Linux Workshop

Ayush BhosaleAyush Bhosale
7 min read

Hello everyone!! I'm back with my next blog for the Linux workshop.

Today I attend another session of the Linux workshop conducted by Mr. Pranav Jambare sir.

In this blog, we are discussing about the topics learned in day 4.

let's start with the contents.

Contents

  • Special Permissions

  • Sticky Bit

  • SUID

  • SGID

  • SSH

- SSH server Pre-request

-Server Configuration File

-Two types of SSH

  • Find & Locate

  • Connecting SSH Connection

Special Permissions :-

Linux uses some special permissions to allow certain capabilities that go beyond the basic rwx. By using special permissions, users with less privilege are allowed to execute a file and assume the privileges of the file's owner or group. Special permissions allow for additional privileges over the standard permission sets. Special permissions make up a fourth access level in addition to user, group, and other.

Sticky Bit :-

  • The last special permission has been dubbed the "sticky bit".

  • This permission does not affect individual files. However, at the directory level, it restricts file deletion.

  • Only the file owner, directory owner, and root user can delete or rename its files, when a sticky bit is set to directory.

  • To avoid such scenarios sticky bit is applied to the directory where you can create the files, and check someone else's file but can't rename and delete it.

Commands :-

chmod 1777 <dir name> --> To enable
chmod 0777 <dir name> --> To Disable

SUID :-

  • A file with SUID always executes as the user who owns the file, regardless of the user passing the command.

  • When the SUID bit on an executable file is set, it signifies that the file will be executed with the same permissions as the executable's owner.

Command :-

chmod 4777 <binary name> --> To Enable
chmod 0000777 <binary name> --> To Disable

SGID :-

  • If set on a file, it allows the file to be executed as the group that owns the file (similar to SUID).

  • If set on a directory, any files created in the directory will have their group ownership set to that of the directory owner.

  • If the SGID bit is set on any directory, all subdirectories and files produced within will be assigned the same group ownership as the parent directory, regardless of who created them.

chmod 2777 <dir name> --> To enable
chmod 00777 <dir name> --> To disable

SSH :-

  • Secure Shell (SSH) is a widely used network protocol that provides a secure way to access remote servers and computers. In Linux, SSH is an essential tool for remote administration and file transfer.

  • Remote login and command-line execution are two of its most noteworthy applications.

  • SSH apps use a client-server architecture to connect an SSH client to an SSH server.

  • It is a secured remote accesss protocol.

  • It is recommended for public networks.

Syntax :-

ssh username@IPaddress

SSH server Pre-request :-

  1. SSH package installed

  2. SSH status should be active --> systemctl status sshd

  3. Check 22 port is open --> netstat -tunlp|grep 22

  4. Check if service is enabled --> systemctl enable sshd

  5. Check if service is started / active --> systemctl start sshd

Server Configuration File :-

The sshd_config file specifies the locations of one or more host key files (mandatory) and the location of authorized_keys files for users.

  1. Location of sshd_config --> /etc/ssh/sshd_config

  2. The root is initially disabled for security reasons.

  3. Max session --> Numbers of connections can be established remotely.

  4. Allow users --> Users you want to allow connections.

  5. Deny users --> Users you want to deny connections.

How to know if any system is accessed remotely?

who - Displays information about all users currently on the local system.
finger - Find information about computer users.

Where the keys are stored on the server side?
/etc/ssh
Where the keys are stored on the client side?
/<homedirectory>/.ssh/

Two types of SSH :-

Private key :-

  • Private key is used to verify a user's identity.

  • Private keys are used to secure SSH connections.

  • It is kept private by the user it is recommended to not share it with anyone for your system's security.

  • A private key is used to authenticate a user for a remote system.

Public key :-

  • A public key is a cryptographic key used for the authentication of users to the remote system.

  • A public key is mainly stored on a remote system in a file called "authorized_key" which is located in the user's home directory.

  • The public key is copied to the remote system and added to the "authorized_key" file while the private key is kept on the user's local system.

  • Using public key authentication is more secure than a password, as there is no need to transmit a password over a network.

Find & Locate

Find :-

  • Find is a command used to search for a file and directory.

  • Basically, the find command is a very useful tool for finding files and directories on Linux systems.

  • Find searches for your file recursively from a starting point that you specify

  • Is more powerful and flexible, but slower and more resource intensive.

  • However, these files & directories can be searched on the basis of name, modification time, permission, and size.

  • It can also find files or directories owned by a particular owner or group or by location.

Syntax :-

 find [path] -[options]

Options for Find Command :-

  1. -name : Search the files by their name.

  2. -user : Search the files owned by the specific owner.

  3. -perm : Search the files by their permissions.

  4. -size : searches on the basis of size provided.

  5. -group groupname: searches file on the basis of the name of the group.

  6. -inum: searches files based on their inode value.

Locate :-

  • Locate command is used to find files and directives quickly.

  • Note it is essential to update the database as recent files saved over fewer than 24 hours are not updated in the database by default.

  • If we can't update the database, the files created in 24 hours can't get searched.

  • It is faster than find command but may not provide real-time outputs.

  • It is considered to be a static search tool.

    Syntax :-

locate [options] pattern

Options for Locate Command :-

  1. -b, -basename : - This option is used to match only the base name against the specified pattern.

  2. -c, -count: Counts the number of matching files instead of displaying the file paths.

  3. -e, -existing: Used to print only entries that refer to files existing at the time locate is run.

  4. -i, -ignore-case: Used to Ignore case distinctions when matching patterns.

  5. -v, -version:-used to write information about the version.

Creating SSH connection

  • For Creating aconnection of SSH there is a need of two packages

  1. Openssh-client

  2. Open-server

  • The Syntax for downloding package :-
 $ yum install [packagename]
  # $ yum install openssh-server
  # $ yum install openssh-client
  • For checking Port status :-
  $ netstat -tunlp|grep 22
  • For checking the status of service :-
 $ systemctl status [serviceName]
  #eg.systemctl ststus sshd
  • Syntax for stopping the service :-
 $ systemctl stop [serviceName]
  • Syntax for restarting the service :-
 $ systemctl restart [serviceName]
  • Syntax for connecting servers remotely :-
  $ ssh username@hostid
  # ssh acbhosale@132.167.122.1
  • Syntax for allowing/denying users to connect with a specific server :-
 #use the following command to visit configuration file
  $ vim /etc/ss/sshd_config
  #then add
  $ AllowUser [username] or $ DenyUser [username]
  #after adding save and restart the service and then check the status

I have covered all the topics that have covered on Day 3 Workshop. I hope you enjoy it.

Thank you..!!!

20
Subscribe to my newsletter

Read articles from Ayush Bhosale directly inside your inbox. Subscribe to the newsletter, and don't miss out.

#learnwithpra9#pranavjambare

Written by

Ayush Bhosale
Ayush Bhosale

Student at Dr. Babasaheb Ambedkar University Lonere, in computer science