waldek
/
LinuxSysAdminsDoc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: waldek:master
Branches Tags
waldek:master
waldek:Hugo
..
compare: waldek:Hugo
Branches Tags
waldek:master
waldek:Hugo

No commits in common. "master" and "Hugo" have entirely different histories.
master ... Hugo

29 changed files with 231 additions and 3040 deletions
Show Stats Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1 +0,0 @@
*.swp

BIN
Git/SWTM-2088_Atlassian-Git-Cheatsheet.pdf
View File

Binary file not shown.

418
Git/exercice.md
View File

@ -1,418 +0,0 @@
# FRACZ
Fracz is a good excercize to learn basic and advanced git command.
Go to the [website](https://gitexercises.fracz.com/) and follow the instructions to start the game.
Make sure you have git installed onto the machine you want to do the excercize on.
## 1. Exercise: Push a commit you have made
### Instructions
The first exercise is to push a commit that is created when you run the git start command.
Just try git verify after you have initialized the exercises and be proud of passing the first one :-)
### Commands
```bash
git push
```
## 2. Exercise: Commit one file
### Instructions
There are two files created in the root project directory - **A.txt** and **B.txt**.
The goal is to commit only one of them.
NOTE: Remember that you can submit your solutions with **git verify** command instead of **git push**.
### The easiest solution
**TODO**
#### Further info
You prepare changes to be committed with **git add <file>** command. It adds files from working area to staging area. Only files that are in staging area will be included in the commit when you run the **git commit** command.
Remember that you can **git add -A** to add all changed files to staging area. You can also do this in air with **-a** option for **git commit**, e.g.
### Commands
```bash
git commit -am "Some Commit Message"
```
## 3. Commit one file of two currently staged
### Instructions
There are two files created in the root project directory - **A.txt** and **B.txt**. They are both added to the staging area.
The goal is to commit only one of them.
### The easiest solution
**TODO**
### Further info
When you have added too many changes to staging area, you can undo them with **git reset <file>** command before the **git commit**.
### The easiest solution
**TODO**
### Further info
When you have added too many changes to staging area, you can undo them with **git reset <file>** command before the **git commit**.
### Commands
```bash
$ git status
On branch commit-one-file-staged
Your branch is up to date with 'origin/commit-one-file-staged'.
Changes to be committed:
(use "git restore --staged <file>..." to unstage)
new file: A.txt
new file: B.txt
FOR209-03+Admin@FOR209-03 MINGW64 ~/Documents/exercises (commit-one-file-staged)
$ git restore --staged B.txt
```
## 4. Ignore unwanted files
### Instructions
It is often good idea to tell Git which files it should track and which it should not. Developers almost always do not want to include generated files, compiled code or libraries into their project history.
Your task is to create and commit configuration that would ignore:
all files with **exe** extension
all files with **o** extension
all files with **jar** extension
the whole **libraries** directory
Sample files are generated for you.
### The easiest solution
### Further info
A **.gitignore** file specifies intentionally untracked files that Git should ignore.
To ignore all files with specific string inside filename, just type it in, i.e. **dumb** To ignore all files with specific extension use wildcard, i.e. **.exe** To ignore the whole directories, put a slash in the end of the rule, i.e. **libraries/** To specify full path from the **.gitignore** location start rule with slash, i.e. **/libraries**
Note that there is a difference between **libraries/** and **/libraries/** rule. The first one would ignore all directories named **libraries** in the whole project whereas the second one would ignore only the **libraries** directory in the same location as .gitignore file.
Also, it's worth to know that there are [many predefined .gitignores for specific environments](https://github.com/github/gitignore) so you don't have to invent your own. There is even a .gitignore generator.
### commands
```bash
$ touch .gitigniore
$ vim .gitigniore
*.exe
*.o
*.jar
libraries/*
libraries\*
```
```bash
$ git add .gitignore
$ git commit -am "gitignore"
[ignore-them 85217dc] gitignore
1 file changed, 0 insertions(+), 0 deletions(-)
rename .gitigniore => .gitignore (100%)
Status: **PASSED**
You can see the easiest known solution and further info at:
https://gitexercises.fracz.com/e/ignore-them/9l2
Next task: chase-branch
In order to start, execute: git start next
See your progress and instructions at:
https://gitexercises.fracz.com/c/9l2
```
## 5. Chase branch that escaped
### Instructions
You are currently on chase-branch branch. There is also escaped branch that has two more commits.
HEAD
|
chase-branch escaped
| |
A <----- B <----- C
You want to make chase-branch to point to the same commit as the escaped branch.
escaped
|
A <----- B <----- C
|
chase-branch
|
HEAD
The easiest solution
Further info
Because the chase branch was direct ancestor of the escaped branch, the pointer could be simply moved and no merge commit is necessary (also, conflicts are impossible to happen in such situations).
This is what Git calls as Fast-Forward merge because the branch pointer is only fast forwarded to the commit you are merging with.
Note that you could easily fool this task by executing command
>git push origin escaped:chase-branch
Remote repository could not tell then if you have done the merge or if you just wanted to set the remote chase-branch to point to the same commit as your local escaped branch (which is what the command above does).
See also: Basic Branching and Merging from Git Book.
### commands
>$ git merge escaped
## 6. Resolve a merge conflict
### Instructions
Merge conflict appears when you change the same part of the same file differently in the two branches you're merging together. Conflicts require developer to solve them by hand.
Your repository looks like this:
```
HEAD
|
merge-conflict
|
A <----- B
\
\----- C
|
```
another-piece-of-work
You want to **merge the another-piece-of-work** into your current branch. This will cause a merge conflict which you have to resolve. Your repository should look like this:
```
HEAD
|
merge-conflict
|
A <----- B <----- D
\ /
\----- C <----/
|
another-piece-of-work
```
### How to resolve merge conflicts using the command line
The most direct way to resolve a merge conflict is to edit the conflicted file. Open the merge.txt file in your favorite editor. For our example lets simply remove all the conflict dividers. The modified merge.txt content should then look like:
```
this is some content to mess with
content to append
totally different content to merge later
```
Once the file has been edited use git add merge.txt to stage the new merged content. To finalize the merge create a new commit by executing:
>git commit -m "merged and resolved the conflict in merge.txt"
Git will see that the conflict has been resolved and creates a new merge commit to finalize the merge.
## Git commands that can help resolve merge conflicts
### General tools
>git status
The status command is in frequent use when a working with Git and during a merge it will help identify conflicted files.
>git log --merge
Passing the --merge argument to the git log command will produce a log with a list of commits that conflict between the merging branches.
> git diff
diff helps find differences between states of a repository/files. This is useful in predicting and preventing merge conflicts.
### Tools for when git fails to start a merge
>git checkout
checkout can be used for undoing changes to files, or for changing branches
>git reset --mixed
reset can be used to undo changes to the working directory and staging area.
### Tools for when git conflicts arise during a merge
>git merge --abort
Executing git merge with the --abort option will exit from the merge process and return the branch to the state before the merge began.
>git reset
Git reset can be used during a merge conflict to reset conflicted files to a know good state
## The easiest solution
### Further info
Because the branches have diverged, fast-forward merge strategy could not be applied. Therefore, a merge conflict was possible. Because two branches made changes in the same file and near the same line, Git decided not to handle the situation itself but to throw a merge conflict (letting user decide what to do).
After you resolve the conflict, you need to add it to staging area to tell Git that you have handled the situation. **git commit** then continues the merging process.
However, when Git stops and tells you that there is a conflict to resolve, you are not left on your own. There are some tricks that can make conflict resolution process a lot easier.
- By default, Git shows only your changes and their changes of conflicting lines. This will look like this:
```
<<<<<<< HEAD
2 + ? = 5
=======
? + 3 = 5
>>>>>>> another-piece-of-work
```
It is often very helpful to see also how the code looked like before both of these changes. Seeing more context can help figure out good conflict resolution a lot faster. You can [checkout each file in diff3 mode](http://git-scm.com/book/en/v2/Git-Tools-Advanced-Merging#_checking_out_conflicts) that shows all three states of conflicting lines.
>git checkout --conflict=diff3 equation.txt
Conflict in **equation.txt** will be presented now as:
```
<<<<<< HEAD
2 + ? = 5
||||||| merged common ancestors
? + ? = 5
=======
? + 3 = 5
>>>>>>> another-piece-of-work
```
If you like the **diff3** presentation of conflicts, you can enable them by default with
>git config merge.conflictstyle diff3
- Sometimes you want either discard your changes or their changes that introduces the conflict. You can do that easily with
> git checkout --ours equation.txt
It's also worth to read the [Basic Branching and Merging](http://git-scm.com/book/en/v2/Git-Branching-Basic-Branching-and-Merging) from the Git Book.
### commands
```bash
137 vim equation.txt
138 git merge another-piece-of-work
139 cat equation.txt
140 vim equation.txt
141 git merge another-piece-of-work
142 cat equation.txt
143 git add equation.txt
144 git commit -m "merge equation"
145 git verify
146 git start next
```
## 7. Saving your work
### Instructions
You are working hard on a regular issue while your boss comes in and wants you to fix a bug. State of your current working area is a total mess so you don't feel comfortable with making a commit now. However, you need to fix the found bug ASAP.
Git lets you to save your work on a side and continue it later. Find appropriate Git tool and use it to handle the situation appropriately.
Look for a bug to remove in bug.txt.
After you commit the bugfix, get back to your work. Finish it by adding a new line to bug.txt with
Finally, finished it!
Then, commit your work after bugfix.
### Hint
1. Use [git stash](https://git-scm.com/docs/git-stash) to save your current work in background and clean the working area.
2. Fix the bug.
3. Use **git stash pop** to reapply your changes to working area.
Finish your work (see instructions)
```bash
$ git pull
...
file foobar not up to date, cannot merge.
$ git stash
$ git pull
$ git stash pop
```
## The easiest solution
### Further info
It's hard to verify if you have done this task correctly.
Its aim was to demonstrate **git stash** feature. When you run this command on dirty working area, it will save its state in stashed changes. You can do another work then, make any commits, checkout to any branch and then get the stashed changes back. You can think of stash as an intelligent Git clipboard.
An interesting option of stash command is the **--keep-index** which allows to stash all changes that were not added to staging area yet.
Keep in mind that applying stash might lead to conflicts if your working area introducted changes conflicting with stash. Therefore, its often safer to run **git stash apply** instead of **git stash pop** (the first one does not remove stashed changes).
Last thing to remember is that stashes are only local - you can't push them to remote repository.
See Stashing in the Git Book.
# Commands
```bash
149 **git stash**
150 **git pull**
151 ls
152 git status
153 **vim bug.txt**
154 ls
155 git status
156 **git add bug.txt**
157 **git commit -m "Hotfix"**
158 **git stash pop**
159 **vim bug.txt**
160 **git add bug.txt**
161 git commit -m "after bug fix"
162 git verify
163 git log
164 git reset --soft b62a9b25b4f7da5e94c1fc754fd2803d7bfe8107
165 git status
166 vim bug.txt
167 **git add program.txt**
168 **git commit -m "after bug fix"**
```
## 8. Change branch history
### Instructions
You were working on a regular issue while your boss came in and told you to fix recent bug in an application. Because your work on the issue hasn't been done yet, you decided to go back where you started and do a bug fix there.
Your repository look like this:
```
HEAD
|
change-branch-history
|
A <----- B
\
\----- C
|
hot-bugfix
```
Now you realized that the bug is really annoying and you don't want to continue your work without the fix you have made. You wish your repository looked like you started after fixing a bug.
```
HEAD
|
change-branch-history
|
A <----- C <----- B
|
hot-bugfix
```
Achieve that.
### Hint
You need to use [git rebase](https://git-scm.com/docs/git-rebase) command.

BIN
Git/img/git_log.PNG
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 19 KiB

BIN
Git/img/tig.PNG
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 28 KiB

316
Git/readme.md
View File

@ -1,316 +0,0 @@
# Git
## Description
Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency.
## Useful links
- a very handy [cheat sheet](https://gitea.86thumbs.net/waldek/LinuxSysAdminsDoc/raw/branch/master/Git/SWTM-2088_Atlassian-Git-Cheatsheet.pdf) in pdf outlines the basic Git commands to help you learn git, as well as more advanced concepts such as Git branches, remote repositories, undoing changes, and much much more
- the main git [documentation](https://git-scm.com/book/en/v2) is an excellent reference manual
## Git System
The diagram below outlines the main gt commands and how they relate to the version control system.
In our classes the **local** is the repository on your own computer and the **remote** is the corresponding repository you create on our [gitea](https://gitea.86thumbs.net/) server.
Nothing is stopping you from hosting your own gitea server or pushing your local repository to a third party server such as [gitlab](https://about.gitlab.com/).
![Git System](img/Git_Guide.png)
A remote repository is often referenced by the name **origin** but this naming is fully up to you.
If you would push to multiple remote locations you could for example add one named gitea for our own and gitlab for your gitlab account.
```bash
git remote add gitea https://gitea.86thumbs.net/USER/REPOSITORY.git
git remote add gitlab https://gitlab.com/USER/REPOSITORY.git
```
# Basic commands
## Git clone
Clone repo located at **\<repo>** onto local machine. Original repo can be located on the local file system or on a remote machine via **HTTPS** or **SSH**.
Throughout the classes you'll first clone via HTTPS but once we'll learn about [RSA](https://en.wikipedia.org/wiki/RSA_(cryptosystem)) you'll be able to clone, push and pull over SSH.
```bash
git clone $REPOSITORY_URL
```
## Git config --global name & email
Before you can use git you **need** to identity yourself.
Git uses this information in each commit so we can keep track of **who** did **what** **when**.
```bash
git config --global user.name "$FISTNAME $LASTNAME"
git config --global user.email "$EMAIL"
```
Name and email are **required** configuration settings but there are a lot more settings you can change to your liking.
For example you can set the user interface to have colors by default by setting the following configuration.
```bash
git config --global color.ui auto
```
All of the possible configuration settings can be seen my running:
```bash
man git-config
```
Additionally you can read up on all of these settings a bit more on the [documentation page](https://www.git-scm.com/book/en/v2/Customizing-Git-Git-Configuration) online.
## Git init
To initialize an existing directory as a Git repository you have to input the following command into a shell.
On windows your best bet is to launch a **git bash** shell by right clicking in the folder.
On linux you can just open a terminal, navigate to the desired directory and execute the command.
```bash
git init
```
If you want to create a new directory with git version control inside it you run the following command.
```bash
git init $DIR_NAME
```
## Git status
List which files are staged, unstaged, and untracked.
This gives you a good overview of the current state of you repository and hints towards which files you can or should stage.
```bash
git status
```
## Git add
By staging files you put them in the list to be added to the next commit.
You can add one or more files at the same time.
Complete directories can also be added.
```bash
git add readme.md image.jpg
```
## Git rm
Delete the file from project and stage the removal for commit.
Do keep in mind that this removes the file from the next commit but the file will still exist in the previous commits.This makes it very difficult to *lose* files for ever.
```bash
git rm $FILENAME
```
Change an existing file path and stage the move.
```bash
git mv $OLDPATH $NEWPATH
```
Show all commit logs with indication of any paths that moved.
```bash
git log --stat -M
```
If you ever *lose* a file you can use the following command to locate when files got deleted.
Remember that *when* is tied to a commit.
Once you find the commit you can check out only that file to bring it back to your working directory.
```bash
git log --all --full-history -- "**/$FILENAME*"
git log --all --full-history -- $PATH_TO_FILE
git show $SHA -- $PATH_TO_FILE
git checkout $SHA^ -- $PATH_TO_FILE
```
## Git commit
You commit your staged content as a new commit snapshot with the following command.
The message you include in the commit is fully up to you but as a general rule of thumb it should explain what the commit does.
For example: this commit *"adds pictures to the asset folder"*
Some projects have serious commit message [guidelines](https://www.datree.io/resources/git-commit-message), others not.
```bash
git commit -m "$YOUR_COMMIT_MESSAGE"
```
If the identity is not correct you can fix this this the following command.
```bash
git commit --amend --reset-author
```
## Git diff
Show unstaged changes between your index and working directory.
Unstaged changes are files that have changes to them and have not been added with the *git add $FILENAME* command.
```bash
git diff
```
## Git log
Show all commits in the current branchs history.
This can be very handy, especially if the commit messages give a clean idea of *what* the commit does.
```bash
git log
```
More elaborate log view can be accieved with optional argument.
Some handy ones are listed below.
### Graphs
The --graph option draws an ASCII graph representing the branch structure of the commit history.
This is commonly used in conjunction with the --oneline and --decorate commands to make it easier to see which commit belongs to which branch:
```bash
git log --graph --oneline --decorate
```
The image below visualizes this output.
![git log with graph option](img/git_log.PNG)
## Tig
Tig is an additional program that can be used to inspect and visualize the commit history.
It uses the underlying Git commands to present the user with various views, such as summarized commit log and showing the commit with the log message, diffstat, and the diff.
As it's a command line program wherein you can navigate, select, etc, we can call it a [tui](https://itsfoss.com/gui-cli-tui/).
It comes installed by default with git in windows but on debian you have to install it manually.
```bash
sudo apt install tig
```
Tig allows you to browse changes in a Git repository and can additionally act as a pager for output of various Git commands.
When used as a pager, it will display input from stdin and colorize it.
To use tig you have to be inside a git repository and invoke the following command.
```bash
tig
```
![tig](img/tig.PNG)
#
# SHARE & UPDATE
#
### Retrieving updates from another repository and updating local repos
=================================
add a git URL as an alias
>git remote add [alias] [url]
fetch down all the branches from that Git remote
>git fetch [alias]
merge a remote branch into your current branch to bring it up to date
>git merge [alias]/[branch]
Transmit local branch commits to the remote repository branch
>git push [alias] [branch]
>git pull
fetch and merge any commits from the tracking remote branch
## BRANCH & MERGE
### Isolating work in branches, changing context, and integrating changes
![Remote Execution](img/Branching.png)
>git branch
list your branches. a * will appear next to the currently active branch
>git branch [branch-name]
create a new branch at the current commit
>git checkout
switch to another branch and check it out into your working directory
>git checkout -b|-B <new_branch> [<start point>]
Specifying -b causes a new branch to be created as if git-branch(1) were called and then checked out.
If -B is given, <new_branch> is created if it doesnt exist; otherwise, it is reset. This is the transactional equivalent of
>git merge [branch]
merge the specified branchs history into the current one
>git log
show all commits in the current branchs history
## TRACKING PATH CHANGES
### Checker le satus
> git status
Ajouter un element dans la branche
> git add Readme.md
Commit les changement
> git commit -m "First commit"
Show all commit
>git checkout
Merge
>git merge
## Saving your uncommitted work for a quick fix then getting it back
>git stash
temporarily stash your work since your last commit
>git stash pop
fetch your stashed work to continue it
$ git stash pop stash@{2}
in case you want to apply a specific Stash item (not the most recent one), you can provide the index name of that item in the "pop" option
## Rewriting history
>git commit --amend -m "New commit message"
replace the last commit
>git commit --amend --no-edit
replace the last commit without changing the commit message
>git rebase -i {branch}
take the precedent commit and add it to your branch
## Ignoring files
>touch .gitignore && echo {what you want to ignore} >> .gitignore
create a file and specify what (extensions, directories, files) to ignore in it
>git rm --cached {fileignored}
remove from the tracking index a file that should be ignored but wasnt because already tracked when the ignore rule was created

488
Linux/basic_cmd.md
View File

@ -1,488 +0,0 @@
# Linux
## Absolute Path vs Relative Path in Linux/Unix
### What is a path?
A path is a unique location to a file or a folder in a file system of an OS. A path to a file is a combination of / and alpha-numeric characters.
### What is an absolute path?
An absolute path is defined as the specifying the location of a file or directory from the root directory(/). In other words we can say absolute path is a complete path from start of actual filesystem from / directory.
### Some examples of absolute path:
```bash
/var/ftp/pub
/etc/samba.smb.conf
/boot/grub/grub.conf
```
If you see all these paths started from / directory which is a root directory for every Linux/Unix machines.
### What is the relative path?
Relative path is defined as path related to the present working directory(pwd). Suppose I am located in /var/log and I want to change directory to /var/log/kernel. I can use relative path concept to change directory to kernel
changing directory to /var/log/kernel by using relative path concept.
```bash
$ pwd/var/logcd kernel
```
Note: If you observe there is no / before kernel which indicates itâs a relative directory to present working directory.
Changing directory to /var/log/kernel using absolute path concept.
```bash
$ cd /var/log/kernel
```
Note: We can use an absolute path from any location where as if you want to use relative path we should be present in a directory where we are going to specify relative to that present working directory.
# Basic Linux Command
## help
### Man: an interface to the on-line reference manuals
```bash
$ man ls
```
## Wildcard
### \* show all picture (multiple char)
```bash
$ ls pic*
```
### **?** show only picture between 50 and 59 (only one char)
```bash
$ ls pic5?.jpg
```
### [] show only if char in [p-P]
```bash
$ ls [pP]ic*
```
## Files and directory
### ls: list directory contents
```bash
$ ls
$args = -l -a -r -t -h --help
```
### Pwd: output the current working directory
```bash
$ pwd
```
### Cd: Change directory
```bash
$ cd
```
back to previous folder
```bash
$ cd -
```
### Mkdir: Make directory
```bash
$ mkdir test1 test2 test3
$ mkdir -p lol/lol/lol
```
-p to create parent directory if needed
### Rmdir: Remove directory
```bash
$ rmdir filename
$ rm -rf filename
```
Delete all of the files in the diectory including all subdirectories and tier contents
```bash
$ rm -r \* .\*
```
Remove all files with the .doc extension recursively in the current working directory.
```bash
$ rm \*\*/\*.doc
```
### Mv: Move directory (can be used to rename a file)
```bash
$ mv file /opt/movedfile
```
### Cp: Copy file or directory
```bash
$ cp file /opt/newcopiedfile
```
### Touch: change file timestamps but it can also create files
```bash
$ touch nomdefichier.md
$ touch pic{00..99}.jpeg # does not work
```
### Which: Searching the PATH for executable files matching the names of the arguments
```bash
$ which ls
```
### File: file — determine file type
```bash
$ file myfile
```
## file viewer
### More: file perusal filter for crt viewing
```bash
$ more filename
```
### Less: opposite of more but Less is more ;)
```bash
$ less filename
```
### Cat: concatenate files and print on the standard output
```bash
$ cat filename
```
### tail : output the last part of files
```bash
$ tail -n 5 Workspace/SysAdminTraining/LinuxSysAdminsDoc/Linux/basic_cmd.md
- dhclient > get ip
- gnome networkmanager
- wpa_supplicant > encryption @ wifi
![htop](./img/htop.png)
```
Args -n define the number of line needed
## Users
### adduser, addgroup - add a user or group to the system
```bash
$ sudo adduser steve
[sudo] password for r4v3n:
Sorry, try again.
[sudo] password for r4v3n:
Adding user `steve' ...
Adding new group `steve' (1002) ...
Adding new user `steve' (1002) with group `steve' ...
Creating home directory `/home/steve' ...
Copying files from `/etc/skel' ...
New password:
Retype new password:
passwd: password updated successfully
Changing the user information for steve
Enter the new value, or press ENTER for the default
Full Name []:
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n] y
```
### user skeleton: skeleton files used for new user configuration
```bash
$ ls /etc/skel/
$ ls -a 0 (0.002s) < 05:21:24
./ ../ .bash_logout .bashrc .profile
```
### Change user
```bash
$ su - marie
```
## Permissions
### Chmod: change file mode bits
A combination of the letters **ugoa** controls which users' access to the file will be changed:
- the user who owns it (u),
- other users in the file's group (g),
- other users not in the file's group (o),
- or all users (a).
If none of these are given, the effect is as if (a) were given, but bits that are set in the umask are not affected.
![file permissions](./img/file_permission.png)
```bash
marie@d3bi4n:~$ ls -l
total 4
-rw-r--r-- 1 marie marie 12 Apr 7 05:44 test
> $ chmod o-r mysecret
> -rw-r--**-**-- 1 marie marie 12 Apr 7 05:44 test
> $ chmod o+**rw** myscret
> -rw-r--**rw**- 1 marie marie 12 Apr 7 05:44 test
```
## Using chmod in absolute mode
In the absolute mode, permissions are represented in numeric form (octal system to be precise). In this system, each file permission is represented by a number.
- r (read) = 4
- w (write) = 2
- x (execute) = 1
- (no permission) = 0
With these numeric values, you can combine them and thus one number can be used to represent the entire permission set.
| Number | Permission |
|--------|------------|
| 0 | — |
| 1 | x |
| 2 | -w- |
| 3 (i.e. 2+1) | -wx |
| 4 | r |
| 5 (i.e. 4+1) | r-x |
| 6 (i.e. 4+2) | rw- |
| 7 (i.e. 4+2+1) | rwx |
### most commonly used: 755 644 600 640
Can you guess the file permission in numbers on agatha.txt file in our example so far? Thats right, its 764.
Now that you know what number represents which permission, lets see how to change file permission using this knowledge.
Suppose you want to change the file permission on agatha.txt so that everyone can read and write but no one can execute it? In that case, you can use the chmod command like this:
```bash
$ chmod 666 agatha.txt
```
## Danger : if a folder has not the X (executable) right => you cannot open it.
-R for recursive on folder
If you list agatha.txt now, youll see that the permission has been changed.
```bash
> -rw-rw-rw- 1 abhishek abhishek 457 Aug 10 11:55 agatha.txt
```
### Chown: change file owner and group
```bash
$ sudo chown marie:marie agatha.txt
-rw-rw-rw- 1 marie marie 457 Aug 10 11:56 agatha.txt
```
### Groups: print the groups a user is in
```bash
$ groups
```
Adds user marie into steve group
```bash
$ sudo adduser marie steve
Adding user `marie' to group `steve' ...
Adding user marie to group steve
Done.
marie@d3bi4n:~$ groups
marie steve
```
## Sysadmin tools
### Who:
```bash
student@debianserver:/var/log$ who
waldek tty1 2021-04-08 11:06
student pts/0 2021-04-08 11:13 (172.30.6.87)
student pts/1 2021-04-08 11:14 (172.30.6.90)
student pts/2 2021-04-08 11:14 (172.30.6.98)
student pts/3 2021-04-08 11:21 (172.30.6.97)
student pts/4 2021-04-08 11:15 (172.30.6.83)
student pts/5 2021-04-08 11:15 (172.30.6.96)
student pts/6 2021-04-08 11:23 (172.30.6.92)
student pts/8 2021-04-08 11:15 (172.30.6.82)
student pts/9 2021-04-08 11:17 (172.30.6.84)
student pts/10 2021-04-08 11:16 (172.30.6.85)
student pts/11 2021-04-08 11:17 (172.30.6.86)
student tty2 2021-04-08 11:24
```
pts pseudo terminal remote
tty1 user loger localy on the machine
### Wall: write a message to all users
```bash
student@debianserver:/var/log$ wall 110101101101010
Broadcast message from student@debianserver (pts/10) (Thu Apr 8 11:29:42 2021)
110101101101010
```
### & vs &&
```bash
$ apt update && upgrade
# && launch both instance one after the other
$ sleep 10 & htop
& launch in background the sleep 10 process and open htop
```
### exit status
```bash
$ ls thisnotexist
ls: cannot access 'thisnotexist': No such file or directory
$ echo $?
2
$ ls
Desktop Documents Downloads Music Pictures Public Templates Videos Workspace
$ echo $?
0
r4v3n@d3bi4n:~$
```
### Display Environement variables
```bash
$ env
SHELL=/bin/bash
XDG_CURRENT_DESKTOP=GNOME
...
```
### Get users password hases:
```bash
$ cat /etc/shadow | grep bash
# get hashes
$ sudo cat /etc/shadow | cut -d ":" -f2
# get name
$ sudo cat /etc/shadow | cut -d ":" -f1
```
### How to create a symbolic link in Linux
To create a symbolic link to target file from link name,
you can use the ln command with -s option like this:
```bash
$ ln -s target_file link_name
```
### alias:
```bash
$ alias ll="ls -l"
```
The -s option is important here. It determines that the link is soft link. If you dont use it, it will create a hard link. Ill explain the difference between soft links and hard links in a different article.
### Htop: Interactive processes viewer
```bash
$ htop
```
### Changer default shell
```bash
$ vim /etc/passwd
steve:x:1002:1002:,,,:/home/steve:/bin/bash
steve:x:1002:1002:,,,:/home/steve:/bin/fish
```
## how to navigate in a web page source code
### Pipe | : pipe send result of the first command to the second
```bash
$ cat /etc/passwd **|** **grep** bash |**cut** -d ":" -f1
```
### Grep: print lines that match patterns
Search for specific text with grep command
```bash
$ grep -l example document1.txt document2.txt
$ grep -l example \*.txt
```
grep as long as you include the -r (recursive) option in the command.
```bash
$ grep -lr example /path/to/directory1/\*.txt /path/to/directory2
```
Or, to search the current directory and all subdirectories, omit the path at the end of the command.
```bash
$ grep -lr example
```
### Cut: remove sections from each line of files
```bash
> $
```
### Wc: print newline, word, and byte counts for each file
```bash
$ wc -l
```
### Realpath
```bash
$ realpath example.txt
/home/username/example.txt
```
### Wget: The non-interactive network downloader
```bash
$ wget www.tandemlaw.be
```
search url inside index.html
[Bashoneliners.com](bashoneliners.com)
```bash
$ cat index.html | grep -o "https.*" |cut -d "\"" -f1 |sort | uniq
```
## text editor
### Nano: Nano's ANOther editor, an enhanced free Pico clone
(simple text editor for noobies)
```bash
$ nano
$ nano filename
```
### VIM: vim - Vi IMproved, a programmer's text editor (PGM)
``` bash
$ vim
$ vim filename
```
# APT
```bash
$ apt install
$ apt remove
$ apt autoremove
$ apt update
```
## Display & Destop Manager
### Architecture:
```bash
BIOS -> GRUB -> Display Manager -> Desktop Environement
```
### Install Desktop Environement (GUI)
```bash
$ tasksel
$ apt install gnome
$ apt remove gnome
```
### Reconfigurer le display manager
```bash
$ sudo dpkg-reconfigure gdm3
```
### Installer le display manager
```bash
$ sudo apt install lightdm
$ sudo apt install gdm3
```
### remove Desktop environement
```bash
$ sudo apt remove lightdm
```
# Services
- HTOP
- dhclient > get ip
- gnome networkmanager
- wpa_supplicant > encryption @ wifi
![htop](./img/htop.png)

74
Linux/cheatsheet-18.md
View File

@ -1,74 +0,0 @@
| **Command** | **Description** |
| --------------|-------------------|
| `man <tool>` | Opens man pages for the specified tool. |
| `<tool> -h` | Prints the help page of the tool. |
| `apropos <keyword>` | Searches through man pages' descriptions for instances of a given keyword. |
| `cat` | Concatenate and print files. |
| `whoami` | Displays current username. |
| `id` | Returns users identity. |
| `hostname` | Sets or prints the name of the current host system. |
| `uname` | Prints operating system name. |
| `pwd` | Returns working directory name. |
| `ifconfig` | The `ifconfig` utility is used to assign or view an address to a network interface and/or configure network interface parameters. |
| `ip` | Ip is a utility to show or manipulate routing, network devices, interfaces, and tunnels. |
| `netstat` | Shows network status. |
| `ss` | Another utility to investigate sockets. |
| `ps` | Shows process status. |
| `who` | Displays who is logged in. |
| `env` | Prints environment or sets and executes a command. |
| `lsblk` | Lists block devices. |
| `lsusb` | Lists USB devices. |
| `lsof` | Lists opened files. |
| `lspci` | Lists PCI devices. |
| `sudo` | Execute command as a different user. |
| `su` | The `su` utility requests appropriate user credentials via PAM and switches to that user ID (the default user is the superuser). A shell is then executed. |
| `useradd` | Creates a new user or update default new user information. |
| `userdel` | Deletes a user account and related files. |
| `usermod` | Modifies a user account. |
| `addgroup` | Adds a group to the system. |
| `delgroup` | Removes a group from the system. |
| `passwd` | Changes user password. |
| `dpkg` | Install, remove and configure Debian-based packages. |
| `apt` | High-level package management command-line utility. |
| `aptitude` | Alternative to `apt`. |
| `snap` | Install, remove and configure snap packages. |
| `gem` | Standard package manager for Ruby. |
| `pip` | Standard package manager for Python. |
| `git` | Revision control system command-line utility. |
| `systemctl` | Command-line based service and systemd control manager. |
| `ps` | Prints a snapshot of the current processes. |
| `journalctl` | Query the systemd journal. |
| `kill` | Sends a signal to a process. |
| `bg` | Puts a process into background. |
| `jobs` | Lists all processes that are running in the background. |
| `fg` | Puts a process into the foreground. |
| `curl` | Command-line utility to transfer data from or to a server. |
| `wget` | An alternative to `curl` that downloads files from FTP or HTTP(s) server. |
| `python3 -m http.server` | Starts a Python3 web server on TCP port 8000. |
| `ls` | Lists directory contents. |
| `cd` | Changes the directory. |
| `clear` | Clears the terminal. |
| `touch` | Creates an empty file. |
| `mkdir` | Creates a directory. |
| `tree` | Lists the contents of a directory recursively. |
| `mv` | Move or rename files or directories. |
| `cp` | Copy files or directories. |
| `nano` | Terminal based text editor. |
| `which` | Returns the path to a file or link. |
| `find` | Searches for files in a directory hierarchy. |
| `updatedb` | Updates the locale database for existing contents on the system. |
| `locate` | Uses the locale database to find contents on the system. |
| `more` | Pager that is used to read STDOUT or files. |
| `less` | An alternative to `more` with more features. |
| `head` | Prints the first ten lines of STDOUT or a file. |
| `tail` | Prints the last ten lines of STDOUT or a file. |
| `sort` | Sorts the contents of STDOUT or a file. |
| `grep` | Searches for specific results that contain given patterns. |
| `cut` | Removes sections from each line of files. |
| `tr` | Replaces certain characters. |
| `column` | Command-line based utility that formats its input into multiple columns. |
| `awk` | Pattern scanning and processing language. |
| `sed` | A stream editor for filtering and transforming text. |
| `wc` | Prints newline, word, and byte counts for a given input. |
| `chmod` | Changes permission of a file or directory. |
| `chown` | Changes the owner and group of a file or directory. |

8
Linux/fish_theme
View File

@ -1,8 +0,0 @@
# Fish Shell Themes
- shellder
- rider
- neolambda
- lambda
- lavander +
- harleen ++

33
Linux/how_2_create_bash_alias.md
View File

@ -1,33 +0,0 @@
# How to Create a Bash Alias
1. Open your .bashrc file
Using a text editor, open your .bashrc file, which is typically found in your home directory.
> vim ~/.bashrc
### Why .bashrc?
This file is loaded whenever a new bash instance is started and should included bash-specific commands, like aliases.
2. Create the alias
The anatomy of an alias is as follows:
> alias alias_name="text to alias"
Here is a common example:
> alias ll="ls -lha"
This means that whenever you type ll, it will be as if you had typed ls -lha.
It is basically a substitution, so if you have an alias set up like this: alias g="git". Then you can type g pull, which will execute git pull.
3. Reload your bashrc
If you'd like to use your alias, you can either open a new bash shell, or source your .bashrc file in your current shell using:
> source ~/.bashrc
This basically executes everything in your .bashrc file as if you had typed each command.

BIN
Linux/img/file_permission.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 20 KiB

BIN
Linux/img/htop.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 243 KiB

13
Linux/readme.md
View File

@ -1,13 +0,0 @@
# Linux
## overview
- Linux basics
- Files and Directory
- Users & Groups
- Privileges
- Linux tools
- SSH
- SSH client
- SSH server
- SH key
- Vim - [Beginer's guide](https://www.linux.com/training-tutorials/vim-101-beginners-guide-vim/ )

283
Linux/ssh/install_ssh_server.md
View File

@ -1,283 +0,0 @@
#How To Install and Enable SSH Server on Debian 10
[reference](https://devconnected.com/how-to-install-and-enable-ssh-server-on-debian-10/)
This tutorial focuses on setting up and configuring a SSH server on a Debian 10 minimal server
SSH, for Secure Shell, is a network protocol that is used in order to operate remote logins to distant machines within a local network or over Internet. SSH architectures typically includes a SSH server that is used by SSH clients to connect to the remote machine.
As a system administrator, it is very likely that you are using SSH on a daily basis to connect to remote machines across your network.
As a consequence, when new hosts are onboarded to your infrastructure, you may have to configure them to install and enable SSH on them.
In this tutorial, we are going to see how you can install and enable SSH, via OpenSSH, on a Debian 10 distributions.
Table of Contents
Prerequisites
Installing OpenSSH Server on Debian 10
Enabling SSH traffic on your firewall settings
Enable SSH server on system boot
Configuring your SSH server on Debian
Changing SSH default port
Disabling Root Login on your SSH server
Configuring key-based SSH authentication
Restarting your SSH server to apply changes
Connecting to your SSH server
Exiting your SSH server
Disabling your SSH server
Troubleshooting
Debian : SSH connection refused
Debian : SSH access denied
SSH password access denied
SSH key access denied
Debian : Unable to locate package openssh-server
Conclusion
Prerequisites
In order to install a SSH server on Debian 10, you will need to have sudo privileges on your host.
To check whether you have sudo privileges or not, run the following command
$ sudo -l
If you are seeing the following entries on your terminal, it means that you have elevated privileges
Checking sudo privileges on Debian 10
By default, the ssh utility should be installed on your host, even on minimal configurations.
In order to check the version of your SSH utility, you can run the following command
$ ssh -V
Checking SSH version on Debian 10
As you can see, I am running OpenSSH v7.9 with OpenSSL v1.1.1.
Note that it does not mean that SSH servers are installed on my host, it just means that I may able to connect to remote machines as a client using the SSH utility.
It also mean that specific utilities related the SSH protocol (such as scp for example) or related to FTP servers (such as sftp) will be available on my host.
Installing OpenSSH Server on Debian 10
First of all, make sure that your packages are up to date by running an update command
$ sudo apt-get update
Updating apt packages on Debian 10
In order to install a SSH server on Debian 10, run the following command
$ sudo apt-get install openssh-server
The command should run a complete installation process and it should set up all the necessary files for your SSH server.
If the installation was successful, you should now have a sshd service installed on your host.
To check your newly installed service, run the following command
$ sudo systemctl status sshd
Checking ssh server status on Debian 10
By default, your SSH server is going to run on port 22.
This is the default port assigned for SSH communications. You can check if this is the case on your host by running the following netstat command
$ netstat -tulpn | grep 22
Great! Your SSH server is now up and running on your Debian 10 host.
Enabling SSH traffic on your firewall settings
If you are using UFW as a default firewall on your Debian 10 system, it is likely that you need to allow SSH connections on your host.
To enable SSH connections on your host, run the following command
$ sudo ufw allow ssh
Enabling SSH connections with UFW on Debian 10
Enable SSH server on system boot
As you probably saw, your SSH server is now running as a service on your host.
It is also very likely that it is instructed to start at boot time.
To check whether your service is enable or not, you can run the following command
$ sudo systemctl list-unit-files | grep enabled | grep ssh
If no results are shown on your terminal, enable the service and run the command again
$ sudo systemctl enable ssh
Enabling the SSH server on boot on Debian 10
Configuring your SSH server on Debian
Before giving access to users through SSH, it is important to have a set of secure settings to avoid being attacked, especially if your server is running as an online VPS.
As we already saw in the past, SSH attacks are pretty common but they can be avoided if we change default settings available.
By default, your SSH configuration files are located at /etc/ssh/
Listing SSH configuration files in etc
In this directory, you are going to find many different configuration files, but the most important ones are :
ssh_config: defines SSH rules for clients. It means that it defines rules that are applied everytime you use SSH to connect to a remote host or to transfer files between hosts;
sshd_config: defines SSH rules for your SSH server. It is used for example to define the reachable SSH port or to deny specific users from communicating with your server.
We are obviously going to modify the server-wide part of our SSH setup as we are interested in configuring and securing our OpenSSH server.
Changing SSH default port
The first step towards running a secure SSH server is to change the default assigned by the OpenSSH server.
Edit your sshd_config configuration file and look for the following line.
#Port 22
Make sure to change your port to one that is not reserved for other protocols. I will choose 2222 in this case.
Changing the default SSH port
When connecting to your host, if it not running on the default port, you are going to specify the SSH port yourself.
Please refer to the Connecting to your SSH server section for further information.
Disabling Root Login on your SSH server
By default, root login is available on your SSH server.
It should obviously not be the case as it would be a complete disaster if hackers were to login as root on your server.
If by chance you disabled the root account in your Debian 10 installation, you can still configure your SSH server to refuse root login, in case you choose to re-enable your root login one day.
To disable root login on your SSH server, modify the following line
#PermitRootLogin
PermitRootLogin no
Disabling root login for SSH on Debian
Configuring key-based SSH authentication
In SSH, there are two ways of connecting to your host : by using password authentication (what we are doing here), or having a set of SSH keys.
If you are curious about key-based SSH authentication on Debian 10, there is a tutorial available on the subject here.
Restarting your SSH server to apply changes
In order for the changes to be applied, restart your SSH service and make sure that it is correctly restarted
$ sudo systemctl restart sshd
$ sudo systemctl status sshd
SSH server status from systemd
Also, if you change the default port, make sure that the changes were correctly applied by running a simple netstat command
$ netstat -tulpn | grep 2222
Checking SSH port on Linux using netstat
Connecting to your SSH server
In order to connect to your SSH server, you are going to use the ssh command with the following syntax
$ ssh -p <port> <username>@<ip_address>
If you are connecting over a LAN network, make sure to get the local IP address of your machine with the following command
$ sudo ifconfig
Checking local IP using ifconfig
For example, in order to connect to my own instance located at 127.0.0.1, I would run the following command
$ ssh -p 2222 <user>@127.0.0.1
You will be asked to provide your password and to certify that the authenticity of the server is correct.
Connecting to SSH server on Debian 10 Buster
Exiting your SSH server
In order to exit from your SSH server on Debian 10, you can hit Ctrl + D or type logout and your connection will be terminated.
Logout from the SSH server
Disabling your SSH server
In order to disable your SSH server on Debian 10, run the following command
$ sudo systemctl stop sshd
$ sudo systemctl status sshd
Stopping SSH server on Debian 10
From there, your SSH server wont be accessible anymore.
Connection refused from the SSH server
Troubleshooting
In some cases, you may run into many error messages when trying to setup a SSH server on Debian 10.
Here is the list of the common errors you might get during the setup.
Debian : SSH connection refused
Usually, you are getting this error because your firewall is not properly configured on Debian.
To solve “SSH connection refused” you have to double check your UFW firewall settings.
By default, Debian uses UFW as a default firewall, so you might want to check your firewall rules and see if SSH is correctly allowed.
$ sudo ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
If you are using iptables, you can also have a check at your current IP rules with the iptables command.
$ sudo iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
If the rule is not set for SSH, you can set by running the iptables command again.
$ sudo iptables -I INPUT -p tcp -m tcp --dport 22 -j ACCEPT
Debian : SSH access denied
Sometimes, you may be denied the access to your SSH server with this error message “SSH access denied” on Debian.
To solve this issue, it depends on the authentication method you are using.
SSH password access denied
If you are using the password method, double check your password and make sure you are entering it correctly.
Also, it is possible to configure SSH servers to allow only a specific subset of users : if this is the case, make sure you belong to that list.
Finally, if you want to log-in as root, make sure that you modified the “PermitRootLogin” option in your “sshd_config” file.
#PermitRootLogin
PermitRootLogin yes
SSH key access denied
If you are using SSH keys for your SSH authentication, you may need to double check that the key is correctly located in the “authorized_keys” file.
If you are not sure about how to do it, follow our guide about SSH key authentication on Debian 10.
Debian : Unable to locate package openssh-server
For this one, you have to make sure that you have set correctly your APT repositories.
Add the following entry to your sources.list file and update your packages.
$ sudo nano /etc/apt/sources.list
deb http://ftp.us.debian.org/debian wheezy main
$ sudo apt-get update
Conclusion
In this tutorial, you learnt how you can install and configure a SSH server on Debian 10 hosts.
You also learnt about basic configuration options that need to be applied in order to run a secure and robust SSH server over a LAN or over Internet.
If you are curious about Linux system administration, we have a ton of tutorials on the subject in a dedicated category.

531
Linux/ssh/ssh.md
View File

@ -1,531 +0,0 @@
# SSH
## OpenSSH SSH client (remote login program)
- SSH: (SSH client) is a program for logging into a remote machine and for executing commands on a
remote machine
- SSH Server: server
## Fist login to remote server
```bash
$ ssh student@172.30.6.99
The authenticity of host '172.30.6.99 (172.30.6.99)' can't be established.
ECDSA key fingerprint is SHA256:w2XxVfnfPpYCeCjEBzmI0AeuaqiC0Sx1FBwrGmnYh64.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.30.6.99' (ECDSA) to the list of known hosts.
student@172.30.6.99's password:
Connection closed by 172.30.6.99 port 22
```
## Login to remote server
```bash
admin@d3bi4n:~$ ssh student@172.30.6.99
student@172.30.6.99's password:
Linux debianserver 4.19.0-16-amd64 #1 SMP Debian 4.19.181-1 (2021-03-19) x86_64
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Thu Apr 8 11:15:57 2021 from 172.30.6.84
```
ECDSA key finger print is used to validate the server identity for future connection.
## Installing OpenSSH Server on Debian 10
First of all, make sure that your packages are up to date by running an update command
```bash
$ sudo apt-get update
```
Updating apt packages on Debian 10
In order to install a SSH server on Debian 10, run the following command
```bash
$ sudo apt-get install openssh-server
```
The command should run a complete installation process and it should set up all the necessary files for your SSH server.
If the installation was successful, you should now have a sshd service installed on your host.
To check your newly installed service, run the following command
```bash
$ sudo systemctl status sshd
user@w3b-73rv3r:~$ sudo systemctl status sshd
[sudo] password for user:
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2021-04-08 05:35:36 EDT; 10min ago
Docs: man:sshd(8)
man:sshd_config(5)
Process: 490 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS)
Main PID: 499 (sshd)
Tasks: 1 (limit: 4689)
Memory: 3.8M
CGroup: /system.slice/ssh.service
└─499 /usr/sbin/sshd -D
Apr 08 05:35:36 w3b-73rv3r systemd[1]: Starting OpenBSD Secure Shell server...
Apr 08 05:35:36 w3b-73rv3r sshd[499]: Server listening on 0.0.0.0 port 22.
Apr 08 05:35:36 w3b-73rv3r sshd[499]: Server listening on :: port 22.
Apr 08 05:35:36 w3b-73rv3r systemd[1]: Started OpenBSD Secure Shell server.
Apr 08 05:45:17 w3b-73rv3r sshd[1663]: Accepted password for user from 172.30.6.99 port 55748 ssh2
Apr 08 05:45:17 w3b-73rv3r sshd[1663]: pam_unix(sshd:session): session opened for user user by (uid=0)
r4v3n@w3b-73rv3r:~$
```
This tutorial focuses on setting up and configuring a SSH server on a Debian 10 minimal server
SSH, for Secure Shell, is a network protocol that is used in order to operate remote logins to distant machines within a local network or over Internet. SSH architectures typically includes a SSH server that is used by SSH clients to connect to the remote machine.
As a system administrator, it is very likely that you are using SSH on a daily basis to connect to remote machines across your network.
As a consequence, when new hosts are onboarded to your infrastructure, you may have to configure them to install and enable SSH on them.
In this tutorial, we are going to see how you can install and enable SSH, via OpenSSH, on a Debian 10 distributions.
Table of Contents
Prerequisites
Installing OpenSSH Server on Debian 10
Enabling SSH traffic on your firewall settings
Enable SSH server on system boot
Configuring your SSH server on Debian
Changing SSH default port
Disabling Root Login on your SSH server
Configuring key-based SSH authentication
Restarting your SSH server to apply changes
Connecting to your SSH server
Exiting your SSH server
Disabling your SSH server
Troubleshooting
Debian : SSH connection refused
Debian : SSH access denied
SSH password access denied
SSH key access denied
Debian : Unable to locate package openssh-server
Conclusion
Prerequisites
In order to install a SSH server on Debian 10, you will need to have sudo privileges on your host.
To check whether you have sudo privileges or not, run the following command
$ sudo -l
If you are seeing the following entries on your terminal, it means that you have elevated privileges
Checking sudo privileges on Debian 10
By default, the ssh utility should be installed on your host, even on minimal configurations.
In order to check the version of your SSH utility, you can run the following command
$ ssh -V
Checking SSH version on Debian 10
As you can see, I am running OpenSSH v7.9 with OpenSSL v1.1.1.
Note that it does not mean that SSH servers are installed on my host, it just means that I may able to connect to remote machines as a client using the SSH utility.
It also mean that specific utilities related the SSH protocol (such as scp for example) or related to FTP servers (such as sftp) will be available on my host.
Installing OpenSSH Server on Debian 10
First of all, make sure that your packages are up to date by running an update command
$ sudo apt-get update
Updating apt packages on Debian 10
In order to install a SSH server on Debian 10, run the following command
$ sudo apt-get install openssh-server
The command should run a complete installation process and it should set up all the necessary files for your SSH server.
If the installation was successful, you should now have a sshd service installed on your host.
To check your newly installed service, run the following command
$ sudo systemctl status sshd
Checking ssh server status on Debian 10
By default, your SSH server is going to run on port 22.
This is the default port assigned for SSH communications. You can check if this is the case on your host by running the following netstat command
$ netstat -tulpn | grep 22
Great! Your SSH server is now up and running on your Debian 10 host.
Enabling SSH traffic on your firewall settings
If you are using UFW as a default firewall on your Debian 10 system, it is likely that you need to allow SSH connections on your host.
To enable SSH connections on your host, run the following command
$ sudo ufw allow ssh
Enabling SSH connections with UFW on Debian 10
Enable SSH server on system boot
As you probably saw, your SSH server is now running as a service on your host.
It is also very likely that it is instructed to start at boot time.
To check whether your service is enable or not, you can run the following command
$ sudo systemctl list-unit-files | grep enabled | grep ssh
If no results are shown on your terminal, enable the service and run the command again
$ sudo systemctl enable ssh
Configuring your SSH server on Debian
Before giving access to users through SSH, it is important to have a set of secure settings to avoid being attacked, especially if your server is running as an online VPS.
As we already saw in the past, SSH attacks are pretty common but they can be avoided if we change default settings available.
By default, your SSH configuration files are located at /etc/ssh/
Listing SSH configuration files in etc
In this directory, you are going to find many different configuration files, but the most important ones are :
ssh_config: defines SSH rules for clients. It means that it defines rules that are applied everytime you use SSH to connect to a remote host or to transfer files between hosts;
sshd_config: defines SSH rules for your SSH server. It is used for example to define the reachable SSH port or to deny specific users from communicating with your server.
We are obviously going to modify the server-wide part of our SSH setup as we are interested in configuring and securing our OpenSSH server.
Changing SSH default port
The first step towards running a secure SSH server is to change the default assigned by the OpenSSH server.
Edit your sshd_config configuration file and look for the following line.
#Port 22
Make sure to change your port to one that is not reserved for other protocols. I will choose 2222 in this case.
Changing the default SSH port
When connecting to your host, if it not running on the default port, you are going to specify the SSH port yourself.
Please refer to the Connecting to your SSH server section for further information.
Disabling Root Login on your SSH server
By default, root login is available on your SSH server.
It should obviously not be the case as it would be a complete disaster if hackers were to login as root on your server.
If by chance you disabled the root account in your Debian 10 installation, you can still configure your SSH server to refuse root login, in case you choose to re-enable your root login one day.
To disable root login on your SSH server, modify the following line
#PermitRootLogin
PermitRootLogin no
Disabling root login for SSH on Debian
Configuring key-based SSH authentication
In SSH, there are two ways of connecting to your host : by using password authentication (what we are doing here), or having a set of SSH keys.
If you are curious about key-based SSH authentication on Debian 10, there is a tutorial available on the subject here.
Restarting your SSH server to apply changes
In order for the changes to be applied, restart your SSH service and make sure that it is correctly restarted
$ sudo systemctl restart sshd
$ sudo systemctl status sshd
SSH server status from systemd
BasicsLinux System Administration
How To Install and Enable SSH Server on Debian 10
written by schkn
How To Install and Enable SSH Server on Debian 10
This tutorial focuses on setting up and configuring a SSH server on a Debian 10 minimal server
SSH, for Secure Shell, is a network protocol that is used in order to operate remote logins to distant machines within a local network or over Internet. SSH architectures typically includes a SSH server that is used by SSH clients to connect to the remote machine.
As a system administrator, it is very likely that you are using SSH on a daily basis to connect to remote machines across your network.
As a consequence, when new hosts are onboarded to your infrastructure, you may have to configure them to install and enable SSH on them.
In this tutorial, we are going to see how you can install and enable SSH, via OpenSSH, on a Debian 10 distributions.
Table of Contents
Prerequisites
Installing OpenSSH Server on Debian 10
Enabling SSH traffic on your firewall settings
Enable SSH server on system boot
Configuring your SSH server on Debian
Changing SSH default port
Disabling Root Login on your SSH server
Configuring key-based SSH authentication
Restarting your SSH server to apply changes
Connecting to your SSH server
Exiting your SSH server
Disabling your SSH server
Troubleshooting
Debian : SSH connection refused
Debian : SSH access denied
SSH password access denied
SSH key access denied
Debian : Unable to locate package openssh-server
Conclusion
Prerequisites
In order to install a SSH server on Debian 10, you will need to have sudo privileges on your host.
To check whether you have sudo privileges or not, run the following command
$ sudo -l
If you are seeing the following entries on your terminal, it means that you have elevated privileges
Checking sudo privileges on Debian 10
By default, the ssh utility should be installed on your host, even on minimal configurations.
In order to check the version of your SSH utility, you can run the following command
$ ssh -V
Checking SSH version on Debian 10
As you can see, I am running OpenSSH v7.9 with OpenSSL v1.1.1.
Note that it does not mean that SSH servers are installed on my host, it just means that I may able to connect to remote machines as a client using the SSH utility.
It also mean that specific utilities related the SSH protocol (such as scp for example) or related to FTP servers (such as sftp) will be available on my host.
Installing OpenSSH Server on Debian 10
First of all, make sure that your packages are up to date by running an update command
$ sudo apt-get update
Updating apt packages on Debian 10
In order to install a SSH server on Debian 10, run the following command
$ sudo apt-get install openssh-server
The command should run a complete installation process and it should set up all the necessary files for your SSH server.
If the installation was successful, you should now have a sshd service installed on your host.
To check your newly installed service, run the following command
$ sudo systemctl status sshd
Checking ssh server status on Debian 10
By default, your SSH server is going to run on port 22.
This is the default port assigned for SSH communications. You can check if this is the case on your host by running the following netstat command
$ netstat -tulpn | grep 22
Great! Your SSH server is now up and running on your Debian 10 host.
Enabling SSH traffic on your firewall settings
If you are using UFW as a default firewall on your Debian 10 system, it is likely that you need to allow SSH connections on your host.
To enable SSH connections on your host, run the following command
$ sudo ufw allow ssh
Enabling SSH connections with UFW on Debian 10
Enable SSH server on system boot
As you probably saw, your SSH server is now running as a service on your host.
It is also very likely that it is instructed to start at boot time.
To check whether your service is enable or not, you can run the following command
$ sudo systemctl list-unit-files | grep enabled | grep ssh
If no results are shown on your terminal, enable the service and run the command again
$ sudo systemctl enable ssh
Enabling the SSH server on boot on Debian 10
Configuring your SSH server on Debian
Before giving access to users through SSH, it is important to have a set of secure settings to avoid being attacked, especially if your server is running as an online VPS.
As we already saw in the past, SSH attacks are pretty common but they can be avoided if we change default settings available.
By default, your SSH configuration files are located at /etc/ssh/
Listing SSH configuration files in etc
In this directory, you are going to find many different configuration files, but the most important ones are :
ssh_config: defines SSH rules for clients. It means that it defines rules that are applied everytime you use SSH to connect to a remote host or to transfer files between hosts;
sshd_config: defines SSH rules for your SSH server. It is used for example to define the reachable SSH port or to deny specific users from communicating with your server.
We are obviously going to modify the server-wide part of our SSH setup as we are interested in configuring and securing our OpenSSH server.
Changing SSH default port
The first step towards running a secure SSH server is to change the default assigned by the OpenSSH server.
Edit your sshd_config configuration file and look for the following line.
#Port 22
Make sure to change your port to one that is not reserved for other protocols. I will choose 2222 in this case.
Changing the default SSH port
When connecting to your host, if it not running on the default port, you are going to specify the SSH port yourself.
Please refer to the Connecting to your SSH server section for further information.
Disabling Root Login on your SSH server
By default, root login is available on your SSH server.
It should obviously not be the case as it would be a complete disaster if hackers were to login as root on your server.
If by chance you disabled the root account in your Debian 10 installation, you can still configure your SSH server to refuse root login, in case you choose to re-enable your root login one day.
To disable root login on your SSH server, modify the following line
#PermitRootLogin
PermitRootLogin no
Disabling root login for SSH on Debian
Configuring key-based SSH authentication
In SSH, there are two ways of connecting to your host : by using password authentication (what we are doing here), or having a set of SSH keys.
If you are curious about key-based SSH authentication on Debian 10, there is a tutorial available on the subject here.
Restarting your SSH server to apply changes
In order for the changes to be applied, restart your SSH service and make sure that it is correctly restarted
$ sudo systemctl restart sshd
$ sudo systemctl status sshd
SSH server status from systemd
Also, if you change the default port, make sure that the changes were correctly applied by running a simple netstat command
$ netstat -tulpn | grep 2222
Checking SSH port on Linux using netstat
Connecting to your SSH server
In order to connect to your SSH server, you are going to use the ssh command with the following syntax
$ ssh -p <port> <username>@<ip_address>
If you are connecting over a LAN network, make sure to get the local IP address of your machine with the following command
$ sudo ifconfig
Checking local IP using ifconfig
For example, in order to connect to my own instance located at 127.0.0.1, I would run the following command
$ ssh -p 2222 <user>@127.0.0.1
You will be asked to provide your password and to certify that the authenticity of the server is correct.
Connecting to SSH server on Debian 10 Buster
Exiting your SSH server
In order to exit from your SSH server on Debian 10, you can hit Ctrl + D or type logout and your connection will be terminated.
Logout from the SSH server
Disabling your SSH server
In order to disable your SSH server on Debian 10, run the following command
$ sudo systemctl stop sshd
$ sudo systemctl status sshd
From there, your SSH server wont be accessible anymore.
Connection refused from the SSH server
Troubleshooting
In some cases, you may run into many error messages when trying to setup a SSH server on Debian 10.
Here is the list of the common errors you might get during the setup.
Debian : SSH connection refused
Usually, you are getting this error because your firewall is not properly configured on Debian.
To solve “SSH connection refused” you have to double check your UFW firewall settings.
By default, Debian uses UFW as a default firewall, so you might want to check your firewall rules and see if SSH is correctly allowed.
$ sudo ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
If you are using iptables, you can also have a check at your current IP rules with the iptables command.
$ sudo iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
If the rule is not set for SSH, you can set by running the iptables command again.
$ sudo iptables -I INPUT -p tcp -m tcp --dport 22 -j ACCEPT
Debian : SSH access denied
Sometimes, you may be denied the access to your SSH server with this error message “SSH access denied” on Debian.
To solve this issue, it depends on the authentication method you are using.
SSH password access denied
If you are using the password method, double check your password and make sure you are entering it correctly.
Also, it is possible to configure SSH servers to allow only a specific subset of users : if this is the case, make sure you belong to that list.
Finally, if you want to log-in as root, make sure that you modified the “PermitRootLogin” option in your “sshd_config” file.
#PermitRootLogin
PermitRootLogin yes
SSH key access denied
If you are using SSH keys for your SSH authentication, you may need to double check that the key is correctly located in the “authorized_keys” file.
If you are not sure about how to do it, follow our guide about SSH key authentication on Debian 10.
Debian : Unable to locate package openssh-server
For this one, you have to make sure that you have set correctly your APT repositories.
Add the following entry to your sources.list file and update your packages.
$ sudo nano /etc/apt/sources.list
deb http://ftp.us.debian.org/debian wheezy main
$ sudo apt-get update
Conclusion
In this tutorial, you learnt how you can install and configure a SSH server on Debian 10 hosts.
You also learnt about basic configuration options that need to be applied in order to run a secure and robust SSH server over a LAN or over Internet.
If you are curious about Linux system administration, we have a ton of tutorials on the subject in a dedicated category.

245
Linux/ssh/ssh_key.md
View File

@ -1,245 +0,0 @@
# How To Set Up SSH Keys on Debian 10 Buster
The Secure Shell (or SSH) is a cryptographic protocol enabling secure communication between clients and servers.
SSH is widely used to connect to remote Linux systems in a secure way. It is also used in the Windows ecosystem to connect to remote Windows machines via OpenSSH.
SSH has two ways of authenticating users on a machine : either via a password or via a public key authentication system. Using a key-pair authentication, you wont need to type a password to login, everything is going to be automatic.
In this tutorial, we are going describe how to set up SSH keys on a Debian 10 Buster instance.
Table of Contents
1 Create SSH Key Pair on Debian
2 Copy the SSH public key to your client host
a Copy SSH keys using ssh-copy-id
b Copy SSH keys using ssh without ssh-copy-id
c Copy SSH key manually to the client
3 Connect to your remote host with SSH
4 Disable the SSH password authentication
5 Allow/Deny certain users and groups to have SSH access
6 Conclusion
1 Create SSH Key Pair on Debian
Before starting, make sure that you dont have any pre-existing SSH keys into your ssh directory.
Run a simple ls command into your .ssh directory.
$ cd /home/user/.ssh
$ ls -al
SSH directory on Linux
In order to generate a SSH key on Debian, you are going to need the ssh-keygen tool.
By default, ssh-keygen is already installed on Debian 10.
To create a SSH key pair, use the following command.
$ ssh-keygen -t rsa -b 4096 -C "email@example.com"
This ssh-keygen will take care of creating your key.
The -t flag specifies the type of encryption used (in this case RSA).
The -b determines the number of bytes used to create your key. In general, you want to use at least 2048 bytes for a key, but we are going to use 4096 in our case.
Finally, the -C flag provides a comment for the key pair, in this case the e-mail used.
When creating your SSH keys, you will be asked a number of questions.
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):
You can leave this one as default, except if you want to store it in a custom key file.
Enter passphrase (empty for no passphrase)
Choose a strong passphrase for your key. In case somebody steals your key, the passphrase will be required as a second security option.
If you want to automatically connect to your server without being prompted any password, leave the passphrase blank.
Password authentication will be disabled in the next chapters, but you will still be prompted with the passphrase if you decided to define one. Passphrases are recommended for production and sensitive environments.
Enter your passphrase again, and your SSH key should be created.
Set up a SSH key on Debian using ssh-keygen
In this example, my file was created in /home/devconnected/.ssh directory.
Private and public key set up on Debian
As a result of your command, two files were created.
id_rsa: this is the PRIVATE key that is going to be used on the server side to identify incoming client requests. It should obviously not be shared with anybody. It is also used by the client to verify the servers identity.
id_rsa.pub: the “pub” extension stands for “public”. This is the PUBLIC key that is going to be used by clients to connect to the server. This is the file that you are allowed to share with clients.
2 Copy the SSH public key to your client host
In order to copy your newly created SSH key, you should not use an unsecure protocol (like TCP for example) as it would expose your SSH keys to hackers.
If your SSH keys are compromised, there are essentially no benefits in using a secure protocol like SSH.
As a consequence, heres how you should copy your SSH keys to remote hosts.
a Copy SSH keys using ssh-copy-id
To run ssh-copy-id, execute the following command.
$ ssh-copy-id remoteuser@remotehost
You may be prompted with the following question.
The authenticity of host '142.93.103.142' can't be established.
ECDSA key fingerprint is SHA256:/KdeEfkcNce332KdLPqadkKaPapvcN32.
Are you sure you want to continue connecting (yes/no)? yes
Finally, you will be asked to provide the password the remote user.
remoteuser@remotehost's password:
Type in the password. As a result, you should see the following output.
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'remoteuser@remotehost'" and check to make sure that only the key(s) you wanted were added.
On my client host, in the .ssh directory, lets see the files created.
Public key set up on Debian client
Awesome, my client now has an authorized_keys file, specifying the host it can connect to.
Now on my client host, if I try to connect to my server with SSH, I should be able to do it.
b Copy SSH keys using ssh without ssh-copy-id
In case you dont have ssh-copy-id on your instance, you can also use the SSH command to securely transfer your file to the server.
The command is longer but it is as secure as a regular ssh-copy-id command.
Here is the command to copy your SSH keys to your client host.
$ cat ~/.ssh/id_rsa.pub | ssh remoteuser@remoteserver "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"
By running this command, you are going to be asked for the passphrase on the server.
Unlocking a private SSH key on Debian 10
Enter the correct passphrase and click “Unlock”.
With this command, you are taking the content of your public key and sending it over SSH to your remote host.
The command first asserts that you have the .ssh folder on your remote host. The content is appended to the actual content of the authorized_keys file (if already existing).
Lets take a look at our file on the remote host.
Set up SSH public key on Debian 10
Great! The content was correctly appended to our existing authorized_keys file.
c Copy SSH key manually to the client
Another alternative is to copy the content of your public key directly to the client filesystem.
First, display the content of the public key using the cat command.
$ cd /home/user/.ssh
$ cat id_rsa.pub
Displaying SSH public key on Debian
Go to your remote server, and find the .ssh folder on the client. You will need to append the content of the public key to the authorized_keys file on the server.
As you can see, file permissions on this file are restricted, which means that you are going to need sudo rights to modify this file.
$ cd /home/client/.ssh
$ sudo nano authorized_keys
Append your key by simply copying and pasting the content to the end of your existing authorized_keys file.
Appending a public key to the SSH authorized keys
Save your file and exit your text editor.
Now that everything is ready, and that your SSH keys are set up, it is time for you to connect to your host using your keys.
3 Connect to your remote host with SSH
Now that everything is ready, you need to connect to your server using key-based SSH authentication.
To do it, perform a normal SSH connection, like you used to do in the past.
$ ssh user@server_ip
On the first connection, you should be prompted to validate the identity of your server. This is a paragraph that you already saw when you were trying to copy your SSH keys to your client host.
The authenticity of host '142.93.103.142' can't be established.
ECDSA key fingerprint is SHA256:/KdeEfkcNce332KdLPqadkKaPapvcN32.
Are you sure you want to continue connecting (yes/no)? yes
If you defined a passphrase in the previous sections, you will be asked to provide it now.
Enter passphrase for key '/home/user/.ssh/id_rsa'
On success, you are going to be connected to your remote host.
Congratulations! You successfully set up SSH key-based authentication for your servers.
SSH connection shell
4 Disable the SSH password authentication
When you are connecting as a known client (a client that owns a public key for this specific server), you are not going to be asked for a password.
You can be asked for the passphrase if you configured it, but most of the time it is as seamless as connecting directly to your server without any prompt.
However, if you read my article about SSH geolocating, you may remember that hackers may try to brute-force their ways into your server.
SSH bruteforce login trials
Remember all the different combinations tried by hackers to gain access to my servers?
In order to prevent SSH attacks like this from happening, we need to disable password authentication for our server. This way, only users having a key will be able to login on the server.
To disable SSH password authentication, go the /etc/ssh folder, and edit your sshd_config file.
$ sudo nano /etc/ssh/sshd_config
Look for the “PasswordAuthentication” section in this configuration file, and change its value to “No”.
Disabling password authentication for SSH access on Debian
Restart your SSH service, and make sure that everything is working properly.
$ sudo systemctl restart ssh
$ sudo systemctl status ssh
SSH service running on Debian
Awesome!
You have successfully set up SSH keys for your Linux server.
5 Allow/Deny certain users and groups to have SSH access
As an additional security rule, you can allow only certain users to access your server.
Similarly, you can deny specific users from accessing your server, if you want to ban a certain user or group for example.
In order to allow specific users to have SSH access, head over to your SSH configuration file, and add a AllowUsers entry to your file.
Similarly, if you want to whitelist a specific group on your server, add a AllowGroups entry to your SSH configuration file.
$ cd /etc/ssh
$ sudo nano sshd_config
Allowing certain users to access SSH on Debian
To deny certain users from using SSH on your server, add the following entries to your configuration file.
Similarly, if you want to deny certain groups to have SSH access to your server, add a DenyGroups entry to your SSH configuration file.
Denying certain users to access SSH on Debian 10
Restart your SSH service for the modifications to be applied.
$ sudo systemctl restart ssh
$ sudo systemctl status ssh
6 Conclusion
Today, you successfully learned how to set up SSH keys on Debian 10 Buster, but the same steps can be applied to Ubuntu and CentOS machines.
Did you know?
SSH can also be used in order to setup SSH key-based authentication on Git.
Securing your server with SSH keys is a very crucial step if you want to prevent easy yet very effective attacks to be run against your server.
If you have a Debian machine on hosted servers, it is very likely that some bots are trying to access it. SSH Keys set up is one of the steps to make those attacks uneffective.

249
Linux/ssh/ssh_server.md
View File

@ -1,249 +0,0 @@
# How To Install and Enable SSH Server on Debian 10
SSH, for Secure Shell, is a network protocol that is used in order to operate remote logins to distant machines within a local network or over Internet. SSH architectures typically includes a SSH server that is used by SSH clients to connect to the remote machine.
As a system administrator, it is very likely that you are using SSH on a daily basis to connect to remote machines across your network.
As a consequence, when new hosts are onboarded to your infrastructure, you may have to configure them to install and enable SSH on them.
In this tutorial, we are going to see how you can install and enable SSH, via OpenSSH, on a Debian 10 distributions.
# Prerequisites
In order to install a SSH server on Debian 10, you will need to have sudo privileges on your host.
To check whether you have sudo privileges or not, run the following command
> $ sudo -l
By default, the ssh utility should be installed on your host, even on minimal configurations.
In order to check the version of your SSH utility, you can run the following command
> $ ssh -V
# Installing OpenSSH Server on Debian 10
First of all, make sure that your packages are up to date by running an update command
> $ sudo apt-get update
In order to install a SSH server on Debian 10, run the following command
> $ sudo apt-get install openssh-server
The command should run a complete installation process and it should set up all the necessary files for your SSH server.
If the installation was successful, you should now have a sshd service installed on your host.
To check your newly installed service, run the following command
> $ sudo systemctl status sshd
By default, your SSH server is going to run on port 22.
This is the default port assigned for SSH communications. You can check if this is the case on your host by running the following netstat command
> $ netstat -tulpn | grep 22
Great! Your SSH server is now up and running on your Debian 10 host.
Enabling SSH traffic on your firewall settings
If you are using UFW as a default firewall on your Debian 10 system, it is likely that you need to allow SSH connections on your host.
To enable SSH connections on your host, run the following command
$ sudo ufw allow ssh
Enabling SSH connections with UFW on Debian 10
Enable SSH server on system boot
As you probably saw, your SSH server is now running as a service on your host.
It is also very likely that it is instructed to start at boot time.
To check whether your service is enable or not, you can run the following command
$ sudo systemctl list-unit-files | grep enabled | grep ssh
If no results are shown on your terminal, enable the service and run the command again
$ sudo systemctl enable ssh
Enabling the SSH server on boot on Debian 10
Configuring your SSH server on Debian
Before giving access to users through SSH, it is important to have a set of secure settings to avoid being attacked, especially if your server is running as an online VPS.
As we already saw in the past, SSH attacks are pretty common but they can be avoided if we change default settings available.
By default, your SSH configuration files are located at /etc/ssh/
Listing SSH configuration files in etc
In this directory, you are going to find many different configuration files, but the most important ones are :
ssh_config: defines SSH rules for clients. It means that it defines rules that are applied everytime you use SSH to connect to a remote host or to transfer files between hosts;
sshd_config: defines SSH rules for your SSH server. It is used for example to define the reachable SSH port or to deny specific users from communicating with your server.
We are obviously going to modify the server-wide part of our SSH setup as we are interested in configuring and securing our OpenSSH server.
Changing SSH default port
The first step towards running a secure SSH server is to change the default assigned by the OpenSSH server.
Edit your sshd_config configuration file and look for the following line.
#Port 22
Make sure to change your port to one that is not reserved for other protocols. I will choose 2222 in this case.
Changing the default SSH port
When connecting to your host, if it not running on the default port, you are going to specify the SSH port yourself.
Please refer to the Connecting to your SSH server section for further information.
Disabling Root Login on your SSH server
By default, root login is available on your SSH server.
It should obviously not be the case as it would be a complete disaster if hackers were to login as root on your server.
If by chance you disabled the root account in your Debian 10 installation, you can still configure your SSH server to refuse root login, in case you choose to re-enable your root login one day.
To disable root login on your SSH server, modify the following line
#PermitRootLogin
PermitRootLogin no
Disabling root login for SSH on Debian
Configuring key-based SSH authentication
In SSH, there are two ways of connecting to your host : by using password authentication (what we are doing here), or having a set of SSH keys.
If you are curious about key-based SSH authentication on Debian 10, there is a tutorial available on the subject here.
Restarting your SSH server to apply changes
In order for the changes to be applied, restart your SSH service and make sure that it is correctly restarted
$ sudo systemctl restart sshd
$ sudo systemctl status sshd
SSH server status from systemd
Also, if you change the default port, make sure that the changes were correctly applied by running a simple netstat command
$ netstat -tulpn | grep 2222
Checking SSH port on Linux using netstat
Connecting to your SSH server
In order to connect to your SSH server, you are going to use the ssh command with the following syntax
$ ssh -p <port> <username>@<ip_address>
If you are connecting over a LAN network, make sure to get the local IP address of your machine with the following command
$ sudo ifconfig
Checking local IP using ifconfig
For example, in order to connect to my own instance located at 127.0.0.1, I would run the following command
$ ssh -p 2222 <user>@127.0.0.1
You will be asked to provide your password and to certify that the authenticity of the server is correct.
Connecting to SSH server on Debian 10 Buster
Exiting your SSH server
In order to exit from your SSH server on Debian 10, you can hit Ctrl + D or type logout and your connection will be terminated.
Logout from the SSH server
Disabling your SSH server
In order to disable your SSH server on Debian 10, run the following command
```bash
$ sudo systemctl stop sshd
$ sudo systemctl status sshd
```
# Stopping SSH server on Debian 10
From there, your SSH server wont be accessible anymore.
Connection refused from the SSH server
Troubleshooting
In some cases, you may run into many error messages when trying to setup a SSH server on Debian 10.
Here is the list of the common errors you might get during the setup.
# Debian : SSH connection refused
Usually, you are getting this error because your firewall is not properly configured on Debian.
To solve “SSH connection refused” you have to double check your UFW firewall settings.
By default, Debian uses UFW as a default firewall, so you might want to check your firewall rules and see if SSH is correctly allowed.
```bash
$ sudo ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
```
If you are using iptables, you can also have a check at your current IP rules with the iptables command.
$ sudo iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
If the rule is not set for SSH, you can set by running the iptables command again.
$ sudo iptables -I INPUT -p tcp -m tcp --dport 22 -j ACCEPT
Debian : SSH access denied
Sometimes, you may be denied the access to your SSH server with this error message “SSH access denied” on Debian.
To solve this issue, it depends on the authentication method you are using.
SSH password access denied
If you are using the password method, double check your password and make sure you are entering it correctly.
Also, it is possible to configure SSH servers to allow only a specific subset of users : if this is the case, make sure you belong to that list.
Finally, if you want to log-in as root, make sure that you modified the “PermitRootLogin” option in your “sshd_config” file.
```bash
PermitRootLogin
PermitRootLogin yes
```
# SSH key access denied
If you are using SSH keys for your SSH authentication, you may need to double check that the key is correctly located in the “authorized_keys” file.
If you are not sure about how to do it, follow our guide about SSH key authentication on Debian 10.
# Debian : Unable to locate package openssh-server
For this one, you have to make sure that you have set correctly your APT repositories.
Add the following entry to your sources.list file and update your packages.
```bash
$ sudo nano /etc/apt/sources.list
deb http://ftp.us.debian.org/debian wheezy main
$ sudo apt-get update
```
Conclusion
In this tutorial, you learnt how you can install and configure a SSH server on Debian 10 hosts.
You also learnt about basic configuration options that need to be applied in order to run a secure and robust SSH server over a LAN or over Internet.
If you are curious about Linux system administration, we have a ton of tutorials on the subject in a dedicated category.

26
Linux/symbolic_links.md
View File

@ -1,26 +0,0 @@
# What is Symbolic Links in Linux? How to Create Symbolic Links?
[linux Handbook](https://linuxhandbook.com/symbolic-link-linux/)
A symbolic link, also known as a symlink or a soft link, is a special type of file that simply points to another file or directory just like shortcuts in Windows. Creating symbolic link is like creating alias to an actual file.
If you try to access the symbolic link, you actually access the target file to which the symlink points to. Changes performed on the content of the link file changes the content of the actual target file.
If you use the ls command with option -l, this is what a symbolic link looks like:
```bash
lrwxrwxrwx 1 abhishek abhishek 23 Jul 2 08:51 link_prog -> newdir/test_dir/prog.py
```
In most Linux distributions, the links are displayed in a different color than the rest of the entries so that you can distinguish the links from the regular files and directories.
Soft Link Linux Terminal
Soft Link displayed in different color
Symbolic links offer a convenient way to organize and share files. They provide quick access to long and confusing directory paths. They are heavily used in linking libraries in Linux.
Now that you know a little about the symbolic links, lets see how to create them.
How to create a symbolic link in Linux
To create a symbolic link to target file from link name, you can use the ln command with -s option like this:
> ln -s target_file link_name
The -s option is important here. It determines that the link is soft link. If you dont use it, it will create a hard link. Ill explain the difference between soft links and hard links in a different article.

168
Vim/readme.md
View File

@ -1,168 +0,0 @@
# VIM
## VIM Tutors notes
### Cool stuff
- :set nu => ajoute les numeros de lignes
- :set nonu => unset number
### Text editing
- i => Insert
- A => Append text to the end of the line
- diw => delete inner word
- dw => delete a word
### save and quit
- :wq save and quit
- !:q quit without saving
# Lesson 1 SUMMARY
1. The cursor is moved using either the arrow keys or the hjkl keys.
h (left) j (down) k (up) l (right)
2. To start Vim from the shell prompt type: vim FILENAME <ENTER>
3. To exit Vim type: <ESC> :q! <ENTER> to trash all changes.
OR type: <ESC> :wq <ENTER> to save the changes.
4. To delete the character at the cursor type: x
5. To insert or append text type:
i type inserted text <ESC> insert before the cursor
A type appended text <ESC> append after the line
NOTE: Pressing <ESC> will place you in Normal mode or will cancel
an unwanted and partially completed command.
# Lesson 2 SUMMARY
1. To delete from the cursor up to the next word type: dw
2. To delete from the cursor to the end of a line type: d$
3. To delete a whole line type: dd
4. To repeat a motion prepend it with a number: 2w
5. The format for a change command is:
operator [number] motion
where:
operator - is what to do, such as d for delete
[number] - is an optional count to repeat the motion
motion - moves over the text to operate on, such as w (word),
$ (to the end of line), etc.
A short list of motions:
w - until the start of the next word, EXCLUDING its first character.
e - to the end of the current word, INCLUDING the last character.
$ - to the end of the line, INCLUDING the last character.
6. To move to the start of the line use a zero: 0
7. To undo previous actions, type: u (lowercase u)
To undo all the changes on a line, type: U (capital U)
To undo the undo's, type: CTRL-R
## Lesson 3 SUMMARY
1. To put back text that has just been deleted, type p . This puts the
deleted text AFTER the cursor (if a line was deleted it will go on the
line below the cursor).
2. To replace the character under the cursor, type r and then the
character you want to have there.
3. The change operator allows you to change from the cursor to where the
motion takes you. eg. Type ce to change from the cursor to the end of
the word, c$ to change to the end of a line.
4. The format for change is:
c [number] motion
## Lesson 4 SUMMARY
1. CTRL-G displays your location in the file and the file status.
G moves to the end of the file.
number G moves to that line number.
gg moves to the first line.
2. Typing / followed by a phrase searches FORWARD for the phrase.
Typing ? followed by a phrase searches BACKWARD for the phrase.
After a search type n to find the next occurrence in the same direction
or N to search in the opposite direction.
CTRL-O takes you back to older positions, CTRL-I to newer positions.
3. Typing % while the cursor is on a (,),[,],{, or } goes to its match.
4. To substitute new for the first old in a line type :s/old/new
To substitute new for all 'old's on a line type :s/old/new/g
To substitute phrases between two line #'s type :#,#s/old/new/g
To substitute all occurrences in the file type :%s/old/new/g
To ask for confirmation each time add 'c' :%s/old/new/gc
To change every occurrence of a character string between two lines,
type :#,#s/old/new/g where #,# are the line numbers of the range
of lines where the substitution is to be done.
Type :%s/old/new/g to change every occurrence in the whole file.
Type :%s/old/new/gc to find every occurrence in the whole file,
with a prompt whether to substitute or not.
## Lesson 5 SUMMARY
1. :!command executes an external command.
Some useful examples are:
(Windows) (Unix)
:!dir :!ls - shows a directory listing.
:!del FILENAME :!rm FILENAME - removes file FILENAME.
2. :w FILENAME writes the current Vim file to disk with name FILENAME.
3. v motion :w FILENAME saves the Visually selected lines in file
FILENAME.
4. :r FILENAME retrieves disk file FILENAME and puts it below the
cursor position.
5. :r !dir reads the output of the dir command and puts it below the
cursor position.
## Lesson 6 SUMMARY
1. Type o to open a line BELOW the cursor and start Insert mode.
Type O to open a line ABOVE the cursor.
2. Type a to insert text AFTER the cursor.
Type A to insert text after the end of the line.
3. The e command moves to the end of a word.
4. The y operator yanks (copies) text, p puts (pastes) it.
5. Typing a capital R enters Replace mode until <ESC> is pressed.
6. Typing ":set xxx" sets the option "xxx". Some options are:
'ic' 'ignorecase' ignore upper/lower case when searching
'is' 'incsearch' show partial matches for a search phrase
'hls' 'hlsearch' highlight all matching phrases
You can either use the long or the short option name.
7. Prepend "no" to switch an option off: :set noic
## Lesson 7 SUMMARY
1. Type :help or press <F1> or <HELP> to open a help window.
2. Type :help cmd to find help on cmd .
3. Type CTRL-W CTRL-W to jump to another window.
4. Type :q to close the help window.
5. Create a vimrc startup script to keep your preferred settings.
6. When typing a : command, press CTRL-D to see possible completions.
Press <TAB> to use one completion.

0
Git/img/Branching.png → img/Branching.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 41 KiB

After

Width:  |  Height:  |  Size: 41 KiB

0
Git/img/Git_Guide.png → img/Git_Guide.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 171 KiB

After

Width:  |  Height:  |  Size: 171 KiB

0
Git/img/Git_System.png → img/Git_System.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 43 KiB

After

Width:  |  Height:  |  Size: 43 KiB

0
Git/img/Remote_execution.png → img/Remote_execution.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 70 KiB

After

Width:  |  Height:  |  Size: 70 KiB

0
Git/img/image.jpg → img/image.jpg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 9.3 KiB

After

Width:  |  Height:  |  Size: 9.3 KiB

245
readme.md
View File

@ -1,24 +1,241 @@
# LinuxSysAdminsDoc
# Git
## Description
![GitHub Logo](img/image.jpg)
Shared documentation for the Brussels formation Linux Sys Admins group.
feel free to modify :)
## Usefull links
[Git Cheat Sheet](https://education.github.com/git-cheat-sheet-education.pdf)
## Topics
**The topics will link you to our documentation**
## Git System
![Git System](img/Git_Guide.png)
### [Git](https://gitea.86thumbs.net/vl4dd/LinuxSysAdminsDoc/src/branch/master/Git)
## Remote Execution
![Remote Execution](img/Remote_execution.png)
As git is one of **the** most used [version control](https://en.wikipedia.org/wiki/Version_control) systems we'll be using it in class for all note keeping.
- a very handy [cheat sheet](https://gitea.86thumbs.net/waldek/LinuxSysAdminsDoc/raw/branch/master/Git/SWTM-2088_Atlassian-Git-Cheatsheet.pdf) in pdf outines the basic Git commands to help you learn git, as well as more advanced concepts such as Git branches, remote repositories, undoing changes, and much much more.
- the **exercise**, fracz, that we started in class can be found [here](https://gitexercises.fracz.com/).
- Hugo suggested [this](https://ohmygit.org/) game, programmed in the [godot](https://godotengine.org/) language as a nice way to **see** how git works, especially how branches can be visualized
## Basic commands
=================
Online platform to learn and practice Git. Discover its features you might haven't been aware of. With all the exercises provided you will rapidly become a Git Master!
### Initialize an existing directory as a Git repository
```bash
$ git init
Initialized empty Git repository in C:/Users/Admin/Documents/Git/.git/
```
### Show modified files in working directory, staged for your next commit
### [Vim](https://gitea.86thumbs.net/vl4dd/LinuxSysAdminsDoc/src/branch/master/Vim)
```bash
$ git status
On branch master
- the classic vim [cheat sheet](https://vim.rtorr.com/)
No commits yet
Untracked files:
(use "git add <file>..." to include in what will be committed)
Readme.md
image.jpg
nothing added to commit but untracked files present (use "git add" to track)
```
### Add a file as it looks now to your next commit (stage)
```bash
$ git add Readme.md image.jpg
```
### Commit your staged content as a new commit snapshot
```bash
$ git commit -m "First Commit"
[master (root-commit) 784ae2e] First Commit
Committer: unknown <Admin@FOR209-03.irisib.lan>
Your name and email address were configured automatically based
on your username and hostname. Please check that they are accurate.
You can suppress this message by setting them explicitly:
git config --global user.name "Your Name"
git config --global user.email you@example.com
After doing this, you may fix the identity used for this commit with:
git commit --amend --reset-author
2 files changed, 61 insertions(+)
create mode 100644 Readme.md
create mode 100644 image.jpg
```
### Set a name & email that is identifiable for credit when review version history
```bash
$ git config --global user.name “[firstname lastname]”
$ git config --global user.email “[valid-email]”
```
### Show all commits in the current branchs history
```bash
$ git log
commit 784ae2e2d10720c23eb7cebdf8386ef2157fe628 (HEAD -> master)
Author: unknown <Admin@FOR209-03.irisib.lan>
Date: Thu Apr 1 12:11:34 2021 +0200
First Commit
```
## SHARE & UPDATE
### Retrieving updates from another repository and updating local repos
=================================
add a git URL as an alias
>git remote add [alias] [url]
fetch down all the branches from that Git remote
>git fetch [alias]
merge a remote branch into your current branch to bring it up to date
>git merge [alias]/[branch]
Transmit local branch commits to the remote repository branch
>git push [alias] [branch]
>git pull
fetch and merge any commits from the tracking remote branch
## BRANCH & MERGE
### Isolating work in branches, changing context, and integrating changes
![Remote Execution](img/Branching.png)
>git branch
list your branches. a * will appear next to the currently active branch
>git branch [branch-name]
create a new branch at the current commit
>git checkout
switch to another branch and check it out into your working directory
>git checkout -b|-B <new_branch> [<start point>]
Specifying -b causes a new branch to be created as if git-branch(1) were called and then checked out.
If -B is given, <new_branch> is created if it doesnt exist; otherwise, it is reset. This is the transactional equivalent of
>git merge [branch]
merge the specified branchs history into the current one
>git log
show all commits in the current branchs history
## TRACKING PATH CHANGES
### Versioning file removes and path changes
=================================
Delete the file from project and stage the removal for commit
>git rm [file]
Change an existing file path and stage the move
>git mv [existing-path] [new-path]
Show all commit logs with indication of any paths that moved
>git log --stat -M
### History
```bash
history
1 git init
2 git status
3 git add Readme.md image.jpg
4 git status
5 git commit -m "First Commit"
6 git config --global user.name vl4dd
7 git config --global user.email ticus@kraland.net
8 git commit -m "First Commit"
9 git status
10 git log
11 git commit -m "Second commit"
12 git add Readme.md
13 git commit -m "Second commit"
14 git log
```
###
Checker le satus
> git status
Ajouter un element dans la branche
> git add Readme.md
Commit les changement
> git commit -m "First commit"
Show all commit
>git checkout
Merge
>git merge
## Setup
### Configuring user information used across all local repositories
>git config --global user.name “[firstname lastname]”
set a name that is identifiable for credit when review version history
>git config --global user.email “[valid-email]”
set an email address that will be associated with each history marker
>git config --global color.ui auto
set automatic command line coloring for Git for easy reviewing
### Saving your uncommitted work for a quick fix then getting it back
>git stash
temporarily stash your work since your last commit
>git stash pop
fetch your stashed work to continue it
$ git stash pop stash@{2}
in case you want to apply a specific Stash item (not the most recent one), you can provide the index name of that item in the "pop" option
### Rewriting history
>git commit --amend -m "New commit message"
replace the last commit
>git commit --amend --no-edit
replace the last commit without changing the commit message
>git rebase -i {branch}
take the precedent commit and add it to your branch
### Ignoring files
>touch .gitignore && echo {what you want to ignore} >> .gitignore
create a file and specify what (extensions, directories, files) to ignore in it
>git rm --cached {fileignored}
remove from the tracking index a file that should be ignored but wasnt because already tracked when the ignore rule was created

117
wargames/bandit/notes.md
View File

@ -1,117 +0,0 @@
# Notes
## Rules
* USERNAMES are somegame0, somegame1, ...
* Most LEVELS are stored in /somegame/.
* PASSWORDS for each level are stored in /etc/somegame_pass/.
It is advised to create a working directory with a hard-to-guess name in /tmp/.
You can use the command `mktemp -d` in order to generate a random and hard to guess directory in /tmp/.
Read-access to both `/tmp/` and `/proc/` is disabled so that users can not snoop on eachother.
For example: `/tmp/lolipopzalondo`
## Passwd
- bandit0 = bandit0
- bandit1 = boJ9jbbUNNfktd78OOpsqOltutMc3MY1
- bandit2 = CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9
- bandit3 = UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK
- bandit4 = pIwrPrtPN36QITSp3EQaw936yaFoFgAB
- bandit5 = koReBOKuIDDepwhWk7jZC0RTdopnAYKh
- bandit6 = DXjZPULLxYr17uwoI01bNLQbtFemEgo7
- bandit7 = HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs
- bandit8 = cvX2JJa4CFALtqS87jk27qwqGhBM9plV
- bandit9 = UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR
- bandit10 = truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk
- bandit11 = IFukwKGsFW8MOq3IRFqrxE1hxTNEbUPR
- bandit12 = 5Te8Y4drgCRfCx8ugdwuEX8KFC6k2EUu
- bandit13 = 8ZjyCRiBWFYkneahHwxCv3wb2a1ORpYL
- bandit14 = 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e
- bandit15 = BfMYroe26WYalil77FoDi9qh59eK5xNr
- bandit16 = cluFn7wTiGryunymYOu4RcffSxQluehd
- bandit17 = kfBf3eYk5BPBRzwjqutbbfE887SVc5Yd
- bandit18 = IueksS7Ubh8G3DCwVzrTd8rAVOwq3M5x
- bandit19 = IueksS7Ubh8G3DCwVzrTd8rAVOwq3M5x
- bandit20 = GbKksEFF4yrVs6il55v6gwY5aVje5f0j
- bandit21 =
## CMD
### Level 5
```bash
find . -size 1033c
```
### Level 7
```bash
find / -size 33c -type f -group bandit6 -user bandit7
```
### Level 8
```bash
cat data.txt | sort | uniq -u
```
### Level 9
```bash
at data.txt | strings | grep ====
```
### Level 10
```bash
base64 -d data.txt
```
### Level 11
```bash
alias rot13="tr 'A-Za-z' 'N-ZA-Mn-za-m'" && cat data.txt | rot13
```
### Level 12
```bash
xxd -r data.txt reverse.tgz
file reverse
mv reverse reverse.gzip
gzip -d reverse.gz
tar -xvf data6.tar
file data8.bin
mv data8.bin data8.gz
gzip -d data8.gz
```
### Level 14
```bash
echo 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e | nc localhost 30000
```
### Level 15
```bash
openssl s_client -crlf -connect localhost:30001
```
### Level 18
```bash
ssh bandit18@bandit.labs.overthewire.org -p 2220 cat readme
```
### Level 19
```bash
./bandit20-do cat /etc/bandit_pass/bandit20
```
## Questions
- tr function
- nc

0
wargames/bandit/readme.md
View File

28
wargames/bandit/ssh_key
View File

@ -1,28 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAxkkOE83W2cOT7IWhFc9aPaaQmQDdgzuXCv+ppZHa++buSkN+
gg0tcr7Fw8NLGa5+Uzec2rEg0WmeevB13AIoYp0MZyETq46t+jk9puNwZwIt9XgB
ZufGtZEwWbFWw/vVLNwOXBe4UWStGRWzgPpEeSv5Tb1VjLZIBdGphTIK22Amz6Zb
ThMsiMnyJafEwJ/T8PQO3myS91vUHEuoOMAzoUID4kN0MEZ3+XahyK0HJVq68KsV
ObefXG1vvA3GAJ29kxJaqvRfgYnqZryWN7w3CHjNU4c/2Jkp+n8L0SnxaNA+WYA7
jiPyTF0is8uzMlYQ4l1Lzh/8/MpvhCQF8r22dwIDAQABAoIBAQC6dWBjhyEOzjeA
J3j/RWmap9M5zfJ/wb2bfidNpwbB8rsJ4sZIDZQ7XuIh4LfygoAQSS+bBw3RXvzE
pvJt3SmU8hIDuLsCjL1VnBY5pY7Bju8g8aR/3FyjyNAqx/TLfzlLYfOu7i9Jet67
xAh0tONG/u8FB5I3LAI2Vp6OviwvdWeC4nOxCthldpuPKNLA8rmMMVRTKQ+7T2VS
nXmwYckKUcUgzoVSpiNZaS0zUDypdpy2+tRH3MQa5kqN1YKjvF8RC47woOYCktsD
o3FFpGNFec9Taa3Msy+DfQQhHKZFKIL3bJDONtmrVvtYK40/yeU4aZ/HA2DQzwhe
ol1AfiEhAoGBAOnVjosBkm7sblK+n4IEwPxs8sOmhPnTDUy5WGrpSCrXOmsVIBUf
laL3ZGLx3xCIwtCnEucB9DvN2HZkupc/h6hTKUYLqXuyLD8njTrbRhLgbC9QrKrS
M1F2fSTxVqPtZDlDMwjNR04xHA/fKh8bXXyTMqOHNJTHHNhbh3McdURjAoGBANkU
1hqfnw7+aXncJ9bjysr1ZWbqOE5Nd8AFgfwaKuGTTVX2NsUQnCMWdOp+wFak40JH
PKWkJNdBG+ex0H9JNQsTK3X5PBMAS8AfX0GrKeuwKWA6erytVTqjOfLYcdp5+z9s
8DtVCxDuVsM+i4X8UqIGOlvGbtKEVokHPFXP1q/dAoGAcHg5YX7WEehCgCYTzpO+
xysX8ScM2qS6xuZ3MqUWAxUWkh7NGZvhe0sGy9iOdANzwKw7mUUFViaCMR/t54W1
GC83sOs3D7n5Mj8x3NdO8xFit7dT9a245TvaoYQ7KgmqpSg/ScKCw4c3eiLava+J
3btnJeSIU+8ZXq9XjPRpKwUCgYA7z6LiOQKxNeXH3qHXcnHok855maUj5fJNpPbY
iDkyZ8ySF8GlcFsky8Yw6fWCqfG3zDrohJ5l9JmEsBh7SadkwsZhvecQcS9t4vby
9/8X4jS0P8ibfcKS4nBP+dT81kkkg5Z5MohXBORA7VWx+ACohcDEkprsQ+w32xeD
qT1EvQKBgQDKm8ws2ByvSUVs9GjTilCajFqLJ0eVYzRPaY6f++Gv/UVfAPV4c+S0
kAWpXbv5tbkkzbS0eaLPTKgLzavXtQoTtKwrjpolHKIHUz6Wu+n4abfAIRFubOdN
/+aLoRQ0yBDRbdXMsZN/jvY44eM+xRLdRVyMmdPtP8belRi2E2aEzA==
-----END RSA PRIVATE KEY-----

28
wargames/bandit/ssh_key_17
View File

@ -1,28 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAvmOkuifmMg6HL2YPIOjon6iWfbp7c3jx34YkYWqUH57SUdyJ
imZzeyGC0gtZPGujUSxiJSWI/oTqexh+cAMTSMlOJf7+BrJObArnxd9Y7YT2bRPQ
Ja6Lzb558YW3FZl87ORiO+rW4LCDCNd2lUvLE/GL2GWyuKN0K5iCd5TbtJzEkQTu
DSt2mcNn4rhAL+JFr56o4T6z8WWAW18BR6yGrMq7Q/kALHYW3OekePQAzL0VUYbW
JGTi65CxbCnzc/w4+mqQyvmzpWtMAzJTzAzQxNbkR2MBGySxDLrjg0LWN6sK7wNX
x0YVztz/zbIkPjfkU1jHS+9EbVNj+D1XFOJuaQIDAQABAoIBABagpxpM1aoLWfvD
KHcj10nqcoBc4oE11aFYQwik7xfW+24pRNuDE6SFthOar69jp5RlLwD1NhPx3iBl
J9nOM8OJ0VToum43UOS8YxF8WwhXriYGnc1sskbwpXOUDc9uX4+UESzH22P29ovd
d8WErY0gPxun8pbJLmxkAtWNhpMvfe0050vk9TL5wqbu9AlbssgTcCXkMQnPw9nC
YNN6DDP2lbcBrvgT9YCNL6C+ZKufD52yOQ9qOkwFTEQpjtF4uNtJom+asvlpmS8A
vLY9r60wYSvmZhNqBUrj7lyCtXMIu1kkd4w7F77k+DjHoAXyxcUp1DGL51sOmama
+TOWWgECgYEA8JtPxP0GRJ+IQkX262jM3dEIkza8ky5moIwUqYdsx0NxHgRRhORT
8c8hAuRBb2G82so8vUHk/fur85OEfc9TncnCY2crpoqsghifKLxrLgtT+qDpfZnx
SatLdt8GfQ85yA7hnWWJ2MxF3NaeSDm75Lsm+tBbAiyc9P2jGRNtMSkCgYEAypHd
HCctNi/FwjulhttFx/rHYKhLidZDFYeiE/v45bN4yFm8x7R/b0iE7KaszX+Exdvt
SghaTdcG0Knyw1bpJVyusavPzpaJMjdJ6tcFhVAbAjm7enCIvGCSx+X3l5SiWg0A
R57hJglezIiVjv3aGwHwvlZvtszK6zV6oXFAu0ECgYAbjo46T4hyP5tJi93V5HDi
Ttiek7xRVxUl+iU7rWkGAXFpMLFteQEsRr7PJ/lemmEY5eTDAFMLy9FL2m9oQWCg
R8VdwSk8r9FGLS+9aKcV5PI/WEKlwgXinB3OhYimtiG2Cg5JCqIZFHxD6MjEGOiu
L8ktHMPvodBwNsSBULpG0QKBgBAplTfC1HOnWiMGOU3KPwYWt0O6CdTkmJOmL8Ni
blh9elyZ9FsGxsgtRBXRsqXuz7wtsQAgLHxbdLq/ZJQ7YfzOKU4ZxEnabvXnvWkU
YOdjHdSOoKvDQNWu6ucyLRAWFuISeXw9a/9p7ftpxm0TSgyvmfLF2MIAEwyzRqaM
77pBAoGAMmjmIJdjp+Ez8duyn3ieo36yrttF5NSsJLAbxFpdlc1gvtGCWW+9Cq0b
dxviW8+TFVEBl1O4f7HVm6EpTscdDxU+bCXWkfjuRb7Dy9GOtt9JPsX8MBTakzh3
vBgsyi/sN3RqRBcGU40fOoZyfAMT8s1m/uYv52O6IgeuZ/ujbjY=
-----END RSA PRIVATE KEY-----