Het-Tanis ProLUG π§ Labs
Knowledge & Labs Curated by Scott Champine
Book created and studied by Justin Bender
DO THE LABS: Killer Coda Het-Tanis ProLUG π§ Labs
READ THIS BOOK: ProLUG π§ Labs Notebook
Senior Linux π§ and Network Engineer (20+ years). College Professor (14+ years). Amateur data scientist and system monitoring enthusiast. Industry certifications: CISSP, CCSP, AWS x 4, CKA, CKAD, Terraform, Vault, and others. Come see what Linux System Engineering is all about and join our Discord.
- Twitch: twitch.tv/het_tanis
- Discord: discord.gg/6QYeStX
- LinkedIn: linkedin.com/in/scott-champine/
As a former professional skydiver with over 5,000 jumps under my belt, I have developed a keen understanding of the importance of precision, teamwork, and adaptability. These qualities have translated well into my experience working in technology, where I have excelled in various roles such as software development, 3D printing, CAD modeling.
Honestly I love all things software. I'd like to share the material I create and use to learn with everyone. Please, enjoy and use how you see fit.
- LinkedIn: linkedin.com/in/benderjustin
- Twitter: twitter.com/ScriptAlchemist
Lab Dashboard: Killer Coda Het-Tanis ProLUG π§ Labs
Read This Book: ProLUG π§ Labs Notebook
Currently in this lab environment we have a few sections. (Hope fully these links work. If not please place an updated PR.
If you're interesting in contributing to the project. We are using mdbook to autogenerate most of the features in this book. With a few third party features. mdbook
Read from the the style guide
Let's Do Linux π§
Each section is going to break down a few parts. We will be exploring
Linux here. We just want to work up in steps. We will start with
Linux Foundation
because it's the base of everything else we will cover.
Look around a Linux System π§
Linux Commands to gather information
π¬ Let's take a look around, shall we? π§ π§ π§
1. First we check what version of Linux we're on:
Example Output
ubuntu $ cat /etc/*release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=20.04
DISTRIB_CODENAME=focal
DISTRIB_DESCRIPTION="Ubuntu 20.04.5 LTS"
NAME="Ubuntu"
VERSION="20.04.5 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04.5 LTS"
VERSION_ID="20.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal
2. Next we check the kernel version:
3. We might want to know how long the system has been up:
4. Next we see how the system booted
π¬ What kernel parameters were passed when the system was started?
Example Output
ubuntu $ cat /proc/cmdline
BOOT_IMAGE=/boot/vmlinuz-5.4.0-131-generic root=LABEL=cloudimg-rootfs ro
console=tty1 console=ttyS0
Linux Commands to dig into the system
π§ That was cool, but let's dig deeper π§
Do each command command and really think about the output you're looking at. You may run into them multiple times. If needed, you can compare the output.
5. Look at the virtual memory usage of this system:
Example Output
ubuntu $ vmstat 1 5
procs -----------memory---------- ---swap-- -----io---- -system-- ------cpu-----
r b swpd free buff cache si so bi bo in cs us sy id wa st
0 0 780 106992 115796 1501412 0 0 106 666 197 359 3 1 95 1 0
0 0 780 107024 115796 1501412 0 0 0 0 288 208 0 0 100 0 0
0 0 780 107024 115796 1501412 0 0 0 0 273 182 0 0 100 0 0
0 0 780 107024 115804 1501404 0 0 0 20 311 217 2 0 98 0 0
1 0 780 107024 115804 1501412 0 0 0 0 291 202 0 1 99 0 0
π¬ What are you seeing here? Is this system under high memory usage or not?
// What do you think?
6. We can check the overall CPI usage of the system every second for 5 seconds:
Example Output
ubuntu $ mpstat 1 5
Linux 5.4.0-131-generic (ubuntu) 04/20/23 _x86_64_ (1 CPU)
05:50:53 CPU %usr %nice %sys %iowait %irq %soft %steal %guest %gnice %idle
05:50:54 all 0.00 0.00 1.00 0.00 0.00 0.00 0.00 0.00 0.00 99.00
05:50:55 all 0.00 13.27 1.02 0.00 0.00 0.00 0.00 0.00 0.00 85.71
05:50:56 all 0.00 1.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 99.00
05:50:57 all 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 100.00
05:50:58 all 0.00 0.99 0.99 0.00 0.00 0.00 0.00 0.00 0.00 98.02
Average: all 0.00 3.01 0.60 0.00 0.00 0.00 0.00 0.00 0.00 96.39
π¬ Is this system under high load or not?
// What do you think?
7. Next we check what processes are running on the system:
Example Output
ubuntu $ ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 04:02 ? 00:00:14 /sbin/init
root 2 0 0 04:02 ? 00:00:00 [kthreadd]
root 3 2 0 04:02 ? 00:00:00 [rcu_gp]
root 4 2 0 04:02 ? 00:00:00 [rcu_par_gp]
root 6 2 0 04:02 ? 00:00:00 [kworker/0:0H-events_highpri]
root 8 2 0 04:02 ? 00:00:00 [mm_percpu_wq]
root 9 2 0 04:02 ? 00:00:00 [ksoftirqd/0]
root 10 2 0 04:02 ? 00:00:00 [rcu_sched]
root 11 2 0 04:02 ? 00:00:00 [migration/0]
root 12 2 0 04:02 ? 00:00:00 [idle_inject/0]
root 14 2 0 04:02 ? 00:00:00 [cpuhp/0]
root 15 2 0 04:02 ? 00:00:00 [kdevtmpfs]
root 16 2 0 04:02 ? 00:00:00 [netns]
root 17 2 0 04:02 ? 00:00:00 [rcu_tasks_kthre]
root 18 2 0 04:02 ? 00:00:00 [kauditd]
root 19 2 0 04:02 ? 00:00:00 [khungtaskd]
root 20 2 0 04:02 ? 00:00:00 [oom_reaper]
root 21 2 0 04:02 ? 00:00:00 [writeback]
root 22 2 0 04:02 ? 00:00:00 [kcompactd0]
root 23 2 0 04:02 ? 00:00:00 [ksmd]
root 24 2 0 04:02 ? 00:00:00 [khugepaged]
root 70 2 0 04:02 ? 00:00:00 [kintegrityd]
root 71 2 0 04:02 ? 00:00:00 [kblockd]
root 72 2 0 04:02 ? 00:00:00 [blkcg_punt_bio]
root 73 2 0 04:02 ? 00:00:00 [tpm_dev_wq]
root 74 2 0 04:02 ? 00:00:00 [ata_sff]
root 75 2 0 04:02 ? 00:00:00 [md]
root 76 2 0 04:02 ? 00:00:00 [edac-poller]
root 77 2 0 04:02 ? 00:00:00 [devfreq_wq]
root 78 2 0 04:02 ? 00:00:00 [watchdogd]
root 81 2 0 04:02 ? 00:00:00 [kswapd0]
root 82 2 0 04:02 ? 00:00:00 [ecryptfs-kthrea]
root 84 2 0 04:02 ? 00:00:00 [kthrotld]
root 85 2 0 04:02 ? 00:00:00 [irq/24-aerdrv]
root 86 2 0 04:02 ? 00:00:00 [irq/25-aerdrv]
root 87 2 0 04:02 ? 00:00:00 [irq/26-aerdrv]
root 88 2 0 04:02 ? 00:00:00 [irq/27-aerdrv]
root 89 2 0 04:02 ? 00:00:00 [irq/28-aerdrv]
root 90 2 0 04:02 ? 00:00:00 [irq/29-aerdrv]
root 91 2 0 04:02 ? 00:00:00 [acpi_thermal_pm]
root 92 2 0 04:02 ? 00:00:01 [kworker/0:1H-events_highpri]
root 93 2 0 04:02 ? 00:00:00 [vfio-irqfd-clea]
root 94 2 0 04:02 ? 00:00:00 [ipv6_addrconf]
root 103 2 0 04:02 ? 00:00:00 [kstrp]
root 106 2 0 04:02 ? 00:00:00 [kworker/u3:0]
root 119 2 0 04:02 ? 00:00:00 [charger_manager]
root 158 2 0 04:02 ? 00:00:00 [scsi_eh_0]
root 159 2 0 04:02 ? 00:00:00 [scsi_tmf_0]
root 162 2 0 04:02 ? 00:00:00 [cryptd]
root 180 2 0 04:02 ? 00:00:00 [scsi_eh_1]
root 182 2 0 04:02 ? 00:00:00 [scsi_tmf_1]
root 184 2 0 04:02 ? 00:00:00 [scsi_eh_2]
root 185 2 0 04:02 ? 00:00:00 [scsi_tmf_2]
root 188 2 0 04:02 ? 00:00:00 [scsi_eh_3]
root 190 2 0 04:02 ? 00:00:00 [scsi_tmf_3]
root 192 2 0 04:02 ? 00:00:00 [scsi_eh_4]
root 193 2 0 04:02 ? 00:00:00 [ttm_swap]
root 195 2 0 04:02 ? 00:00:00 [scsi_tmf_4]
root 197 2 0 04:02 ? 00:00:00 [scsi_eh_5]
root 198 2 0 04:02 ? 00:00:00 [scsi_tmf_5]
root 201 2 0 04:02 ? 00:00:00 [scsi_eh_6]
root 203 2 0 04:02 ? 00:00:00 [scsi_tmf_6]
root 238 2 0 04:02 ? 00:00:00 [raid5wq]
root 278 2 0 04:02 ? 00:00:00 [jbd2/vda1-8]
root 279 2 0 04:02 ? 00:00:00 [ext4-rsv-conver]
root 349 1 0 04:02 ? 00:00:00 /lib/systemd/systemd-journald
root 385 1 0 04:02 ? 00:00:01 /lib/systemd/systemd-udevd
systemd+ 395 1 0 04:02 ? 00:00:00 /lib/systemd/systemd-networkd
root 469 2 0 04:02 ? 00:00:00 [kaluad]
root 470 2 0 04:02 ? 00:00:00 [kmpath_rdacd]
root 471 2 0 04:02 ? 00:00:00 [kmpathd]
root 472 2 0 04:02 ? 00:00:00 [kmpath_handlerd]
root 473 1 0 04:02 ? 00:00:00 /sbin/multipathd -d -s
root 481 2 0 04:02 ? 00:00:00 [loop0]
root 483 2 0 04:02 ? 00:00:00 [loop1]
root 486 2 0 04:02 ? 00:00:00 [loop2]
root 538 1 0 04:02 ? 00:00:00 /usr/lib/accountsservice/accounts-da
message+ 539 1 0 04:02 ? 00:00:01 /usr/bin/dbus-daemon --system --addr
root 551 1 0 04:02 ? 00:00:00 /usr/bin/python3 /usr/bin/networkd-d
root 557 1 0 04:02 ? 00:00:00 /usr/sbin/cron -f
root 559 1 0 04:02 ? 00:00:00 /usr/lib/policykit-1/polkitd --no-de
syslog 561 1 0 04:02 ? 00:00:00 /usr/sbin/rsyslogd -n -iNONE
root 568 1 0 04:02 ? 00:00:00 /lib/systemd/systemd-logind
root 570 1 0 04:02 ? 00:00:00 /usr/lib/udisks2/udisksd
daemon 584 1 0 04:02 ? 00:00:00 /usr/sbin/atd -f
root 598 1 0 04:02 ? 00:00:00 /usr/sbin/ModemManager
root 599 1 0 04:02 ttyS0 00:00:00 /sbin/agetty -o -p -- \u --keep-baud
root 609 1 0 04:02 tty1 00:00:00 /sbin/agetty -o -p -- \u --noclear t
root 614 1 0 04:02 ? 00:00:00 sshd: /usr/sbin/sshd -D [listener] 0
root 636 1 0 04:02 ? 00:00:00 /usr/bin/python3 /usr/share/unattend
root 5955 2 0 04:03 ? 00:00:00 bpfilter_umh
root 7414 1 0 04:03 ? 00:00:00 /usr/bin/dockerd -H fd:// --containe
root 13689 1 0 04:04 ? 00:00:06 /usr/bin/containerd
root 21622 1 0 04:05 ? 00:00:05 /opt/theia/node /opt/theia/browser-a
root 21634 1 0 04:05 ? 00:00:00 bash -c while true; do /bin/kc-termi
root 21636 21634 0 04:05 ? 00:00:00 /bin/kc-terminal -p 40200 -t disable
root 21655 614 0 04:06 ? 00:00:00 sshd: kc-internal@notty
root 21714 1 0 04:06 ? 00:00:01 /usr/libexec/fwupd/fwupd
root 21737 1 0 04:06 ? 00:00:00 dhclient -v
root 21785 1 0 04:06 ? 00:00:00 dhclient -v
root 21832 1 0 04:06 ? 00:00:00 gpg-agent --homedir /var/lib/fwupd/g
root 21834 1 0 04:06 ? 00:00:00 dhclient -v
systemd+ 21882 1 0 04:06 ? 00:00:00 /lib/systemd/systemd-timesyncd
root 21935 1 0 04:06 ? 00:00:00 bash -c export RV_SCRIPT_DIR=/var/ru
root 21938 21935 0 04:06 ? 00:00:00 /bin/runtime-scenario-service
root 21973 1 0 04:06 ? 00:00:01 /bin/runtime-info-service
root 22521 2 0 04:20 ? 00:00:00 [kworker/u2:0-events_power_efficient
root 22773 2 0 04:47 ? 00:00:00 [kworker/u2:1-events_unbound]
root 23574 21636 0 05:13 pts/0 00:00:00 bash
root 23636 21622 0 05:13 ? 00:00:07 /opt/theia/node /opt/theia/node_modu
root 23659 21622 0 05:13 ? 00:00:00 /opt/theia/node /opt/theia/node_modu
root 23667 21622 0 05:13 pts/1 00:00:00 /bin/bash
root 24636 2 0 05:23 ? 00:00:00 [kworker/0:3-memcg_kmem_cache]
root 25268 2 0 05:29 ? 00:00:00 [kworker/0:1-events]
root 26268 2 0 05:39 ? 00:00:00 [kworker/0:0-events]
root 26269 2 0 05:39 ? 00:00:00 [kworker/u2:2-events_power_efficient
systemd+ 26405 1 0 05:40 ? 00:00:00 /lib/systemd/systemd-resolved
root 26406 2 0 05:40 ? 00:00:00 [kworker/u2:3]
root 26436 23574 0 05:41 pts/0 00:00:00 ps -ef
π¬ Maybe check unique values return inside of ps -ef.
Example Output
ubuntu $ ps -ef | awk '{print $1}' | sort | uniq -c
1 UID
1 daemon
1 message+
116 root
1 syslog
3 systemd+
π¬ What user is using the most processes?
π¬ Do you think this system is doing any real work or just sitting there running an OS?
// What do you think?
8. Next let's check what processes are executing on the processor every second.
Example Output
ubuntu $ pidstat 1 5
Linux 5.4.0-131-generic (ubuntu) 04/20/23 _x86_64_ (1 CPU)
06:00:32 UID PID %usr %system %guest %wait %CPU CPU Command
06:00:33 UID PID %usr %system %guest %wait %CPU CPU Command
06:00:34 0 23636 0.00 1.00 0.00 0.00 1.00 0 node
06:00:34 0 28185 0.00 1.00 0.00 0.00 1.00 0 pidstat
06:00:34 UID PID %usr %system %guest %wait %CPU CPU Command
06:00:35 0 21636 0.00 1.00 0.00 0.00 1.00 0 kc-terminal
06:00:35 UID PID %usr %system %guest %wait %CPU CPU Command
06:00:36 0 1 1.00 0.00 0.00 0.00 1.00 0 systemd
06:00:36 0 28185 0.00 1.00 0.00 1.00 1.00 0 pidstat
06:00:36 UID PID %usr %system %guest %wait %CPU CPU Command
06:00:37 0 21622 1.00 0.00 0.00 0.00 1.00 0 node
06:00:37 0 21636 1.00 0.00 0.00 0.00 1.00 0 kc-terminal
06:00:37 0 23636 1.00 0.00 0.00 0.00 1.00 0 node
Average: UID PID %usr %system %guest %wait %CPU CPU Command
Average: 0 1 0.20 0.00 0.00 0.00 0.20 - systemd
Average: 0 21622 0.20 0.00 0.00 0.00 0.20 - node
Average: 0 21636 0.20 0.20 0.00 0.00 0.40 - kc-terminal
Average: 0 23636 0.20 0.20 0.00 0.00 0.40 - node
Average: 0 28185 0.00 0.40 0.00 0.20 0.40 - pidstat
π¬ Why do these have different length output?
π¬ What processes were using the most CPU?
π¬ Which is showing up the most often?
// What do you think?
9. Next we may want to see more CPU and Disk usage on the system in 1 second increments. Do you think you could modify this to run for 30 seconds?
Example Output
ubuntu $ iostat -xz 1 5
Linux 5.4.0-131-generic (ubuntu) 04/20/23 _x86_64_ (1 CPU)
avg-cpu: %user %nice %system %iowait %steal %idle
1.48 1.06 1.21 0.42 0.15 95.68
Device r/s rkB/s rrqm/s %rrqm r_await rareq-sz w/s wkB/s wrqm/s %wrqm w_await wareq-sz d/s dkB/s drqm/s %drqm d_await dareq-sz aqu-sz %util
loop0 0.24 0.28 0.00 0.00 1.62 1.17 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.01
loop1 0.01 0.15 0.00 0.00 0.62 14.22 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
loop2 0.01 0.05 0.00 0.00 0.34 5.97 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
loop3 0.00 0.00 0.00 0.00 0.00 1.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
vda 2.76 76.80 0.61 18.02 1.81 27.83 5.84 486.62 11.46 66.25 11.01 83.31 0.12 2686.87 0.00 0.00 0.72 21966.24 0.06 1.00
avg-cpu: %user %nice %system %iowait %steal %idle
0.00 0.00 1.01 0.00 0.00 98.99
Device r/s rkB/s rrqm/s %rrqm r_await rareq-sz w/s wkB/s wrqm/s %wrqm w_await wareq-sz d/s dkB/s drqm/s %drqm d_await dareq-sz aqu-sz %util
avg-cpu: %user %nice %system %iowait %steal %idle
0.00 0.00 0.00 0.00 0.00 100.00
Device r/s rkB/s rrqm/s %rrqm r_await rareq-sz w/s wkB/s wrqm/s %wrqm w_await wareq-sz d/s dkB/s drqm/s %drqm d_await dareq-sz aqu-sz %util
avg-cpu: %user %nice %system %iowait %steal %idle
0.00 0.00 0.00 0.00 0.00 100.00
Device r/s rkB/s rrqm/s %rrqm r_await rareq-sz w/s wkB/s wrqm/s %wrqm w_await wareq-sz d/s dkB/s drqm/s %drqm d_await dareq-sz aqu-sz %util
avg-cpu: %user %nice %system %iowait %steal %idle
0.00 0.00 0.00 0.00 0.00 100.00
Device r/s rkB/s rrqm/s %rrqm r_await rareq-sz w/s wkB/s wrqm/s %wrqm w_await wareq-sz d/s dkB/s drqm/s %drqm d_await dareq-sz aqu-sz %util
vda 0.00 0.00 0.00 0.00 0.00 0.00 2.00 24.00 4.00 66.67 0.50 12.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.80
π¬ Let's do one for 30 seconds every 5 seconds. I won't post the output. It's longer than we need.
Linux Commands to see networking traffic and load
π¬ Now let's dig a little deeper into networking π§
Do each command and think about what output you're looking at. You may run them multiple times. If needed to compare the output.
10. Look at the network usage and load of the system.
Example Output
ubuntu $ sar -n DEV 1 5
Linux 5.4.0-131-generic (ubuntu) 04/20/23 _x86_64_ (1 CPU)
06:17:04 IFACE rxpck/s txpck/s rxkB/s txkB/s rxcmp/s txcmp/s rxmcst/s %ifutil
06:17:05 lo 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
06:17:05 enp1s0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
06:17:05 docker0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
06:17:05 IFACE rxpck/s txpck/s rxkB/s txkB/s rxcmp/s txcmp/s rxmcst/s %ifutil
06:17:06 lo 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
06:17:06 enp1s0 9.00 9.00 0.58 1.71 0.00 0.00 0.00 0.00
06:17:06 docker0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
06:17:06 IFACE rxpck/s txpck/s rxkB/s txkB/s rxcmp/s txcmp/s rxmcst/s %ifutil
06:17:07 lo 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
06:17:07 enp1s0 5.00 5.00 0.34 1.05 0.00 0.00 0.00 0.00
06:17:07 docker0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
06:17:07 IFACE rxpck/s txpck/s rxkB/s txkB/s rxcmp/s txcmp/s rxmcst/s %ifutil
06:17:08 lo 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
06:17:08 enp1s0 7.00 7.00 0.45 1.27 0.00 0.00 0.00 0.00
06:17:08 docker0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
06:17:08 IFACE rxpck/s txpck/s rxkB/s txkB/s rxcmp/s txcmp/s rxmcst/s %ifutil
06:17:09 lo 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
06:17:09 enp1s0 4.00 4.00 0.26 0.99 0.00 0.00 0.00 0.00
06:17:09 docker0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
Average: IFACE rxpck/s txpck/s rxkB/s txkB/s rxcmp/s txcmp/s rxmcst/s %ifutil
Average: lo 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
Average: enp1s0 5.00 5.00 0.33 1.01 0.00 0.00 0.00 0.00
Average: docker0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
π¬ What are you seeing here? What devices are showing up? Do any devices seem to be under high load? Which one had the most traffic?
// What do you think?
11. Next we check tcp packets and errors.
Example Output
ubuntu $ sar -n TCP,ETCP 1 5
Linux 5.4.0-131-generic (ubuntu) 04/20/23 _x86_64_ (1 CPU)
06:19:07 active/s passive/s iseg/s oseg/s
06:19:08 0.00 0.00 0.00 0.00
06:19:07 atmptf/s estres/s retrans/s isegerr/s orsts/s
06:19:08 0.00 0.00 0.00 0.00 0.00
06:19:08 active/s passive/s iseg/s oseg/s
06:19:09 0.00 0.00 3.00 3.00
06:19:08 atmptf/s estres/s retrans/s isegerr/s orsts/s
06:19:09 0.00 0.00 0.00 0.00 0.00
06:19:09 active/s passive/s iseg/s oseg/s
06:19:10 0.00 0.00 3.00 3.00
06:19:09 atmptf/s estres/s retrans/s isegerr/s orsts/s
06:19:10 0.00 0.00 0.00 0.00 0.00
06:19:10 active/s passive/s iseg/s oseg/s
06:19:11 0.00 0.00 3.00 3.00
06:19:10 atmptf/s estres/s retrans/s isegerr/s orsts/s
06:19:11 0.00 0.00 0.00 0.00 0.00
06:19:11 active/s passive/s iseg/s oseg/s
06:19:12 0.00 0.00 6.00 6.00
06:19:11 atmptf/s estres/s retrans/s isegerr/s orsts/s
06:19:12 0.00 0.00 0.00 0.00 0.00
Average: active/s passive/s iseg/s oseg/s
Average: 0.00 0.00 3.00 3.00
Average: atmptf/s estres/s retrans/s isegerr/s orsts/s
Average: 0.00 0.00 0.00 0.00 0.00
π¬ Do we appear to be seeing any large numbers of errors? Why might retransmits be a big problem?
// What do you think?
Look at you, learning Linux π§! You looked around the OS!
Next up: Checking kernel and packages
Checking kernel and packages π§
Linux Commands for Kernel and Packages
π§ Echo the number of kernel versions that are stored on this system into /root/kernel
π§ Check all the kernel information
π¬Let's check the kernel and package info on the system π§ π§ π§
1. Display information about the currently running operation system
Example Output
ubuntu $ uname -a
Linux ubuntu 5.4.0-131-generic #147-Ubuntu SMP Fri Oct 14 17:07:22 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
2. Check for old versions of the kernel that are on the system.
Example Output
ubuntu $ ls /boot/vm*
/boot/vmlinuz /boot/vmlinuz-5.4.0-131-generic /boot/vmlinuz.old
3. Echo the number of version into /root/kernel
4. Next we will check how many packages are on the system.
5. What is the version of ssh on this system? Server and client.
Example Output
ubuntu $ dpkg -l | grep -i ssh
ii libssh-4:amd64 0.9.3-2ubuntu2.2 amd64 tiny C SSH library (OpenSSL flavor)
ii openssh-client 1:8.2p1-4ubuntu0.5 amd64 secure shell (SSH) client, for secure access to remote machines
ii openssh-server 1:8.2p1-4ubuntu0.5 amd64 secure shell (SSH) server, for secure access from remote machines
ii openssh-sftp-server 1:8.2p1-4ubuntu0.5 amd64 secure shell (SSH) sftp server module, for SFTP access from remote machines
ii ssh-import-id 5.10-0ubuntu1 all securely retrieve an SSH public key and install it locally
ii sshfs 3.6.0+repack+really2.10-0ubuntu1 amd64 filesystem client based on SSH File Transfer Protocol
π¬ client is named openssh-client
π¬ server is named openssh-server
Next up: Checking disk and mount points
Checking disk and mount points π§
Linux Commands for physical disks
π§ Echo the number of physical disks you have into /root/disks
π§ Echo the number of partitions of that disk into /root/partitions
π¬ Let's check the physical disk information π§ π§ π§
1. Check disk information and count partitions
Example Output
ubuntu $ fdisk -l | grep -i vd
Disk /dev/vda: 20 GiB, 21474836480 bytes, 41943040 sectors
/dev/vda1 227328 41943006 41715679 19.9G Linux filesystem
/dev/vda14 2048 10239 8192 4M BIOS boot
/dev/vda15 10240 227327 217088 106M EFI System
π¬ Why do we use VD?
// What do you think?
2. Let's use another command to see that information another way
Example Output
ubuntu $ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
loop0 7:0 0 63.2M 1 loop /snap/core20/1634
loop1 7:1 0 67.8M 1 loop /snap/lxd/22753
loop2 7:2 0 48M 1 loop /snap/snapd/17336
vda 252:0 0 20G 0 disk
|-vda1 252:1 0 19.9G 0 part /
|-vda14 252:14 0 4M 0 part
`-vda15 252:15 0 106M 0 part /boot/efi
and
Example Output
ubuntu $ blkid
/dev/vda1: LABEL="cloudimg-rootfs" UUID="666195bb-9c58-470d-9495-743ff99e48c8" TYPE="ext4" PARTUUID="1b586e7b-ba4c-4d6b-9ca6-2502f02cf595"
/dev/vda15: LABEL_FATBOOT="UEFI" LABEL="UEFI" UUID="B8F2-0510" TYPE="vfat" PARTUUID="27df778d-f6e2-4441-b310-124faa31cc3e"
/dev/loop0: TYPE="squashfs"
/dev/loop1: TYPE="squashfs"
/dev/loop2: TYPE="squashfs"
/dev/vda14: PARTUUID="aab173d6-e275-429d-bb29-e66fbfa1c06b"
3. After that we can run our disk information into /root/disks and /root/partitions
Linux Commands for filesystems and mountpoints
π§ Echo the filesystem type of the root partition into /root/fstype
π§ Echo the name of the file that defines all the mount points into /root/mountinfo
π¬ Let's check filesystem type and mount points π§ π§ π§
4. Check what partition the root (/) filesystem is mounted from
Example Output
ubuntu $ mount | grep vda
/dev/vda1 on / type ext4 (rw,relatime)
/dev/vda15 on /boot/efi type vfat (rw,relatime,fmask=0077,dmask=0077,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro)
π¬ Check the filesystem written to that partition.
5. Let's use another command to see that information another way
Example Output
ubuntu $ blkid /dev/vda1
/dev/vda1: LABEL="cloudimg-rootfs" UUID="666195bb-9c58-470d-9495-743ff99e48c8" TYPE="ext4" PARTUUID="1b586e7b-ba4c-4d6b-9ca6-2502f02cf595"
6. You see the type is ext4. Write that out to /root/fstype
7. Check the /etc/fstab to see how your system is mounting all it's partitions as it comes up.
Example Output
ubuntu $ cat /etc/fstab
LABEL=cloudimg-rootfs / ext4 defaults 0 1
LABEL=UEFI /boot/efi vfat umask=0077 0 1
8. But that mapping is strange, so to demystify it, use this command
Example Output
ubuntu $ ls -l /dev/disk/by-label
total 0
lrwxrwxrwx 1 root root 11 Apr 11 13:32 UEFI -> ../../vda15
lrwxrwxrwx 1 root root 10 Apr 11 13:32 cloudimg-rootfs -> ../../vda1
9. There are 4 ways to mount disk: label, partuuid, path, and uuid. You can verify this by looking in each of these locations. This gives you how the system is mapping to the underlying disks
Example Output
ubuntu $ for type in $(ls /dev/disk); do echo "type is $type"; ls -l /dev/disk/$type; done
type is by-label
total 0
lrwxrwxrwx 1 root root 11 Apr 11 13:32 UEFI -> ../../vda15
lrwxrwxrwx 1 root root 10 Apr 11 13:32 cloudimg-rootfs -> ../../vda1
type is by-partuuid
total 0
lrwxrwxrwx 1 root root 10 Apr 11 13:32 1b586e7b-ba4c-4d6b-9ca6-2502f02cf595 -> ../../vda1
lrwxrwxrwx 1 root root 11 Apr 11 13:32 27df778d-f6e2-4441-b310-124faa31cc3e -> ../../vda15
lrwxrwxrwx 1 root root 11 Apr 11 13:32 aab173d6-e275-429d-bb29-e66fbfa1c06b -> ../../vda14
type is by-path
total 0
lrwxrwxrwx 1 root root 9 Apr 11 13:32 pci-0000:04:00.0 -> ../../vda
lrwxrwxrwx 1 root root 10 Apr 11 13:32 pci-0000:04:00.0-part1 -> ../../vda1
lrwxrwxrwx 1 root root 11 Apr 11 13:32 pci-0000:04:00.0-part14 -> ../../vda14
lrwxrwxrwx 1 root root 11 Apr 11 13:32 pci-0000:04:00.0-part15 -> ../../vda15
lrwxrwxrwx 1 root root 9 Apr 11 13:32 virtio-pci-0000:04:00.0 -> ../../vda
lrwxrwxrwx 1 root root 10 Apr 11 13:32 virtio-pci-0000:04:00.0-part1 -> ../../vda1
lrwxrwxrwx 1 root root 11 Apr 11 13:32 virtio-pci-0000:04:00.0-part14 -> ../../vda14
lrwxrwxrwx 1 root root 11 Apr 11 13:32 virtio-pci-0000:04:00.0-part15 -> ../../vda15
type is by-uuid
total 0
lrwxrwxrwx 1 root root 10 Apr 11 13:32 666195bb-9c58-470d-9495-743ff99e48c8 -> ../../vda1
lrwxrwxrwx 1 root root 11 Apr 11 13:32 B8F2-0510 -> ../../vda15
10. Remember to put the file that the system uses to mount the disks into /root/mountinfo
Linux Commands disk space and inodes
π§ Find the size of the partition root (/) and put it in a file called /root/size
π§ Place a single file that is 3G at location /root/bigfile
π§ Place 10,000 files called file{1..10000} in /root directory
π¬ Let's check disk size and usage π§ π§ π§
11. Check the overall current disk space
Example Output
ubuntu $ df -h
Filesystem Size Used Avail Use% Mounted on
udev 975M 0 975M 0% /dev
tmpfs 199M 1.0M 198M 1% /run
/dev/vda1 20G 4.4G 15G 23% /
tmpfs 992M 0 992M 0% /dev/shm
tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs 992M 0 992M 0% /sys/fs/cgroup
/dev/loop0 64M 64M 0 100% /snap/core20/1634
/dev/loop1 68M 68M 0 100% /snap/lxd/22753
/dev/loop2 48M 48M 0 100% /snap/snapd/17336
/dev/vda15 105M 5.2M 100M 5% /boot/efi
12. Write out the size of just root (/) to /root/size
π¬ This command just cuts out the unnecessary information. You can check it's output by removing > /root/size, if you like
13. Let's make a giant file filled with 0's and then check available space
Example Output
ubuntu $ dd if=/dev/zero of=/root/bigfile bs=1024k count=3000
3000+0 records in
3000+0 records out
3145728000 bytes (3.1 GB, 2.9 GiB) copied, 4.65708 s, 675 MB/s
14. Re-Check size to see that the filesystem is much more full now
Example Output
ubuntu $ df -h /
Filesystem Size Used Avail Use% Mounted on
/dev/vda1 20G 7.3G 12G 38% /
15. Let's write out 10,000 files and see how that affects out inode usage
Example Output
ubuntu $ df -i /
Filesystem Inodes IUsed IFree IUse% Mounted on
/dev/vda1 2580480 115080 2465400 5% /
Example Output
ubuntu $ df -i /
Filesystem Inodes IUsed IFree IUse% Mounted on
/dev/vda1 2580480 125080 2455400 5% /
Look at you, learning Linux! You looked at the disk space and usage! π§
Next up: IP and open port information
IP and Open Port Information
Linux Commands for network information
π§ Put the name of your network interface into a file called /root/interface
π§ Put the ip address of your network interface into a file called /root/primary-ip
π§ Write the default route out to a file called /root/default
π¬ Check network information π§ π§ π§
1. Check your ip address
Example Output
ubuntu $ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1460 qdisc fq_codel state UP group default qlen 1000
link/ether f2:05:f6:3f:86:80 brd ff:ff:ff:ff:ff:ff
inet 172.30.1.2/24 brd 172.30.1.255 scope global dynamic enp1s0
valid_lft 86293029sec preferred_lft 86293029sec
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:bb:ac:49:d3 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
2. What is the name of your interface?
3. Put that value in a file /root/interface
π¬ There are other ways to do this, but this will do it with one command
4. What is the ip of your interface?
5. Put that value in a file /root/prinary-ip
6. Let's pull the default route for your system
Example Output
ubuntu $ ip route
default via 172.30.1.1 dev enp1s0
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
172.30.1.0/24 dev enp1s0 proto kernel scope link src 172.30.1.2
7. What is the default route for your system? Write this out to /root/default
8. Ping the default gateway 3 times and verify that you get a response back
Example Output
ubuntu $ ping -c3 `ip route | grep -i default | awk '{print $3}'`
PING 172.30.1.1 (172.30.1.1) 56(84) bytes of data.
64 bytes from 172.30.1.1: icmp_seq=1 ttl=64 time=0.113 ms
64 bytes from 172.30.1.1: icmp_seq=2 ttl=64 time=0.177 ms
64 bytes from 172.30.1.1: icmp_seq=3 ttl=64 time=0.217 ms
--- 172.30.1.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2034ms
rtt min/avg/max/mdev = 0.113/0.169/0.217/0.042 ms
Linux Commands for open ports
π§ Can you find sshd and containerd listening on your system?
π§ If you can, write yes into the file /root/ports
π¬ Let's check open ports on the system π§ π§ π§
9. Check what ports are open on your system
Example Output
ubuntu $ ping -c3 `ip route | grep -i default | awk '{print $3}'`
PING 172.30.1.1 (172.30.1.1) 56(84) bytes of data.
64 bytes from 172.30.1.1: icmp_seq=1 ttl=64 time=0.113 ms
64 bytes from 172.30.1.1: icmp_seq=2 ttl=64 time=0.177 ms
64 bytes from 172.30.1.1: icmp_seq=3 ttl=64 time=0.217 ms
--- 172.30.1.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2034ms
rtt min/avg/max/mdev = 0.113/0.169/0.217/0.042 ms
Example Output
ubuntu $ ss -ntulp | grep -E "sshd|containerd"
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=614,fd=3))
tcp LISTEN 0 4096 127.0.0.1:38185 0.0.0.0:* users:(("containerd",pid=13689,fd=14))
tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=614,fd=4))
10. Echo "yes" if you can see sshd and containerd listening to /root/ports
π¬ We can see them, so we'll set that to yes
11. Another way to look at the ports/processes for sshd and containerd
Example Output
ubuntu $ lsof -i :22
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 614 root 3u IPv4 20882 0t0 TCP *:ssh (LISTEN)
sshd 614 root 4u IPv6 20893 0t0 TCP *:ssh (LISTEN)
12. Connect to port 22. Timeout just causes it to drop after 3 seconds
13. So let's stop containerd and verify that the process is no longer running. First let's check the status
Example Output
ubuntu $ systemctl status containerd
β containerd.service - containerd container runtime
Loaded: loaded (/lib/systemd/system/containerd.service; enabled; vendor preset: en>
Active: active (running) since Tue 2023-04-11 13:35:13 UTC; 1 weeks 1 days ago
Docs: https://containerd.io
Main PID: 13689 (containerd)
Tasks: 8
Memory: 12.8M
CGroup: /system.slice/containerd.service
ββ13689 /usr/bin/containerd
Apr 11 13:35:13 ubuntu containerd[13689]: time="2023-04-11T13:35:13.932667312Z" level=i>
Apr 11 13:35:13 ubuntu containerd[13689]: time="2023-04-11T13:35:13.933048326Z" level=i>
Apr 11 13:35:13 ubuntu systemd[1]: Started containerd container runtime.
Apr 11 13:35:13 ubuntu containerd[13689]: time="2023-04-11T13:35:13.947444377Z" level=i>
Apr 11 13:35:13 ubuntu containerd[13689]: time="2023-04-11T13:35:13.948147815Z" level=i>
Apr 11 13:35:13 ubuntu containerd[13689]: time="2023-04-11T13:35:13.960280418Z" level=i>
Apr 11 13:35:13 ubuntu containerd[13689]: time="2023-04-11T13:35:13.960666171Z" level=i>
Apr 11 13:35:13 ubuntu containerd[13689]: time="2023-04-11T13:35:13.960931006Z" level=i>
Apr 11 13:35:13 ubuntu containerd[13689]: time="2023-04-11T13:35:13.961135447Z" level=i>
Apr 11 13:35:13 ubuntu containerd[13689]: time="2023-04-11T13:35:13.949109643Z" level=i>
14. You might need to click "q" to escape and we'll stop it. Stop containerd
15. Verify that you no longer see containerd running or the port open on the system
Linux Commands to monitor traffic
π§ Look at the throughput to your interfaces
π§ Create a file /root/ubuntu.pcap with 200 packets that can be read by wireshark later. (We don't look at it in the lab. We just create it)
π¬ Let's check network traffic to our open system π§ π§ π§
16. Check network throughput to your system for 20 seconds
Example Output
ubuntu $ ifstat 2 10
enp1s0 docker0
KB/s in KB/s out KB/s in KB/s out
0.20 0.28 0.00 0.00
0.19 0.60 0.00 0.00
0.20 0.45 0.00 0.00
0.17 0.31 0.00 0.00
0.24 0.40 0.00 0.00
0.13 0.35 0.00 0.00
0.17 0.31 0.00 0.00
0.20 0.45 0.00 0.00
0.17 0.33 0.00 0.00
0.13 0.35 0.00 0.00
π¬ Note: There is very little traffic (in size) into or out of your system
17. Do a tcpdump to inspect the actual traffic into your system. Capture 1000 packets against your enp1s0 interface
Example Output
Cutting off beginning...
12:32:44.680485 IP 172.30.1.2.40200 > 10.57.2.9.34616: Flags [P.], seq 161968:162139, ack 1, win 501, options [nop,nop,TS val 3131427640 ecr 3052573401], length 171
12:32:44.680616 IP 172.30.1.2.40200 > 10.57.2.9.34616: Flags [P.], seq 162139:162310, ack 1, win 501, options [nop,nop,TS val 3131427641 ecr 3052573401], length 171
12:32:44.680746 IP 172.30.1.2.40200 > 10.57.2.9.34616: Flags [P.], seq 162310:162481, ack 1, win 501, options [nop,nop,TS val 3131427641 ecr 3052573401], length 171
12:32:44.680860 IP 172.30.1.2.40200 > 10.57.2.9.34616: Flags [P.], seq 162481:162652, ack 1, win 501, options [nop,nop,TS val 3131427641 ecr 3052573401], length 171
12:32:44.680996 IP 172.30.1.2.40200 > 10.57.2.9.34616: Flags [P.], seq 162652:162823, ack 1, win 501, options [nop,nop,TS val 3131427641 ecr 3052573401], length 171
12:32:44.681127 IP 172.30.1.2.40200 > 10.57.2.9.34616: Flags [P.], seq 162823:162994, ack 1, win 501, options [nop,nop,TS val 3131427641 ecr 3052573401], length 171
12:32:44.681256 IP 172.30.1.2.40200 > 10.57.2.9.34616: Flags [P.], seq 162994:163165, ack 1, win 501, options [nop,nop,TS val 3131427641 ecr 3052573401], length 171
12:32:44.681392 IP 172.30.1.2.40200 > 10.57.2.9.34616: Flags [P.], seq 163165:163336, ack 1, win 501, options [nop,nop,TS val 3131427641 ecr 3052573401], length 171
12:32:44.681524 IP 172.30.1.2.40200 > 10.57.2.9.34616: Flags [P.], seq 163336:163507, ack 1, win 501, options [nop,nop,TS val 3131427641 ecr 3052573401], length 171
12:32:44.681655 IP 172.30.1.2.40200 > 10.57.2.9.34616: Flags [P.], seq 163507:163678, ack 1, win 501, options [nop,nop,TS val 3131427642 ecr 3052573401], length 171
1000 packets captured
1024 packets received by filter
24 packets dropped by kernel
18. Let's generate a .pcap file that can be used by wireshark to inspect traffic. (We don't have wireshark on this system)
for i in $(seq 1 5); do ping -c 10 www.google.com & done; tcpdump -ni enp1s0 -s0 -c 200 -w $(hostname).pcap
Example Output
ubuntu $ for i in $(seq 1 5); do ping -c 10 www.google.com & done; tcpdump -ni enp1s0 -s0 -c 200 -w $(hostname).pcap
[1] 32253
[2] 32254
[3] 32255
[4] 32256
[5] 32257
PING www.google.com (172.253.62.99) 56(84) bytes of data.
PING www.google.com (172.253.62.99) 56(84) bytes of data.
PING www.google.com (172.253.62.99) 56(84) bytes of data.
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=1 ttl=111 time=1.01 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=1 ttl=111 time=0.696 ms
PING www.google.com (172.253.62.99) 56(84) bytes of data.
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=1 ttl=111 time=0.600 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=1 ttl=111 time=0.638 ms
PING www.google.com (172.253.62.99) 56(84) bytes of data.
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=1 ttl=111 time=0.626 ms
tcpdump: listening on enp1s0, link-type EN10MB (Ethernet), capture size 262144 bytes
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=2 ttl=111 time=0.717 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=2 ttl=111 time=0.657 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=2 ttl=111 time=0.587 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=2 ttl=111 time=0.695 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=2 ttl=111 time=0.621 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=3 ttl=111 time=0.725 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=3 ttl=111 time=0.670 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=3 ttl=111 time=0.683 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=3 ttl=111 time=0.580 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=3 ttl=111 time=0.795 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=4 ttl=111 time=0.667 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=4 ttl=111 time=0.743 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=4 ttl=111 time=0.660 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=4 ttl=111 time=0.669 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=4 ttl=111 time=0.593 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=5 ttl=111 time=0.735 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=5 ttl=111 time=0.669 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=5 ttl=111 time=0.678 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=5 ttl=111 time=0.705 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=5 ttl=111 time=0.724 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=6 ttl=111 time=0.777 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=6 ttl=111 time=0.717 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=6 ttl=111 time=0.599 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=6 ttl=111 time=0.676 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=6 ttl=111 time=0.659 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=7 ttl=111 time=0.715 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=7 ttl=111 time=0.563 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=7 ttl=111 time=0.608 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=7 ttl=111 time=0.648 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=7 ttl=111 time=0.711 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=8 ttl=111 time=0.735 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=8 ttl=111 time=0.596 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=8 ttl=111 time=0.542 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=8 ttl=111 time=0.683 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=8 ttl=111 time=0.765 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=9 ttl=111 time=0.703 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=9 ttl=111 time=0.656 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=9 ttl=111 time=0.681 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=9 ttl=111 time=0.664 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=9 ttl=111 time=0.742 ms
200 packets captured
228 packets received by filter
0 packets dropped by kernel
ubuntu $ 64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=10 ttl=111 time=0.705 ms
--- www.google.com ping statistics ---
10 packets transmitted, 10 received, 0% packet loss, time 9043ms
rtt min/avg/max/mdev = 0.667/0.749/1.012/0.091 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=10 ttl=111 time=0.814 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=10 ttl=111 time=0.724 ms
--- www.google.com ping statistics ---
--- www.google.com ping statistics ---
10 packets transmitted, 10 received, 0% packet loss, time 9073ms
rtt min/avg/max/mdev = 0.596/0.668/0.724/0.033 ms
10 packets transmitted, 10 received, 0% packet loss, time 9072ms
rtt min/avg/max/mdev = 0.563/0.645/0.814/0.071 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=10 ttl=111 time=0.679 ms
--- www.google.com ping statistics ---
10 packets transmitted, 10 received, 0% packet loss, time 9098ms
rtt min/avg/max/mdev = 0.542/0.666/0.795/0.069 ms
64 bytes from bc-in-f99.1e100.net (172.253.62.99): icmp_seq=10 ttl=111 time=0.713 ms
--- www.google.com ping statistics ---
10 packets transmitted, 10 received, 0% packet loss, time 9119ms
rtt min/avg/max/mdev = 0.593/0.692/0.765/0.048 ms
^C
[1] Done ping -c 10 www.google.com
[2] Done ping -c 10 www.google.com
[3] Done ping -c 10 www.google.com
[4]- Done ping -c 10 www.google.com
[5]+ Done ping -c 10 www.google.com
19. Verify the size and creation of the file
Example Output
ubuntu $ ls -lh /root/ubuntu.pcap
-rw-r--r-- 1 tcpdump tcpdump 25K Apr 20 12:36 /root/ubuntu.pcap
Look at you, learning Linux! You looked at the disk space and usage! π§
Next up: Connecting to systems and pushing or pulling files
Connecting to systems and pushing or pulling files
Linux Commands to connect to another system
1. Check your ip address
2. Type in exit to return to the original system
3. Check system uptime and one layer of debug1
Example Output
controlplane $ ssh -v node01 'uptime'
OpenSSH_8.2p1 Ubuntu-4ubuntu0.5, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to node01 [172.30.2.2] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/id_rsa type 0
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa_sk type -1
debug1: identity file /root/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: identity file /root/.ssh/id_ed25519_sk type -1
debug1: identity file /root/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /root/.ssh/id_xmss type -1
debug1: identity file /root/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2p1 Ubuntu-4ubuntu0.5
debug1: match: OpenSSH_8.2p1 Ubuntu-4ubuntu0.5 pat OpenSSH* compat 0x04000000
debug1: Authenticating to node01:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:tmvetqpbpeuonMk7CexB57k+hK4t1129IaLp/W2TMs0
debug1: Host 'node01' is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:5
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /root/.ssh/id_rsa RSA SHA256:q90lhwtJI0plO0gcnYrhjqpIMS8fzsHyMGAga1nRElQ
debug1: Will attempt key: /root/.ssh/id_dsa
debug1: Will attempt key: /root/.ssh/id_ecdsa
debug1: Will attempt key: /root/.ssh/id_ecdsa_sk
debug1: Will attempt key: /root/.ssh/id_ed25519
debug1: Will attempt key: /root/.ssh/id_ed25519_sk
debug1: Will attempt key: /root/.ssh/id_xmss
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: /root/.ssh/id_rsa RSA SHA256:q90lhwtJI0plO0gcnYrhjqpIMS8fzsHyMGAga1nRElQ
debug1: Server accepts key: /root/.ssh/id_rsa RSA SHA256:q90lhwtJI0plO0gcnYrhjqpIMS8fzsHyMGAga1nRElQ
debug1: Authentication succeeded (publickey).
Authenticated to node01 ([172.30.2.2]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: Remote: /root/.ssh/authorized_keys:2: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Remote: /root/.ssh/authorized_keys:2: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Sending environment.
debug1: Sending command: uptime
13:15:22 up 37 min, 1 user, load average: 0.01, 0.05, 0.11
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 2820, received 3088 bytes, in 0.0 seconds
Bytes per second: sent 60469.7, received 66216.5
debug1: Exit status 0
4. What additional information was shown with the -v option? (debug1)
Example Output
controlplane $ ssh -vv node01 'uptime'
OpenSSH_8.2p1 Ubuntu-4ubuntu0.5, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolving "node01" port 22
debug2: ssh_connect_direct
debug1: Connecting to node01 [172.30.2.2] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/id_rsa type 0
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa_sk type -1
debug1: identity file /root/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: identity file /root/.ssh/id_ed25519_sk type -1
debug1: identity file /root/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /root/.ssh/id_xmss type -1
debug1: identity file /root/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2p1 Ubuntu-4ubuntu0.5
debug1: match: OpenSSH_8.2p1 Ubuntu-4ubuntu0.5 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to node01:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,ssh-ed25519,sk-ssh-ed25519@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:tmvetqpbpeuonMk7CexB57k+hK4t1129IaLp/W2TMs0
debug1: Host 'node01' is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:5
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /root/.ssh/id_rsa RSA SHA256:q90lhwtJI0plO0gcnYrhjqpIMS8fzsHyMGAga1nRElQ
debug1: Will attempt key: /root/.ssh/id_dsa
debug1: Will attempt key: /root/.ssh/id_ecdsa
debug1: Will attempt key: /root/.ssh/id_ecdsa_sk
debug1: Will attempt key: /root/.ssh/id_ed25519
debug1: Will attempt key: /root/.ssh/id_ed25519_sk
debug1: Will attempt key: /root/.ssh/id_xmss
debug2: pubkey_prepare: done
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com>
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: /root/.ssh/id_rsa RSA SHA256:q90lhwtJI0plO0gcnYrhjqpIMS8fzsHyMGAga1nRElQ
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: /root/.ssh/id_rsa RSA SHA256:q90lhwtJI0plO0gcnYrhjqpIMS8fzsHyMGAga1nRElQ
debug1: Authentication succeeded (publickey).
Authenticated to node01 ([172.30.2.2]:22).
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: Remote: /root/.ssh/authorized_keys:2: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Remote: /root/.ssh/authorized_keys:2: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug2: channel_input_open_confirmation: channel 0: callback start
debug2: fd 3 setting TCP_NODELAY
debug2: client_session2_setup: id 0
debug1: Sending environment.
debug1: Sending command: uptime
debug2: channel 0: request exec confirm 1
debug2: channel_input_open_confirmation: channel 0: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: exec request accepted on channel 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
13:16:53 up 39 min, 1 user, load average: 0.00, 0.03, 0.10
debug2: channel 0: obuf empty
debug2: channel 0: chan_shutdown_write (i0 o1 sock -1 wfd 5 efd 6 [write])
debug2: channel 0: output drain -> closed
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug2: channel 0: rcvd eow
debug2: channel 0: chan_shutdown_read (i0 o3 sock -1 wfd 4 efd 6 [write])
debug2: channel 0: input open -> closed
debug2: channel 0: rcvd close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 2820, received 3088 bytes, in 0.0 seconds
Bytes per second: sent 56551.2, received 61925.6
debug1: Exit status 0
5. What additional information was shown with the -vv option? (debug2)
Example Output
controlplane $ ssh -vvv node01 'uptime'
OpenSSH_8.2p1 Ubuntu-4ubuntu0.5, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolving "node01" port 22
debug2: ssh_connect_direct
debug1: Connecting to node01 [172.30.2.2] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/id_rsa type 0
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa_sk type -1
debug1: identity file /root/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: identity file /root/.ssh/id_ed25519_sk type -1
debug1: identity file /root/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /root/.ssh/id_xmss type -1
debug1: identity file /root/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2p1 Ubuntu-4ubuntu0.5
debug1: match: OpenSSH_8.2p1 Ubuntu-4ubuntu0.5 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to node01:22 as 'root'
debug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /root/.ssh/known_hosts:5
debug3: load_hostkeys: loaded 1 keys from node01
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,ssh-ed25519,sk-ssh-ed25519@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:tmvetqpbpeuonMk7CexB57k+hK4t1129IaLp/W2TMs0
debug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /root/.ssh/known_hosts:5
debug3: load_hostkeys: loaded 1 keys from node01
debug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /root/.ssh/known_hosts:6
debug3: load_hostkeys: loaded 1 keys from 172.30.2.2
debug1: Host 'node01' is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:5
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /root/.ssh/id_rsa RSA SHA256:q90lhwtJI0plO0gcnYrhjqpIMS8fzsHyMGAga1nRElQ
debug1: Will attempt key: /root/.ssh/id_dsa
debug1: Will attempt key: /root/.ssh/id_ecdsa
debug1: Will attempt key: /root/.ssh/id_ecdsa_sk
debug1: Will attempt key: /root/.ssh/id_ed25519
debug1: Will attempt key: /root/.ssh/id_ed25519_sk
debug1: Will attempt key: /root/.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /root/.ssh/id_rsa RSA SHA256:q90lhwtJI0plO0gcnYrhjqpIMS8fzsHyMGAga1nRElQ
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: /root/.ssh/id_rsa RSA SHA256:q90lhwtJI0plO0gcnYrhjqpIMS8fzsHyMGAga1nRElQ
debug3: sign_and_send_pubkey: RSA SHA256:q90lhwtJI0plO0gcnYrhjqpIMS8fzsHyMGAga1nRElQ
debug3: sign_and_send_pubkey: signing using rsa-sha2-512 SHA256:q90lhwtJI0plO0gcnYrhjqpIMS8fzsHyMGAga1nRElQ
debug3: send packet: type 50
debug3: receive packet: type 52
debug1: Authentication succeeded (publickey).
Authenticated to node01 ([172.30.2.2]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Requesting no-more-sessions@openssh.com
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: network
debug3: receive packet: type 80
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug3: receive packet: type 4
debug1: Remote: /root/.ssh/authorized_keys:2: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug3: receive packet: type 4
debug1: Remote: /root/.ssh/authorized_keys:2: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug3: receive packet: type 91
debug2: channel_input_open_confirmation: channel 0: callback start
debug2: fd 3 setting TCP_NODELAY
debug3: ssh_packet_set_tos: set IP_TOS 0x08
debug2: client_session2_setup: id 0
debug1: Sending environment.
debug3: Ignored env SHELL
debug3: Ignored env PWD
debug3: Ignored env LOGNAME
debug3: Ignored env HOME
debug3: Ignored env LS_COLORS
debug3: Ignored env SSH_CONNECTION
debug3: Ignored env LESSCLOSE
debug3: Ignored env TERM
debug3: Ignored env LESSOPEN
debug3: Ignored env USER
debug3: Ignored env SHLVL
debug3: Ignored env PS1
debug3: Ignored env SSH_CLIENT
debug3: Ignored env PATH
debug3: Ignored env MAIL
debug3: Ignored env DEBIAN_FRONTEND
debug3: Ignored env OLDPWD
debug3: Ignored env _
debug1: Sending command: uptime
debug2: channel 0: request exec confirm 1
debug3: send packet: type 98
debug2: channel_input_open_confirmation: channel 0: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 2097152
debug3: receive packet: type 99
debug2: channel_input_status_confirm: type 99 id 0
debug2: exec request accepted on channel 0
13:18:35 up 40 min, 1 user, load average: 0.00, 0.02, 0.08
debug3: receive packet: type 96
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: chan_shutdown_write (i0 o1 sock -1 wfd 5 efd 6 [write])
debug2: channel 0: output drain -> closed
debug3: receive packet: type 98
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug3: receive packet: type 98
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug2: channel 0: rcvd eow
debug2: channel 0: chan_shutdown_read (i0 o3 sock -1 wfd 4 efd 6 [write])
debug2: channel 0: input open -> closed
debug3: receive packet: type 97
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug3: send packet: type 97
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 client-session (t4 r0 i3/0 o3/0 e[write]/0 fd -1/-1/6 sock -1 cc -1)
debug3: send packet: type 1
debug3: fd 1 is not O_NONBLOCK
Transferred: sent 2820, received 3088 bytes, in 0.1 seconds
Bytes per second: sent 47824.7, received 52369.8
debug1: Exit status 0
π¬ What additional information was shown with the -vvv option? (debug3)
π¬ So we looked at a ssh connection over to node01. You should note that the keys are bing used and that is why no password was asked to connect. We'll explore that more shortly.
// Did you notice any differences?
Linux Commands to push and pull files
π§ scp is always "from" "to" on the command line, so the syntax is: scp sourcetarget destinationtarget
π§ Push the /root/motd file over to node01 at location /etc/motd and then log in to verify that the file has been pushed
π§ Pull /etc/crontab from node01 to controlplane as file /tmp/node01.crontab
π¬ Let's push and pull files around to test scp of the systems π§ π§ π§
6. Verify the file you have at /root/motd
7. Copy over the /root/motd to node01:/etc/motd
π¬ You get to see information about how long it took to push the file
8. Let's ssh over and see our MOTD
Example Output
controlplane $ timeout 1 ssh node01
Last login: Thu Apr 20 13:34:00 2023 from 10.244.4.238
.----------------. .----------------. .----------------.
| .--------------. || .--------------. || .--------------. |
| | ________ | || | _________ | || | ____ ____ | |
| | |_ ___ `. | || | |_ ___ | | || ||_ _| |_ _| | |
| | | | `. \ | || | | |_ \_| | || | \ \ / / | |
| | | | | | | || | | _| _ | || | \ \ / / | |
| | _| |___.' / | || | _| |___/ | | || | \ ' / | |
| | |________.' | || | |_________| | || | \_/ | |
| | | || | | || | | |
| '--------------' || '--------------' || '--------------' |
'----------------' '----------------' '----------------'
node01 $
π¬ Let's verify the file exactly the size we think it is over there
9. We can see them, so we'll set that to yes.
π¬ You should now both see the motd as you log in, as well as seeing the cksum matches what you did in step 1.
π¬ Now we have config files that we need to pull and give to the vendor. Let's pull those logs back over to this server from node01
10. Verify cksum of /etc/crontab file
11. Pull file over to /tmp/node01.crontab from node01
Example Output
controlplane $ scp node01:/etc/crontab /tmp/node01.crontab
crontab 100% 1042 1.1MB/s 00:00
12. So now that you've pulled the file over, verify that it's exactly the same as you just saw it
Look at you, learning Linux! You ssh-ed into servers and pushed or pulled files as needed! π§
Next up: Screen Commands and persistent connections
Screen Commands and persistent connections π§
Screen Commands to create windows
π§ Inspect out /root/.screenrc file
π§ Start screen
π§ Create multiple screen windows, rename them, and move between them
π¬ Let's learn all about Screen! π§π§π§
1. Verify your /root/.screenrc file
Example Output
controlplane $ cat /root/.screenrc
# GNU Screen - main configuration file
# # All other .screenrc files will source this file to inherit settings.
# # Author: Christian Wills - cwills.sys@gmail.com
#
# # Allow bold colors - necessary for some reason
attrcolor b ".I"
#
# # Tell screen how to set colors. AB = background, AF=foreground
termcapinfo xterm 'Co#256:AB=\E[48;5;%dm:AF=\E[38;5;%dm'
#
# # Enables use of shift-PgUp and shift-PgDn
termcapinfo xterm|xterms|xs|rxvt ti@:te@
#
# # Erase background with current bg color
defbce "on"
#
# # Enable 256 color term
term xterm-256color
#
# # Cache 30000 lines for scroll back
defscrollback 30000
#
# # New mail notification
# backtick 101 30 15 $HOME/bin/mailstatus.sh
#
hardstatus alwayslastline
# # Very nice tabbed colored hardstatus line
hardstatus string '%{= Kd} %{= Kd}%-w%{= Kr}[%{= KW}%n %t%{= Kr}]%{= Kd}%+w %-= %{KG} %H
%{KW}|%{KY}%101`%{KW}|%D %M %d %Y%{= Kc} %C%A%{-}'
#
# # change command character from ctrl-a to ctrl-b (emacs users may want this)
#escape ^Bb
#
# # Hide hardstatus: ctrl-a f
bind f eval "hardstatus ignore"
# # Show hardstatus: ctrl-a F
bind F eval "hardstatus alwayslastline"
2. Create a screen session
Example Output
GNU Screen version 4.08.00 (GNU) 05-Feb-20
Copyright (c) 2018-2020 Alexander Naumov, Amadeusz Slawinski
Copyright (c) 2015-2017 Juergen Weigert, Alexander Naumov, Amadeusz Slawinski
Copyright (c) 2010-2014 Juergen Weigert, Sadrul Habib Chowdhury
Copyright (c) 2008-2009 Juergen Weigert, Michael Schroeder, Micah Cowan, Sadrul Habib Chowdhury
Copyright (c) 1993-2007 Juergen Weigert, Michael Schroeder
Copyright (c) 1987 Oliver Laumann
This program is free software; you can redistribute it and/or modify it under the terms of the GNU
General Public License as published by the Free Software Foundation; either version 3, or (at your
option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License along with this program (see the
file COPYING); if not, see https://www.gnu.org/licenses/, or contact Free Software Foundation,
Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA.
Send bugreports, fixes, enhancements, t-shirts, money, beer & pizza to screen-devel@gnu.org
Capabilities:
+copy +remote-detach +power-detach +multi-attach +multi-user +font +color-256 +utf8 +rxvt
+builtin-telnet
[Press Space or Return to end.]
3. Verify that you are attached in screen
Example Output
controlplane $ screen -ls
There is a screen on:
111343.pts-0.controlplane (04/24/23 10:10:46) (Attached)
1 Socket in /run/screen/S-root.
4. Split the screen horizontally
5. Jump between the horizontal screen sessions
6. Rename the window you're in "Window1"
7. Create a new window and name it "Window2"
Screen Commands for logging sessions
π§ Detach from screen session and verify it is still there
π§ Reconnect and then kill the session
π§ Create a new screen session with logging enabled to
/root/screenlog.log
8. Detach from screen session
9. Verify that screen session is still running
Example Output
controlplane $ screen -ls
There is a screen on:
111343.pts-0.controlplane (04/24/23 10:10:46) (Detached)
1 Socket in /run/screen/S-root.
10. Reconnect to that session
11. Kill each window sessions
12. Create a screen session with logging enabled to /root/screenlog.log
13. Execute a command to log it out
Example Output
controlplane $ for i in $(seq 100); do uptime; sleep 1; done
10:33:07 up 3:08, 1 user, load average: 0.35, 0.37, 0.44
10:33:08 up 3:08, 1 user, load average: 0.35, 0.37, 0.44
10:33:09 up 3:08, 1 user, load average: 0.35, 0.37, 0.44
10:33:10 up 3:08, 1 user, load average: 0.32, 0.37, 0.44
10:33:11 up 3:08, 1 user, load average: 0.32, 0.37, 0.44
10:33:12 up 3:08, 1 user, load average: 0.32, 0.37, 0.44
10:33:13 up 3:08, 1 user, load average: 0.32, 0.37, 0.44
10:33:14 up 3:08, 1 user, load average: 0.32, 0.37, 0.44
10:33:15 up 3:08, 1 user, load average: 0.53, 0.41, 0.45
10:33:16 up 3:08, 1 user, load average: 0.53, 0.41, 0.45
10:33:17 up 3:08, 1 user, load average: 0.53, 0.41, 0.45
14. Detach the screen
15. Check log file
Example Output
controlplane $ cat /root/screenlog.log
controlplane $ for i in $(seq 100); do uptime; sleep 1; done
10:33:07 up 3:08, 1 user, load average: 0.35, 0.37, 0.44
10:33:08 up 3:08, 1 user, load average: 0.35, 0.37, 0.44
10:33:09 up 3:08, 1 user, load average: 0.35, 0.37, 0.44
10:33:10 up 3:08, 1 user, load average: 0.32, 0.37, 0.44
10:33:11 up 3:08, 1 user, load average: 0.32, 0.37, 0.44
10:33:12 up 3:08, 1 user, load average: 0.32, 0.37, 0.44
10:33:13 up 3:08, 1 user, load average: 0.32, 0.37, 0.44
10:33:14 up 3:08, 1 user, load average: 0.32, 0.37, 0.44
10:33:15 up 3:08, 1 user, load average: 0.53, 0.41, 0.45
10:33:16 up 3:08, 1 user, load average: 0.53, 0.41, 0.45
10:33:17 up 3:08, 1 user, load average: 0.53, 0.41, 0.45
^C
Look at you, learning Linux π§! You used Screen to run different sessions!
Next up: DNS and Finding Resources
DNS and finding resources
Check all DNS tools to find resources
π§ Your team is going to be doign some DNS work and you have to figure out how o use the tools in your Linux system
π§ Use host, dig, nslookup and figure out what type of information they show you
π§ Check the contents of /etc/resolv.conf
π§ Do a traceroute to 8.8.8.8 and 1.1.1.1
1. Use the host command to www.google.com
Example Output
ubuntu $ host www.google.com
www.google.com has address 172.253.115.106
www.google.com has address 172.253.115.99
www.google.com has address 172.253.115.104
www.google.com has address 172.253.115.147
www.google.com has address 172.253.115.103
www.google.com has address 172.253.115.105
www.google.com has IPv6 address 2607:f8b0:4004:c06::68
www.google.com has IPv6 address 2607:f8b0:4004:c06::63
www.google.com has IPv6 address 2607:f8b0:4004:c06::69
www.google.com has IPv6 address 2607:f8b0:4004:c06::93
π¬ What information are you seeing? How many IP addresses are there? How many are IPv4 and IPv6?
// What do you think?
2. Use the dig command against www.google.com
Example Output
ubuntu $ dig www.google.com
; <<>> DiG 9.16.1-Ubuntu <<>> www.google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44512
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.google.com. IN A
;; ANSWER SECTION:
www.google.com. 60 IN A 172.253.115.106
www.google.com. 60 IN A 172.253.115.99
www.google.com. 60 IN A 172.253.115.104
www.google.com. 60 IN A 172.253.115.105
www.google.com. 60 IN A 172.253.115.147
www.google.com. 60 IN A 172.253.115.103
;; Query time: 4 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Apr 24 11:27:20 UTC 2023
;; MSG SIZE rcvd: 139
π¬ How many A records do you see?
π¬ What server was used for the DNS query?
// What do you think?
π¬ This prompts you to wonder where you system gets it's configuration for DNS.
3. Check the /etc/resolve.conf to see where system is looking at DNS
Example Output
ubuntu $ cat /etc/resolv.conf
# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients directly to
# all known uplink DNS servers. This file lists all configured search domains.
#
# Third party programs must not access this file directly, but only through the
# symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way,
# replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.
nameserver 8.8.8.8
nameserver 1.1.1.1
4. What nameservers does you system try to use? Enter those into /root/nameservers
π¬ Traceroute must be installed on this system
5. Use traceroute to see if you can map the hops from you to www.google.com
Example Output
ubuntu $ traceroute www.google.com
traceroute to www.google.com (172.253.115.105), 30 hops max, 60 byte packets
1 172.30.1.1 (172.30.1.1) 0.329 ms 0.193 ms 0.135 ms
2 ns1005533.ip-135-148-34.us (135.148.34.20) 0.172 ms 0.360 ms 0.294 ms
3 135.148.34.252 (135.148.34.252) 0.815 ms 0.745 ms 0.997 ms
4 10.23.178.2 (10.23.178.2) 0.938 ms 0.897 ms 0.819 ms
5 10.244.5.60 (10.244.5.60) 0.903 ms 10.244.5.70 (10.244.5.70) 0.979 ms 10.244.5.58 (10.244.5.58) 0.996 ms
6 10.244.64.48 (10.244.64.48) 0.320 ms 10.244.64.52 (10.244.64.52) 0.315 ms 10.244.64.50 (10.244.64.50) 0.276 ms
7 10.244.120.4 (10.244.120.4) 0.911 ms 10.244.120.2 (10.244.120.2) 0.957 ms 10.244.120.4 (10.244.120.4) 0.935 ms
8 was-nva1-sbb1-nc5.va.us (178.32.135.154) 2.186 ms 1.715 ms was-cva1-sbb1-nc5.va.us (178.32.135.210) 1.487 ms
9 * * *
10 google.as15169.va.us (192.99.146.115) 3.353 ms 3.336 ms *
11 * * *
12 108.170.246.33 (108.170.246.33) 2.838 ms 142.251.77.64 (142.251.77.64) 1.597 ms 108.170.246.33 (108.170.246.33) 2.820 ms
13 108.170.246.49 (108.170.246.49) 2.058 ms 108.170.246.2 (108.170.246.2) 4.852 ms 108.170.246.66 (108.170.246.66) 2.211 ms
14 * 216.239.63.235 (216.239.63.235) 2.949 ms 142.251.49.73 (142.251.49.73) 2.710 ms
15 142.251.247.191 (142.251.247.191) 2.680 ms 142.251.49.199 (142.251.49.199) 3.166 ms 142.250.210.27 (142.250.210.27) 3.604 ms
16 * * 142.251.77.138 (142.251.77.138) 3.275 ms
17 172.253.72.202 (172.253.72.202) 3.826 ms 172.253.67.50 (172.253.67.50) 3.157 ms 142.251.52.184 (142.251.52.184) 3.339 ms
18 172.253.66.201 (172.253.66.201) 2.424 ms 172.253.66.157 (172.253.66.157) 3.393 ms 172.253.66.201 (172.253.66.201) 2.574 ms
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 bg-in-f105.1e100.net (172.253.115.105) 2.780 ms 2.516 ms 2.632 ms
π¬ What output do you see?
π¬ Are all the addresses shown?
π¬ What is the highest latency you see between hops?
// What do you think?
Change the order in which your system looks up resources
π§ Now you've looked around with the tools that you have. Let's figure out the order you system looks up resources in
π§ Inspect the /etc/nsswitch.conf file to see how your system looks
up hosts
π§ Verify that your system look at files before DNS by adding a
record for www.google.com that points to www.yahoo.com
π§ Change the order of host lookup in /etc/nsswitch.conf to see the
system properly resolve www.google.com
6. Print out /etc/nsswitch.conf
Example Output
ubuntu $ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: files systemd
group: files systemd
shadow: files
gshadow: files
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
π¬ What are the values in the hosts: entry?
7. Test your connection to www.google.com with curl
Example Output
ubuntu $ curl www.google.com | grep -Ei 'yahoo|google'
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en"><head><meta content="Search the world's information, including webpages, images, videos and more. Google has many special features to help you find exactly what you're looking for." name="description"><meta content="noodp" name="robots"><meta content="text/html; charset=UTF-8" http-equiv="Content-Type"><meta content="/images/branding/googleg/1x/googleg_standard_color_128dp.png" itemprop="image"><title>Google</title><script nonce="IjzW5Y8RmVESmT0mXulCJw">(function(){window.google={kEI:'7mtGZPP4Ds-p5NoPmsKCgA0',kEXPI:'0,1359409,6059,206,4804,2316,383,246,5,1129120,1197711,180,380600,16114,19397,9287,22430,1362,12314,4751,12834,4998,13228,3847,35735,5581,2891,3926,213,8221,76014,432,3,346,1244,1,16918,2650,4,1528,2304,29062,13063,13660,2980,1457,16786,5806,2551,4094,7596,1,14262,24780,1,3111,2,14022,2373,342,21266,1758,5679,1021,31121,4568,6259,23418,1252,5835,14968,4332,7484,445,2,2,1,26632,8155,7381,2,3,15965,872,6578,3048,10008,7,1922,9779,36154,6305,20198,20137,14,82,2932,13582,3692,109,363,2049,850,3909,1097,1747,2038,15203,4387,988,3030,5629,481,9706,1804,823,3976,2935,495,1150,1093,493,1360,1032,9480,2995,6849,416,2171,3609,3049,2129,2365,648,14,340,1295,1093,19,495,4197,2,1838,304,891,3576,1442,1129,777,5326,1666,507,1463,1973,1365,804,884,264,3,2824,344,173,119,344,196,911,1,1224,2012,688,329,379,2,297,1644,123,49,1015,1,728,766,225,717,55,198,402,214,5,181,403,577,2855,737,36,126,573,5,864,38,104,214,280,102,577,572,406,151,120,256,253,179,571,206,2,10,3,655,74,1142,604,5206696,189,2,70,5995623,2803220,3311,141,795,19735,1,1,346,5008,30,43,10,2,32,9,1,5,1,12,6,1,123,21,2,2,1,58,23945117,4042143,1964,1007,15665,2894,6250,15739,1326,400,714,328,121,1412168,146986,21413709,2198897,361,83,95,132,554,505,384,568,86,1,1026,29,2,325,19,1697,299,413,1657,1615,1142,123,62',kBL:'WWhe',kOPI:89978449};google.sn='webhp';google.kHL='en';})();(function(){
var e=this||self;var g,h=[];function k(a){for(var c;a&&(!a.getAttribute||!(c=a.getAttribute("eid")));)a=a.parentNode;return c||g}function l(a){for(var c=null;a&&(!a.getAttribute||!(c=a.getAttribute("leid")));)a=a.parentNode;return c}function m(a){/^http:/i.test(a)&&"https:"===window.location.protocol&&(google.ml&&google.ml(Error("a"),!1,{src:a,glmm:1}),a="");return a}
function p(a,c,b,f){var d="";-1===c.search("&ei=")&&(d="&ei="+k(b),-1===c.search("&lei=")&&(b=l(b))&&(d+="&lei="+b));b="";e._cshid&&-1===c.search("&cshid=")&&"slh"!==a&&(b="&cshid="+e._cshid);return"/"+(f||"gen_204")+"?atyp=i&ct="+String(a)+"&cad="+(c+d)+"&zx="+String(Date.now())+b};g=google.kEI;google.getEI=k;google.getLEI=l;google.ml=function(){return null};google.log=function(a,c,b,f,d){b||(b=p(a,c,f,d));if(b=m(b)){a=new Image;var n=h.length;h[n]=a;a.onerror=a.onload=a.onabort=function(){delete h[n]};a.src=b}};google.logUrl=function(a){return p("",a)};}).call(this);(function(){google.y={};google.sy=[];google.x=function(a,b){if(a)var c=a.id;else{do c=Math.random();while(google.y[c])}google.y[c]=[a,b];return!1};google.sx=function(a){google.sy.push(a)};google.lm=[];google.plm=function(a){google.lm.push.apply(google.lm,a)};google.lq=[];google.load=function(a,b,c){google.lq.push([[a],b,c])};google.loadAll=function(a,b){google.lq.push([a,b])};google.bx=!1;google.lx=function(){};}).call(this);google.f={};(function(){
</style><style>body,td,a,p,.h{font-family:arial,sans-serif}body{margin:0;overflow-y:scroll}#gog{padding:3px 8px 0}td{line-height:.8em}.gac_m td{line-height:17px}form{margin-bottom:20px}.h{color:#1558d6}em{font-weight:bold;font-style:normal}.lst{height:25px;width:496px}.gsfi,.lst{font:18px arial,sans-serif}.gsfs{font:17px arial,sans-serif}.ds{display:inline-box;display:inline-block;margin:3px 0 4px;margin-left:4px}input{font-family:inherit}body{background:#fff;color:#000}a{color:#4b11a8;text-decoration:none}a:hover,a:active{text-decoration:underline}.fl a{color:#1558d6}a:visited{color:#4b11a8}.sblc{padding-top:5px}.sblc a{display:block;margin:2px 0;margin-left:13px;font-size:11px}.lsbb{background:#f8f9fa;border:solid 1px;border-color:#dadce0 #70757a #70757a #dadce0;height:30px}.lsbb{display:block}#WqQANb a{display:inline-block;margin:0 12px}.lsb{background:url(/images/nav_logo229.png) 0 -261px repeat-x;border:none;color:#000;cursor:pointer;height:30px;margin:0;outline:0;font:15px arial,sans-serif;vertical-align:top}.lsb:active{background:#dadce0}.lst:focus{outline:none}</style><script nonce="IjzW5Y8RmVESmT0mXulCJw">(function(){window.google.erd={jsr:1,bv:1781,de:true};
var h=this||self;var k,l=null!=(k=h.mei)?k:1,n,p=null!=(n=h.sdo)?n:!0,q=0,r,t=google.erd,v=t.jsr;google.ml=function(a,b,d,m,e){e=void 0===e?2:e;b&&(r=a&&a.message);if(google.dl)return google.dl(a,e,d),null;if(0>v){window.console&&console.error(a,d);if(-2===v)throw a;b=!1}else b=!a||!a.message||"Error loading script"===a.message||q>=l&&!m?!1:!0;if(!b)return null;q++;d=d||{};b=encodeURIComponent;var c="/gen_204?atyp=i&ei="+b(google.kEI);google.kEXPI&&(c+="&jexpid="+b(google.kEXPI));c+="&srcpg="+b(google.sn)+"&jsr="+b(t.jsr)+"&bver="+b(t.bv);var f=a.lineNumber;void 0!==f&&(c+="&line="+f);var g=
a.fileName;g&&(0<g.indexOf("-extension:/")&&(e=3),c+="&script="+b(g),f&&g===window.location.href&&(f=document.documentElement.outerHTML.split("\n")[f],c+="&cad="+b(f?f.substring(0,300):"No script found.")));c+="&jsel="+e;for(var u in d)c+="&",c+=b(u),c+="=",c+=b(d[u]);c=c+"&emsg="+b(a.name+": "+a.message);c=c+"&jsst="+b(a.stack||"N/A");12288<=c.length&&(c=c.substr(0,12288));a=c;m||google.log(0,"",a);return a};window.onerror=function(a,b,d,m,e){r!==a&&(a=e instanceof Error?e:Error(a),void 0===d||"lineNumber"in a||(a.lineNumber=d),void 0===b||"fileName"in a||(a.fileName=b),google.ml(a,!1,void 0,!1,"SyntaxError"===a.name||"SyntaxError"===a.message.substring(0,11)||-1!==a.message.indexOf("Script error")?3:0));r=null;p&&q>=l&&(window.onerror=null)};})();</script></head><body bgcolor="#fff"><script nonce="IjzW5Y8RmVESmT0mXulCJw">(function(){var src='/images/nav_logo229.png';var iesg=false;document.body.onload = function(){window.n && window.n();if (document.images){new Image().src=src;}
})();</script><div id="mngb"><div id=gbar><nobr><b class=gb1>Search</b> <a class=gb1 href="http://www.google.com/imghp?hl=en&tab=wi">Images</a> <a class=gb1 href="http://maps.google.com/maps?hl=en&tab=wl">Maps</a> <a class=gb1 href="https://play.google.com/?hl=en&tab=w8">Play</a> <a class=gb1 href="https://www.youtube.com/?tab=w1">YouTube</a> <a class=gb1 href="https://news.google.com/?tab=wn">News</a> <a class=gb1 href="https://mail.google.com/mail/?tab=wm">Gmail</a> <a class=gb1 href="https://drive.google.com/?tab=wo">Drive</a> <a class=gb1 style="text-decoration:none" href="https://www.google.com/intl/en/about/products?tab=wh"><u>More</u> »</a></nobr></div><div id=guser width=100%><nobr><span id=gbn class=gbi></span><span id=gbf class=gbf></span><span id=gbe></span><a href="http://www.google.com/history/optout?hl=en" class=gb4>Web History</a> | <a href="/preferences?hl=en" class=gb4>Settings</a> | <a target=_top id=gb_70 href="https://accounts.google.com/ServiceLogin?hl=en&passive=true&continue=http://www.google.com/&ec=GAZAAQ" class=gb4>Sign in</a></nobr></div><div class=gbh style=left:0></div><div class=gbh style=right:0></div></div><center><br clear="all" id="lgpd"><div id="lga"><img alt="Google" height="92" src="/images/branding/googlelogo/1x/googlelogo_white_background_color_272x92dp.png" style="padding:28px 0 14px" width="272" id="hplogo"><br><br></div><form action="/search" name="f"><table cellpadding="0" cellspacing="0"><tr valign="top"><td width="25%"> </td><td align="center" nowrap=""><input name="ie" value="ISO-8859-1" type="hidden"><input value="en" name="hl" type="hidden"><input name="source" type="hidden" value="hp"><input name="biw" type="hidden"><input name="bih" type="hidden"><div class="ds" style="height:32px;margin:4px 0"><input class="lst" style="margin:0;padding:5px 8px 0 6px;vertical-align:top;color:#000" autocomplete="off" value="" title="Google Search" maxlength="2048" name="q" size="57"></div><br style="line-height:0"><span class="ds"><span class="lsbb"><input class="lsb" value="Google Search" name="btnG" type="submit"></span></span><span class="ds"><span class="lsbb"><input class="lsb" id="tsuid_1" value="I'm Feeling Lucky" name="btnI" type="submit"><script nonce="IjzW5Y8RmVESmT0mXulCJw">(function(){var id='tsuid_1';document.getElementById(id).onclick = function(){if (this.form.q.value){this.checked = 1;if (this.form.iflsig)this.form.iflsig.disabled = false;}
else top.location='/doodles/';};})();</script><input value="AOEireoAAAAAZEZ5_p2BEYJPRurP18-6pS39ZrNCXtzo" name="iflsig" type="hidden"></span></span></td><td class="fl sblc" align="left" nowrap="" width="25%"><a href="/advanced_search?hl=en&authuser=0">Advanced search</a></td></tr></table><input id="gbv" name="gbv" type="hidden" value="1"><script nonce="IjzW5Y8RmVESmT0mXulCJw">(function(){var a,b="1";if(document&&document.getElementById)if("undefined"!=typeof XMLHttpRequest)b="2";else if("undefined"!=typeof ActiveXObject){var c,d,e=["MSXML2.XMLHTTP.6.0","MSXML2.XMLHTTP.3.0","MSXML2.XMLHTTP","Microsoft.XMLHTTP"];for(c=0;d=e[c++];)try{new ActiveXObject(d),b="2"}catch(h){}}a=b;if("2"==a&&-1==location.search.indexOf("&gbv=2")){var f=google.gbvu,g=document.getElementById("gbv");g&&(g.value=a);f&&window.setTimeout(function(){location.href=f},0)};}).call(this);</script></form><div id="gac_scont"></div><div style="font-size:83%;min-height:3.5em"><br><div id="prm"><style>.szppmdbYutt__middle-slot-promo{font-size:small;margin-bottom:32px}.szppmdbYutt__middle-slot-promo a.ZIeIlb{display:inline-block;text-decoration:none}.szppmdbYutt__middle-slot-promo img{border:none;margin-right:5px;vertical-align:middle}</style><div class="szppmdbYutt__middle-slot-promo" data-ved="0ahUKEwjzp5DjuML-AhXPFFkFHRqhANAQnIcBCAQ"><a class="NKcBbd" href="https://www.google.com/url?q=https://artsandculture.google.com/experiment/zgFx1tMqeIZyTw%3Futm_source%3Dgoogle%26utm_medium%3Dhppromo%26utm_campaign%3Dcallinginourcorals&source=hpp&id=19034922&ct=3&usg=AOvVaw0nMWsnMoeASDuSYrKnPMNj&sa=X&ved=0ahUKEwjzp5DjuML-AhXPFFkFHRqhANAQ8IcBCAU" rel="nofollow">Learn how to help restore coral reefs, simply by listening</a></div></div></div><span id="footer"><div style="font-size:10pt"><div style="margin:19px auto;text-align:center" id="WqQANb"><a href="/intl/en/ads/">Advertising</a><a href="/services/">Business Solutions</a><a href="/intl/en/about.html">About Google</a></div></div><p style="font-size:8pt;color:#70757a">© 2023 - <a href="/intl/en/policies/privacy/">Privacy</a> - <a href="/intl/en/policies/terms/">Terms</a></p></span></center><script nonce="IjzW5Y8RmVESmT0mXulCJw">(function(){window.google.cdo={height:757,width:1440};(function(){var a=window.innerWidth,b=window.innerHeight;if(!a||!b){var c=window.document,d="CSS1Compat"==c.compatMode?c.documentElement:c.body;a=d.clientWidth;b=d.clientHeight}a&&b&&(a!=google.cdo.width||b!=google.cdo.height)&&google.log("","","/client_204?&atyp=i&biw="+a+"&bih="+b+"&ei="+googl.kEI);}).call(this);})();</script> <script nonce="IjzW5Y8RmVESmT0mXulCJw">(function()google.xjs={ck:'xjs.hp.cZMjK1rN2dw.L.X.O',cs:'ACT90oGdWgvp7b-1i002ub8NTEiqmwqPag',excm:[]};})();</script> <script nonce="IjzW5Y8RmVESmT0mXulCJw">(function(){var u='/xjs/_/js/k\x3dxjs.hp.en.qkDX73W2TvU.O/am\x3dAAAAOgEAFABY/d\x3d1/ed\x3d1/rs\x3dACT90oFpp8_uyj9hwoAl3W3tvYwd1PFWOg/m\x3dsb_he,d';var amd=0;
function p(){var c=u,g=function(){};google.lx=google.stvsc?g:function(){google.timers&&google.timers.load&&google.tick&&google.tick("load","xjsls");var a=document;var b="SCRIPT";"application/xhtml+xml"===a.contentType&&(b=b.toLowerCase());b=a.createElement(b);a=null===c?"null":void 0===c?"undefined":c;if(void 0===h){var d=null;var m=e.trustedTypes;if(m&&m.createPolicy){try{d=m.createPolicy("goog#html",{createHTML:f,createScript:f,createScriptURL:f})}catch(r){e.console&&e.console.error(r.message)}h=
d}else h=d}a=(d=h)?d.createScriptURL(a):a;a=new n(a,l);b.src=a instanceof n&&a.constructor===n?a.g:"type_error:TrustedResourceUrl";var k,q;(k=(a=null==(q=(k=(b.ownerDocument&&b.ownerDocument.defaultView||window).document).querySelector)?void 0:q.call(k,"script[nonce]"))?a.nonce||a.getAttribute("nonce")||"":"")&&b.setAttribute("nonce",k);document.body.appendChild(b);google.psa=!0;google.lx=g};google.bx||google.lx()};googl.xjsu=u;e._F_jsUrl=u;setTimeout(function(){0<amd?google.caft(function(){return p()},amd):p()},0);})();window._ = window._ || {};window._DumpException = _._DumpException = function(e){throw e;};window._s = window._s || {};_s._DumpException = _._DumpException;window._qs = window._qs || {};_qs._DumpException = _._DumpException;function _F_installCss(c){}
(function(){google.jl={blt:'none',chnk:0,dw:false,dwu:true,emtn:0,end:0,ico:false,ikb:0,ine:false,injs:'none',injt:0,injth:0,injv2:false,lls:'default',pdt:0,rep:0,snet:true,strt:0,ubm:false,uwp:true};})();(function(){var pmc='{\x22d\x22:{},\x22sb_he\x22:{\x22agen\x22:true,\x22cgen\x22:true,\x22client\x22:\x22heirloom-hp\x22,\x22dh\x22:true,\x22ds\x22:\x22\x22,\x22fl\x22:true,\x22host\x22:\x22google.com\x22,\x22jsonp\x22:true,\x22msgs\x22:{\x22cibl\x22:\x22Clear Search\x22,\x22dym\x22:\x22Did you mean:\x22,\x22lcky\x22:\x22I\\u0026#39;m Feeling Lucky\x22,\x22lml\x22:\x22Learn more\x22,\x22psrc\x22:\x22This search was removed from your \\u003Ca href\x3d\\\x22/history\\\x22\\u003EWeb History\\u003C/a\\u003E\x22,\x22psrl\x22:\x22Remove\x22,\x22sbit\x22:\x22Search by image\x22,\x22srch\x22:\x22Google Search\x22},\x22ovr\x22:{},\x22pq\x22:\x22\x22,\x22rfs\x22:[],\x22sbas\x22:\x220 3px 8px 0 rgba(0,0,0,0.2),0 0 0 1px rgba(0,0,0,0.08)\x22,\x22stok\x22:\x22FNN--YlyXcWScgCAYZn3s7PjNSM\x22}}';google.pmc=JSON.parse(pmc);})();(function(){
100 17194 0 17194 0 0 305k 0 --:--:-- --:--:-- --:--:-- 305k
var b=function(a){var c=0;return function(){return c<a.length?{done:!1,value:a[c++]}:{done:!0}}},e=this||self;var g,h;a:{for(var k=["CLOSURE_FLAGS"],l=e,n=0;n<k.length;n++)if(l=l[k[n]],null==l){h=null;break a}h=l}var p=h&&h[610401301];g=null!=p?p:!1;var q,r=e.navigator;q=r?r.userAgentData||null:null;function t(a){return g?q?q.brands.some(function(c){return(c=c.brand)&&-1!=c.indexOf(a)}):!1:!1}function u(a){var c;a:{if(c=e.navigator)if(c=c.userAgent)break a;c=""}return-1!=c.indexOf(a)};function v(){return g?!!q&&0<q.brands.length:!1}function w(){return u("Safari")&&!(x()||(v()?0:u("Coast"))||(v()?0:u("Opera"))||(v()?0:u("Edge"))||(v()?t("Microsoft Edge"):u("Edg/"))||(v()?t("Opera"):u("OPR"))||u("Firefox")||u("FxiOS")||u("Silk")||u("Android"))}function x(){return v()?t("Chromium"):(u("Chrome")||u("CriOS"))&&!(v()?0:u("Edge"))||u("Silk")}function y(){return u("Android")&&!(x()||u("Firefox")||u("FxiOS")||(v()?0:u("Opera"))||u("Silk"))};var z=v()?!1:u("Trident")||u("MSIE");y();x();w();var A=!z&&!w(),D=function(a){if(/-[a-z]/.test("ved"))return null;if(A&&a.dataset){if(y()&&!("ved"in a.dataset))return null;a=a.dataset.ved;return void 0===a?null:a}return a.getAttribute("data-"+"ved".replace(/([A-Z])/g,"-$1").toLowerCase())};var E=[],F=null;function G(a){a=a.target;var c=performance.now(),f=[],H=f.concat,d=E;if(!(d instanceof Array)){var m="undefined"!=typeof Symbol&&Symbol.iterator&&d[Symbol.iterator];if(m)d=m.call(d);else if("number"==typeof d.length)d={next:b(d)};else throw Error("a`"+String(d));for(var B=[];!(m=d.next()).done;)B.push(m.value);d=B}E=H.call(f,d,[c]);if(a&&a instanceof HTMLElement)if(a===F){if(c=4<=E.length)c=5>(E[E.length-1]-E[E.length-4])/1E3;if(c){c=google.getEI(a);a.hasAttribute("data-ved")?f=a?D(a)||"":"":f=(f=
a.closest("[data-ved]"))?D(f)||"":"";f=f||"";if(a.hasAttribute("jsname"))a=a.getAttribute("jsname");else{var C;a=null==(C=a.closest("[jsname]"))?void 0:C.getAttribute("jsname")}google.log("rcm","&ei="+c+"&ved="+f+"&jsname="+(a||""))}}else F=a,E=[c]}window.document.addEventListener("DOMContentLoaded",function(){document.body.addEventListener("click",G)});}).call(this);</script></body></html>
π¬ Wow that's some ugly output related to google
8. Let's get the host value for www.yahoo.com
Example Output
ubuntu $ host www.yahoo.com
www.yahoo.com is an alias for new-fp-shed.wg1.b.yahoo.com.
new-fp-shed.wg1.b.yahoo.com has address 74.6.143.25
new-fp-shed.wg1.b.yahoo.com has address 74.6.143.26
new-fp-shed.wg1.b.yahoo.com has address 74.6.231.20
new-fp-shed.wg1.b.yahoo.com has address 74.6.231.21
new-fp-shed.wg1.b.yahoo.com has IPv6 address 2001:4998:124:1507::f001
new-fp-shed.wg1.b.yahoo.com has IPv6 address 2001:4998:44:3507::8000
new-fp-shed.wg1.b.yahoo.com has IPv6 address 2001:4998:124:1507::f000
new-fp-shed.wg1.b.yahoo.com has IPv6 address 2001:4998:44:3507::8001
9. Now, just to test that our system will use hosts first, before DNS, we're going to add a www.yahoo.com entry in our /etc/hosts file
10. Let's test a curl to www.google.com and see if we're still resolving to www.google.com
Example Output
ubuntu $ curl www.google.com | grep -Ei 'yahoo|google'
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
<title>Yahoo</title>
!function(){if(window==window.top){var o=window.location.host;o.endsWith(".yahoo.com")&&window.location.replace("https://www.yahoo.com/"),o.endsWith(".aol.com")&&window.location.replace("https://www.aol.com/"),o.endsWith(".huffpost.com")&&window.location.replace("https://www.huffpost.com/"),o.endsWith(".engadget.com")&&window.location.replace("https://www.engadget.com/")}}();
<!-- host machine: media-router-fp7028.prod.media.ne1.yahoo.com -->
<!-- url: http://www.google.com/-->
logo: 'https://s.yimg.com/rz/p/yahoo_frontpage_en-US_s_f_p_205x58_frontpage.png',
logoAlt: 'Yahoo Logo',
document.write('<img src="' + buildUrl('//geo.yahoo.com/b', params) + '" style="display:none;" width="0px" height="0px"/>');
beacon.src = buildUrl('//bcn.fp.yahoo.com/p', params);
100 4863 100 4863 0 0 74815 0 --:--:-- --:--:-- --:--:-- 74815
ats_host: 'media-router-fp7028.prod.media.ne1.yahoo.com',
11. Now we change the order so that our /etc/nsswitch entry for hosts shows DNS before host values
12. Now test www.google.com again and see if you're seeing the correct output
Example Output
ubuntu $ curl www.google.com | grep -Ei 'yahoo|google'
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en"><head><meta content="Search the world's information, including webpages, images, videos and more. Google has many special features to help you find exactly what you're looking for." name="description"><meta content="noodp" name="robots"><meta content="text/html; charset=UTF-8" http-equiv="Content-Type"><meta content="/images/branding/googleg/1x/googleg_standard_color_128dp.png" itemprop="image"><title>Google</title><script nonce="sVkp7jIK8JntD0iWAfSxFw">(function(){window.google={kEI:'tW5GZP-GNtSm5NoPubuvgA0',kEXPI:'0,1303427,55982,6058,207,4804,2316,383,246,5,1129120,1197787,104,380599,16115,28684,22431,1361,12312,4753,12834,4998,13228,3847,6885,31559,885,1987,2891,3926,213,4210,3405,606,58286,2404,15324,432,3,1590,1,16916,2652,4,1528,2304,29062,9872,3191,11444,2216,2980,1457,16786,5821,2536,4094,7596,1,42154,2,14022,2373,342,3534,19490,5679,1020,25048,6075,4567,6256,23421,1252,5835,14968,4332,7484,445,2,2,1,24626,2006,8155,6680,701,2,3,15965,872,9626,10009,6,1922,28322,17611,6305,20198,20137,14,82,16514,3692,109,364,2048,5856,3785,4266,10909,3890,522,991,2265,765,6110,3226,2276,4204,1295,509,7734,495,1150,1093,2885,9480,2995,6850,415,5780,1642,1407,2129,1330,1684,13,1632,1610,1634,1,2562,2,1838,303,892,6147,5903,200,1240,426,1517,4,442,14,1966,1365,804,1148,3,37,3132,172,119,204,68,71,2235,2108,71,65,1,552,330,375,2,1945,124,45,893,125,1,728,773,218,970,514,102,5,143,441,578,3591,36,127,562,4,881,30,106,209,114,7,62,204,89,1,181,306,955,23,151,120,256,253,179,595,178,2,14,3,36,43,576,196,1624,46,1,25,5206813,2,70,415,147,5993858,2799834,4589,3311,141,795,19735,1,303,44,5007,30,21,20,3,10,35,5,3,6,14,3,7,2,41,76,25,1,23945175,4042143,1964,16672,2894,6250,14712,427,601,1326,399,714,1559604,34357,23578248,538,31,103,554,435,69,1017,1,265,149,659,2,86,115,147,539,143,2,1012,711,398,182,700,2286,345,475,29,386',kBL:'WWhe',kOPI:89978449};google.sn='webhp';google.kHL='en';})();(function(){
var e=this||self;var g,h=[];function k(a){for(var c;a&&(!a.getAttribute||!(c=a.getAttribute("eid")));)a=a.parentNode;return c||g}function l(a){for(var c=null;a&&(!a.getAttribute||!(c=a.getAttribute("leid")));)a=a.parentNode;return c}function m(a){/^http:/i.test(a)&&"https:"===window.location.protocol&&(google.ml&&google.ml(Error("a"),!1,{src:a,glmm:1}),a="");return a}
function p(a,c,b,f){var d="";-1===c.search("&ei=")&&(d="&ei="+k(b),-1===c.search("&lei=")&&(b=l(b))&&(d+="&lei="+b));b="";e._cshid&&-1===c.search("&cshid=")&&"slh"!==a&&(b="&cshid="+e._cshid);return"/"+(f||"gen_204")+"?atyp=i&ct="+String(a)+"&cad="+(c+d)+"&zx="+String(Date.now())+b};g=google.kEI;google.getEI=k;google.getLEI=l;google.ml=function(){return null};google.log=function(a,c,b,f,d){b||(b=p(a,c,f,d));if(b=m(b)){a=new Image;var n=h.length;h[n]=a;a.onerror=a.onload=a.onabort=function(){delete h[n]};a.src=b}};google.logUrl=function(a){return p("",a)};}).call(this);(function(){google.y={};google.sy=[];google.x=function(a,b){if(a)var c=a.id;else{do c=Math.random();while(google.y[c])}google.y[c]=[a,b];return!1};google.sx=function(a){google.sy.push(a)};google.lm=[];google.plm=function(a){google.lm.push.apply(google.lm,a)};google.lq=[];google.load=function(a,b,c){google.lq.push([[a],b,c])};google.loadAll=function(a,b){google.lq.push([a,b])};google.bx=!1;google.lx=function(){};}).call(this);google.f={};(function(){
</style><style>body,td,a,p,.h{font-family:arial,sans-serif}body{margin:0;overflow-y:scroll}#gog{padding:3px 8px 0}td{line-height:.8em}.gac_m td{line-height:17px}form{margin-bottom:20px}.h{color:#1558d6}em{font-weight:bold;font-style:normal}.lst{height:25px;width:496px}.gsfi,.lst{font:18px arial,sans-serif}.gsfs{font:17px arial,sans-serif}.ds{display:inline-box;display:inline-block;margin:3px 0 4px;margin-left:4px}input{font-family:inherit}body{background:#fff;color:#000}a{color:#4b11a8;text-decoration:none}a:hover,a:active{text-decoration:underline}.fl a{color:#1558d6}a:visited{color:#4b11a8}.sblc{padding-top:5px}.sblc a{display:block;margin:2px 0;margin-left:13px;font-size:11px}.lsbb{background:#f8f9fa;border:solid 1px;border-color:#dadce0 #70757a #70757a #dadce0;height:30px}.lsbb{display:block}#WqQANb a{display:inline-block;margin:0 12px}.lsb{background:url(/images/nav_logo229.png) 0 -261px repeat-x;border:none;color:#000;cursor:pointer;height:30px;margin:0;outline:0;font:15px arial,sans-serif;vertical-align:top}.lsb:active{background:#dadce0}.lst:focus{outline:none}</style><script nonce="sVkp7jIK8JntD0iWAfSxFw">(function(){window.google.erd={jsr:1,bv:1781,de:true};
var h=this||self;var k,l=null!=(k=h.mei)?k:1,n,p=null!=(n=h.sdo)?n:!0,q=0,r,t=google.erd,v=t.jsr;google.ml=function(a,b,d,m,e){e=void 0===e?2:e;b&&(r=a&&a.message);if(google.dl)return google.dl(a,e,d),null;if(0>v){window.console&&console.error(a,d);if(-2===v)throw a;b=!1}else b=!a||!a.message||"Error loading script"===a.message||q>=l&&!m?!1:!0;if(!b)return null;q++;d=d||{};b=encodeURIComponent;var c="/gen_204?atyp=i&ei="+b(google.kEI);google.kEXPI&&(c+="&jexpid="+b(google.kEXPI));c+="&srcpg="+b(google.sn)+"&jsr="+b(t.jsr)+"&bver="+b(t.bv);var f=a.lineNumber;void 0!==f&&(c+="&line="+f);var g=
a.fileName;g&&(0<g.indexOf("-extension:/")&&(e=3),c+="&script="+b(g),f&&g===window.location.href&&(f=document.documentElement.outerHTML.split("\n")[f],c+="&cad="+b(f?f.substring(0,300):"No script found.")));c+="&jsel="+e;for(var u in d)c+="&",c+=b(u),c+="=",c+=b(d[u]);c=c+"&emsg="+b(a.name+": "+a.message);c=c+"&jsst="+b(a.stack||"N/A");12288<=c.length&&(c=c.substr(0,12288));a=c;m||google.log(0,"",a);return a};window.onerror=function(a,b,d,m,e){r!==a&&(a=e instanceof Error?e:Error(a),void 0===d||"lineNumber"in a||(a.lineNumber=d),void 0===b||"fileName"in a||(a.fileName=b),google.ml(a,!1,void 0,!1,"SyntaxError"===a.name||"SyntaxError"===a.message.substring(0,11)||-1!==a.message.indexOf("Script error")?3:0));r=null;p&&q>=l&&(window.onerror=null)};})();</script></head><body bgcolor="#fff"><script nonce="sVkp7jIK8JntD0iWAfSxFw">(function(){var src='/images/nav_logo229.png';var iesg=false;document.body.onload = function(){window.n && window.n();if (document.images){new Image().src=src;}
})();</script><div id="mngb"><div id=gbar><nobr><b class=gb1>Search</b> <a class=gb1 href="http://www.google.com/imghp?hl=en&tab=wi">Images</a> <a class=gb1 href="http://maps.google.com/maps?hl=en&tab=wl">Maps</a> <a class=gb1 href="https://play.google.com/?hl=en&tab=w8">Play</a> <a class=gb1 href="https://www.youtube.com/?tab=w1">YouTube</a> <a class=gb1 href="https://news.google.com/?tab=wn">News</a> <a class=gb1 href="https://mail.google.com/mail/?tab=wm">Gmail</a> <a class=gb1 href="https://drive.google.com/?tab=wo">Drive</a> <a class=gb1 style="text-decoration:none" href="https://www.google.com/intl/en/about/products?tab=wh"><u>More</u> »</a></nobr></div><div id=guser width=100%><nobr><span id=gbn class=gbi></span><span id=gbf class=gbf></span><span id=gbe></span><a href="http://www.google.com/history/optout?hl=en" class=gb4>Web History</a> | <a href="/preferences?hl=en" class=gb4>Settings</a> | <a target=_top id=gb_70 href="https://accounts.google.com/ServiceLogin?hl=en&passive=true&continue=http://www.google.com/&ec=GAZAAQ" class=gb4>Sign in</a></nobr></div><div class=gbh style=left:0></div><div class=gbh style=right:0></div></div><center><br clear="all" id="lgpd"><div id="lga"><img alt="Google" height="92" src="/images/branding/googlelogo/1x/googlelogo_white_background_color_272x92dp.png" style="padding:28px 0 14px" width="272" id="hplogo"><br><br></div><form action="/search" name="f"><table cellpadding="0" cellspacing="0"><tr valign="top"><td width="25%"> </td><td align="center" nowrap=""><input name="ie" value="ISO-8859-1" type="hidden"><input value="en" name="hl" type="hidden"><input name="source" type="hidden" value="hp"><input name="biw" type="hidden"><input name="bih" type="hidden"><div class="ds" style="height:32px;margin:4px 0"><input class="lst" style="margin:0;padding:5px 8px 0 6px;vertical-align:top;color:#000" autocomplete="off" value="" title="Google Search" maxlength="2048" name="q" size="57"></div><br style="line-height:0"><span class="ds"><span class="lsbb"><input class="lsb" value="Google Search" name="btnG" type="submit"></span></span><span class="ds"><span class="lsbb"><input class="lsb" id="tsuid_1" value="I'm Feeling Lucky" name="btnI" type="submit"><script nonce="sVkp7jIK8JntD0iWAfSxFw">(function(){var id='tsuid_1';document.getElementById(id).onclick = function(){if (this.form.q.value){this.checked = 1;if (this.form.iflsig)this.form.iflsig.disabled = false;}
else top.location='/doodles/';};})();</script><input value="AOEireoAAAAAZEZ8xcw1xGsPSeDYI_9duW9e2iOOyD3C" name="iflsig" type="hidden"></span></span></td><td class="fl sblc" align="left" nowrap="" width="25%"><a href="/advanced_search?hl=en&authuser=0">Advanced search</a></td></tr></table><input id="gbv" name="gbv" type="hidden" value="1"><script nonce="sVkp7jIK8JntD0iWAfSxFw">(function(){var a,b="1";if(document&&document.getElementById)if("undefined"!=typeof XMLHttpRequest)b="2";else if("undefined"!=typeof ActiveXObject){var c,d,e=["MSXML2.XMLHTTP.6.0","MSXML2.XMLHTTP.3.0","MSXML2.XMLHTTP","Microsoft.XMLHTTP"];for(c=0;d=e[c++];)try{new ActiveXObject(d),b="2"}catch(h){}}a=b;if("2"==a&&-1==location.search.indexOf("&gbv=2")){var f=google.gbvu,g=document.getElementById("gbv");g&&(g.value=a);f&&window.setTimeout(function(){location.href=f},0)};}).call(this);</script></form><div id="gac_scont"></div><div style="font-size:83%;min-height:3.5em"><br><div id="prm"><style>.szppmdbYutt__middle-slot-promo{font-size:small;margin-bottom:32px}.szppmdbYutt__middle-slot-promo a.ZIeIlb{display:inline-block;text-decoration:none}.szppmdbYutt__middle-slot-promo img{border:none;margin-right:5px;vertical-align:middle}</style><div class="szppmdbYutt__middle-slot-promo" data-ved="0ahUKEwi_tbu2u8L-AhVUE1kFHbndC9AQnIcBCAQ"><a class="NKcBbd" href="https://www.google.com/url?q=https://artsandculture.google.com/experiment/zgFx1tMqeIZyTw%3Futm_source%3Dgoogle%26utm_medium%3Dhppromo%26utm_campaign%3Dcallinginourcorals&source=hpp&id=19034922&ct=3&usg=AOvVaw0nMWsnMoeASDuSYrKnPMNj&sa=X&ved=0ahUKEwi_tbu2u8L-AhVUE1kFHbndC9AQ8IcBCAU" rel="nofollow">Learn how to help restore coral reefs, simply by listening</a></div></div></div><span id="footer"><div style="font-size:10pt"><div style="margin:19px auto;text-align:center" id="WqQANb"><a href="/intl/en/ads/">Advertising</a><a href="/services/">Business Solutions</a><a href="/intl/en/about.html">About Google</a></div></div><p style="font-size:8pt;color:#70757a">© 2023 - <a href="/intl/en/policies/privacy/">Privacy</a> - <a href="/intl/en/policies/terms/">Terms</a></p></span></center><script nonce="sVkp7jIK8JntD0iWAfSxFw">(function(){window.google.cdo={height:757,width:1440};(function(){var a=window.innerWidth,b=window.innerHeight;if(!a||!b){var c=window.document,d="CSS1Compat"==c.compatMode?c.documentElement:c.body;a=d.clientWidth;b=d.clientHeight}a&&b&&(a!=google.cdo.width||b!=google.cdo.height)&&google.log("","","/client_204?&atyp=i&biw="+a+"&bih="+b+"&ei="+googl.kEI);}).call(this);})();</script> <script nonce="sVkp7jIK8JntD0iWAfSxFw">(function()google.xjs={ck:'xjs.hp.cZMjK1rN2dw.L.X.O',cs:'ACT90oGdWgvp7b-1i002ub8NTEiqmwqPag',excm:[]};})();</script> <script nonce="sVkp7jIK8JntD0iWAfSxFw">(function(){var u='/xjs/_/js/k\x3dxjs.hp.en.qkDX73W2TvU.O/am\x3dAAAAOgEAFABY/d\x3d1/ed\x3d1/rs\x3dACT90oFpp8_uyj9hwoAl3W3tvYwd1PFWOg/m\x3dsb_he,d';var amd=0;
function p(){var c=u,g=function(){};google.lx=google.stvsc?g:function(){google.timers&&google.timers.load&&google.tick&&google.tick("load","xjsls");var a=document;var b="SCRIPT";"application/xhtml+xml"===a.contentType&&(b=b.toLowerCase());b=a.createElement(b);a=null===c?"null":void 0===c?"undefined":c;if(void 0===h){var d=null;var m=e.trustedTypes;if(m&&m.createPolicy){try{d=m.createPolicy("goog#html",{createHTML:f,createScript:f,createScriptURL:f})}catch(r){e.console&&e.console.error(r.message)}h=
d}else h=d}a=(d=h)?d.createScriptURL(a):a;a=new n(a,l);b.src=a instanceof n&&a.constructor===n?a.g:"type_error:TrustedResourceUrl";var k,q;(k=(a=null==(q=(k=(b.ownerDocument&&b.ownerDocument.defaultView||window).document).querySelector)?void 0:q.call(k,"script[nonce]"))?a.nonce||a.getAttribute("nonce")||"":"")&&b.setAttribute("nonce",k);document.body.appendChild(b);google.psa=!0;google.lx=g};google.bx||google.lx()};googl.xjsu=u;e._F_jsUrl=u;setTimeout(function(){0<amd?google.caft(function(){return p()},amd):p()},0);})();window._ = window._ || {};window._DumpException = _._DumpException = function(e){throw e;};window._s = window._s || {};_s._DumpException = _._DumpException;window._qs = window._qs || {};_qs._DumpException = _._DumpException;function _F_installCss(c){}
(function(){google.jl={blt:'none',chnk:0,dw:false,dwu:true,emtn:0,end:0,ico:false,ikb:0,ine:false,injs:'none',injt:0,injth:0,injv2:false,lls:'default',pdt:0,rep:0,snet:true,strt:0,ubm:false,uwp:true};})();(function(){var pmc='{\x22d\x22:{},\x22sb_he\x22:{\x22agen\x22:true,\x22cgen\x22:true,\x22client\x22:\x22heirloom-hp\x22,\x22dh\x22:true,\x22ds\x22:\x22\x22,\x22fl\x22:true,\x22host\x22:\x22google.com\x22,\x22jsonp\x22:true,\x22msgs\x22:{\x22cibl\x22:\x22Clear Search\x22,\x22dym\x22:\x22Did you mean:\x22,\x22lcky\x22:\x22I\\u0026#39;m Feeling Lucky\x22,\x22lml\x22:\x22Learn more\x22,\x22psrc\x22:\x22This search was removed from your \\u003Ca href\x3d\\\x22/history\\\x22\\u003EWeb History\\u003C/a\\u003E\x22,\x22psrl\x22:\x22Remove\x22,\x22sbit\x22:\x22Search by image\x22,\x22srch\x22:\x22Google Search\x22},\x22ovr\x22:{},\x22pq\x22:\x22\x22,\x22rfs\x22:[],\x22sbas\x22:\x220 3px 8px 0 rgba(0,0,0,0.2),0 0 0 1px rgba(0,0,0,0.08)\x22,\x22stok\x22:\x22F0z49lad-SyDvIsvu43ud0V1__U\x22}}';google.pmc=JSON.parse(pmc);})();(function(){
100 17232 0 17232 0 0 311k 0 --:--:-- --:--:-- --:--:-- 317k
var b=function(a){var c=0;return function(){return c<a.length?{done:!1,value:a[c++]}:{done:!0}}},e=this||self;var g,h;a:{for(var k=["CLOSURE_FLAGS"],l=e,n=0;n<k.length;n++)if(l=l[k[n]],null==l){h=null;break a}h=l}var p=h&&h[610401301];g=null!=p?p:!1;var q,r=e.navigator;q=r?r.userAgentData||null:null;function t(a){return g?q?q.brands.some(function(c){return(c=c.brand)&&-1!=c.indexOf(a)}):!1:!1}function u(a){var c;a:{if(c=e.navigator)if(c=c.userAgent)break a;c=""}return-1!=c.indexOf(a)};function v(){return g?!!q&&0<q.brands.length:!1}function w(){return u("Safari")&&!(x()||(v()?0:u("Coast"))||(v()?0:u("Opera"))||(v()?0:u("Edge"))||(v()?t("Microsoft Edge"):u("Edg/"))||(v()?t("Opera"):u("OPR"))||u("Firefox")||u("FxiOS")||u("Silk")||u("Android"))}function x(){return v()?t("Chromium"):(u("Chrome")||u("CriOS"))&&!(v()?0:u("Edge"))||u("Silk")}function y(){return u("Android")&&!(x()||u("Firefox")||u("FxiOS")||(v()?0:u("Opera"))||u("Silk"))};var z=v()?!1:u("Trident")||u("MSIE");y();x();w();var A=!z&&!w(),D=function(a){if(/-[a-z]/.test("ved"))return null;if(A&&a.dataset){if(y()&&!("ved"in a.dataset))return null;a=a.dataset.ved;return void 0===a?null:a}return a.getAttribute("data-"+"ved".replace(/([A-Z])/g,"-$1").toLowerCase())};var E=[],F=null;function G(a){a=a.target;var c=performance.now(),f=[],H=f.concat,d=E;if(!(d instanceof Array)){var m="undefined"!=typeof Symbol&&Symbol.iterator&&d[Symbol.iterator];if(m)d=m.call(d);else if("number"==typeof d.length)d={next:b(d)};else throw Error("a`"+String(d));for(var B=[];!(m=d.next()).done;)B.push(m.value);d=B}E=H.call(f,d,[c]);if(a&&a instanceof HTMLElement)if(a===F){if(c=4<=E.length)c=5>(E[E.length-1]-E[E.length-4])/1E3;if(c){c=google.getEI(a);a.hasAttribute("data-ved")?f=a?D(a)||"":"":f=(f=
a.closest("[data-ved]"))?D(f)||"":"";f=f||"";if(a.hasAttribute("jsname"))a=a.getAttribute("jsname");else{var C;a=null==(C=a.closest("[jsname]"))?void 0:C.getAttribute("jsname")}google.log("rcm","&ei="+c+"&ved="+f+"&jsname="+(a||""))}}else F=a,E=[c]}window.document.addEventListener("DOMContentLoaded",function(){document.body.addEventListener("click",G)});}).call(this);</script></body></html>
π¬ If this works, you've successfully changed the order your system resolves names by editing /etc/nsswitch.conf
Look at you, learning Linux π§! You looked at you DNS tools to find resources and then change the system so that it looks in different areas first
Let's Do Linux Configurations π§
Each section is going to break down a few parts. We will be exploring
Linux Configurations here. We just want to work up in steps. We will start with
Linux Foundation
because it's the base of everything else we will cover.
NFS Sharing and Persistent Connection π§
Setup the NFS Share from node01
π§ Your team has determined they need an NFS share to facilitate filesystem access across multiple servers from one central location.
π§ Deploy the nfs server on node01
π§ Share out a filesystem /share to any system
π§ Verify that the sytem is being shared out
π¬ Let's setup NFS Share π§π§π§
1. Connect to node01
2. Verify there is no nfs package
3. Deploy the nfs server package
Example Output
node01 $ apt -y install nfs-kernel-server
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
keyutils libnfsidmap2 libtirpc-common libtirpc3 nfs-common rpcbind
Suggested packages:
watchdog
The following NEW packages will be installed:
keyutils libnfsidmap2 libtirpc-common libtirpc3 nfs-common nfs-kernel-server rpcbind
0 upgraded, 7 newly installed, 0 to remove and 101 not upgraded.
Need to get 504 kB of archives.
After this operation, 1938 kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 libtirpc-common all 1.2.5-1ubuntu0.1 [7712 B]
Get:2 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 libtirpc3 amd64 1.2.5-1ubuntu0.1 [77.9 kB]
Get:3 http://archive.ubuntu.com/ubuntu focal/main amd64 rpcbind amd64 1.2.5-8 [42.8 kB]
Get:4 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 keyutils amd64 1.6-6ubuntu1.1 [44.8 kB]
Get:5 http://archive.ubuntu.com/ubuntu focal/main amd64 libnfsidmap2 amd64 0.25-5.1ubuntu1 [27.9 kB]
Get:6 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 nfs-common amd64 1:1.3.4-2.5ubuntu3.4 [204 kB]
Get:7 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 nfs-kernel-server amd64 1:1.3.4-2.5ubuntu3.4 [98.9 kB]
Fetched 504 kB in 1s (756 kB/s)
Selecting previously unselected package libtirpc-common.
(Reading database ... 72924 files and directories currently installed.)
Preparing to unpack .../0-libtirpc-common_1.2.5-1ubuntu0.1_all.deb ...
Unpacking libtirpc-common (1.2.5-1ubuntu0.1) ...
Selecting previously unselected package libtirpc3:amd64.
Preparing to unpack .../1-libtirpc3_1.2.5-1ubuntu0.1_amd64.deb ...
Unpacking libtirpc3:amd64 (1.2.5-1ubuntu0.1) ...
Selecting previously unselected package rpcbind.
Preparing to unpack .../2-rpcbind_1.2.5-8_amd64.deb ...
Unpacking rpcbind (1.2.5-8) ...
Selecting previously unselected package keyutils.
Preparing to unpack .../3-keyutils_1.6-6ubuntu1.1_amd64.deb ...
Unpacking keyutils (1.6-6ubuntu1.1) ...
Selecting previously unselected package libnfsidmap2:amd64.
Preparing to unpack .../4-libnfsidmap2_0.25-5.1ubuntu1_amd64.deb ...
Unpacking libnfsidmap2:amd64 (0.25-5.1ubuntu1) ...
Selecting previously unselected package nfs-common.
Preparing to unpack .../5-nfs-common_1%3a1.3.4-2.5ubuntu3.4_amd64.deb ...
Unpacking nfs-common (1:1.3.4-2.5ubuntu3.4) ...
Selecting previously unselected package nfs-kernel-server.
Preparing to unpack .../6-nfs-kernel-server_1%3a1.3.4-2.5ubuntu3.4_amd64.deb ...
Unpacking nfs-kernel-server (1:1.3.4-2.5ubuntu3.4) ...
Setting up libtirpc-common (1.2.5-1ubuntu0.1) ...
Setting up keyutils (1.6-6ubuntu1.1) ...
Setting up libnfsidmap2:amd64 (0.25-5.1ubuntu1) ...
Setting up libtirpc3:amd64 (1.2.5-1ubuntu0.1) ...
Setting up rpcbind (1.2.5-8) ...
Created symlink /etc/systemd/system/multi-user.target.wants/rpcbind.service β /lib/systemd/system/rpcbind.service.
Created symlink /etc/systemd/system/sockets.target.wants/rpcbind.socket β /lib/systemd/system/rpcbind.socket.
Setting up nfs-common (1:1.3.4-2.5ubuntu3.4) ...
Creating config file /etc/idmapd.conf with new version
Adding system user `statd' (UID 115) ...
Adding new user `statd' (UID 115) with group `nogroup' ...
Not creating home directory `/var/lib/nfs'.
Created symlink /etc/systemd/system/multi-user.target.wants/nfs-client.target β /lib/systemd/system/nfs-client.target.
Created symlink /etc/systemd/system/remote-fs.target.wants/nfs-client.target β /lib/systemd/system/nfs-client.target.
nfs-utils.service is a disabled or a static unit, not starting it.
Setting up nfs-kernel-server (1:1.3.4-2.5ubuntu3.4) ...
Created symlink /etc/systemd/system/multi-user.target.wants/nfs-server.service β /lib/systemd/system/nfs-server.service.
Job for nfs-server.service canceled.
Creating config file /etc/exports with new version
Creating config file /etc/default/nfs-kernel-server with new version
Processing triggers for systemd (245.4-4ubuntu3.18) ...
Processing triggers for man-db (2.9.1-1) ...
Processing triggers for libc-bin (2.31-0ubuntu9.9) ...
4. Verify that the server is running but nothing is being shared out.
Example Output
node01 $ systemctl status nfs-server.service --no-pager
β nfs-server.service - NFS server and services
Loaded: loaded (/lib/systemd/system/nfs-server.service; enabled; vendor preset: enabled)
Active: active (exited) since Wed 2023-05-03 04:36:47 UTC; 1min 49s ago
Main PID: 37794 (code=exited, status=0/SUCCESS)
Tasks: 0 (limit: 2339)
Memory: 0B
CGroup: /system.slice/nfs-server.service
May 03 04:36:46 node01 systemd[1]: Starting NFS server and services...
May 03 04:36:47 node01 systemd[1]: Finished NFS server and services.
Example Output
node01 $ ss -ntulp | grep 2049
udp UNCONN 0 0 0.0.0.0:2049 0.0.0.0:*
udp UNCONN 0 0 [::]:2049 [::]:*
tcp LISTEN 0 64 0.0.0.0:2049 0.0.0.0:*
tcp LISTEN 0 64 [::]:2049 [::]:*
π¬ Notice the service is running, the ports 2049 are open for TCP and udp connections, and no shares are being shared out
5. Further verify that the firewall isn't running to complicate things
6. Let's create a directory to share out. We also need to prep it for other systems to connect and write by changing permissions
7. Add the line /share *(rw,sync,no_subtree_check) to /etc/expots to share out the directory
8. After doing this, you will need to restart the service to see the share
π¬ Once you see the share, you're ready to move on to the client connection
9. Remember to move back to controlplane node
Setup the client and connect from controlplane
π§ So far you've set up an NFS server and share, now we have to connect to it as another system
π§ Install the nfs-common client
π§ Mount the node01:/share to /mnt to test
π§ Make the node01:/share to /mnt a permanent setting in
/etc/fstab
10. Install the nfs-common client
11. Test the mount point to verify we can connect
12. Let's examine the mount point in our system
Example Output
controlplane $ df -h /mnt
Filesystem Size Used Avail Use% Mounted on
node01:/share 20G 5.4G 14G 29% /mnt
13. Let's verify we can write into this directory
Example Output
controlplane $ touch /mnt/test1
controlplane $ ls -l /mnt
total 0
-rw-r--r-- 1 nobody nogroup 0 May 3 05:10 test1
14. Remove the mount point so we can mount it via /etc/fstab
15. Edit /etc/fstab and add the line `node:01/share /mnt nfs
defaults 0 0`
16. Now we use the /etc/fstab to ensure that the mount point correctly mounts on reboot. This is an old system administrator trick
17. If this works, the system is set up correctly. Let's check our mount point again
Example Output
controlplane $ df -h /mnt
Filesystem Size Used Avail Use% Mounted on
node01:/share 20G 5.4G 14G 29% /mnt
18. Let's do on last write check to ensure everything is working correctly
Example Output
controlplane $ touch /mnt/finalcheck
controlplane $ ls -l /mnt/finalcheck
-rw-r--r-- 1 nobody nogroup 0 May 3 05:15 /mnt/finalcheck
π¬ If that's all worked, then the system is correctly set up!
Look at you, learning Linux Configuration! You created a NFS share and then connected to it from another system π§
Next up: Apache Webserver Install and Setup
Apache Webserver Install and Setup
Grafana Monitoring of Logs with Loki and Promtail
Grafana Monitoring of Telemetry Data with Prometheus and Node Exporter
Install ClamAV on Linux
Basic Vim
Vim seems complicated and it is. The goal is to make things move a little easier for the user. If you can learn the tricks of the trade. Vim becomes something special.
π‘ With the ! command you can run Cli commands inside of Vim. Using this
we can avoid writing filters. Use something like Rust of Golang
instead.
I don't like neovimπ€¬. It's not going to help me with hacking.
Basic Vim Commands
These commands are the ones required to use and save the files.
:e [file]- Opens a file, where[file]is the name of the file you want opened.:w- Saves the file you are working on.:w [file]- Saves the file to a file name were[file]:wq- Save your file and close Vim:q!- Quit without saving
Movement Commands
When you use vim the goal is to use the keyboard efficiently. How can we do this? Using the keys to navigate around. Without moving your hands around to arrow keys.
h- moves cursor to the leftl- moves cursor to the rightj- moves cursor down one linekmove cursor up one lineH- put cursor at the top of the screenM- put cursor in the middle of the screenL-put cursor at the bottom of the screenw- put cursor at the start of the next wordb- put cursor at the start of the previous worde- put cursor at the end of a word0- place cursor at the beginning of a line$- place cursor at the end of a line)- start of the next sentence(- start of the previous sentence{- start next paragraph or block}- start previous paragraph or blockCtrl + f- one page forwardCtrl + b- one page backgg- start of fileG- end of file
Editing Commands
yank- copyput- pastey- yankp- putdd- delete single lineyy- copies a single line
π¬ You can paste anything copied. If it is highlighted or copied via yy.
With movement commands you can add the number of times to complete that
task. For example, 5yy copies 5 lines.
yy- copies a lineyw- copies a wordy$- copies from where cursor s to the end of a linev- highlight one character at a time using arrow buttons of the h,k,j,l buttonsV- Highlights one line, and movement keys can allow you to highlight additional linesp- paste what is copiedd- deletes highlighted textdd- deletes line of textdw- deletes a wordD- deletes everything from where cursor is to the end of the lined0- deletes everything from where cursor is to the beginning of the linedgg- deletes everything from where cursor is to the beginning of the filedG- deletes everything from where cursor is to the end of the filex- deletes a single characteru- undo last operation.I do not understand thisu# allows you to undo multiple actionsCtrl + r- redo last undo.- repeats the last action
Searching Text Commands
π¬ Using Vim you can search your text, find and replace text within your document. If you opt to replace multiple instances of the same keyword or phrase, you can set Vim up to require or not require you to confirm each replacement depending on how you put in the command.
/[keyword]- searches for text in the document where keyword is whatever keyword, phrase or string of characters you're looking for.?[keyword]- searches previous text for your keyword, phrase or character stringn- searches your text again in whatever direction you last search wasN- searches your text again in the opposite direction:%s/[pattern]/[replacement]/g- replaces all occurrences of a pattern without confirming each one:%s/[pattern]/[replacement]/gc- replaces all occurrences of a pattern and confirms each one.
Working With Multiple Files
π¬ You can also edit more than one text file at a time. Vim gives you the ability to either split your screen to show more than one file at a time, or you can switch back and forth between documents. Document === buffers.
:bn- switch to next buffer:bp- switch to previous buffer:bd- close a buffer:sp [filename]- opens new file and splits your screen horizontally to show more than one buffer:vsp [filename]- opens a new file and splits your screen vertically to show more than one buffer:ls- list all open buffersCtrl + ws- split window horizontallyCtrl + wv- split window verticallyCtrl + ww- switch between windowsCtrl + wq- quit a windowCtrl + wh- moves cursor to the window to the leftCtrl + wl- moves cursor to the window to the rightCtrl + wj- moves cursor to the window below the current windowCtrl + wk- move cursor to the window above the one you are in
Marking Text In Visual Mode
Visual mode allows you to select a block of text in Vim. Once the block of text is selected. You can use visual commands to perform actions on the selected text. Such as deleting it, copying it, etc.
v- starts visual mode. You can select a range of text and run a command.V- starts line select visual mode.Ctrl + v- starts visual block mode. selects columnsEsc- exit visual mode
π¬ Once you have selected a range of text. You can now run command on that text.
d- delete marked texty- yank/copy marked text>- shift text right<shift text left
Tab Pages
You can use tabs inside Vim. You can work on multiple files without having to close and save.
:tabedit [file]- opens new tab and will take you to edit [file]gt- move to next tabgT- move to previous tab#gt- move to a specific tab number:tabs- list all open tabs:tabclose- close single tab
Sample Vim Workflow Example
- Open a new or existing file with
vim [filename] - Type
ito switch intoinsertmode so that you can start editing the file - Enter or modify the text in your file
- Once you are done. Press the escape key
Escto get out of insert mode and back to command mode - Type
:wqto save and exit your file
Contributors π§
Here is a list of the contributors who have helped improving ProLUG Labs Notebook. Big shout-out to them!
- Scott Champine Het Tanis
- Justin Bender ScriptAlchemist
If you feel you're missing from this list, feel free to place a PR.