Sys255‐AutomationLab - ConnorEast/Tech-Journal GitHub Wiki

Machine Stats:

| clone1 ---> 10.0.5.70/24 --> GW: 10.0.5.2 --> DNS: 10.0.5.5 |
| clone2 ---> 10.0.5.71/24 --> GW: 10.0.5.2 --> DNS: 10.0.5.5 |
| clone3 ---> 10.0.5.72/24 --> GW: 10.0.5.2 --> DNS: 10.0.5.5 |
image

Device Setup

after using the "nmtui" do the following. On each device use the command: "systemctl restart network", Then confirm each address has been properly allocated using the "ip addr" command. Once you have checked that; use the "ping -c 1 8.8.8.8 command to confirm connectivity."
image
Once that has been done. Go to your AD System and attempt to SSH into each of them. This can be done with the following commands:

"ssh [email protected]"
"ssh [email protected]"
"ssh [email protected]"

Below are images associated with the commands above: image
image
image

Deliverable 1:

image
image
image

Daemon Downloads + RSA Keys:

On each server you should use the following two Commands on Server 1:

sudo yum -y install epel-release
sudo yum -y install pssh

To make the RSA key do the following: Step 1 ---> Create the directory of "\home\connor.ssh" Step 2 ---> use the command "ssh-keygen" Step 3 ---> Choose a password: HelloW0rdle
image
Step 4 ---> Go to the directory location "/home/connor/.ssh" and use the "ls-l" command.
Step 5 ---> Use the command "ssh-copy-id [email protected] -f"
image
Step 6 ---> Go to Clone 2 and use the command "cd .ssh/"
Step 7 ---? use the ls command to confirm the file transfer and cat out its contents with "cat authorized_keys"
image

Note: I originally accidentally did the previous content as root and as such everthing broke. I fixed this by going back to my root account and using "chown connor:connor /home/connor/.ssh" and "chown connor:connor /home/connor/.ssh/*"

Deliverable 2: SSH RSA Key loggin:

image

Setting up an ssh agent time limit.

The following code will make login into systems easier as they won't require the password to be inserted every time. For this demonstration we will set the timer to an hour long.
Step 1 ---> Use the command "eval ssh-agent"
Step 2 ---> use the command "ssh-add -t 1h"
Step 3 ---> Insert the password associated with the id_rsa file made previously.
image

Deliverable 3: Password-less Login:

image

Setting up Password-less sudo for wheel.

Step 1 ---> Use the sudo command to gain root privilege's.
Step 2 ---> use the command "vi /etc/sudoers"
Step 3 ---> Located the section that states "Allow all people in group wheel to run all commands". Beneath that says "/wheel ALL=(ALL) ALL". Change that to "/wheel ALL=(ALL) NOPASSWD: ALL".
Step 4 ---> Save the file. Log out of root and log back in to confirm.

Deliverable 4:

image image

Setting up PSSH

To craft a pssh command you must first create a hosts file. I created my hosts file @ /home/connor/.ssh and I touched a file named hosts. Inside this file I inserted the following information:
image

Deliverable 5:

image
image
image
image

Deliverable 6: Ping and Pong

image

Deliverable 7: Ansible root cat /etc/shadow

image

Deliverable 8: Using Ansible Add arbitrary port 266 to Clone2/3.

image
image

Deliverable 9: Using Ansible, Curl Clone2 and Clone3's index page.