- Take me to Lab
Solutions lab - SSH Hardening and sudo:
-
All of Theseare the authentication methods used by SSH -
22is the default port used by SCP -
ssh -iis used to pass in the private key while connecting to a server via SSH? -
To create a user named jim on node01 host and configure password-less, Run
$ ssh node01 $ adduser jim set password you want Return back to controlplane host and copy ssh public key by running $ ssh-copy-id -i ~/.ssh/id_rsa.pub jim@node01 test ssh access from controlpane host $ ssh jim@node01 -
To change the password of user jim, Run
$ ssh node01 $ passwd jim switch to root user and run $ sudo su $ vi /etc/sudoers OR $ nano /etc/sudoers Add this line jim ALL=(ALL:ALL) ALL -
update user jim on node01 host so that jim can run sudo commands without entering the sudo password.
ssh into node01 by running $ ssh node01 $ vi /etc/sudoers change this line from jim ALL=(ALL:ALL) ALL To jim ALL=(ALL) NOPASSWD:ALL -
Add a new user rob on node01 host and set password to jid345kjf. Make user rob member of the admin
SSH into node01 by running $ ssh node01 Create user rob by running $ adduser rob Make it member of admin group by running $ usermod rob -G admin -
To investigate and fix this issue of sudo, Run
$ ssh node01 $ vi /etc/sudoers Edit this line to %admin ALL=(ALL) ALL -
To disable ssh root login and disable password authentication, Run
$ ssh node01 $ vi /etc/ssh/sshd_config Change: PermitRootLogin yes to no Change: #PasswordAuthentication yes to no Restart sshd service by running $ service sshd restart