nix alt

Question 1

How to set a password for a user?

Answer 1

passwd [username]

Question 2

How to lock an account?

Answer 2

usermod -L [username]

Question 3

How to unlock an account?

Answer 3

usermod -U [username]

Question 4

Find all PIDS owned by the user?

Answer 4

pgrep -u [username]

Question 5

list all processes from user?

Answer 5

ps -f f -u username

ps -f –pid $(pgrep -u tecmint)

Question 6

What files is used to configure how new users are created?

Answer 6

cat /etc/login.defs on redhat systems and cat /etc/deluser.conf on debian systems

Question 7

Killall processes from user?

Answer 7

killall -9 -u username

Question 8

Delete user and home files?

Answer 8

Delete user and home files? 
	# deluser --remove-home tecmint      [On Debian and its derivatives]
# userdel --remove tecmint           [On RedHat/CentOS based systems]

Question 9

(list all the network services and what their default listening ports are

Answer 9

cat /etc/services

Question 10

check your gateway

Answer 10

netstat -rn

^i think that’s all you need, the verbose flag doesn’t really give you anything extra but maybe it’s good just in case?

netstat -rnv

Question 11

one way to ssh key

Answer 11

1. ssh-keygen (run this on client)
   
   2. ssh-copy-id root@192.168.1.1 (copy over your key)
   3. ssh root@192.168.1.1 (login with no pass)
      a. or ssh -l root 192.168.1.1 (same thing, different syntax)
      and you can check your stuff on the server by cat /root/.ssh/authorized_keys

(you could’ve manually placed this key in that file too instead of using the ssh-copy-id thing)

Question 12

What are the commands you would run if you need to find out the version and build date of a package (e.g. http)?

Answer 12

rpm –qi httpd

Question 13

If you create a new group, which file does it get created in?

Answer 13

/etc/group

Question 14

To view your command history, which command is used and how to run a specific command?

Answer 14

history and !#

Question 15

How to create a soft link?

Answer 15

ln –s

Question 16

How to get information on all the packages installed on the system?

Answer 16

rpm –qa

Question 17

How to upgrade Linux from 7.3 to 7.4?

Answer 17

yum install update

Question 18

what are some hardening commands and config files and such?

Answer 18

change default user create settings
cat /etc/default/useradd
cat /etc/login.defs

check running services and adjust stuff you want on/off
netstat -tunlp

turn off root login and other settings for ssh
cat /etc/ssh/sshd_config

setup a firewall
firewalld or iptables

use SELinux

cat /etc/login.defs (change default password settings)
chage -l [username] (check password stuff for user)
cat /etc/shadow
chage (you can use this to change pass settings too)
cat /etc/passwd (see users and if they have shell access and stuff)

??? cat /etc/pam.d/system-auth (something with security?)

systemctl -a (check the services, see if there’s anything you can stop/disable/mask etc)

netstat -tunlp (check what serves are listening and on what ports, then stop/disable the stuff you don’t need)

cat /etc/ssh/sshd_config (change the port that ssh listens on, disable root login, etc. You can go in here and turn off passwordauthentication if you have ssh keys setup - this is a good security thing)

firewall-config (this gives you a gui to disable services, ports, blah blah)
firewall-cmd –help (instructions on how to do the above without a gui)
cat /etc/firewalld/firewalld.conf (configure the basic firewall settings here)

[enable/disable firewalld or iptables and set rules and stuff]

iptables -L (lists iptables rules)
iptables -F (flushes the iptables rules so you have 0)

cat /etc/sysconfig/iptables-config (adjust some iptable settings like how it saves and stuff)

SELinux controls permissions of processes and applications - can’t do this with normie linux
sestatus (checks if SELinux is enabled)
cat /etc/sysconfig/selinux (controls state of SELinux on the system, disable, permit, enforce, etc)
stat [filename] (this gives you the permission details of stuff)
man chcon (change SELinux security context of stuff)
man checkpolicy (selinux policy compliler)

cat /etc/sudoers (you can check this to see who can do root stuffs)

Question 19

Which 2 files contain default values when creating a user with useradd command?

Answer 19

cat /etc/default/useradd

cat /etc/login.defs

Question 20

Create a user with a predefined uid, shell, and home directory

Answer 20

useradd -m -d /home/user -s /bin/bash -u 9000 user

Question 21

Delete a user with his home directory

Answer 21

userdel -r user

Question 22

Create a user specifying a primary/secondary group

Answer 22

useradd user -g primary -G other groups

Question 23

Change primary grup for any user

Answer 23

usermod -g primarygroup user

Question 24

Give sudo access to any user without asking him to privde password everytime he runs a command

Answer 24

user ALL=(ALL) NOPASSWD:ALL

Question 25

How to check mtu, ip and MAC address?

Answer 25

ifconfig ^this seems to do the same thing. not even sure if -a is a real flag lol what ifconfig -a

Question 26

Find running processes on your system

Answer 26

ps -ef

Question 27

How to view all messages generated by thte system since the last reboot on RHEL7

Answer 27

journalctl | journalctl | grep ssh

Question 28

What are the two different ways of showing the kernal messages?

Answer 28

journalctl -f tail -f /var/log/messages less +F /var/log/messages

Question 29

Where can you find messages related to the installation of linux?

Answer 29

/var/log/anaconda.log ...dunno about the rest of these anaconda.log /var/log/anaconda/anaconda.log

Question 30

To improve performance, how can you safely set the limit of processes for the super user root to be unlimited?

Answer 30

ulimit -u unlimited

Question 31

How to check the ulimit for a user?

Answer 31

ulimit -a

Question 32

How to check and increase the limit of opened files in linux?

Answer 32

cat /proc/sys/fs/file-max ``` to change: 1 - vi /etc/sysctl.conf (and add line) 2 - fs.file-max=98321 3 - sysctl -p cat /proc/sys/fs/file-max ```

Question 33

How to view run time kernel parameters?

Answer 33

sysctl -a

Question 34

How can you get the physical and virtual memory statistics?

Answer 34

free -m or g vmstat -a (active and inactive memory), -d disk stats -t time vmstat -a 2 (every 2 sec) 4 (4 intervals)

Question 35

How to check cpu utilization and other statistics?

Answer 35

User sar which part of sysstat package sar -u shows cpu utilization stats for the current day sar -u 2 3 shows realtime cpu stats every 2 seconds with 3 intervals sar -r meomory utilization sar -s swap space

Question 36

How to find process id of a process and kill it immediately?

Answer 36

start cat pidof cat kill -9 PID

Question 37

How to list all open files specified by user?

Answer 37

lsof -u user

Question 38

How to list all files opened by a particular command?

Answer 38

lsof -c cat

Question 39

How can you list all network connections by port 22?

Answer 39

lsof -i :22

Question 40

Run a command that shows all lines except any lines starting with the character # in a file

Answer 40

cat [file] | grep -v ^#

Question 41

How to remove files older than 7 days be creating a cron job to run every night?

Answer 41

find [directory] -type f -mtime +7 -exec rm -rf {} \; crontab -l (show crontab for current user) cat /etc/crontab (instructions on how to run the file) crontab -e (edits the crontab - but you can also place stuff/scripts in cron directories …) 0 2 * * * ewig /bin/find [directory] -type f -mtime +7 -exec rm -rf {} \;

Question 42

How to create a user with no login access?

Answer 42

useradd -s /sbin/nologin username

Question 43

How to schedule a reboot in 15 minutes?

Answer 43

shutdown -r +15

Question 44

How do you find the disk usage by the largest directories?

Answer 44

df -h | sort -n | du -Sh / | sort -nr | head

Question 45

How to prevent users from deleting other users files in a directory?

Answer 45

special permissions, sticky bit chmod 1777 filename chmod 1600 filename etc

Question 46

Show line numbers of a cat'd file?

Answer 46

cat -n filename

Question 47

How to print the 10th line of a file only?

Answer 47

head -10 filename | tail -1

Question 48

How to disable ping?

Answer 48

temp: echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all permanent step 1: edit the sysctl.conf file and add the following line net.ipv4.icmp_echo_ignore_all = 1 step 2: execute sysctl -p to enforce this setting immediately sysctl -p

Question 49

How to check if a port is listening?

Answer 49

netstat -lepunt | grep :22 | netstat -anp | grep :22

Question 50

Find files with specific permissions in specific directories

Answer 50

find /folder -perm 755

Question 51

How to change the default ssh port?

Answer 51

edit /etc/ssh/ssh_config and change port 22 to whatever then restart sshd

Question 52

How to disable ssh root login?

Answer 52

change /etc/ssh/sshd_config permitrootlogin to no

Question 53

How to allow only specific users to ssh into your server?

Answer 53

/etc/ssh/sshd_config and add paramter AllowUsers user1 user2 then restart ssh

Question 54

How to setup sshkey login

Answer 54

ssh-keygen on the client ssh-keygen ssh-copy-id your public key to the server ssh-copy-id -i path/to/certificate username@remote_host

Question 55

Find files over 10MB in size

Answer 55

find /folder -size +10M

Question 56

Find total lines in a file without opening it

Answer 56

wc -l filename

Question 57

Find all directories named conf under root?

Answer 57

find / -type d -name conf

Question 58

Find files not accessed in over 3 days?

Answer 58

find /etc -atime +3

Question 59

Find all files in the current directory and modify their permissions.

Answer 59

find . -type f -exec chmod 644 {} \;

Question 60

Do an ls at 11:30pm

Answer 60

at 11:30pm 3/31/2020 [type ls in the prompt and press enter] [press ctrl + d to finish]

Question 61

List spooled jobs

Answer 61

at -l atq ll /var/spool/at

Question 62

Remove spooled jobs

Answer 62

at -d 5

Question 63

How do you check what user groups you're part of and everything?

Answer 63

vim /etc/login.defs

Question 64

What if disk space is full?

Answer 64

df -h | grep -v tmpfs

Question 65

What if you can't copy/rename/delete/remove a file?

Answer 65

- check if it exists - check the command your'e using, absolute vs relative paths too - check the file type - check the permissions, attributes, stat, immutability and so forth - check parent directory permission

Question 66

What if "server not reachable"

Answer 66

ping destination server telnet server ip nmap server ip if it's not pingable there ... - check /etc/hosts, /etc/resolv.conf, /etc/nsswitch.conf check that you have an ip run traceroutes check firewall

Question 67

Unable to get ip address

Answer 67

ifconfig lspci | egrep -i 'eth|wifi|wireless' nmcli -p dev ifup or ifconfig up /usr/sbin/ifup check /etc/sysconfig/network-scripts/ifcfg-enp0s3 or ifcfg0-eth0

Question 68

ip assigned but not reachable

Answer 68

ifconfig ... check if your'e on the correct interface check if you got the right subnet mask or gateway ping the gateway netstat -rnv ... check that the gateway is assigned check with the network team if the correct vLAN is assigned on the switch side run ethtool or mii-tool to check the NIC status run ifup command to bring the NIC port up restart the network with systmctl restart network check on the status of the NIC with ifconfig or ip addr check to see if the IP is assigned to some other device (IP conflict) turn off firewall

Question 69

assorted domain/ip issues

Answer 69

1. first system looks at /etc/hosts to see if there's an entry for the domain 2. then it looks at /etc/resolv.conf to find a nameserver to go to in order to keep looking cat /etc/resolv.conf cat /etc/nsswitch.conf cat /etc/hosts (you could edit this with domains you want to resolve to specific domains - and it would work depending on the order of your nsswitchconf and you can test the results with `getent hosts domain.com`) by default system looks locally for dns resolution before looking elsewhere edit /etc/nsswitch.conf to edit that under #hosts hosts: files dns myhostname if there's an entry in hosts file, ``` change host (update /etc/hostname) hostnamectl set-hostname [hostname_you_select_] ``` Resolv conf overwritten by Network Manager To prevent Network Manager to overwrite your resolv. conf changes, remove the DNS1, DNS2, … lines from /etc/sysconfig/network-scripts/ifcfg-* . Now, you can manually change the /etc/resolv -------- One way to stop Network Manager from adding dns-servers to /etc/resolv.conf file is to do this: First open the nm conf file /etc/NetworkManager/NetworkManager.conf: sudo vim /etc/NetworkManager/NetworkManager.conf And add this to the [main] section: dns=none I had to sudo service network-manager restart before the change to the .conf file took effect.