Getting Started with

Linux

Cybersecurity Essentials: Operating Systems

Version: 1.0

[Additional Information]
Cybersecurity Essentials: Operating Systems
CE4101: Getting Started with Linux

June 2022
Version: 1.0

© 2022 Sophos Limited. All rights reserved. No part of this document may be used or reproduced in any form or by any
means without the prior written consent of Sophos.

Sophos and the Sophos logo are registered trademarks of Sophos Limited. Other names, logos and marks mentioned in this
document may be the trademarks or registered trademarks of Sophos Limited or their respective owners.

While reasonable care has been taken in the preparation of this document, Sophos makes no warranties, conditions or
representations (whether express or implied) as to its completeness or accuracy. This document is subject to change at any
time without notice.

Sophos Limited is a company registered in England number 2096520, whose registered office is at The Pentagon, Abingdon
Science Park, Abingdon, Oxfordshire, OX14 3YP.

Getting Started with Linux - 1

 Getting Started with Linux
RECOMMENDED KNOWLEDGE AND EXPERIENCE
In this course you will learn the
basics of using the Linux ✓ None

operating system; including,

managing permissions and
services, editing files, port
tunnelling, and scheduling tasks.

DURATION 90 minutes

In this course you will learn the basics of using the Linux operating system; including, managing
permissions and services, editing files, port tunnelling, and scheduling tasks.

Getting Started with Linux - 2

 What is Linux?

Linux is an operating system, which is the software that manages all the hardware resources of your
device, whether that is a desktop, laptop, tablet, or phone. To put it simply, the operating system
manages the communication between your software and your hardware. Without the operating
system (OS), the software wouldn’t function. From smartphones to cars, supercomputers and home
appliances, home desktops to enterprise servers, the Linux operating system is everywhere.

[Additional Information]
Image: https://commons.wikimedia.org/wiki/File:Linux_Lite_5.2_Desktop_en.png

Getting Started with Linux - 3

 Linux Distributions

https://distrowatch.com/

There are many different versions of Linux to suit any type of user. From new users to experienced
users, you’ll find a flavor of Linux to match your needs. These versions are called distributions, or
distros for short. Nearly every distribution of Linux can be downloaded for free, written to a disk or
USB drive, and installed on as many machines as you like.

Each distribution has a different take on the desktop. Some opt for very modern user interfaces (such
as GNOME and Elementary OS’s Pantheon), whereas others stick with a more traditional desktop
environment (openSUSE uses KDE).

You can check out the top 100 distributions on the Distrowatch.

Getting Started with Linux - 4

 Local Login

When logging into a Linux system, you can either login locally, if you have physical access to the
device, or you connect remotely. Some Linux installations have a user interface, as shown here, while
others only have a command line interface. With a GUI, simply fill out the username and password to
access the system.

Getting Started with Linux - 5

 Remote Login Using SSH
SSH (Secure Shell) - allows secure remote access of Linux systems

SSH can be used to pass specific commands to the system and/or start interactive
shells

C:\>ssh [email protected]
The authenticity of host 'sophoslab-648685.westeurope.cloudapp.azure.com
(20.224.226.54)' can't be established.
ECDSA key fingerprint is SHA256:wOGVqD6JlXEi0aY5bJD/pEhlMYVCNfLFF1OAjI1xMhU.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'sophoslab-
648685.westeurope.cloudapp.azure.com,20.224.226.54' (ECDSA) to the list of known hosts.
[email protected]'s password:
Welcome to Ubuntu 20.04.4 LTS (GNU/Linux 5.13.0-1029-azure x86_64)

labuser@SophosLab-648685:~$

For remote systems, SSH, or secure shell, is most used to access the command line interface. To do
this you use an SSH client, most modern operating systems have one built-in, including Windows, as
shown here.

SSH can also be used to pass specific commands to the system instead of starting interactive sessions.

Getting Started with Linux - 6

 Additional information in
the notes
Key-based Authentication for SSH
$ ssh-keygen

Output
Generating public/private rsa key pair.
Enter file in which to save The
the key
key fingerprint is:
SHA256:CAjsV9M/tt5skazroTc1ZRGCBz+kGtYUIPhRvvZJYBs
(/home/username/.ssh/id_rsa):
username@hostname
The key's randomart image is:
Created directory '/home/username/.ssh'.
Enter passphrase (empty for +---[RSA 3072]----+
no passphrase):
Enter same passphrase again:|o ..oo.++o .. |
| o o +o.o.+... |
|. . + oE.o.o . |
our identification has been saved in
| . . oo.B+ .o |
/home/username/.ssh/id_rsa.
| . .=S.+ + |
Your public key has been saved in
|
/home/username/.ssh/id_rsa.pub. . o..* |
| .+= o |
| .=.+ |
| .oo+ |
+----[SHA256]-----+

Although passwords are sent to the server in a secure manner, they are generally not complex or long
enough to be resistant to repeated, persistent attackers. Modern processing power combined with
automated scripts make brute-forcing a password-protected account very possible. Although there are
other methods of adding additional security, SSH keys prove to be a reliable and secure alternative.

Key-based authentication is a kind of authentication that may be used as an alternative to password

authentication. Instead of requiring a user's password, it is possible to confirm the client's identity by
using asymmetric cryptography algorithms, with public and private keys.

Information on setting up key-based authentication can be found at ssh.com.

The systems in the lab environment are temporary and do not contain proprietary data, which is why
we have not implemented key protection in accessing the system. You are welcome to secure your
session with an RSA key, but it is not required.

[Additional Information]
https://www.ssh.com/academy/ssh/keygen

Getting Started with Linux - 7

 User Permissions
All processes run on a Linux system as a user

Your user context will affect your ability to modify certain files, execute certain
programs, and execute certain commands

Try running shutdown as the labuser in your lab; you will see a permission error due
to your user account’s insufficient privileges

labuser@SophosLab-646956:~/$ shutdown
Failed to set wall message, ignoring: Interactive authentication required.
Failed to call ScheduleShutdown in logind, no action will be taken: Interactive
authentication required.

All processes run on a Linux system as a User. Each User has assigned or inherited permissions to
interact with files and programs on the system. Your user context will affect your ability to modify
certain files, execute certain programs, and execute certain commands. Each file has read, write, and
execute attributes that affect a given user’s ability to interact with that program or file. Programs will
also execute with the identity of a user and will inherit that user and user’s group’s associated
permissions on the file system.

For example, if you attempted to use the shutdown command as a user it will fail. To run this
command, you will need elevated privileges.

Getting Started with Linux - 8

 Super User and Elevated Permissions
labuser@SophosLab-649918:~$ id
uid=1000(labuser) gid=1000(labuser)
groups=1000(labuser),4(adm),20(dialout),24(cdrom),25(floppy),27(sudo),29(audio)
,30(dip),44(video),46(plugdev),117(netdev),118(lxd)

labuser@SophosLab-649918:~$ whoami
Labuser

labuser@SophosLab-649918:~$ sudo whoami

root

labuser@SophosLab-649918:~$ sudo su

root@SophosLab-649918:/home/labuser# whoami
root

You can find out details about the user you are logged in as with the id command. This will display
your user and group memberships.

A simplified version to just check your username is whoami.

The root user is the most privileged on the system and is needed to run most administrative
commands. This is also referred to as the superuser.

You can use the sudo command to run commands as the root user with the elevated privileges that
are associated with that account.

If you want to change user you can use the su, or switch user, command.

You can also combine these to login as the root user by running sudo su.

Best practice for Linux systems is to avoid logging in as the root user unless necessary. As the root user
can do anything, if you enter the wrong command, you can make the system usable, and often you will
not be prompted for confirmation. For this reason, when logging in via SSH, Linux will often not allow
you to login as root.

You can also use su to login as another user by providing the username of the user you want to login
as. If you are root you will not be prompted for a password, but if you try this from another user
account you will need to have the user’s password.

Getting Started with Linux - 9

 Super User and Elevated Permissions
labuser@SophosLab-649918:~$ ps
PID TTY TIME CMD
1165 pts/0 00:00:00 bash
1832 pts/0 00:00:00 ps

labuser@SophosLab-649918:~$ uname
Linux

labuser@SophosLab-649918:~$ uname -a
Linux SophosLab-649918 5.13.0-1029-azure #34~20.04.1-Ubuntu SMP Thu Jun 9
12:37:07 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux

labuser@SophosLab-649918:~$ cd /

labuser@SophosLab-649918:/$ ls
bin dev home lib32 libx32 media opt root sbin srv tmp var
boot etc lib lib64 lost+found mnt proc run snap sys usr

You can find out about what is running on the Linux server using the command ps, which stands for
process. By default, it will only show processes running as your user, but you can use additional
arguments to display all processes, and more details about the processes.

The uname command can be used to find out about the Linux server. It will display information on the
operating system, kernel, and architecture.

To change directory, you can use the cd command, followed by the directory you want to navigate to.

To display the files and folders in that location, use the ls command, which stands for list.

Getting Started with Linux - 10

 Useful System Commands
Command Description
id Display user information and group memberships
whoami Display username
cd Change directory
cd .. go to parent directory
cd - go to previous directory
ls List files
-l display extended file information
-a display hidden files
uname Display system information
sudo Run a command with elevated privileges as the root user
su Switch user
ps Display process information
E.g., ps aux
exit Logout

Here are some useful system commands. Take a moment to read through the descriptions for each.
You will be using these throughout the lab.

Getting Started with Linux - 11

 Lab Tasks

Complete the tasks for the User Login and User

Permissions labs:
• Task 1: Login to a Linux server using SSH
• Task 2: Run Commands as Your User and with Elevated
Privileges

Complete the lab tasks shown here.

The lab task information can be found in the Lab Workbook which is available in the Lesson Resources
of this course.

Getting Started with Linux - 12

 File System
KERNEL

VIRTUAL FILE SYSTEM

EXT3 HPFS VFAT EXT4 FREEBSD

PARTITIONS

PHYISCAL STORAGE

Like all operating systems, Linux and UNIX require somewhere to store applications and files, this is
done through several layers or organization and abstraction from the physical storage.

The physical storage can be divided into multiple partitions for storing different data.

Each partition will have a file system. Linux and UNIX operating systems support multiple different file
systems, and partitions do not all have to have the same file system.

The file system defines how the data is stored, including characteristics such as the length of the file
name, or the set of characters that can be used for file name, and the logical structure of files on a
memory segment.

There is virtual file system that Linux uses to abstract itself from the differences between file systems
so that the kernel can use a standard set of commands when interacting with storage.

Getting Started with Linux - 13

 Additional information in
the notes
Directory Structure
Root
/

/bin/ /boot/ /dev/ /etc/ /home/ /lib/ /media/ /mnt/

/opt/ /root/ /sbin/ /srv/ /tmp/ /usr/ /var/

/bin/ /cache/

/include/ /log/

/lib/ /spool/

/sbin/ /tmp/

Linux operating systems store their data in a hierarchal directory structure, where directories can be
on the same or different partitions or physical storage.

At the top of the tree is the root, denoted by a /. If you are familiar with Windows, you can think of
this like the C-drive.

Here are the first level of directories, these are the most important directories on the device, and
within those are the subdirectories.

Linux uses a directory tree to manage directories and files. The directory tree information should also
be stored on a storage device and this part is called the root file system (the "/" directory).

Hover over the blue first level directories to see a description for each.

[Additional Information]
/bin: Contains essential system commands that can be executed by any user
/boot: Files related to system startup, such as kernel files and bootloader (grub) files, etc…
/dev: Contains the device files for every hardware device attached to the system. These are not device
drivers, rather they are files that represent each device on the computer and facilitate access to those
devices
/etc: Contains the local system configuration files for the host computer, such as user information,
service startup scripts, configuration files for common services, etc. It's similar to Windows Registry
/home: The default location to log in and save user data. Each user has a subdirectory in /home
/lib: Contains essential shared library files that are required to boot the system
/media: Used to mount external removable media devices such as floppy disks, CDs, and USB thumb

Getting Started with Linux - 14

drives that may be connected to the host
/mnt: The traditional mountpoint for regular hard drive partitions (file systems)
/opt: Used to install additional software
/usr: Its full name is Unix Software Resource. It is the default installation location of
the software and similar to the complex of "C:\Windows\ + C:\Program files\" on
Windows
/root: The home directory for the root user. It's the default location to log in and save
root user data
/sbin: Commands related to system administration. Only root can use these
commands, but there are also commands that allow ordinary users to view
/srv: Contains data for services. After some system services are started, they can call
out or save necessary data in this directory
/tmp: The system stores temporary files here. All users have read and write access
/lost+found: When the system crashes unexpectedly or shuts down unexpectedly,
some file fragments will be stored here. During system startup, the fsck tool will
check this directory and repair the damaged file system. Please note this directory
only appears in each partition (file system)
/proc: Files that represent system and process information
/sys: Similar to the /proc directory and the data in this directory is stored in memory,
but it mainly stores information related to the kernel
/var: Used to store dynamic data, such as caches, log files, and files generated during
software operation

Getting Started with Linux - 14

 Navigating the File System
labuser@SophosLab-649918:~$ pwd
/home/labuser

labuser@SophosLab-649918:~$ cd /etc

labuser@SophosLab-649918:/etc$ ls -la | head -5

total 868
drwxr-xr-x 98 root root 4096 May 28 06:09 .
drwxr-xr-x 19 root root 4096 Jun 3 14:18 ..
-rw------- 1 root root 0 Apr 21 14:07 .pwd.lock
drwxr-xr-x 3 root root 4096 Apr 21 14:07 ModemManager

labuser@SophosLab-649918:~$ cd ..

labuser@SophosLab-649918:/$ pwd
/

labuser@SophosLab-649918:~$ cd -

labuser@SophosLab-649918:/$ pwd
/etc

Let’s see how you can navigate through the directory structure using standard commands.

To see where you are you can use the command pwd, which standard for print working directory.

To change directory, use the command cd, followed by the directory you want to change to. This can
either be the absolute path starting from root, /, or it can be the relative path from where you are, in
which case you omit the slash prefix.

To list the files in a directory, use ls. This has several options for displaying more comprehensive
information.
-l shows more details for each file, including the permissions, size, and last modified date.
-a shows all files, including hidden files, which are those starting with a period.

In this example we have piped the output to the head command to only display the first five lines of
the output.

To move to the parent directory, use cd ..

To go back to the previous directory, use cd -

Getting Started with Linux - 15

 Additional information in
the notes
chown

$ ls -l filename.txt
User Group
-rw-r--r-- 12 LinuxUser users 12.0K Apr 8 20:51 filename.txt

$ chown SophosUser filename.txt

$ ls -l filename.txt

-rw-r--r-- 12 SophosUser users 12.0K Apr 8 20:55 filename.txt

You may need to take ownership of a file or modify its permissions in order to be able to work with the
file or launch an application. This can be accomplished in multiple ways depending on the outcome
desired.

The chown command allows you to change the user and/or group ownership of a given file, directory,
or symbolic link. In Linux, all files are associated with an owner and a group and assigned with
permission access rights for the file owner, the group members, and others.

Here we can see that that the file filename.txt is owned by the user LinuxUser and the group users. By
running the chown command, we can replace the owner of filename.txt with SophosUser.

[Additional Information]
To learn more about chown you can visit https://linuxize.com/post/linux-chown-command/

Getting Started with Linux - 16

 Additional information in
the notes
chmod

$ ls -l filename.txt

-rw-r--r-- 12 SophosUser users 12.0K Apr 8 20:51 filename.txt

-rw-r--r--
File type:
- File
l Link
d Directory Permissions for Permissions for Permissions for
user owner group owner everyone

r = read w = write x = execute

In Linux, access to the files is managed through the file permissions, attributes, and ownership. This
ensures that only authorized users and processes can access files and directories. The chmod
command can be used to change the access permissions of files and directories.

Here we can see the output of the ls command for the file filename.txt.

The first flag is for the file type. This will be a hyphen (-) for a regular file, an l for a link, or a d for a
directory.

There are then three sets of permissions.

The first is for the user owner of the file, the second is for the group owner of the file, and third are for
everyone.

For each of these three sets of permissions there are three flags that can either be set where there is a
letter or unset where there is a hyphen (-). These are an r for read, w for write and x for execute.

[Additional Information]
To learn more about chmod, you can visit https://linuxize.com/post/chmod-command-in-linux/

Getting Started with Linux - 17

 Useful System Commands
Command Description
pwd Print working directory
cd Change directory
cd .. go to parent directory
cd - go to previous directory
ls List files
-l display extended file information
-a display hidden files
mkdir Create a directory
rmdir Remove an empty directory
rm Remove a file
cat Concatenate the contents of one of more files and output it to a location
of your choosing, by default this is the screen
-n display line numbers
grep Filter the output for lines that match a given string
locate Show the location of files that contain a given string

Here are some useful system commands for navigating the file system and searching files. Take a
moment to read through the descriptions for each. You will be using these throughout the lab.

Getting Started with Linux - 18

 Lab Tasks

Complete the tasks for the File System lab:

• Task 1: Navigate the Linux File System

Complete the lab tasks shown here.

The lab task information can be found in the Lab Workbook which is available in the Lesson Resources
of this course.

Getting Started with Linux - 19

 Additional information in
the notes
Package Managers

apt update
yum update
apt upgrade
yum update <PACKAGE>
apt dist-upgrade
yum upgrade
apt install <PACKAGE>
yum remove <PACKAGE>
apt remove <PACKAGE>

Linux and Unix systems commonly use package manager utilities to add and maintain software
packages on the system. If you want to add a new program to a Linux system, the system’s package
manger is the way that you are going to do that. If you are familiar with OSX, homebrew is the
equivalent service on that platform. Yum is most commonly associated with the RedHat and CentOS
family of Linux systems, and apt is more common with the Debian family Linux systems.

The package manager will acquire the package from the appropriate repositories and install all
package components in the appropriate directories for the program’s runtime. Dependencies,
configuration files, binaries, etc, will all be placed at different portions of the filesystem.

To use the package manager, you will need to have elevated privileges.

Getting Started with Linux - 20

 Additional information in
the notes
Using apt
root@SophosLab-649918:~# apt -h
apt 2.0.8 (amd64)
Usage: apt [options] command

apt is a commandline package manager and provides commands for

searching and managing as well as querying information about packages.
It provides the same functionality as the specialized APT tools,
like apt-get and apt-cache, but enables options more suitable for
interactive use by default.

Most used commands:

list - list packages based on package names
search - search in package descriptions
show - show package details
install - install packages
reinstall - reinstall packages
remove - remove packages
autoremove - Remove automatically all unused packages
update - update list of available packages
upgrade - upgrade the system by installing/upgrading packages
full-upgrade - upgrade the system by removing/installing/upgrading packages
edit-sources - edit the source information file
satisfy - satisfy dependency strings

Our lab uses Ubuntu, which is a Debian-based Linux, and so we will be using apt. apt is like the app
store of the Debian Linux operating systems.

apt is a command line interface for retrieval of packages and information about them from
authenticated sources and for installation, upgrade and removal of packages together with their
dependencies.

There are two versions of apt, apt and apt-get. For this course we will use apt, which is a simplified
version of apt-get.

Getting Started with Linux - 21

 Additional information in
the notes
apt Example
root@SophosLab-649918:~# apt install nginx
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done Here you can see that
The following additional packages will be installed: additional libraries
fontconfig-config fonts-dejavu-core libdeflate0 libfontconfig1 libgd3 need to be installed
libjbig0 libjpeg-turbo8 libjpeg8 libnginx-mod-http-geoip2
with nginx
libnginx-mod-http-image-filter libnginx-mod-http-xslt-filter
libnginx-mod-mail libnginx-mod-stream libnginx-mod-stream-geoip2 libtiff5
libwebp7 libxpm4 nginx-common nginx-core
Suggested packages:
libgd-tools fcgiwrap nginx-doc ssl-cert
The following NEW packages will be installed:
fontconfig-config fonts-dejavu-core libdeflate0 libfontconfig1 libgd3
libjbig0 libjpeg-turbo8 libjpeg8 libnginx-mod-http-geoip2
libnginx-mod-http-image-filter libnginx-mod-http-xslt-filter
libnginx-mod-mail libnginx-mod-stream libnginx-mod-stream-geoip2 libtiff5
libwebp7 libxpm4 nginx nginx-common nginx-core
0 upgraded, 20 newly installed, 0 to remove and 0 not upgraded.
Need to get 2692 kB of archives.
After this operation, 8316 kB of additional disk space will be used.
Do you want to continue? [Y/n] Y

In the example shown here, we use apt to install the nginx package. apt installs all the necessary
dependencies and unpacks all the packages to the appropriate directory in the server filesystem.

Getting Started with Linux - 22

 nginx

nginx is an open-source web server program and is one of the most widely deployed programs in this
application family. Nginx is now owned by F5 but is maintained as an open-source web server with
premium products available for sale. nginx.com is the website commercial offering, and nginx.org is
the website for open-source version.

Many high traffic web pages on the public internet use nginx, such as jd.com.

Getting Started with Linux - 23

 Additional information in
the notes
nginx Parameters
root@ip-172-31-15-74:/home/ubuntu# nginx -h Try this command in your lab
nginx version: nginx/1.18.0 (Ubuntu)
Usage: nginx [-?hvVtTq] [-s signal] [-c filename] [-p prefix] [-g
directives]

Options:
-?,-h : help
-v : show version and exit
-V : show version and configure options then exit
-t : test configuration and exit
-T : test configuration, dump it and exit
-q : suppress non-error messages during configuration testing
-s signal : send signal to a master process: stop, quit, reopen,
reload
-p prefix : set prefix path (default: /usr/share/nginx/)
-c filename : set configuration file (default: /etc/nginx/nginx.conf)
-g directives : set global directives out of configuration file

Most Linux programs support a help program argument, usually with -h. Here you can see the
additional program arguments and their suggested syntax for nginx.

Basic functions, like starting and stopping the service, can be accomplished with systemctl, which we
will cover shortly.

Using exact syntax with program arguments is essential; even an incorrect capitalization or extra space
can break the syntax and render your commands unusable by your target program.

Getting Started with Linux - 24

 Lab Tasks

Complete the tasks for the Package Manager lab:

• Task 1: Getting Started with apt
• Task 2: Use apt to Install a ngnix

Complete the lab tasks shown here.

The lab task information can be found in the Lab Workbook which is available in the Lesson Resources
of this course.

Getting Started with Linux - 25

 Additional information in
the notes
Managing Services

root@SophosLab-646956:~/$ systemctl enable <SERVICE NAME> Configure whether the service

root@SophosLab-646956:~/$ systemctl disable <SERVICE NAME> will start when the system boots

root@SophosLab-646956:~/$ systemctl start <SERVICE NAME>

Start and stop the service
root@SophosLab-646956:~/$ systemctl stop <SERVICE NAME>

root@SophosLab-646956:~/$ systemctl restart <SERVICE NAME>

Restart the service

root@SophosLab-646956:~/$ systemctl status <SERVICE NAME>

View the status of the service

All service management begins with systemctl. This utility allows an administrator to query service
status, view logs, stop, and start the services running on the system. Once you have installed the
necessary software packages using apt or yum, you can then enable, start, and manage the running
service using systemctl.

For mode detailed information on using systemctl, please see the documentation linked from the
course notes.

[Additional Information]
https://man7.org/linux/man-pages/man1/systemctl.1.html

Getting Started with Linux - 26

 Nginx Example
root@SophosLab-649918:~# systemctl enable nginx
Synchronizing state of nginx.service with SysV service script with /lib/systemd/systemd-sysv-
install.
Executing: /lib/systemd/systemd-sysv-install enable nginx
Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service →
/lib/systemd/system/nginx.service.
root@SophosLab-649918:~# systemctl start nginx

Let’s use nginx as an example.

When you installed it, nginx was enabled to start when the system booted, but if it wasn’t we can
enable it using systemctl enable nginx.

When you using systemctl to start a service you won’t see any output unless there is an error.

Getting Started with Linux - 27

 Nginx Example
root@SophosLab-649918:~# systemctl status nginx
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2022-06-14 10:54:32 UTC; 5s ago
Docs: man:nginx(8)
Process: 5367 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on;
(code=exited, status=0/SUCCESS)
Process: 5368 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited,
status=0/SUCCESS)
Main PID: 5369 (nginx)
Tasks: 2 (limit: 4100)
Memory: 2.3M
CGroup: /system.slice/nginx.service
├─5369 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
└─5370 nginx: worker process

Jun 14 10:54:32 SophosLab-649918 systemd[1]: Starting A high performance web server and a reverse
proxy server...
Jun 14 10:54:32 SophosLab-649918 systemd[1]: Started A high performance web server and a reverse
proxy server.

When you check the service, you see all the runtime information about the processes, followed by the
most recent log data.

Getting Started with Linux - 28

 Lab Tasks

Complete the tasks for the Package Manager lab:

• Task 1: Managing System Services using systemctl

Complete the lab tasks shown here.

The lab task information can be found in the Lab Workbook which is available in the Lesson Resources
of this course.

Getting Started with Linux - 29

 Additional information in
the notes
Editing Files

https://www.openvim.com/

Vi and Vim (Vi improved) have been used for editing files on the Linux-based systems for decades. You
can pick up the basic usage quickly, and this will be sufficient for general day-to-day usage. Gaining
mastery of vi or vim can be challenging, as they have their own very specific command syntax, but this
allows you to use these powerful programs to their full ability.

[Additional Information]
https://www.openvim.com/

Getting Started with Linux - 30

 Editing Files with Vim

Press i to enter insert mode

Press Esc to enter command mode

Vim has two modes, command mode and insert mode. In command mode, you can search for text
strings, move your cursor position in the file, delete full lines, and much more. In insert mode, you are
editing the file via text editor, a much more traditional document editing experience. To enter insert
mode, press the i key once. To exit insert mode back to command mode, press Esc.

Getting Started with Linux - 31

 Additional information in
the notes
Searching in Files with Vim

Type Use
/string n to go to the next match
to search for a string in the file N to go to the previous match

Here you can see an example where we have searched for ‘dhcp’ in the file by typing /dhcp.

You can then use lowercase n and uppercase N to go to the next and previous match respectively.

Getting Started with Linux - 32

 Useful Vim Commands
Command Description
i Enter insert mode
Esc Enter command mode (exit insert mode)
:wq Write changes to file and quit
:q! Quit without saving changes
u Undo last change
/string Search for a string in the file
Use n to go to the next match
Use N to go to the previous match
dd Delete the current line
Shift + A Enter insert mode at the end of the line (append)
0 Move to the start of the line
$ Move to the end of the line
o Open a line below the cursor and enter insert mode

Here are some useful Vim commands when editing files. These are all used in command mode, not
insert mode, except for escape to exit insert mode.

Getting Started with Linux - 33

 Additional information in
the notes
HTML

Basic HTML Example

<!DOCTYPE html>
<html>
<body>

<h1>My First Heading</h1>

<p>My first paragraph.</p>

</body>
</html>

view-source:https://www.weather.gov/

HTML (Hyper Text Markup Language) is a syntax used to structure webpages. You can go to your
favorite webpage, right-click and select to view the page source. You are viewing the HTML source of
the webpage.

You can use the link shown here to view the source for the weather.gov site.

Hypertext is text that is used to reference other pieces of text, while a markup language is a series of
markings that tells web servers the style and structure of a document.

The HTML code, as we see in the example on screen, is parsed by your web browser and rendered as
the web pages that we interact with every day.

As part of the lab, you will be creating a webpage using an HTML template we will provide.

To learn more about HTML, please visit the sites linked in the course notes.

[Additional Information]
https://html.com/
https://developer.mozilla.org/en-US/docs/Learn/HTML
https://www.w3schools.com/html/

Getting Started with Linux - 34

 Lab Tasks

Complete the tasks for the Editing Files lab:

• Task 1: Editing HTML Using Vim

Complete the lab tasks shown here.

The lab task information can be found in the Lab Workbook which is available in the Lesson Resources
of this course.

Getting Started with Linux - 35

 Additional information in
the notes
Scheduling Tasks

Cron Syntax Guide

Cron Syntax Creator

Cronjobs are used to execute scheduled tasks on a configured interval on Linux systems. System
administrators can create scripts and programs and configure cron to execute them as needed. Cron
has a unique syntax type in defining the period interval in which to execute these tasks. The URL
references on screen are useful in understanding this syntax and automatically generating your own
cron syntax based on your desired parameters.

[Additional Information]
Cron syntax guide: https://www.netiq.com/documentation/cloud-manager-2-5/ncm-
reference/data/bexyssf.html
Cron syntax creator:
http://www.cronmaker.com/;jsessionid=node018fef9s6cpavh1izquywo6iox3486245.node0?0

Getting Started with Linux - 36

 Additional information in
the notes
Getting Started with Cron

root@ip-172-31-15-74:/home/ubuntu# crontab -e Use crontab -e to edit

no crontab for root - using an empty one cronjobs

Select an editor. To change later, run 'select-editor'.

1. /bin/nano <---- easiest
2. /usr/bin/vim.basic You can choose which editor to
3. /usr/bin/vim.tiny use
4. /bin/ed

Choose 1-4 [1]:

We can use the crontab command to add, modify, or delete the cronjobs running on our Linux
system. For the lab, we will use Vim, but the system will present you with a few options for text
editors.

To edit cronjobs for the currently logged in user run crontab –e. If you want to just display the
cronjobs you can run crontab –l.

There are other options included in the course notes, including how to view the cronjobs of other
users.

When you edit cronjobs you can also choose which editor you want to use.

[Additional Information]
usage: crontab [-u user] file
crontab [ -u user ] [ -i ] { -e | -l | -r }
(default operation is replace, per 1003.2)
-e (edit user's crontab)
-l (list user's crontab)
-r (delete user's crontab)
-i (prompt before deleting user's crontab)

Getting Started with Linux - 37

 Additional information in
the notes
Getting Started with Cron
#Linux Crontab Format
#MIN HOUR DAY MONTH DayOfWeek Command

Min 24-hour Month Sunday to

Day between
between 00 format, 00 to between 1 Saturday as
1 and 31
and 59 23 and 12 numbers 0 - 6

#Example of running a backup script at 10:00 PM everyday

00 22 * * * /home/SophosUser/backup.sh

#Example of running a full backup script every Sunday at noon

00 12 * * 0 /home/SophosUser/fullBackup.sh

#Example of running an update every hour during the workday

00 08-17 * * 1-5 /home/SophosUser/updateCheck.sh

The Linux Crontab format is expressed as Minute, Hour, Day, Month, Day of Week, and finally the
command to run on a single line. The hour field is expressed in 24-hour format and the day of week is
from 0 to 6. If you want the command to run ever day or every hour, for example, you would put an
Asterix in that place.

If you would like to run the command multiple times in a day, for example during business hours, you
would define a range in the hour field by using a dash. So, to run a command each hour starting at
8:00 am and ending at 5:00pm you would put 00 in the minute field and then 08-17 in the hour field.
This instructs Cron to run at every hour between 8:00 and 17:00. The same can be done for the days,
month, and day of the week sections.

[Additional Information]

Any additional information, for example, URL’s, knowledge base article numbers, commands, log
directories etc are added here.

Additional information is not narrated.

Getting Started with Linux - 38

 Additional information in
the notes
Calling APIs Using Curl
root@ip-172-31-15-74:/home/ubuntu# curl --help
Usage: curl [options...] <url>
-d, --data <data> HTTP POST data
-f, --fail Fail silently (no output at all) on HTTP errors
-h, --help <category> Get help for commands
-i, --include Include protocol response headers in the output
-o, --output <file> Write to file instead of stdout
-O, --remote-name Write output to a file named as the remote file
-s, --silent Silent mode
-T, --upload-file <file> Transfer local FILE to destination
-u, --user <user:password> Server user and password
-A, --user-agent <name> Send User-Agent <name> to server
-v, --verbose Make the operation more talkative
-V, --version Show version number and quit

root@ip-172-31-15-74:/home/ubuntu# curl -o sophostest.html https://sophostest.com

% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 22388 100 22388 0 0 220k 0 --:--:-- --:--:-- --:--:-- 220k

Curl is a command line utility used to transfer data, supporting dozens of protocols and countless
parameters. When you need to get data of almost any type from a remote system onto your own, curl
is an excellent place to start. In the lab, we use curl to acquire state weather data from the National
Weather Service’s public API.

In the example shown here we are downloading the webpage sophostest.com to a file.

[Additional Information]
Full documentation available here - https://curl.se/docs/manpage.html

Getting Started with Linux - 39

 Getting Started with CURL and APIs

Basic HTTP Get Request

curl https://api.weather.gov/alerts/active?area={CA}

Save your curl output to a file

curl -o curloutput.json https://api.weather.gov/alerts/active?area={CA}

Pass web request headers along with your curl request

curl -H "X-Header: value” https://api.weather.gov/alerts/active?area={CA}

Here we have some examples of common curl usage. These different program arguments can be
chained together as well, where you might want to authenticate to an API service with curl -H and
your authentication token, and then output the API response to a file on your system.

Getting Started with Linux - 40

 Lab Tasks

Complete the tasks for the Scripts and Automation lab:

• Task 1: Using Curl and Cron to Automate Tasks

Complete the lab tasks shown here.

The lab task information can be found in the Lab Workbook which is available in the Lesson Resources
of this course.

Getting Started with Linux - 41

 Additional information in
the notes
Port Tunnelling

CloudLabs
SSH connection from
Student PC to
Ubuntu Server

Student PC Internet Tunnel port 8080 of

Ubuntu Server
Student PC to port 80
on Ubuntu

SSH can be used for more than logging into a server interactively, you can also use it to securely tunnel
a port between a client and a server, this is called SSH tunnelling.

In your lab environment you will use SSH as a secure tunnel for the web port on the Ubuntu server,
port 80, and broadcast it on port 8080 on your local computer. You will then be able to connect to port
8080 on your computer and the request will be tunneled through to port 80 on the Ubuntu server and
you will be able to access the webpage.

Getting Started with Linux - 42

 Additional information in
the notes
Using SSH to Tunnel Ports

Syntax
ssh –N <USER>@<SSH SERVER> -L [LOCAL_IP:]<LOCAL_PORT>:<DEST_IP>:<DEST_PORT>

Example
ssh -N [email protected] -L 8080:localhost:80

To prevent being disconnected use the ServerAliveInterval option

E.g., -o ServerAliveInterval =30

Here you can see the syntax for port tunnelling with SSH. As you can see, you specify the local port,
the destination IP address on the remote server, and the destination port on the remote server. You
can also optionally specify the local IP address to broadcast on. If no IP address is provided, localhost
is used.

Here is an example of what the command will look like.

If you have an SSH connection open, such as with the tunnelling command, but it is idle, then you will
be disconnected. You can prevent this be also using the ServerAliveInterval option.

We are going to look at doing a local port forward which will forward a port on our local machine (the
SSH client) to a port on the remote server (the SSH server). When this is configured, the local machine
will listen for traffic destined for a specific port and when detected, it will forward the traffic to the
remote SSH server.

[Additional Information]
The -N switch tells SSH not to run a remote command.
The -L switch tells the SSH client to create a local port forward.
If you do not supply the local IP address it will use 127.0.0.1, also known as localhost.
You need to supply the local port you will be connecting to.
You need to supply the IP or hostname and port of the destination computer and service to be
tunnelled.

Getting Started with Linux - 43

 Lab Tasks

Complete the tasks for the Port Tunnelling lab:

• Task 1: Using SSH to Tunnel a Port

Complete the lab tasks shown here.

The lab task information can be found in the Lab Workbook which is available in the Lesson Resources
of this course.

Getting Started with Linux - 44

 Additional information in
the notes
Lab Result

Image downloaded by
imagepull.sh cronjob

JSON downloaded by
cronjob.sh cronjob

Congratulations! You have made it all the way from executing your first file system commands,
through using a command line text editor, installing up a webserver, using scheduled jobs and scripts,
and are now viewing your webserver through a secure SSH tunnel! The concepts and tools that you
used throughout this lab should serve as foundational steps in understanding how Linux systems are
used, the world that the administrators and users of these systems live in, and allow you to continue
your usage and development on the Linux platform.

If you would like to try implementing more detailed HTML on your webserver you can access guides
and templates at w3schools.com and nicepage.com. You will find links in the course notes.

[Additional Information]
https://www.w3schools.com/html/
https://nicepage.com/html-templates

Getting Started with Linux - 45

 Course Review

All files and folders on Linux have owners, groups, and read, write, and execute permissions. Processes
run as users which determine the permissions they have. The root user has the highest level of
permissions.

The package manager is like the app store for Linux. It can install, upgrade, and remove software from the
Linux system. You need root access to use the package manager.

You can create scheduled tasks using crontab. You edit the cronjobs using an editor like vim. Cronjobs can
automate tasks that include downloading content using tools like curl.

Here are the three main things you learned in this chapter.

All files and folders on Linux have owners, groups, and read, write, and execute permissions. Processes
run as users which determine the permissions they have. The root user has the highest level of
permissions.

The package manager is like the app store for Linux. It can install, upgrade, and remove software from
the Linux system. You need root access to use the package manager.

You can create scheduled tasks using crontab. You edit the cronjobs using an editor like vim. Cronjobs
can automate tasks that include downloading content using tools like curl.

Getting Started with Linux - 55

 TRAINING FEEDBACK

Feedback is always welcome

Please email [email protected]

Feedback on our courses if always welcome.

Please email us at [email protected] with your comments.

Getting Started with Linux - 56

Getting Started with Linux - 57