"Practice Report" Linux Basic Practice

Source: Internet
Author: User
Tags ssh server xming dns spoofing

"Chmod command"
The chmod command is very important for changing the access rights of a file or directory. Users use it to control access to files or directories.
There are two ways to use this command. One is a text-setting method that contains letters and operator expressions, and the other is a digital setting method that contains numbers.

(1). Text Setting method
chmod [who] [+/-/=] [mode] File name
[Who]
Action object who is either or a combination of the following letters:
U means "user", which is the owner of the file or directory.
G means "same group user", that is, all users who have the same group ID as the file owner.
O means "other (others) users".
A means "all users". It is the system default value.
[+/-/=]
The operation symbols can be:
+ Add a permission.
-Cancels a permission.
= gives the given permission and cancels all other permissions, if any.
[Mode]
Setting the permissions represented by mode can be any combination of the following letters:
R is readable.
W writable.
X executable.
x append the x attribute only if the destination file is executable to some users, or if the target file is a directory.
S is the owner of the file in which the owner or group ID of the process is placed when the file is executed. The way "U+s" sets the user ID bit of the file, "G+s" sets the group ID bit.
T save the program's text to the swap device.
You have the same permissions as the owner of the file.
G has the same permissions as a user with the same group as the file owner.
o have the same permissions as other users.
FileName
File name: A list of files separated by spaces to change permissions, and wildcard characters are supported.

Multiple permission methods can be given in one command line, separated by commas. Example: chmod g+r,o+r Example
(Enables the same group and other users to have read access to the file example. )

"Chown Command"

Function: Change a file or directory's owner and owner group. This command is also very common. For example, the root user copies one of their own files to the user Ji, in order for the user Ji to access this file, the root user should be the owner of this file is Ji, otherwise, the user Ji cannot access this file.

Syntax: chown [options] User or group file

Description: Chown changes the owner of the specified file to the specified user or group. The user can be either a user name or a user ID. A group can be either a group name or a group ID. The file is a space-separated list of files to change permissions, and wildcard characters are supported.

The options for this command have the following meanings:
-R recursively changes the owner of the specified directory and all subdirectories and files under it.
-V shows the work done by the Chown command.

Example 1: Change the owner of the file shiyan.c to Wang.
$ chown Wang Shiyan.c

Example 2: Change the owner of the directory/his and all files and subdirectories under it to Wang, and change the group to users.
$ chown-r Wang.users/his

3. Properly install the SSH service and understand the configuration file. Use the command line to start or stop the appropriate service, and from the test you can access it from the remote.

"SSH Service Science"

SSH is the abbreviation for secure Shell, and SSH is the security protocol based on the application layer and the transport layer. SSH is currently a more reliable protocol that provides security for Telnet sessions and other network services. The use of SSH protocol can effectively prevent the information leakage in the remote management process.
SSH was originally a program on a UNIX system, and later expanded quickly to other operating platforms. SSH can compensate for vulnerabilities in the network when it is used correctly.

Traditional Web services such as FTP, pop, and telnet are inherently insecure because they transmit passwords and data in plaintext on the network, and it is very easy for an ulterior motive to intercept the passwords and data. Moreover, the security authentication methods of these service programs also have their weaknesses, that is, it is easy to be attacked by the "middleman". The so-called "middleman" attack means that the "middleman" pretends to be the real server to receive the data you pass to the server, and then impersonate you to pass the data to the real server. The data transfer between the server and you is a very serious problem after the hands and feet of the "middleman". By using SSH, you can encrypt all the transmitted data so that the "man-in-the-middle" attack is not possible, and it can prevent DNS spoofing and IP spoofing.
An additional benefit of using SSH is that the transmitted data is compressed so that the transfer speed can be speeded up.


(1). Installation
Ubuntu is installed by default openssh-client, so it is not installed here, if your system is not installed, then use the Apt-get installation can be.
Installing Ssh-server
sudo apt-get install Openssh-server
Installing Ssh-client
sudo apt-get install openssh-client
(2). Confirm that the Sshserver is installed
If you see sshd that means Ssh-server has been activated.
If only ssh-agent indicates that Ssh-server is not started, you need to execute the command to start the SSH service:
/etc/init.d/ssh start;
Note: Only the sshd is shown in the Ubuntu-12.04-server-i386.iso installation:
(3). Extended Configuration
SSH default service port is 22, the user can be self-defined as a different port, such as 222, the configuration file that needs to be modified is:
/etc/ssh/sshd_config
Change the port parameter to 222
Then restart the SSH service:
Sudo/etc/init.d/ssh restart
(4) Run Puttygen.exe Select Generate key pair (private key exists on this machine, copy public key)
(5) Copy the public key contents, write to the remote host, use the command vim ~/.ssh/authorized_keys
(6) Modify the configuration file by command Vim/etc/ssh/sshd_config and add two lines at the bottom:

Pubkeyauthentication Yes
Authorizedkeysfile. Ssh/authorized_keys
After you save and exit, disconnect.
(7) Once again using putty to connect, in the Connection->data fill in the user name (to have root permission, recommended direct use of root login) in Connection->ssh->key to import the saved local private key file, point Click Connect.


4. Using the WinSCP client connection and file transfer

1) Enter the IP address of Linux, the username and password of the access, the SSH service default port number is 22 do not change.
2) Log in to achieve file transfer, with the FTP


1) Turn on the Xming program, tick allow X11 mapping in putty (need to install and turn on X11 in advance)
2) Log in with the root account, edit the SSH server's configuration file Vi/etc/ssh/sshd_config turn on TCP forwarding and X11 forwarding:

allowtcpforwarding Yes
x11forwarding Yes
3) Open putty, login Linux on terminal. Map output to native: exportdisplay= native ip:0.0 (0.0 means that the display number for Xming is 0, and if display # is set to another value, it needs to be consistent. )

4) Enter the command in the putty to open the corresponding program (figure for the open system comes with a browser automatically jump to CMCC
Login interface).

"Practice Report" Linux Basic Practice

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.