Linux palvelimena – Homework 1 – SSH, warming up (Linux palvelimena ICT4TN003-4)

Assignment

Our first piece of homework consisted of a mixed bag of casual tasks:

  1. Burn a Xubuntu Live CD and try it out
  2. Install SSH server
  3. Try out ssh-copy-id (and supposedly ssh-keygen), ssh -L and giving multiple machines commands with a for loop w/ $ substitution

What took place

I’d just gotten my school laptop back from maintenance, with not much time until the deadline. To my dismay the route between my ISP and the Ubuntu servers in the UK was down for a considerable length of time. I’ll make an additional bonus post about that.

*edit* Here’s the bonus post.

That is why the first steps take place in Windows 7 and a Virtualbox installation of Ubuntu 12.04 32-bit, since that’s the disc image I was already in the possession of.

My username on the virtual machine is ‘antero’ and the machine name is ‘VirtualBox’.

*edit* Course homepage http://terokarvinen.com/2012/aikataulu-%E2%80%93-linux-palvelimena-ict4tn003-3-ja-ict4tn003-5-kevaalla-2012

1. Burning a Live CD

Quite the simple procedure with Imgburn. These screenshots illustrate the main points:
Image

Image

Image

That’s that. I didn’t actually burn the disc, since I already have one. I just pointed the .iso to Virtualbox.

2. Installing SSH server

Basically, I installed the ssh metapackage which includes openssh server and stuff. Here’s the console output from the VM:

antero@VirtualBox:~$ sudo apt-get install ssh
[sudo] password for antero: 
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following extra packages will be installed:
  openssh-server ssh-import-id
Suggested packages:
  rssh molly-guard openssh-blacklist openssh-blacklist-extra monkeysphere
The following NEW packages will be installed:
  openssh-server ssh ssh-import-id
0 upgraded, 3 newly installed, 0 to remove and 385 not upgraded.
Need to get 350 kB of archives.
After this operation, 921 kB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 http://fi.archive.ubuntu.com/ubuntu/ precise/main openssh-server i386 1:5.9p1-5ubuntu1 [342 kB]
Get:2 http://fi.archive.ubuntu.com/ubuntu/ precise/main ssh all 1:5.9p1-5ubuntu1 [1,278 B]
Get:3 http://fi.archive.ubuntu.com/ubuntu/ precise/main ssh-import-id all 2.10-0ubuntu1 [6,598 B]
Fetched 350 kB in 0s (1,982 kB/s)                         
Preconfiguring packages ...
Selecting previously unselected package openssh-server.
(Reading database ... 140901 files and directories currently installed.)
Unpacking openssh-server (from .../openssh-server_1%3a5.9p1-5ubuntu1_i386.deb) ...
Selecting previously unselected package ssh.
Unpacking ssh (from .../ssh_1%3a5.9p1-5ubuntu1_all.deb) ...
Selecting previously unselected package ssh-import-id.
Unpacking ssh-import-id (from .../ssh-import-id_2.10-0ubuntu1_all.deb) ...
Processing triggers for ureadahead ...
ureadahead will be reprofiled on next reboot
Processing triggers for ufw ...
Processing triggers for man-db ...
Setting up openssh-server (1:5.9p1-5ubuntu1) ...
Creating SSH2 RSA key; this may take some time ...
Creating SSH2 DSA key; this may take some time ...
Creating SSH2 ECDSA key; this may take some time ...
ssh start/running, process 2756
Setting up ssh (1:5.9p1-5ubuntu1) ...
Setting up ssh-import-id (2.10-0ubuntu1) ...
antero@VirtualBox:~$

Then I tried it out:

antero@VirtualBox:~$ ssh localhost
antero@localhost's password: 
Welcome to Ubuntu 12.04.1 LTS (GNU/Linux 3.2.0-29-generic-pae i686)

 * Documentation:  https://help.ubuntu.com/

Last login: Mon Aug 27 17:59:59 2012 from localhost
antero@VirtualBox:~$ exit
logout
Connection to localhost closed.
antero@VirtualBox:~$

3. ssh-copy-id

This thing turned out to be very nifty indeed, since I usually typo my shell password some 5 times before access. I basically followed this guide.

Here’s the keypair creation console output with private stuff censored:

antero@VirtualBox:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/antero/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/antero/.ssh/id_rsa.
Your public key has been saved in /home/antero/.ssh/id_rsa.pub.
The key fingerprint is:
<<omitted>> antero@VirtualBox
The key's randomart image is:
+--[         ]----+
|                 |
|                 |
|                 |
|                 |
|                 |
|                 |
|                 |
|                 |
|                 |
+-----------------+

And here’s the ssh-copy-id bit:

antero@VirtualBox:~$ ssh-copy-id -i ~/.ssh/id_rsa.pub xxxxx@lorkki.net
The authenticity of host 'lorkki.net (<<omitted>>)' can't be established.
ECDSA key fingerprint is <<omitted>>
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'lorkki.net,<<omitted>>' (ECDSA) to the list of known hosts.
xxxxx@lorkki.net's password: 
Now try logging into the machine, with "ssh 'xxxxx@lorkki.net'", and check in:

  ~/.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

antero@VirtualBox:~$

Doing what the application suggests:

antero@VirtualBox:~$ ssh xxxxx@lorkki.net
Welcome to Ubuntu 11.10 (GNU/Linux 3.0.0-12-generic x86_64)

 * Documentation:  https://help.ubuntu.com/
Last login: Mon Aug 27 17:00:04 2012 from 88.193.94.152
xxxxx@kotka:~$ cd .ssh
xxxxx@kotka:~/.ssh$ ls -a
.  ..  authorized_keys
xxxxx@kotka:~/.ssh$ nano authorized_keys 
xxxxx@kotka:~/.ssh$

That’s that.

Advertisements

About a1100320

IT student, musician, gamer. Beep boop.
This entry was posted in Linux palvelimena ICT4TN003-4. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s