Git Linux SSH Script - Snowboundport37/champlain GitHub Wiki

Git and Linux SSH Script

💡Version control systems are prevalent in today's IT environments. A firm knowledge of how to store different iterations of critical configurations and source code is therefore important.

You should already have a git repository, though it may only contain your wiki. We will add configurations, source files, and scripts to your repository to make it far more useful in this class and beyond.

💣 Sensitive information such as passwords, SSH Private Keys are frequently exposed by inattentive repository owners. Anything other than sample, non-production passwords should not be used or documented. Private keys should also be left out of even private repositories. #SecOps

Part 1: GIT

Install git on docker01

If you haven't done so already, install git on docker01.

The Clone

Replace the example repo and email with your own.

git clone https://github.com/YOUR-USERNAME/YOUR-REPO.git

Create a Directory Structure

If you haven't done so already, create a directory structure within your local repository that is organized to capture your configuration information.

Add, Commit and Push

Replace the example username and email with your own.

cd YOUR-REPO
git add .
git commit -m "Initial commit with configurations"
git push origin main

Deliverable 1

Provide a screenshot showing the configuration files (not your wiki) added to your GitHub site.

Git Clone

Once pushed, you can always recover files deleted locally by doing a git checkout. Delete the README.md file from the local repo on docker01.

rm README.md
git checkout -- README.md

Deliverable 2

Provide a screenshot of the recovered README.md.

Git on Windows

Install the 64-bit version of Git on mgmt01 using defaults.

Clone Your Repo on mgmt01

git clone https://github.com/YOUR-USERNAME/YOUR-REPO.git

Modify Your Repo

Create a mgmt01 directory with a README.md file with some arbitrary content.

mkdir mgmt01
echo "This is mgmt01" > mgmt01/README.md

Add, Commit, and Push to GitHub

git add mgmt01/README.md
git commit -m "Added mgmt01 README"
git push origin main

Deliverable 3

Provide a screenshot showing the commit.

Fix README Hostname

Modify README.md to include the actual hostname.

echo $(hostname) > mgmt01/README.md
git commit -am "oops"
git push origin main

Deliverable 4

Provide a screenshot showing the corrected commit.

Git Pull

Now, sync docker01 with the latest changes.

git pull origin main

Deliverable 5

Provide a screenshot showing README.md being pulled.

Part 2: Hardening SSH

Clone Your Tech Journal to web01

Install Git and clone your tech journal.

git clone https://github.com/YOUR-USERNAME/YOUR-REPO.git

Setting up SSH Authentication

Steps to Configure SSH Keys on All Machines

  1. Generate SSH Key Pair on web01, docker01, and mgmt01

    ssh-keygen -t ed25519 -C "[email protected]"
    • When prompted for the file location, press Enter to accept the default (~/.ssh/id_ed25519).
    • This generates a private (id_ed25519) and public (id_ed25519.pub) key pair.

  2. Start SSH Agent and Add Key

    eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_ed25519

  3. Copy and Add Public Key to GitHub

    cat ~/.ssh/id_ed25519.pub
    • Copy the output and navigate to GitHubSettingsSSH and GPG keys.
    • Click New SSH Key, paste the key, and save.

  4. Test SSH Connection to GitHub

    ssh -T [email protected]
    • If successful, you should see: 
      Hi YOUR-USERNAME! You've successfully authenticated.

  5. Copy Public Key to Remote Servers (docker01 and mgmt01)

    scp ~/.ssh/id_ed25519.pub user@docker01:~/.ssh/authorized_keys
scp ~/.ssh/id_ed25519.pub user@mgmt01:~/.ssh/authorized_keys
    • This ensures passwordless login between all systems.

  6. Modify Permissions for Security

    chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
    • Prevents unauthorized access to SSH authentication files.

  7. Verify SSH Login

    ssh user@docker01
ssh user@mgmt01
    • If successful, login occurs without prompting for a password.

Organize Your Repository

Create directories and add a shell script secure-ssh.sh.

mkdir -p linux/ssh
nano linux/ssh/secure-ssh.sh

Push Changes to GitHub

git add linux/ssh/secure-ssh.sh
git commit -m "Added secure-ssh.sh script"
git push origin main

Deliverable 6

Provide a screenshot showing the submitted secure-ssh.sh file.

Deliverable 7

Provide a screenshot showing the public key on GitHub.

Deliverable 8

Provide a screenshot showing the passwordless login.

Deliverable 9

Show a test run of the script and the passwordless SSH login.

Deliverable 10

Provide a direct link to the updated secure-ssh.sh file on GitHub.

Deliverable 11

Provide a link to your tech journal, ensuring it is well formatted and useful.