Linux+ Objective 2.4 Labs
Linux+ Objective 2.4 Labs
4 Labs
Scenario: You are a system administrator managing multiple servers remotely. You want to
con gure SSH and enable key-based authentication to enhance security and ease the login
process.
Scenario: You need to securely access a remote server and run graphical applications on your
local machine using X11 forwarding. Con gure and execute remote connectivity for system
management (macOS to Ubuntu). You are a system administrator managing a remote Ubuntu
server from your local macOS machine. You need to establish a secure SSH connection with
X11 forwarding to access and manage graphical applications on the remote server.
Instructions:
2. Open a terminal on your macOS machine and install the SSH client if it's not already
installed:
fi
fi
fi
ffi
fi
fi
```
sudo apt install openssh-client
```
3. Connect to the remote Ubuntu server using SSH with X11 forwarding:
```
ssh -X username@remote_server_ip
```
Replace `username` with your remote server username and `remote_server_ip` with the IP
address or hostname of the remote Ubuntu server.
6. Verify that X11 forwarding is enabled on the remote server by running the command:
```
echo $DISPLAY
```
You should see an output similar to `localhost:10.0`.
7. Test X11 forwarding by launching a graphical application from the remote server. For
example, you can run the `xclock` command:
```
xclock
```
This should open a clock application on your local macOS machine.
Congratulations! You have successfully con gured and executed remote connectivity with X11
forwarding from your local macOS machine to the remote Ubuntu server. You can now manage
and use graphical applications on the remote server from your macOS machine.
fi
Lab 3: SSH Tunneling - Port Forwarding
Scenario: You need to access a website running on a remote server's port that is not directly
accessible from your local machine. You must connect to a public facing AWS server via SSH
and that public facing AWS server will forward the http (port 80) tra c to the private IP of a
second AWS machine allowing you to see the website when you place 127.0.0.1:80 in your
web browser. YOU WILL NEED **TWO** AWS SERVERS FOR THIS LAB THE FIRST ONE IS
PUBLIC FACING AND A SECOND ONE THAT YOU WILL PLACE A BASIC WEBSITE ON.
THE SECOND SERVER WITH THE WEBSITE WILL ONLY BE ACCESSIBLE FROM THE IP
OF THE FIRST AWS SERVER.
Instructions:
Note: Make sure the web application on the remote server is listening on port 80 and
accessible within the network. Adjust the port numbers and addresses in the SSH command
accordingly if di erent in your scenario.
Additional Information:
- SSH port forwarding establishes an encrypted tunnel between your local machine and the
remote server, allowing you to securely access services running on the remote server.
- Local port forwarding forwards tra c from a port on your local machine to a port on the
remote server through the SSH tunnel.
- In this lab, the local port 8888 is being forwarded to port 80 on the remote server, where the
web application is listening.
- The SSH tunnel encrypts the tra c between your local machine and the remote server,
ensuring the security of your data.
Scenario:
You have an Amazon Linux server running on AWS, and you want to establish dynamic
forwarding using SSH to access the internet securely through the server. By using Dynamic
forwarding with SSH, you can establish a secure tunnel between your local Mac machine and
the remote AWS server. Any tra c that is sent through this tunnel, including requests to
blocked websites, will appear to originate from the remote AWS server. This allows you to
bypass network restrictions or access blocked websites by routing your local Internet tra c
through the SSH connection to the remote server.
Instructions:
1. Launch an Amazon EC2 instance with Amazon Linux on AWS.
2. Create a new security group for the EC2 instance and allow inbound SSH tra c (port 22)
from your IP address.
3. Connect to the Amazon Linux server using SSH:
```
ssh ec2-user@<public_ip_address>
```
Replace `<public_ip_address>` with the actual public IP address of your EC2 instance.
This command adds a permanent rule to allow incoming TCP connections on port 8080.
e) Identify the security group associated with your Amazon Linux instance.
g) In the "Inbound rules" tab, click on the "Edit inbound rules" button.
ssh ec2-user@<public_ip_address>
Replace <public_ip_address> with the actual public IP address of your EC2 instance.
Con gure the SSH server to allow dynamic forwarding by editing the SSH server con guration
le:
DynamicForward 8080
Save the le and exit the editor.
Restart the SSH server for the changes to take effect:
127.0.0.1 blocked-website.com
By following these steps, you will establish dynamic forwarding using SSH to bypass the local
restriction on your Mac and access the blocked website through the Amazon Linux server on
AWS.
fi
fi
fi
fi
fi
fi
fi
Lab 5: Executing Commands as Another User - Using sudo
Scenario: You are a system administrator responsible for managing a Linux server. You need to
perform administrative tasks and execute commands with elevated privileges using the sudo
command.
Scenario: You are a system administrator working on a multi-user Linux system. You need to
temporarily switch to another user to perform speci c tasks or troubleshoot issues.
Note: Exercise caution when executing commands with elevated privileges. Always ensure that
you have the necessary authorization and understand the potential consequences of the
commands you are executing.io: