nix alt Flashcards
How to set a password for a user?
passwd [username]
How to lock an account?
usermod -L [username]
How to unlock an account?
usermod -U [username]
Find all PIDS owned by the user?
pgrep -u [username]
list all processes from user?
ps -f f -u username
ps -f –pid $(pgrep -u tecmint)
What files is used to configure how new users are created?
cat /etc/login.defs on redhat systems and cat /etc/deluser.conf on debian systems
Killall processes from user?
killall -9 -u username
Delete user and home files?
Delete user and home files? # deluser --remove-home tecmint [On Debian and its derivatives] # userdel --remove tecmint [On RedHat/CentOS based systems]
(list all the network services and what their default listening ports are
cat /etc/services
check your gateway
netstat -rn
^i think that’s all you need, the verbose flag doesn’t really give you anything extra but maybe it’s good just in case?
netstat -rnv
one way to ssh key
- ssh-keygen (run this on client)
- ssh-copy-id root@192.168.1.1 (copy over your key)
- ssh root@192.168.1.1 (login with no pass)
a. or ssh -l root 192.168.1.1 (same thing, different syntax)
and you can check your stuff on the server by cat /root/.ssh/authorized_keys
(you could’ve manually placed this key in that file too instead of using the ssh-copy-id thing)
What are the commands you would run if you need to find out the version and build date of a package (e.g. http)?
rpm –qi httpd
If you create a new group, which file does it get created in?
/etc/group
To view your command history, which command is used and how to run a specific command?
history and !#
How to create a soft link?
ln –s
How to get information on all the packages installed on the system?
rpm –qa
How to upgrade Linux from 7.3 to 7.4?
yum install update
what are some hardening commands and config files and such?
change default user create settings
cat /etc/default/useradd
cat /etc/login.defs
check running services and adjust stuff you want on/off
netstat -tunlp
turn off root login and other settings for ssh
cat /etc/ssh/sshd_config
setup a firewall
firewalld or iptables
use SELinux
cat /etc/login.defs (change default password settings)
chage -l [username] (check password stuff for user)
cat /etc/shadow
chage (you can use this to change pass settings too)
cat /etc/passwd (see users and if they have shell access and stuff)
??? cat /etc/pam.d/system-auth (something with security?)
systemctl -a (check the services, see if there’s anything you can stop/disable/mask etc)
netstat -tunlp (check what serves are listening and on what ports, then stop/disable the stuff you don’t need)
cat /etc/ssh/sshd_config (change the port that ssh listens on, disable root login, etc. You can go in here and turn off passwordauthentication if you have ssh keys setup - this is a good security thing)
firewall-config (this gives you a gui to disable services, ports, blah blah)
firewall-cmd –help (instructions on how to do the above without a gui)
cat /etc/firewalld/firewalld.conf (configure the basic firewall settings here)
[enable/disable firewalld or iptables and set rules and stuff]
iptables -L (lists iptables rules)
iptables -F (flushes the iptables rules so you have 0)
cat /etc/sysconfig/iptables-config (adjust some iptable settings like how it saves and stuff)
SELinux controls permissions of processes and applications - can’t do this with normie linux
sestatus (checks if SELinux is enabled)
cat /etc/sysconfig/selinux (controls state of SELinux on the system, disable, permit, enforce, etc)
stat [filename] (this gives you the permission details of stuff)
man chcon (change SELinux security context of stuff)
man checkpolicy (selinux policy compliler)
cat /etc/sudoers (you can check this to see who can do root stuffs)
Which 2 files contain default values when creating a user with useradd command?
cat /etc/default/useradd
cat /etc/login.defs
Create a user with a predefined uid, shell, and home directory
useradd -m -d /home/user -s /bin/bash -u 9000 user
Delete a user with his home directory
userdel -r user
Create a user specifying a primary/secondary group
useradd user -g primary -G other groups
Change primary grup for any user
usermod -g primarygroup user
Give sudo access to any user without asking him to privde password everytime he runs a command
user ALL=(ALL) NOPASSWD:ALL
How to check mtu, ip and MAC address?
ifconfig
^this seems to do the same thing. not even sure if -a is a real flag lol what
ifconfig -a
Find running processes on your system
ps -ef
How to view all messages generated by thte system since the last reboot on RHEL7
journalctl
journalctl | grep ssh
What are the two different ways of showing the kernal messages?
journalctl -f
tail -f /var/log/messages
less +F /var/log/messages
Where can you find messages related to the installation of linux?
/var/log/anaconda.log
…dunno about the rest of these
anaconda.log
/var/log/anaconda/anaconda.log
To improve performance, how can you safely set the limit of processes for the super user root to be unlimited?
ulimit -u unlimited
How to check the ulimit for a user?
ulimit -a
How to check and increase the limit of opened files in linux?
cat /proc/sys/fs/file-max
to change: 1 - vi /etc/sysctl.conf (and add line) 2 - fs.file-max=98321 3 - sysctl -p cat /proc/sys/fs/file-max
How to view run time kernel parameters?
sysctl -a
How can you get the physical and virtual memory statistics?
free -m or g
vmstat -a (active and inactive memory), -d disk stats -t time
vmstat -a 2 (every 2 sec) 4 (4 intervals)
How to check cpu utilization and other statistics?
User sar which part of sysstat package
sar -u shows cpu utilization stats for the current day sar -u 2 3 shows realtime cpu stats every 2 seconds with 3 intervals sar -r meomory utilization sar -s swap space
How to find process id of a process and kill it immediately?
start cat
pidof cat
kill -9 PID
How to list all open files specified by user?
lsof -u user
How to list all files opened by a particular command?
lsof -c cat
How can you list all network connections by port 22?
lsof -i :22
Run a command that shows all lines except any lines starting with the character # in a file
cat [file] | grep -v ^#
How to remove files older than 7 days be creating a cron job to run every night?
find [directory] -type f -mtime +7 -exec rm -rf {} \;
crontab -l (show crontab for current user)
cat /etc/crontab (instructions on how to run the file)
crontab -e (edits the crontab - but you can also place stuff/scripts in cron directories …) 0 2 * * * ewig /bin/find [directory] -type f -mtime +7 -exec rm -rf {} \;
How to create a user with no login access?
useradd -s /sbin/nologin username
How to schedule a reboot in 15 minutes?
shutdown -r +15
How do you find the disk usage by the largest directories?
df -h | sort -n
du -Sh / | sort -nr | head
How to prevent users from deleting other users files in a directory?
special permissions, sticky bit
chmod 1777 filename
chmod 1600 filename
etc
Show line numbers of a cat’d file?
cat -n filename
How to print the 10th line of a file only?
head -10 filename | tail -1
How to disable ping?
temp:
echo “1” > /proc/sys/net/ipv4/icmp_echo_ignore_all
permanent step 1: edit the sysctl.conf file and add the following line net.ipv4.icmp_echo_ignore_all = 1 step 2: execute sysctl -p to enforce this setting immediately
sysctl -p
How to check if a port is listening?
netstat -lepunt | grep :22
netstat -anp | grep :22
Find files with specific permissions in specific directories
find /folder -perm 755
How to change the default ssh port?
edit /etc/ssh/ssh_config and change port 22 to whatever then restart sshd
How to disable ssh root login?
change /etc/ssh/sshd_config permitrootlogin to no
How to allow only specific users to ssh into your server?
/etc/ssh/sshd_config and add paramter AllowUsers user1 user2 then restart ssh
How to setup sshkey login
ssh-keygen on the client
ssh-keygen
ssh-copy-id your public key to the server
ssh-copy-id -i path/to/certificate username@remote_host
Find files over 10MB in size
find /folder -size +10M
Find total lines in a file without opening it
wc -l filename
Find all directories named conf under root?
find / -type d -name conf
Find files not accessed in over 3 days?
find /etc -atime +3
Find all files in the current directory and modify their permissions.
find . -type f -exec chmod 644 {} \;
Do an ls at 11:30pm
at 11:30pm 3/31/2020
[type ls in the prompt and press enter]
[press ctrl + d to finish]
List spooled jobs
at -l
atq
ll /var/spool/at
Remove spooled jobs
at -d 5
How do you check what user groups you’re part of and everything?
vim /etc/login.defs
What if disk space is full?
df -h | grep -v tmpfs
What if you can’t copy/rename/delete/remove a file?
- check if it exists
- check the command your’e using, absolute vs relative paths too
- check the file type
- check the permissions, attributes, stat, immutability and so forth
- check parent directory permission
What if “server not reachable”
ping destination server
telnet server ip
nmap server ip
if it’s not pingable there …
- check /etc/hosts, /etc/resolv.conf, /etc/nsswitch.conf
check that you have an ip
run traceroutes
check firewall
Unable to get ip address
ifconfig
lspci | egrep -i ‘eth|wifi|wireless’
nmcli -p dev
ifup or ifconfig up
/usr/sbin/ifup
check /etc/sysconfig/network-scripts/ifcfg-enp0s3 or ifcfg0-eth0
ip assigned but not reachable
ifconfig … check if your’e on the correct interface
check if you got the right subnet mask or gateway
ping the gateway
netstat -rnv … check that the gateway is assigned
check with the network team if the correct vLAN is assigned on the switch side
run ethtool or mii-tool to check the NIC status
run ifup command to bring the NIC port up
restart the network with systmctl restart network
check on the status of the NIC with ifconfig or ip addr
check to see if the IP is assigned to some other device (IP conflict)
turn off firewall
assorted domain/ip issues
- first system looks at /etc/hosts to see if there’s an entry for the domain
- then it looks at /etc/resolv.conf to find a nameserver to go to in order to keep looking
cat /etc/resolv.conf
cat /etc/nsswitch.conf
cat /etc/hosts (you could edit this with domains you want to resolve to specific domains - and it would work depending on the order of your nsswitchconf and you can test the results with getent hosts domain.com)
by default system looks locally for dns resolution before looking elsewhere
edit /etc/nsswitch.conf to edit that under #hosts
hosts: files dns myhostname
if there’s an entry in hosts file,
change host (update /etc/hostname) hostnamectl set-hostname [hostname_you_select_]
Resolv conf overwritten by Network Manager
To prevent Network Manager to overwrite your resolv. conf changes, remove the DNS1, DNS2, … lines from /etc/sysconfig/network-scripts/ifcfg-* . Now, you can manually change the /etc/resolv
One way to stop Network Manager from adding dns-servers to /etc/resolv.conf file is to do this:
First open the nm conf file /etc/NetworkManager/NetworkManager.conf:
sudo vim /etc/NetworkManager/NetworkManager.conf
And add this to the [main] section:
dns=none
I had to sudo service network-manager restart before the change to the .conf file took effect.
