Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

RHCSA & CompTIA Linux+ > Configure & Secure SSH > Flashcards

Configure & Secure SSH Flashcards

1
Q

What username will be prompted for a password when omiting username from the ssh command? (e.g. ssh hostname)

A

The current user’s username.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What CLI command will log you out of an ssh connection?

A 
exit
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What CLI command will initiate an ssh connection as username with host server.

A 
ssh username@host
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What CLI command will show the hostname of a remote server without accessing the remote interactive shell?

A 
ssh username@host hostname
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What Linux CLI command will list the currently logged in users along with the remote location they logged in from?

A 
w -f
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

In what files (global and user) are the public keys for known hosts kept?

A

/etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

With StrictHostKeyChecking enabled, what will happen if the public keys don’t match on ssh login?

A

ssh will abort the connection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

In what two ways can you enable Strict HostKeyChecking for ssh connections?

A
  1. Add StrictHostKeyChecking=yes to ~/.ssh/config or /etc/ssh/ssh_config
  2. Add the option -o StrictHostKeyChecking=yes to the ssh command

Red Hat recommends always enabling StrictHostKeyChecking.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What CLI command is used to display a host’s ssh public key?

A

ssh-keygen -lf /etc/ssh/filename.pub

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How does Red Hat recommend sharing a hosts public key for use with ssh?

A

Use an out-of-band communication channel such as email, phone call, or video conference.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What three fields are contained in a hosts entry in the client’s known_hosts file?

A
  1. hostname or IP address
  2. Encryption algorythm used
  3. the public key
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What must you do if ssh warns that a remote host’s identification has changed?

A

Manually modify the clients known_hosts file with the correct public key or IP address, or remove the host’s entry from the file and reconnect to obtain a new public key.

This warning is an indication of a possible malicious attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What CLI command will find and remove a host’s key entry from the known_hosts file?

A 
ssh-keygen -R *remotehostname* -f filename
(
~/.ssh/known_hosts
or 
/etc/ssh/ssh_known_hosts
)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Wher does the 

ssh-keygen
command save your public and private keys by default?
A 
~/.ssh/id_rsa
and 
~/.ssh/id_rsa.pub
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What CLi command will generate a key pair for ssh login?

A 
ssh-keygen
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Why is adding a passphrase to a key pair more secure than just using a password for ssh login?

A

A login password is sent in the clear to the remote computer for authentication, while the key pair’s passphrase is used locally to decrypt the private key before use.

17
Q

What 

ssh-keygen
option flag is used to specify the file name to store the key pair?
A 
-f ~/.ssh/filename
18
Q

What read and write permissions are the 

ssh-keygen
generated key pair assigned by default?
A
  • public key 
    -rw-------
    or 600
  • private key 
    -rw-r--r--
    or 644
19
Q

What CLI command is used to copy your public key to a remote host?

A 
ssh-copy-id -i ~/.ssh/filename user@remotehost

Ommit “

-i ~/.ssh/filename
” to copy the default public key
20
Q

What does the 

ssh-agent
key manager do?
A

Caches key pair passphrases for ssh login, which further limits passphrase exposure.

21
Q

What CLI command is used to manually enable the ssh-agent key manager?

A 
eval $(ssh-agent)

Must be manually started when logged in to a text environment

22
Q

What CLI command is used to manually load your private key passphrase to the 

ssh-agent
key manager?
A 
ssh-add
or
ssh-add ~/.ssh/filename

ssh-add without a filename will add the default id_rsa passphrase.

23
Q

What 

ssh
option flag(s) would you use to help troubleshoot ssh login issues?
A 
-v | -vv | -vvv
24
Q

In what file are configuration options for a users ssh logins stored?

A 
~/.ssh/config
25
Q

What file is edited to configure sshd?

A 
/etc/ssh/sshd_config
26
Q

What setting in sshd_config do you edit to prohibit loging as root

A 
PermitRootLogin no
27
Q

What CLI command do you run to apply any changes to sshd_config

A 
systemctl reload sshd
28
Q

What setting in sshd_config do you edit to prohibit any password based authentication by ssh

A 
PasswordAuthentication no

Make sure a public key has been shared with the host before changing.

RHCSA & CompTIA Linux+ (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions