

in a graphical environment, they are not. console is screen and terminal is the shell

Question 3

you can have multiple terminals on a console, but you cannot have multiple consoles in one terminal

Answer 3

true

Question 4

what are two ways to connect to a server?

Answer 4

remotely, or the local console login (localhost login)

Question 5

What must you remember during linux installation in order to have more than just the root user offered at the localhost login?

Answer 5

give the root user a password, create a regular user…

Question 6

why is it better to login as a regular user and not the root user? list 6

Answer 6

1. makes it harder to make serious mistakes
2. you often don’t need root permissions
3. attackers not only have to guess the root password, but the guest username as well
4. if you need root access, use sudo -i to open a root shell, using your current user’s password – this is more secure than su -, because you don’t type in the root password. any only some users are authorized to do this
5. type su - to open a root shell,but you have to enter the root user password. you will work as root until you type exit
6. use sudo for only specific admin tasks

Question 7

why don’t subsequent terminals not need a password to be entered?

Answer 7

because all subsequent terminals are opened as subshells – and you have access to the same user account that the parent shell is logged in as

Question 8

how can you open a subshell with a different user identity?

Answer 8

su - [name of user, or blank for root user]

or sudo -i to open a root shell

Question 9

what is the utility of being able to open a subshell as another user?

Answer 9

to test and preview things under a different user?

Question 10

how do you toggle between terminals in a non graphical environment?

Answer 10

do not use these in a graphical env!!

Alt + F1 – move to GDM graphical login (GNOME display manager)

Alt + F2 – provide access to curent graphical console

Alt + F3 – give access back to the current graphical console

Alt + F4 - F6 – give access to nongraphical consoles

Question 11

how many terminals can you have open at a time?

Answer 11

six virtual terminals

Question 12

an alternative to Alt-Fx to toggle terminals is what command?

Answer 12

chvt (change virtual terminal)

chvt 1 - goes to graphical login prompt

Question 13

which virtual console is the default console, and what is it also called?

Answer 13

the first one, virtual console tty1 - has a corresponding device file in the /dev directory called /dev/tty1

(there’s a /dev/tty1 through /dev/tty6)

Question 14

how must the terminal toggling keyboard shortcuts be altered in a graphical environment?

Answer 14

instead of Alt + Fx, you use Ctrl+ Alt + Fx

Question 15

to go back from text environment back to GUI, do you need to add Ctrl to the Alt + Fx terminal toggle?

Answer 15

no

Question 16

What systemwide configuration allows you to use X forwarding?

Answer 16

/etc/ssh/ssh_config

Question 17

what type of file is associated with every linux environment terminal?

Answer 17

a device file

Question 18

where are the files for pseudoterminals (terminals started in a graphical environment) located vs the files for virtual terminals?

Answer 18

/dev/pts1, /dev/pts2, /dev/pts3, etc…

vs

/dev/tty1, /dev/tty2, /dev/tty3, etc…

Question 19

what is a useful tool during the exam to see that you have configured things properly?

Answer 19

reboot

Question 20

the more often you reboot, the easier it will be to pinpoint what change led to the boot failure

Answer 20

true

Question 21

what are 3 situations where a reboot is required?

Answer 21

1. to recover from a serious problem the server hanging, kernel panics
2. to apply kernel updates
3. to apply changes to kernel modules that are being used currently and therefore cannot be reloaded easily

Question 22

what are the drawbacks of simply cutting power to a server vs a planned reboot or shutdown?

Answer 22

processes have not yet written their data to the disk – it’s stored in a cache

Question 23

how do you execute a proper reboot?

Answer 23

need to reboot in a way that involves systemd so it can orchestrate the proper shutdown of the other services

systemctl reboot or reboot
systemctl halt or halt
systemctl poweroff or poweroff

Question 24

what’s the first process to start when a server boots?

Answer 24

systemd

Question 25

what's special about the systemd process?

Answer 25

it manages all the other processes

Question 26

what is the difference bw systemctl halt and systemctl poweroff?

Answer 26

poweroff talks to the power mgmt on the machine to power it off, and halt only shuts down the box, not turn off power

Question 27

if poweroff, halt, and reboot don't work remotely to turn off power, what other option do you have? (like if the system is really fubar)

Answer 27

echo b > /proc/sysrq-trigger (as root user)

Question 28

what does echo b > /proc/sysrq-trigger do?

Answer 28

immediately resets the machine without saving anything....is a last resort!!

Question 29

if ssh has not been configured on port 22, what do you need to remember when using the ssh command?

Answer 29

you need to add the -p flag to specify the port if not configured for port 22 ssh -p 5543

Question 30

what other OS can a linux OS ssh to (natively)?

Answer 30

mac

Question 31

how can you ssh to a linux server from Windows?

Answer 31

if on a windows version with no subsystem for linux... use an ssh client like... PuTTY MobaXterm KiTTY mRemoteNG secureCRT Bitvise Xshell

Question 32

what's the basic format of an ssh command?

Answer 32

user@server

Question 33

what is stored in the ~/.ssh/known_hosts file?

Answer 33

the public key fingerprint

Question 34

how does ssh utilize the known_hosts file?

Answer 34

it checks that the fingerprint there works with the encryption key sent back by the server you're trying to connect with

Question 35

You are trying to connect to another server and there is a mismatch between the encryption key sent back by the server and the public key fingerprint that you have stored for that server. What are possible reasons for this?

Answer 35

1. Could be connecting to the wrong server 2. Could be an interceptor/attack? 3. New OS installation at that same IP, or different box using that IP now 4. First time connecting to a new server 5. The sshd service on that server was re-installed/new key was created

Question 36

what should you do if there's a mismatch between the server you're trying to ssh to and the public key fingerprint stored for it?

Answer 36

remove the existing public key fingerprint that you have for that host in the ~/.ssh/known_hosts file

Question 37

how can you remove a host entry from ~/.ssh/known_hosts file with sed?

Answer 37

sed -i -e '25d' ~/.ssh/known_hosts this removes line 25 (-i means edit in place, or write permanent changes to the file, and -e means some kind of scripting will follow)

Question 38

why doesn't an ssh connection become graphical by default?

Answer 38

it's a security risk...you could see things you shouldn't

Question 39

what are the two requirements in order to create a graphical connection to another server with ssh?

Answer 39

1. an x server has to run on the client computer (my computer) 2. the destination computer, or the remote host, must be allowed to display screens on my client computer

Question 40

how do you make a graphical ssh connection while also providing permission for the remote server to send its graphical data back?

Answer 40

ssh -Y ssh -Y linda@server2

Question 41

what is the ssh -v flag

Answer 41

verbose output

Question 42

what is the ssh -Y flag

Answer 42

enables support for graphical apps

Question 44

what is X forwarding?

Answer 44

starting graphical applications through an SSH session

Question 45

How do you enable X forwarding when you ssh?

Answer 45

Add the line: ForwardX11 yes to the /etc/ssh/ssh_config file (and this will make x forwarding happen by default)

Question 46

what are two secure transfer protocols/commands?

Answer 46

scp and sftp (add rsync if you want to synchronize the file)

Question 47

how would you copy a file from another server to your home server?

Answer 47

scp root@server2:/etc/passwd ~ (copy /etc/passwd from server 2 and copy it to the ~ home directory of server 1)

Question 48

how do you securely copy a directory to a remote server?

Answer 48

scp -r server2L/etc/ .tmp (copy the entire etc directory on server2 to the tmp directory of server1)

Question 49

How do you scp through a non-default port?

Answer 49

scp -P is -p for ssh, but -P for scp

Question 50

How does the sftp command work?

Answer 50

you open an FTP client session to the remote server, and the only requirement on the remote server is that it runs an sshd process use typical FTP commands like "put" (upload) and "get" (download)

Question 51

when using sftp, what do you need to remember about downloading from the remote server?

Answer 51

it will always be downloaded to the local directory (and the same for uploading...comes from the local directory)

Question 52

what does rsync do?

Answer 52

synchronizes files between remote and local directory when copying -- this is a good choice when you only want to copy over differences between a file or directory. so if you frequently transfer a file, it will only transfer the latest change

Question 53

what does this do? rsync -r

Answer 53

synchronize the entire directory tree (recursive)

Question 54

what does this do? rsync -l

Answer 54

copy over symbolic links as symbolic links

Question 55

what does this do? rsync -p

Answer 55

preserve permissions when copying

Question 56

what does this do? rsync -n

Answer 56

only do a dry run, don't synchronize anything

Question 57

what does this do? rsync -a

Answer 57

copy over using archive mode, thus ensuring the entire subdirectory trees and all file properties will be sncrhonized

Question 58

what does this do? rsync -A

Answer 58

use archive mode and ALSO synchronize ACLs

Question 59

what does this do? rsync -X

Answer 59

syncrhonize SELinux context as well

Question 60

what is ssh login, as opposed to password login?

Answer 60

it's key-based login

Question 61

what are prereqs to using ssh?

Answer 61

generating a key pair

Question 62

Creating a key for ssh involves using ssh-keygen. Where is the public key stored?

Answer 62

~/.ssh/authorized_keys (in the home directory of the target user...not your current server, your remote one)

Question 63

what command generates a public-private keypair for ssh?

Answer 63

ssh-keygen

Question 64

what command copies the ssh public key from ssh-keygen to the remote host

Answer 64

ssh-copy-id