Lab 4: Git and Linux SSH Script - adaley0518/Tech_Journal GitHub Wiki

Lab 4: The point of this lab is to learn how to use GIT to have access to file configurations, source files, and scripts to reference or use in the future. It is important to know that sensitive information like passwords, SSH Private Keys should not be exposed or documented. Privates keys should be left out of private repositories as well. The environments being used are Ubuntu through PuTTY on windows 10 environment (docker01-amber), Centos 7 through PuTTY on windows 10 environment (web01-amber) and Git Bash (mgmt01-amber).

1. GIT on dokcer01

   • Install Git (if needed)
     • sudo apt install git
   • clone github page
     • git clone https://github.com/adaley0518/Tech_Journal
   • create directories as needed
   • after any changes made to github you must add, commit and push
     • git add .
     • git status
     • git config user.email (email for github)
     • git config user.name (username)
     • git commit -m "insert info about what is being added"
     • git push
   • this should update you github account

2. GIT Clone

   • cat (name of file)
   • rm (name of file)
   • git checkout .
     • git checkout allows you to recover deleted files once pushed
   • cat (name of the same file)

3. GIT on Windows

   • Install
     • https://git-scm.com/download/win
   • Clone Repo on mgmt01 (windows environment)
     • cd Desktop/
     • git clone https://github.com/adaley0518/Tech_Journal
   • Modify Repo
     • go to a directory from the github clone
     • echo "hostname" >> (to a file)
     • cat (file name)
     • add, commit and push to update the file in the github
     • using echo allows you to put information in to a file
   • Git Pull
     • allows local repositories to sync with online version
       • git status
       • git pull

4. Hardening SSH

   • On web 01 also clone tech journal from GIT
   • then add a few directories and shell script
     • mkdir -p linux/{public-keys,centos7}
     • cd linux/
     • ls
     • vi centos7/secure-ssh.sh
     • chmod +x centos7/secure-ssh.sh
     • cat centos7/secure-ssh.sh
       • input code as needed here
   • push changes to github

5. RSA keypair

   • Create an RSA keypair on web10 (no passphrase required) & copy to public key to local repo
     • ssh-keygen -t rsa -C "sys265"
     • cp ~/.ssh/id_rsa.pub
     • add, commit and push web01 modifications

6. Hardening Script

   • on docker 01 git pull
   • manual creation of user only login via RSA Private Key
     • sudo useradd -m -d /home/sys265 -s /bin/bash sys265
     • sudo mkdir /homesys265/.ssh
     • sudo cp SYS265/linux/public-keys/id_rsa.pub /home/sys265/.ssh/authorized_keys
     • sudo chmod 700 /home/sys265/.ssh
     • sudo chmod 600 /home/sys265/.ssh/authorized_keys
     • sudo chown -R sys265:sys265 /home/sys265/.ssh
   • test by using web01 to ssh sys265@docker01-amber

7. Create a Script for Passwordless User

   • the script is written in the secure-ssh.sh
     • Script
   • create new user
     • ./secure-ssh-.sh (newuser)
     • if all goes well, you should be able to login on ssh wihtout a password