Difference between revisions of "IT-OS-Admin-Linux"
Jump to navigation
Jump to search
(→SSH) |
(→SSH) |
||
| Line 5: | Line 5: | ||
==SSH== | ==SSH== | ||
<pre class="code"> | <pre class="code"> | ||
| − | sudo dnf install openssh-client | + | $ sudo dnf install openssh-client |
| − | sudo dnf install openssh-server | + | $ sudo dnf install openssh-server |
| − | sudo systemctl restart sshd.service | + | $ sudo systemctl restart sshd.service |
| − | sudo systemctl enable sshd.service | + | $ sudo systemctl enable sshd.service |
</pre> | </pre> | ||
<pre class="code"> | <pre class="code"> | ||
# Key-Typs: RSA algorithm and DSA algorithm. | # Key-Typs: RSA algorithm and DSA algorithm. | ||
| − | $ | + | $ ~/.ssh/id_rsa # The file contains the RSA private key. |
| − | $ | + | $ ~/.ssh/id_rsa.pub # The file contains the RSA public key. |
| − | $ | + | $ ~/.ssh/authorized_keys # The file contains the keys that can be used for logging into system. |
| − | .. | + | ... |
sudo nano /etc/ssh/ssh_config | sudo nano /etc/ssh/ssh_config | ||
sudo nano /etc/ssh/sshd_config | sudo nano /etc/ssh/sshd_config | ||
| Line 27: | Line 27: | ||
</pre> | </pre> | ||
<pre class="code"> | <pre class="code"> | ||
| − | ssh-keygen -t rsa -b 4096 -C "samerhijazi@hotmail.com" # Generate prv and pub Key | + | $ ssh-keygen -t rsa -b 4096 -C "samerhijazi@hotmail.com" # Generate prv and pub Key |
| − | ssh-copy-id –i id_rsa.pub user@hostname # Copy Pub-Key to server | + | $ ssh-copy-id –i id_rsa.pub user@hostname # Copy Pub-Key to server |
| − | ssh –i id_rsa user@hotname | + | $ ssh –i id_rsa user@hotname # Login server with prv-key |
| − | .. | + | ... |
| − | cat ~/.ssh/id_rsa.pub | ssh user@hostname "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys" | + | $ cat ~/.ssh/id_rsa.pub | ssh user@hostname "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys" |
| − | ssh user@hostname "echo `cat ~/.ssh/id_rsa.pub` >> ~/.ssh/authorized_keys" | + | $ ssh user@hostname "echo `cat ~/.ssh/id_rsa.pub` >> ~/.ssh/authorized_keys" |
</pre> | </pre> | ||
Revision as of 16:33, 8 January 2020
Contents
Source
- Commands: https://ss64.com/bash/
- RHEL-Trainig: https://www.redhat.com/en/services/training/rh024-red-hat-linux-technical-overview
SSH
$ sudo dnf install openssh-client $ sudo dnf install openssh-server $ sudo systemctl restart sshd.service $ sudo systemctl enable sshd.service
# Key-Typs: RSA algorithm and DSA algorithm. $ ~/.ssh/id_rsa # The file contains the RSA private key. $ ~/.ssh/id_rsa.pub # The file contains the RSA public key. $ ~/.ssh/authorized_keys # The file contains the keys that can be used for logging into system. ... sudo nano /etc/ssh/ssh_config sudo nano /etc/ssh/sshd_config ------------------------------ RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile %h/.ssh/authorized_keys PasswordAuthentication no # Yes: Can login with Password; No: Can’t login with Password ------------------------------ /etc/init.d/ssh restart
$ ssh-keygen -t rsa -b 4096 -C "samerhijazi@hotmail.com" # Generate prv and pub Key $ ssh-copy-id –i id_rsa.pub user@hostname # Copy Pub-Key to server $ ssh –i id_rsa user@hotname # Login server with prv-key ... $ cat ~/.ssh/id_rsa.pub | ssh user@hostname "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys" $ ssh user@hostname "echo `cat ~/.ssh/id_rsa.pub` >> ~/.ssh/authorized_keys"
chmod
- u= User, g = Group, o = others
- 4=read, 2=write, 1=execute, 0=no promission #<<-- Combination of the Digits
$ chmod u=rwx,g=rwx,o=rwx $FILE_NAME $ chmod 755 $FILE_NAME
Setting Firewall
Service
$ sudo systemctl disable firewalld $ sudo systemctl stop firewalld $ sudo systemctl disable NetworkManager $ sudo systemctl stop NetworkManager $ sudo systemctl enable network $ sudo systemctl start network
Zone
sudo firewall-cmd --get-zones sudo firewall-cmd --get-active-zones sudo firewall-cmd --get-default-zone sudo firewall-cmd --get-services sudo firewall-cmd --list-all sudo firewall-cmd --list-ports
Zone-home
sudo firewall-cmd --zone=home --list-all sudo firewall-cmd --zone=home --list-ports sudo firewall-cmd --zone=home --list-services
Setting
sudo firewall-cmd --set-default-zone=home sudo firewall-cmd --zone=home --change-interface=eth0 sudo firewall-cmd --zone=home --add-service=http sudo firewall-cmd --zone=home --add-port=80/tcp --permanent
New Zone "boxblue"
sudo firewall-cmd --permanent --new-zone=boxblue sudo firewall-cmd --permanent --zone=boxblue --add-service=ssh sudo firewall-cmd --permanent --zone=boxblue --add-service=http sudo firewall-cmd --permanent --zone=boxblue --add-service=https sudo firewall-cmd --permanent --zone=boxblue --add-port=80/tcp sudo firewall-cmd --permanent --zone=boxblue --add-port=22/tcp sudo firewall-cmd --permanent --zone=boxblue --change-interface=wlp0s19f2u1 sudo firewall-cmd --permanent --set-default-zone=boxblue
Update
sudo firewall-cmd --reload sudo systemctl restart network sudo systemctl reload firewalld
Vim
Source: https://vim.rtorr.com/
Esc Exit the current mode. i Enter "Insert mode" for inserting text. v Enter "Visual mode" for character. V Enter "Visual mode" for line. : Enter "Command mode". ... h Move Left j Move Down k Move Up l Move Right ... u Undo the last operation. d Delete or Cut selected item. y Copy line. p Paste storage buffer after the cursor. ... :q Quit Vim. :q! Quit Vim without saving the changes. :w Save the file :wq Save the file and quit Vim. :w $FILE_NAME Save the file with the filename "yx".
DNF: Package Manager (fedora)
DNF: Dandified YUM
... rpm –i filename.rpm ... dnf --version dnf --enablerepo=epel ... sudo ls /etc/yum.repos.d/ sudo dnf repolist sudo dnf repoinfo sudo dnf config-manager --add-repo $REPO_NAME sudo dnf config-manager --set-enabled $REPO_NAME sudo dnf config-manager --set-disabled $REPO_NAME ... sudo dnf copr [enable|disable|remove|list|search] <parameters> ... dnf list installed dnf list available dnf provides /bin/bash dnf search dnf info nano dnf install nano dnf update nano dnf upgrade dnf check-update dnf remove nano dnf autoremove dnf clean all ... dnf grouplist dnf groupinstall 'Educational Software' dnf groupupdate 'Educational Software' dnf groupremove 'Educational Software' ... dnf distro-sync dnf reinstall nano dnf downgrade acpid
