0% found this document useful (0 votes)
10 views7 pages

Group8 Assingment

The document provides instructions for configuring network settings on Ubuntu, including changing IP addresses and hostnames using commands like 'nmcli' and 'nano'. It also covers the installation of Easy-RSA for creating a Certificate Authority (CA) and distributing the CA's public certificate to other systems. Key commands and steps are outlined for managing network interfaces and setting up SSL/TLS certificates for secure communications.

Uploaded by

saroj122pr
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
10 views7 pages

Group8 Assingment

The document provides instructions for configuring network settings on Ubuntu, including changing IP addresses and hostnames using commands like 'nmcli' and 'nano'. It also covers the installation of Easy-RSA for creating a Certificate Authority (CA) and distributing the CA's public certificate to other systems. Key commands and steps are outlined for managing network interfaces and setting up SSL/TLS certificates for secure communications.

Uploaded by

saroj122pr
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

C.

Network Configuration
Setting/Changing an IP address
1. Determine the Name of Your Network Interface
First, make sure you are aware of the precise name of your Ethernet interface (current
Ubuntu versions no longer use the old eth0 naming scheme). To get a list of every
network interface, use the following command:
On an Ubuntu system (or any Linux-based system), the IP addresses assigned to each
network interface are shown with the “ip addr show” command. It is a component of
the IP command suite, which is used to manage networks.

Install network Manager :


By using the command “sudo apt install network-manager”, you can easily manage network
connections using the nmcli command-line tool or the graphical NetworkManger interface.
Enable and Start NetworkManager service(if it isn’t already running):

Verify Installation:
You can check the status of NetworkManager after installation to make sure it's operational
by using command “sudo systemctl status NetworkManager”

Edit the Network Manager Configuration:


Type "sudo nano /etc/NetworkManager/NetworkManager.conf" to open the
NetworkManager configuration file with superuser access in the nano text editor.

Check device status


The network interface states under NetworkManager management can be checked
with the “nmcli device status” command. A command shows interface connection
statuses alongside their managed status.

Setting/Changing an IP address
The command “sudo nmcli connection edit ens33” is used to edit the network connection
associated with the interfaces ens33 using nmclil.

From this mode, you can view the current settings, modify settings, set static IP or change to
DHCP and save the changes as given below:

By using goto ipv4 inside the nmcli tool to acces the ipv4 settings:

On an Ubuntu system (or any Linux-based system), the IP addresses assigned to each
network interface are shown with the “ip addr show” command. It is a component of
the IP command suite, which is used to manage networks.

Setting up/Changing Hostname


Setting up a hostname on Ubuntu requires using the command ‘sudo nano
/etc/hostname’. By executing this command you can access the file for hostname
entry. Type Ctrl + X to exit while pressing Ctrl + O to save.

Editing a host file:

If you want to modify the hosts file in Ubuntu you should use the command 'sudo
nano /etc/hosts'. The file opens allowing users to update hostname and IP address data
within it. Navigation to the exit leads through pressing Ctrl + X while using Ctrl + O
to save your work.

Creating a Certificate Authority(CA) on Ubuntu

A package named Easy-RSA becomes available through installation of "sudo apt


install easy-rsa." This package simplifies both Public Key Infrastructure management
and its building stage. This tool evaluates SSL certificate and key production mostly
used during VPN setups similar to OpenVPN while also benefiting applications
requiring SSL/TLS certificates.

Create a new directory for Easy-RSA

This directory can be used to create symbolic links pointing to the Easy-RSA
package files located in the /usr/share/easy-rsa folder on the CA server.
The command chmod 700 /home/np069790/easy-rsa is used to secure the
new PKI directory, ensuring that only the owner has access to it.

Finally, initialize the PKI inside the easy-rsa directory:

You must first create a file named vars and fill it with certain default values before
you can construct your CA's private key and certificate. After cding into the easy-rsa
directory, you can use Nano or your favorite text editor to create and modify the vars
file:

Save and close the file when you're done. To verify if you are using Nano, hit
CTRL+X, followed by Y and ENTER. The time has come for you to develop your CA.
By using the build-ca option, execute the ./easyrsa build-ca command to
generate the root public and private key pair for your Certificate Authority.

Distributing your Certificate Authority’s Public Certificate

Now your CA is configured and ready to act as a root of trust for any systems that
you want to configure to use it. You can add the CA’s certificate to your OpenVPN
servers, web servers, mail servers, and so on. Any user or server that needs to verify
the identity of another user or server in your network should have a copy of the
ca.crt file imported into their operating system’s certificate store.

To import the CA’s public certificate into a second Linux system like another server
or a local computer, first obtain a copy of the ca.crt file from your CA server. You
can use the cat command to output it in a terminal, and then copy and paste it into a
file on the second computer that is importing the certificate. You can also use tools
like scp, rsync to transfer the file between systems. However we’ll use copy and
paste with nano in this step since it will work on all systems.

As your non-root user on the CA Server, run the following command:


Copy everything, including the -----BEGIN CERTIFICATE----- and -----END
CERTIFICATE----- lines and the dashes.

On your second Linux system use nano or your preferred text editor to open a file
called /tmp/ca.crt:

You might also like