Practical - 1

Aim: Installation of Linux OS.

Minimum system requirements for Zorin OS 16 (Linux)

 Dual Core 64-bit (1GHZ)

 2 GB RAM
 10 GB free disk space
 Internet Connection Optional
 Display (800×600)

Step by Step Guide to Install Zorin OS in Virtual Box

Before you start installing Zorin OS 16, ensure you have a copy of the Zorin OS 16 downloaded in your
system. If not download then refer official website of Zorin OS. Remember this Linux distribution is
available in 4 versions including

 Ultimate (Paid Version)

 Core (Free Version)
 Lite (Free Version)
 Education (Free Version)

Downloading Zorin OS
It is a little bit tricky to download the Zorin OS ISO, as the free download option is kind of hidden below
the paid option, which costs around $39 or around 2700 INR.

Figure 1

1
Download Virtual Machine

Abstracts the hardware of our personal computers such as CPU, disk drives, memory, NIC (Network
Interface Card), etc, into many different execution environments as per our requirements, he nce giving us
a feeling that each execution environment is a single computer. For example, VirtualBox.

We can create a virtual machine for several reasons, all of which are fundamentally related to the ability to
share the same basic hardware yet can also support different execution environments, i.e., different
operating systems simultaneously.

Figure 2

After the downloading is over, you can install Ubuntu on VirtualBox with the help of following
instructions:

 Open VirtualBox and click on the New button.

Figure 3

2
 Give a name to your Virtual Machine and select the location for it to install.

Figure 4

 Assign RAM size to your Virtual Machine.

Figure 5
3
 Create a Virtual Hard disk for the machine to store files.

Figure 6

 Select the type of Hard disk. Using VDI type is recommended.

Figure 7

4
 Either of the physical storage type can be selected. Using Dynamically allocated disk is by default
recommended.

Figure 8

 Select disk size and provide the destination folder to install .

Figure 9

5
 After the Disk creation is done, boot the Virtual Machine and begin installing Zorin

Figure 10

 If the installation disk is not automatically detected. Browse the file location and select the
ISO file for Ubuntu.

Figure 11

6
 In the next dialog, press the “Add” button in the top-left corner to add the Zorin OS .iso file.

Figure 12

 Navigate to your Downloads folder to select the Zorin OS .iso file you downloaded and click
“Open”.

Figure 13

 The virtual machine should now start up. When you reach the Zorin OS boot selection menu, make
sure that the top “Try or Install Zorin OS” option is highlighted and press the Enter key.

7
 Figure 14

 Choose the first or second and hit Enter to boot. And it will get into the ‘installer wizard ‘directly.
There choose the language as you prefer, click either ‘Try Zorin OS’ or ‘Install Zorin OS’. And hit
Continue.

Figure 15

8
 Next, choose the keyboard layout. The default one is good for normal devices, and you can type in
the box to test it out. Or click ‘Detect Keyboard Layout’ and follow it.

Figure 16

 Next screen will prompt you either to install updates, third-party software during the installing
process. Toggle the options as you prefer. It’s OK to disable them to speed up the process a little,
since they are available in system repositories to install afterwards.

Figure 17

 Create Partitions for Zorin OS file system

9
  If you have a file system, e.g., Windows, on the hard disk, choose ‘Install Zorin OS alongside them’
is OK. But if you have multiple systems, it’s better to choose ‘Something else’ to manually create
partitions.
 If you’re going to use the whole hard drive for Zorin OS only, choose ‘Erase disk and install Zorin
OS’ is the easiest solution. And encrypt the partition is optional.
 As always, I’ll recommend ‘Something else’ to get into partition table and create system partition
manually.

Figure 18

 If you chose to create file partitions manually, it should now bring you to the partition table. There
you need to create following partitions

 BIOS boot or EFI partition for GPT hard disk

 EXT4 partition for file system
 Swap area for small RAM

Create BIOS boot or EFI partition

For the hard drive with the GPT partition table, a small 2MB~10MB BIOS boot or 100MB ~ 250MB EFI
partition should be in the table. If not exist, create either one.

 To check if GPT or not, press Ctrl+Alt+T to open terminal and run command

10
 Figure 19

 To create EFI partition if your machine uses UEFI boot. Click on free space (at the beginning if

possible) and create a 100MB ~ 250MB partition, use as ‘FAT32 file system‘, and mount at /boot/efi.

Figure 20

11
  To create BIOS boot partition for legacy BIOS boot machine, simply click on free space (free space
in the beginning is recommended if possible) and create a 2MB ~ 8MB partition, use as ‘Reserved
BIOS boot area’.

Figure 21

Create Ext4 file system partition

 Next create the partition to install the Zorin OS file system. Use EXT4 file system with 20 GB+ disk
space, though 50 GB+ will be good for long time use. And select or type / as mount point.

Figure 22
12
Create swap area

 If you have a small RAM, e.g., 4GB or less, or you need the function to hibernate to disk, also create
the Swap area.

Set the size to as large as of RAM and use as ‘Swap area’.

(Optional) Encrypt the Zorin OS File System

You can encrypt the file system so that users need to type password before accessing it. No one can access
you files without the password you set.

 Firstly, if you’re going to install the whole hard disk for Zorin OS only. Select ‘Erase disk and
install Zorin OS’ and there’s an option to encrypt the file system.

Figure 23

 Alternatively, if you’re now at the partition table, select the free space and click on ‘+‘ icon to create
a partition
 Set size to 20 GB+ (recommend 50 GB and higher). Do leave 500MB free space for /boot partition
(see next step).
 Choose use as ‘Physical volume for encryption’

 Set your password twice and hit OK

13
 Figure 24

 Next, wait a few seconds. It will create an encrypted partition shown at top.
Choose the partition, and click on ‘Change’ button. Then use the partition by typing or selecting / as
mount point.

Figure 25

 You also need to create a separate /boot partition. Highlight the free space and click ‘+‘. Then create
a partition with

 500 MB size
 EXT4 file system.
 Mount point /boot

14
 Figure 26

 Finally, the partition table will look like

Figure 27

 Finally, choose locale, set account and start installing Zorin OS

 After creating disk partitions, click on ‘Install Now’ button. And confirm in pop-up dialog.
 Next choose your location in the world map.

15
 Figure 28

 Create user account, setup computer name, etc.

Figure 29

 And wait for copying file system and installing process. When done, either click ‘Restart Now’ or
just close the dialog to continue testing the live system.

16
 Figure 30

Conclusion

The installation process of Zorin OS is mostly same to Ubuntu, though there are few differences. For those
using the system in public places, it’s recommended to encrypt the file system. And no one will be able to
access your data.

17
 Practical - 2
Aim: Writing advanced shell programs

 Operators
Arithmetic Operators

read - p 'Enter a : ' a

read

- p 'Enter b : ' b

add

= $((a + b))

echo Addition of a and b are $add sub

= $((a - b))

echo Subtraction of a and b are $sub

mul

= $((a * b))

echo Multiplication of a and b are $mul

div

= $((a / b))

echo division of a and b are $div

mod

= $((a % b))

echo Modulus of a

and b are $mod

((++a)) echo Increment

operator when applied on "a" results into a = $a

((--b)) echo Decrement

operator when applied on "b" results into b = $b

Figure 31

18
Relational Operators

read -p 'Enter a : ' a

read -p 'Enter b : ' b
if(( $a==$b ))
then
echo a is equal to b.
else
echo a is not equal to b.
fi
if(( $a!=$b ))
then
echo a is not equal to b.
else
echo a is equal to b.
fi
if(( $a<$b ))
then
echo a is less than b.
else
echo a is not less than b.
fi
if(( $a<=$b ))
then
echo a is less than or equal to b.
else
echo a is not less than or equal to b.
fi
if(( $a>$b ))
then
echo a is greater than b.
else
echo a is not greater than b.
fi
19
if(( $a>=$b ))
then
echo a is greater than or equal to b.
else
echo a is not greater than or equal to b.
fi

Figure 32

Logical Operators

read -p 'Enter a : ' a

read -p 'Enter b : ' b
if(($a == "true" & $b == "true" ))
then
echo Both are true.
else
echo Both are not true.
fi
if(($a == "true" || $b == "true" ))
then
echo Atleast one of them is true.
else
echo None of them is true.
fi
if(( ! $a == "true" ))
then
echo "a" was initially false.
20
else
echo "a" was initially true.
Fi

Figure 33

Bitwise Operators

read -p 'Enter a : ' a

read -p 'Enter b : ' b

bitwiseAND=$(( a&b ))

echo Bitwise AND of a and b is $bitwiseAND

bitwiseOR=$(( a|b ))

echo Bitwise OR of a and b is $bitwiseOR

bitwiseXOR=$(( a^b ))

echo Bitwise XOR of a and b is $bitwiseXOR

bitiwiseComplement=$(( ~a ))

echo Bitwise Compliment of a is $bitiwiseComplement

leftshift=$(( a<<1 ))

echo Left Shift of a is $leftshift

rightshift=$(( b>>1 ))

echo Right Shift of b is $rightshif

21
 Figure 34

File Test Operator

read -p 'Enter file name : ' FileName

if [ -e $FileName ]

then

echo File Exist

else

echo File doesnot exist

fi

if [ -s $FileName ]

then

echo The given file is not empty.

else

echo The given file is empty.

fi

if [ -r $FileName ]

then

echo The given file has read access.

else

echo The given file does not has read access.

fi

if [ -w $FileName ]

then

echo The given file has write access.

Else

22
 echo The given file does not has write access.

fi

if [ -x $FileName ]

then

echo The given file has execute access.

else

echo The given file does not has execute access.

Fi

Figure 35

 Conditional Statements
Implementing if statement

#Initializing two variables

a=10

b=20

#Check whether they are equal

if [ $a == $b ]

then

echo "a is equal to b"

fi

23
#Check whether they are not equal

if [ $a != $b ]

then

echo "a is not equal to b"

fi

Figure 36

Implementing if.else statement

#Initializing two variables

a=20

b=20

if [ $a == $b ]

then

#If they are equal then print this

echo "a is equal to b"

else

#else print this

echo "a is not equal to b"

fi

Figure 37

24
Implementing switch statement

CARS="bmw"

#Pass the variable in string

case "$CARS" in

#case 1

"mercedes") echo "Headquarters - Affalterbach, Germany" ;;

#case 2

"audi") echo "Headquarters - Ingolstadt, Germany" ;;

#case 3

"bmw") echo "Headquarters - Chennai, Tamil Nadu, India" ;;

Esac

Figure 38

 Looping Statements in Shell Scripting

Implementing for loop with break statement

#Start of for loop

for a in 1 2 3 4 5 6 7 8 9 10

do

# if a is equal to 5 break the loop

if [ $a == 5 ]

then

break

fi

# Print the value

echo "Iteration no $a"

done

25
 Figure 39

Implementing for loop with continue statement

for a in 1 2 3 4 5 6 7 8 9 10

do

# if a = 5 then continue the loop and

# don't move to line 8

if [ $a == 5 ]

then

continue

fi

echo "Iteration no $a"

done

Figure 40

26
Implementing while loop

a=0

# -lt is less than operator

#Iterate the loop until a less than 10

while [ $a -lt 10 ]

do

# Print the values

echo $a

# increment the value

a=`expr $a + 1`

done

Figure 41

Implementing until loop

a=0

# -gt is greater than operator

#Iterate the loop until a is greater than 10

until [ $a -gt 10 ]

do

# Print the values

27
 echo $a

# increment the value

a=`expr $a + 1`

done

Figure 42

Infinite loop

while true

do

# Command to be executed

# sleep 1 indicates it sleeps for 1 sec

echo "Hi, I am infinity loop"

sleep 1

done

28
Figure 43

29
 Practical - 3
Aim: Installation and management of printers

Installing open source drivers

Your Linux distribution probably already has these installed, but if not, you can install them with your
package manager. For example, on Fedora, CentOS, Mageia, and similar:

$ sudo dnf install gutenprint

For HP printers, also install Hewlett-Packard's Linux Imaging and Printing (HPLIP) project. For example,
on Debian, Linux Mint, and similar:

$ sudo apt install hplip

The Common Unix Printing System (CUPS) was developed in 1997 by Easy Software Products, and
purchased by Apple in 2007. It's the open source basis for printing on Linux, but most modern distributions
provide a customized interface for it. Thanks to CUPS, your computer can find printers attached to it by a
USB cable and even a shared printer over a network.

Once you've gotten the necessary drivers installed, you can add your printer manually. First, attach your
printer to your computer and power them both on. Then open the Printers application from
the Activities screen or application menu.

Figure 44

There's a possibility that your printer is auto detected by Linux, by way of the drivers you've installed, and
that no further configuration is required.

30
 Figure 45

Provided that you see your printer listed, you're all set, and you can already print from Linux!

If you see that you need to add a printer, click the Unlock button in the top right corner of
the Printers window. Enter your administrative password and the button transforms into an Add button.

Click the Add button.

Your computer searches for attached printers (also called a local printer). To have your computer look for a
shared network printer, enter the IP address of the printer or its host.

Figure 46

31
 Practical - 4
Aim: Using gcc compiler to write c programs

In Ubuntu repositories, GCC Compiler is a part of the build-essential package, and this package is exactly
what we will be installing in our Linux Operating System. If you're interested in learning more about the
build-essential meta-package, GCC Compiler (GNU Compiler Collection) is a collection of compilers and
libraries for the programs written in C, C++, Ada, GO, D, Fortran, and Objective-C programming languages
and is distributed under the GNU General Public License.

Need to Install the Build-Essential Package

Build-essential meta-package in Ubuntu comes with five separate packages, including the GCC Compiler,
that are required during a software compilation process, which will help compile a C program in Linux. All
these five packages are listed below:

 gcc: The GNU Compiler Collection (GCC Compiler) for compilation of programs written in C
Language.
 g++ : The GNU C++ compiler for compilation of programs written in C++ Language.
 libc6-dev: This is the GNU library files package. The development libraries and header files needed
to know how to compile the C program in Linux are included in this package.
 make: This is a handy tool for controlling the compilation of programs. This tool reads a file called a
"makefile", which tells the compiler how to do its job.
 dpkg-dev: This package can be used to unzip, compile, and upload Debian source packages. This
tool will come in handy if you wish to package your program for a Debian-based system.

Installing the Build-Essential Package

Let's start the tutorial by installing the essential package, the build-essential package, in our Linux operating
system. Let's see the steps involved in installing the build-essential package:

First, you have to open up the terminal. You can use the shortcut key Ctrl + Alt + T, or manually open up
the terminal by searching it in the menu option (⋮⋮⋮ icon).

1. To begin, update the packages list using the below command:

$ sudo apt update

The apt command in Linux is in charge of installing, uninstalling, and updating applications on our system.
Consider your computer a factory, and the apt command to be the factory manager who manages the
installation of new equipment, removing obsolete equipment, and updating the desired equipment to the
latest versions while keeping track of the equipment names and versions currently in use. So, the sudo apt
update command is used to update the track of the software versions, which helps install the newest
available software version in your systems.

Note: sudo (Super User DO) enables a permitted user to run a command as the superuser or another user,
depending on the security policy. So, if required, enter your system password to proceed.

Output:

2. Install the package build-essential using the following command:

32
$ sudo apt install build-essential

If required, enter your system password to proceed.

Output:

Press the Y key and then the Enter key once you get the same output above on your screen to continue the
installation process.

It will take up to 3-5 minutes to completely install the build-essential meta-package in your system. This
process will install the GCC Compiler on your Linux Operating System so that you can use this compiler to
learn how to compile C Programs in Linux.

Check GCC Version

Now that you have installed the build-essentials /Development Tools package, you can quickly
check/validate your GCC Compiler version. In this section, you will see how you can check/validate the
installed GCC compiler version by using the below command in your Linux terminal:

$ gcc --version

Note: --version flag under the GCC command is compatible with almost all the terminal development
software in Linux.

Output:

If you see Output like the above-displayed Output on your screen, you have successfully installed the GCC
compiler`.

Note: If the Output looks like the below Output, there was some discrepancy during the installation process.
Don't worry about it. You have to repeat the steps mentioned in the above section to install the build-
essential package / Development Tools again, and then you are good to go.

Creating a Simple C Program in Ubuntu Using Text Editor

In this section, you will create a simple C program on Ubuntu OS using a pre-installed text editor.

There are many Linux terminal commands to create a new file like using the touch, > (redirect operator), cat,
echo commands, or terminal editors like vi, vim or nano. We are using the touch command in this tutorial in
the terminal to create an empty C program file. Before creating a new file, you can change the terminal's
directory to any desired location in your system. We have chosen the Desktop directory in this tutorial, you
can change to the Desktop directory using the cd Desktop (change directory to Desktop) command, or you
can choose any directory of your choice, pass the location address of the directory after the cd command.
You have to make sure that the C program file is compiled in the same directory as where the C program file
is present.

Let's see this in action in Ubuntu 20.04 OS.

Step 1: touch hello.c command in the terminal will create an empty hello.c C program file in the desktop
directory.

33
Step 2: Open the hello.c file in the in-built text editor (The Ubuntu operating system's default GUI text
editor is gedit. It offers most conventional text editor functions as well as many additional ones and is UTF-
8 compatible) of Linux by double-clicking on the file and type the Hello World C program in the editor as
given below.

Hello World! Program in C

// C Program to print Hello, World! in the output

#include<stdio.h>

int main() {
// printf function is used to print the string argument in the output window
printf("Hello, World!\n");

return 0;
}

Output:

Hello, World!

Compile C Program In Linux Using The GCC Compiler

To compile C Program in Linux, you can use the below command in the terminal:

$ gcc hello.c -o hello

The above command will generate an executable file (a computer file containing binary encoded values that
a system can directly execute) with the name hello as given in the command after -o. You can give any name
to the executable file. It is not necessary that you give the same name as the C program file.

Note: You also have to ensure that the above command is used in the same directory where the hello.c file is
present.

Running our C Program

To run the executable file you just got from compiling your C Program, you need to run the below
command, and the Output of the C program will be shown on the terminal screen:

$ ./hello

Note: Use this command in the same directory where the hello executable file is present. For example, we
are compiling and executing our program file on the Desktop directory.

This command will give Hello, World! Output on the terminal if you have written the same C program
mentioned in the above section.

34
 Practical – 5
Aim: Configuring FTP server

FTP (file transfer protocol) is an internet protocol that is used for transferring files between client and
server over the internet or a computer network. It is similar to other internet protocols like SMTP which is
used for emails and HTTP which is used for websites. FTP server enables the functionality of transferring
files between server and client. A client connects to the server with credentials and depending upon the
permissions it has, it can either read files or upload files to the server as well. In this article, we will see how
to set up an FTP server, configure user permissions, configure a firewall and finally encrypt our FTP traffic
with SSL.

FTP Server Working

FTP server facilitates the transfer of files between client and server. You can either upload a file to a server
or download a file from the server. A client makes two types of connections with the server, one for giving
commands and one for transferring data. The client issues the command to the FTP server on port 21, which
is the command port for FTP. For transferring data, a data port is used. There are two types of connection
modes for transferring data:

 Active mode: In Active mode, the client opens a port and waits for the server to connect to it to
transfer data. The server uses its port 20 to connect to the client for data transfer. Active mode is not
set by default in most of the FTP clients because most firewalls block the connections which are
initiated from outside, in this case, the connection initiated by our FTP server. To use this, you have
to configure your firewall.
 Passive mode: In this, when a client requests a file from the server, the server opens a random port
and tells the client to connect to that port. In this case, the connections are initiated by the client and
this also solves the firewall issues. Most of the FTP clients use passive mode by default.

Stepwise Implementation

At first SSH into your Linux virtual machine with a user who has sudo permissions and follows the
following steps:

Step 1: Install FTP server

There are many FTP servers to choose from like ProFTPD, vsftpd, etc. We will be using vsftpd.

Features of vsftpd FTP server

vsftpd has a lot of features that make it a great option as an FTP server. It

 Supports SSL/TLS integration

 Can jail users into its home directory with a feature called chroot. We will set this up later in this
article.
 Can limit bandwidth.
 Supports virtual users
 Supports virtual IP configuration
 Supports IPv6


35
Type in the following command to install vsftpd

sudo apt install vsftpd

Now we will check if the vsftpd service is active or not. Type in

sudo systemctl status vsftpd

Figure 47

You can see under the Active heading that it’s active and running. systemctl command is used to manage
and check services on Linux. We can also use this command to enable and disable services on Linux. If your
vsftpd is not active, then type in

sudo systemctl enable --now vsftpd

The –now flag ensures that enable command affects our service immediately and not after a reboot.

Step 2: Configure Firewall

FTP uses port 20 for active mode, port 21 for commands, and a range of ports for passive mode. We need to
open these ports from our firewall. If you do not use any firewall, you can skip this step. Most Linux
systems use ufw to manage firewalls, however, some cloud service providers like Microsoft Azure have
firewalls outside of the Virtual machine and you have to configure that from their portal. Whatever the case,
just open ports 20 and 21 for TCP connections and open a range of ports for passive FTP connections. The
range for passive ports depends upon how many concurrent user clients you expect to have. Also, a single
client can use multiple ports to transfer multiple files or a large file. We also need to specify our FTP server
to use those ports and we will see how to do it later in this tutorial The ports till 1024 are reserved and our
passive FTP port range should be higher than that. I’ll open ports from 5000-10000. We will also open port
990 for TLS which we will configure later. Let’s do it for ufw. Type in

sudo ufw allow 20/tcp

sudo ufw allow 21/tcp
sudo ufw allow 990/tcp
sudo ufw allow 5000:10000/tcp

Step 3: Configure Users

The two most common use cases of FTP servers are:

36
  You want to host a public FTP server and a lot of public users are going to connect to your FTP
server to download files.
 You want to upload your files to your Linux server for personal use and you would not have public
users.

In the first case, you would need to create an additional user and share its username and password with your
clients to access the files. Everything else is the same for the second case.

The basic idea is that the admin user should be able to upload files to any folder of the machine, and the
public user should be able to view and download files from a specific directory only. To make this happen,
you should have a basic idea of user permissions. The root user has the permission to write files into any
folder of the server, and any other user has access to every folder inside their home directory which is
/home/username , and most of the other directories are not writable by other users. So if you want to upload
files to other directories outside of your admin user’s home directory, let’s say /var/www, then you would
need to change the owner of this directory to your admin user with chown command, or change directory
modification permissions with chmod command.

Let’s start by creating our public user account. Type in

sudo adduser ftpuser

Enter your password, leave other values empty, and at last, enter Y to save changes.

Figure 48

Now, for security purposes, we will disable ssh permission for this user. Type in

sudo nano /etc/ssh/sshd_config

Add the following line in this file

DenyUsers ftpuser

Press Ctrl + x then y then enter. Now, restart the SSH service so that these new settings take effect.

sudo systemctl restart sshd

Step 4: Create the FTP folder and set permissions

We will create our FTP folder. Type in

sudo mkdir /ftp

37
Now, we will change this directory’s owner to our admin user. Type in

sudo chown adminuser /ftp

If you want to upload files to any folder that is not owned by your admin user, you will have to change that
folder’s owner using the above-mentioned command.

Step 5: Configure and secure vsftpd

Open the vsftpd configuration file. Type in

sudo nano /etc/vsftpd.conf

Make sure the following lines are uncommented

...
anonymous_enable=NO

local_enable=YES

write_enable=YES
...

Also, we opened ports 5000 to 10000 in step 2 for passive mode, so now we will let vsftpd know which
ports to use for passive FTP connection. Add the following lines in vsftpd.conf file

pasv_min_port=5000
pasv_max_port=10000

Now, we will specify the default directory for FTP connections which will open when someone connects to
our FTP server. Add the following line

local_root=/ftp

Remember, do not put any space before and after = in this configuration file.

Locking user into the home directory

Now, for security reasons, we will lock the ftpuser to the default directory, as by default, a user can browse
the whole Linux server. To do this, vsftpd uses chroot. To do this, un-comment the following lines

...
chroot_local_user=YES

chroot_list_enable=YES

chroot_list_file=/etc/vsftpd.chroot_list
...

Also, add the following line as it is not in the configuration file by default

allow_writeable_chroot=YES

38
The first line enables chroot feature for local users which includes our admin user and our ftpuser. The
second and third lines let us choose which users to apply to chroot to.

Setting file permission

local_umask=0002

This line will set the modification permission of every new file created to 664(-rw-rw-r-) and of every new
folder to 775(rwxrwxr-x). With this, the ftpuser can only read and download files from every sub-directory
of our FTP directory, but it does not have permission to upload anything to our FTP directory since it is not
the owner.

Press Ctrl + x then y then enter. Now, we need to create that list file. Type in

sudo touch /etc/vsftpd.chroot_list

sudo nano /etc/vsftpd.chroot_list

Whatever users you specify in this file, will not be chroot-ed. So add your admin username in this file
because we do not want to lock it. Press Ctrl + x then y then enter. Now we need to restart our vsftpd server
so that all these settings get applied immediately. Type in

sudo systemctl restart --now vsftpd

Step 6: Securing vsftpd with SSL/TLS

It is recommended to encrypt FTP traffic if you want to use it over the internet. We will encrypt our traffic
with FTPS (file transfer protocol over SSL). Let’s start by generating a self-signed certificate. Type in

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.pem -out
/etc/ssl/private/vsftpd.pem

Enter all the required information and your certificate will be generated. You can also Hit Enter if you want
the default values to be set. Now, open the vsftpd configuration file. Type

sudo nano /etc/vsftpd.conf

Go to the end of the file and remove the following lines

rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem

rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key

ssl_enable=NO

And, paste the following lines

rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
39
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=NO
ssl_ciphers=HIGH

Save the changes and finally, restart the vsftpd service by typing in

sudo systemctl restart --now vsftpd

Step 7: Connecting to our FTP server

To do this, you will need an FTP client. Again, there are a bunch of them to choose from. I’d suggest you go
with Filezilla. Download and install it and then open it. Enter your server’s IP address in the Host field, your
username, and password, and click connect and you are good to go.

Figure 49

On the left side, you would see your PC’s directories, and on the right, you would see the directories of your
FTP server. You can drag and drop files to upload and download files between the FTP server and your
device(client).

40
 Practical – 6
Aim: Connecting to internet

1. Connect your modem to the internet. To do so, connect the internet cable to the "Internet" or "WAN" port
on the back of your modem. Then plug in your modem. The internet cable is the cable that carries the
internet into your home. It may be an Ethernet cable or a coaxial cable. It may be a cable that comes in from
the outside, or there may be a wall outlet that you use to connect to the internet.

Figure 50

2. Connect your wireless router to your modem if needed. Many wireless routers come with a modem
already built-in. If you do not have a 2-in-1 modem and router, use an ethernet cable to connect your
wireless router to one of the "LAN" ports on the back of your modem. Then connect the other end of the
ethernet cable to the "WAN" or "Internet" port on the back of your router.

Figure 51
41
3. Plug your router into your PC.To do so, connect an ethernet cable to one of the LAN ports on the back of
the router. Then connect it to an ethernet port on your PC.

If your PC does not have an ethernet port, you can purchase an ethernet-to-USB adapter.

Figure 52

4. Go to your router's IP address in a web browser.You can use any web browser.

Figure 53

5. Enter the IP address for your router into the address bar at the top.This opens your router's user interface.
The IP address you use to open your router's interface is different from one manufacturer to another. Consult
the user's manual or manufacturer's web page to find out the IP address for your router's make and model.
42
Common router IP addresses include "192.168.1.1," "192.168.0.1," and "10.0.0.1". You may be able to find
the IP address on a sticker on the back or bottom of your router.

Figure 54

6. Enter the username and password for your router.If you have not set an admin username and password for
your router, you can use the default username and password. Consult the user's manual or for your router to
find the default username and password. There may also be a sticker on the back or bottom of your router
with the default username and password.

Figure 55

43
7. Enable wireless networking.The user interface is different from one router model to the next. Locate the
wireless settings in the user interface and make sure wireless networking is enabled.

Figure 56

8. Select WPA encryption.When you enable wireless networking, you need to select an encryption method.
The most common wireless encryption type is WPA, WPA2, or WPA3.

Do not use WEP encryption. WEP is an outdated encryption method that is [easy to break]. For the best
security, make sure you use WPA encryptions.

44
 Figure 57

Connecting through the GUI

1.Click the Wi-Fi icon

Most Linux distributions have their own built-in Wi-Fi interface called NetworkManager that you can use to
connect to Wi-Fi. Click the Wi-Fi icon, which typically resembles a fan with arching lines in the middle. If
you are not connected to Wi-Fi, it will most likely resemble an empty fan with no arching lines. The Wi-Fi
icon is usually in the upper-right corner or lower-right corner, depending on which Linux distribution you
are using.

Figure 58

45
2. Ensure Wi-Fi is enabled.Look for an option in the drop-down menu that says "Enable Wi-Fi" or
something similar. Ensure there is a checkmark next to the icon that says "Enable Wi-Fi." It should start
scanning for nearby wireless networks.

Figure 59

3. Click your wireless network.Once your wireless network is found, it should be listed below "Wi-Fi
Networks." Click your wireless network to display the "Network Authentication Required" window.

 If you do not see your wireless network, click More Networks to display additional wireless
networks.
 If you want to connect to a hidden network, click Connect to Hidden Wi-Fi Network instead. Then
enter the name of your wireless network and password.

Figure 60

46
4. Enter your wireless password and click Connect.This is the password that is set up in the router's user
interface. Enter the password and click Connect. Once it is connected, you are ready to surf the internet
without a wire connected to your router or modem.

Figure 61

47
 Practical – 7
Aim: Implementing different commands to manage file system

1. Files Listing

To perform Files listings or to list files and directories ls command is used

$ls

Figure 62

$ls -l

Figure 63

2. Creating Files

touch command can be used to create a new file. It will create and open a new blank file if the file with a
filename does not exist. And in case the file already exists then the file will not be affected.

$touch filename

48
 Figure 64

3. Displaying File Contents

cat command can be used to display the contents of a file. This command will display the contents of the
‘filename’ file. And if the output is very large then we could use more or less to fit the output on the
terminal screen otherwise the content of the whole file is displayed at once.

$cat filename

Figure 65

4. Copying a File

cp command could be used to create the copy of a file. It will create the new file in destination with the
same name and content as that of the file ‘filename’.

$cp source/filename destination/

Figure 66

5. Moving a File

mv command could be used to move a file from source to destination. It will remove the file filename from
the source folder and would be creating a file with the same name and content in the destination folder.

$mv source/filename destination/

49
 Figure 67

6. Renaming a File

mv command could be used to rename a file. It will rename the filename to new_filename or in other words,
it will remove the filename file and would be creating a new file with the new_filename with the same
content and name as that of the filename file.

$mv filename new_filename

Figure 68

7. Deleting a File

rm command could be used to delete a file. It will remove the filename file from the directory.

$rm filename

Figure 69

50
 Practical – 8
Aim: Implementing commands to manage users

A Note on Superuser Permissions

Adding a new user involves dealing with an account other than your own which requires super user
(aka root) privileges. The same applies to other user or group management tasks, such as deleting an
account, updating accounts, and creating and removing groups.

These operations are performed using the following commands:

 adduser: add a user to the system.

 userdel: delete a user account and related files.
 addgroup: add a group to the system.
 delgroup: remove a group from the system.
 usermod: modify a user account.
 chage: change user password expiry information.
 sudo: run one or more commands as another user (typically with superuser permissions).

Relevant files: /etc/passwd (user information), /etc/shadow (encrypted passwords), /etc/group (group
information) and /etc/sudoers (configuration for sudo).

Superuser permissions can be gained either by changing to the root user with the su command or
using sudo. The latter approach is used by default in Ubuntu and derivatives, and is preferred over the
former in other distributions as well.

 If this command returns the absolute path of the associated file (typically /usr/bin/sudo), it means that
the package is installed. Otherwise, you can install it with

Figure 70

Adding a New Regular Account

 To begin, let's create a new user named pluralsight using Ubuntu and CentOS as representative
distributions.
 In Ubuntu or derivatives, this is as easy as doing (you will be required to enter your password to
run sudo):

Figure 71

51
  You may be prompted to set the new user's initial password, and other optional information (such as
full name, work phone, etc). This will be stored in /etc/passwd using colons as field separators. If
not, you can assign a password for the newly created account named pluralsight with

Figure 72

The /etc/sudoers File

 Now that we have a regular user account created, we will explain how to utilize it to perform user
management tasks.
 To grant pluralsight superuser permissions, we will need to add an entry for it in /etc/sudoers. This
file is used to indicate which users can run what commands with elevated permissions (most likely as
root).

Step 1 - Open /etc/sudoers with visudo

Although /etc/sudoers is nothing more and nothing less than a plain text file, it must NOT be edited using a
regular text editor. Instead, we will use the visudo command. As opposed to other text editors, by
utilizing visudo we will ensure that 1) no one else can modify the file at the same time, and 2) the file syntax
is checked upon saving changes.

To launch visudo, just type the command and press Enter.

Figure 73

Step 2 - Add an Entry in /etc/sudoers for the New User Account

The easiest method to grant superuser permissions for pluralsight is by adding the following line at the
bottom of /etc/sudoers

Figure 74

Let's explain the syntax of this line

 First off, we indicate which user this rule refers to (pluralsight).

 The first ALL means the rule applies to all hosts using the same /etc/sudoers file. Nowadays, this
means the current host since the same file is not shared across other machines.
 Next, (ALL) ALL tells us that pluralsight will be allowed to run all commands as any user.
Functionally speaking, this is equivalent to (root) ALL.

52
Switching Users

 If no errors are found while saving the recent changes in /etc/sudoers, we'll be ready to start
using pluralsight to perform user management tasks. To do so, use the su command to change to that
account. Note that from this point, there is no need to use the root account if you're in CentOS or
similar.
 Additionally, the -l option will allow to provide an environment like what the user would expect if he
or she had logged in directly

Figure 75

Getting Started with User Management

 While we're logged as pluralsight, let's add another user account called student with a password of
our choice. You can skip the second command if the first one prompts you to enter the password
for student

Figure 76

 If everything went as expected, a new user and a primary group called student were created with a
unique user and group id, respectively. Additionally, the new user is assigned a personal directory
(/home/student in this case) and a login shell (/bin/bash by default).
 Using usermod we can change the home directory to another existing one, edit the login shell, and an
add an optional comment on the user (such as full name or employee information) as explained next.
 To change the home directory to /Users/student (this directory must exist), use the --home (or its
short equivalent -d) option

Figure 77

 If the user prefers to use /bin/sh as login shell (or company policies require employees to use it), the -
-shell (or -s) flag will do the trick

Figure 78

 To add a descriptive comment to the user account, use --comment (or -c), followed by the comment
enclosed between double quotes. For example, you can do

53
 Figure 79

 The above commands can be grouped into one as follows

Figure 80

 we see the contents of /etc/passwd before and after modifying the user information

Figure 81

 In addition to changing the user's home directory, login shell, and descriptive
comment, usermod also allows you to lock (and unlock) an account and set its expiration date. To do
so, use --lock (or -L), --unlock (or -U), and --expiredate (or -e), respectively. The expiration date
must be specified using the YYYY-MM-DD format.

For example, to lock student, do:

Figure 82

 If we now try to login as student, we will get an Authentication failure error, as

54
 Figure 83

 When an user is locked, an exclamation sign ! is placed before the encrypted password
in /etc/shadow, thus disabling the account.
 To set the expiration date of student to October 31, 2017, do

Figure 84

 The changes can then be viewed with

Figure 85

 By the way, you can use chage to enforce a password change policy. As a safety measure, it is
important to have users change their passwords after a given period of time. For example, to
force student to change his password every 60 days, do

Figure 86

 student's password information after performing the above changes

55
Figure 87

56