Linux Flashcards

(39 cards)

1
Q

Where would you find user account information?

File Location

A

/etc/passwd

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Where would you find account password hashes?

File Location

A

/etc/shadow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

pwck

Command

A

Verifies each line in the /etc/passwd and /etc/shadow files and identifies discrepencies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

pwconv

Command

A

Adds the necessary information to synchronize the /etc/passwd and /etc/shadow files.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Where would you find group information?

File Location

A

/etc/group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Where would you find the default values used by the useradd command?

A

/etc/default/useradd

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

/etc/login.defs

Reminder

A

The /etc/login.defs file contains:
- Values used for the group and user ID numbers.
- Parameters for password encryption in the shadow file.
- Password expiration values for user accounts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

/etc/skel

Reminder

A

The /etc/skel directory contains a set of configuration file templates that are copied into a new user’s home directory when it is created, including the following files:
- .bashrc
- .bash_logout
- .bash_profile
- .kshrc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

useradd

Command

A

Adds a new user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

useradd -c

Option

A

Adds a description for the account in the GECOS field.

This changes the full name of the account.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

useradd - m

Option

A

Creates the user’s home directory (if it does not exist)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

useradd

Option List

A
  • -c adds a description for the account in the GECOS field of /etc/passwd.
  • -d assigns an absolute pathname to a custom home directory location.
  • -D displays the default values specified in the /etc/default/useradd file.
  • -e specifies the date on which the user account will be disabled.
  • -f specifies the number of days after a password expires until the account is permanently disabled.
  • -M defines the secondary group membership.
  • -m creates the user’s home directory (if it does not exist).
  • -n does not create a group with the same name as the user (Red Hat and Fedora, respectively).
  • -p defines the encrypted password.
  • -r specifies that the user account is a system user.
  • -s defines the default shell.
  • -u assigns the user a custom UID. This is useful when assigning ownership of files and directories to a different user.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

passwd

Command

A

Assigns or changes a password for a user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

passwd

Option List

A
  • -S username displays the status of the user account. LK indicates that the user account is locked, and PS indicates the user account has a password.
  • -l disables (locks) an account. This command inserts a !! before the password in the /etc/shadow file, effectively disabling the account.
  • -u enables (unlocks) an account.
  • -d removes the password from an account.
  • -n sets the minimum days before a password can be changed.
  • -x sets the number of days before a user must change the password (password expiration time).
  • -w sets the number of days before the password expires that the user is warned.
  • -t sets the number of days following the password expiration that the account will be disabled.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

usermod

Command

A

Modifies an existing user account.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

usermod

Option List

A
  • -c changes the description for the account.
  • -l renames a user account.
  • -L locks the user account. This command inserts a ! before the password in the /etc/shadow file, effectively disabling the account.
  • -U unlocks the user account.
17
Q

userdel

Command

A

Removes a user account.

18
Q

userdel -r

Option

A

Removes the user’s home directory.

19
Q

userdel

Option List

A
  • userdel [username] (without options) removes the user account.
  • -r removes the user’s home directory.
  • -f forces removing the user account even when the user is logged into the system.
20
Q

chage

Command

A

Sets user passwords to expire.

21
Q

chage

Option List

A
  • -M sets the maximum number of days before the password expires.
  • -W sets the number of days before the password expires that a warning message displays.
  • -m sets the minimum number of days that must pass after a password has been changed before a user can change the password again.
22
Q

ulimit

Command

A

Limits computer resources used for applications launched from the shell. Limits can be hard or soft. Users can modify soft limits, but only the root user can modify hard limits.

23
Q

ulimit

Option List

A
  • -c limits the size of a core dump file. The value is in blocks.
  • -f limits the file size of files created using the shell session. The value is in blocks.
  • -n limits the maximum number of files that can be opened.
  • -t limits the amount of CPU time a process can use. This is set in seconds.
  • -u limits the number of concurrent processes a user can run.
  • -d limits the maximum amount of memory a process can use. The value is in kilobytes.
  • -H sets a hard resource limit.
  • -S sets a soft resource limit.
  • -a displays current limits. The default shows soft limits.
24
Q

groupadd

Command

A

Creates a new group.

25
groupadd | Option List
The following options override the settings found in the /etc/login.defs file: - g defines the group ID (GID). - p defines the group password. - - r creates a system group.
26
groupmod | Command
Modifies the existing group.
27
groupdel | Command
Modifies the system account files by deleting all entries that refer to the specified group. The named group must exist. You cannot remove the primary group of any existing user. You must remove the user before you remove the group.
28
gpasswd | Command
Changes a group password.
29
gpasswd | Option List
- groupname prompts for a new password. - - r removes a group password.
30
newgrp | Command
Is used to change the current group ID during a login session. If the optional - flag is given, the user's environment will be reinitialized as though the user had logged in. Otherwise, the current environment, including the working directory, remains unchanged. You can use this when working in a directory where all the files must have the same group ownership.
31
usermod | Group Option List
Modifies group membership for the user account. Be aware of the following options: - g assigns a user to a primary group. - G assigns a user to a secondary group (or groups). Follow the command with a comma-separated list of groups. - aG assigns a user to a secondary group (or groups) by appending the group to any group the user already belongs to. Follow the command with a comma-separated list of groups. - - G "" removes the user from all secondary group memberships. Do not include a space between the quotes.
32
groups | Command
Display the primary and secondary group membership for the specified user account.
33
chmod | Command
The `chmod` command is used to modify permissions. It can be used in symbolic mode or absolute mode. In symbolic mode, the command works as follows: `chmod g+w, o-xhome` In absolute mode, permissions are assigned using octal notation, where r=4, w=2, and x=1. For example, the following command has the same effect: `chmod 755home`
34
Remove unnecessary software | Multiple command choices
Enter one of the following commands: - `yum list installed` or `dnf list installed` to see installed RPM packages on the computer. - `apt` - `apt autoremove` automatically removes unused packages - `apt list list all` installed packages - `dpkg get-selections` to see installed Debian packages on the computer. Research the function of any unrecognized package to determine if it is necessary. Use one of the following commands to uninstall unnecessary packages. `yum erase` *packagename* `dnf remove` *packagename* `apt remove` *packagename* `rpm -e` *packagename* `dpkg -r` *packagename*
35
Check for unnecessary network services | Step by Step (with commands)
To remove unnecessary network services: - Find all installed services and determine which are not needed: DNS, SNMP, DHCP, and others. `systemctl --type=service --state=active` - Use the `man` command and the internet to research services you do not recognize. - If the service is not needed, determine if it is a dependency for another service. - Disable the service by using the following command: `systemctl disable` *servicename* - Use the following command to stop the script immediately: `systemctl stop` *servicename*
36
Locate Open Ports | Step by Step (with commands)
To locate open ports: - Install the nmap utility if it is not already installed. `yum install nmap` `dnf install nmap` `apt -i nmap` - Use both of the following commands to scan for open ports: `nmap -sT` *ipaddress*|*fqdn* scans for TCP ports `nmap -sU` *ipaddress*|*fqdn* scans for UDP ports - Determine which services use the open ports. - Disable any unused service using the open ports information. ( Make sure the service used is not a dependency for another service .) `systemctl disable` *servicename* `systemctl stop` *servicename*
37
Check Network Connections | netstat and ss options
Use the following `netstat` (network statistics) or `ss` (socket statistics) options to identify the open network connections on Linux systems: - `-a` lists both listening and non-listening sockets. - `-l` ( lowercase 'L' ) lists listening sockets. - `-s` displays statistics for each protocol. - `-i` displays a table of all network interfaces.
38
iptables Chains | List
The Linux iptables firewall utility uses policy chains (sets of rules) to allow or block network traffic. When a connection is initiated to your system, iptables looks for a matching rule. If it doesn't find one, it uses the default action in the tables. Chain Types - Input This chain controls the behavior of incoming connections. For example, if a user attempts to ping the system, iptables attempts to match the IP address and port to a rule in the input chain. - Forward This chain is used for packets leaving the system. These are incoming connections that aren't delivered locally. In other words, the traffic is not destined for the router; the router forwards the traffic to the destination device. - Output This chain is used for outgoing connections. For example, if you ping testout.com, iptables check its output chain to see what the rules are regarding ping and testout.com before allowing or denying the ping request. Action Types - Accept Allows the connection. - Drop Drops the connection. For example, an IP address in a rule with a drop action pings your system; the request is dropped. No response is sent to the user. - Reject Rejects the connection but will send a response back. This lets the sender know that the traffic reached a system but was rejected.
39
Sample iptables Commands
- List current rules `sudo iptables -L` - Clear current rules `sudo iptables -F` - Save iptables changes (Ubuntu) `sudo /sbin/iptables-save` - Drop all incoming traffic `sudo iptables -A INPUT -j DROP` - Block connections from 192.168.0.254 `sudo iptables -A INPUT -s 192.168.0.254 -j DROP` - Block SMTP mail on port 25 `sudo iptables -A OUTPUT -p tcp --dport 25 -j REJECT` - Allow SMTP mail on port 25 `sudo iptables -A INPUT -p tcp --dport 25 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT` `sudo iptables -A OUTPUT -p tcp --sport 25 -m conntrack --ctstate ESTABLISHED -j ACCEPT` - Allow HTTP traffic on port 80 `sudo iptables -A INPUT -p tcp --dport 80 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT` `sudo iptables -A OUTPUT -p tcp --sport 80 -m conntrack --ctstate ESTABLISHED -j ACCEPT` - Allow HTTPS traffic on port 443 `sudo iptables -A INPUT -p tcp -m multiport --dports 80,443 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT` `sudo iptables -A OUTPUT -p tcp -m multiport --dports 80,443 -m conntrack --ctstate ESTABLISHED -j ACCEPT`