Franske ITC-2480 Lab 1: Difference between revisions

From ITCwiki
Jump to navigation Jump to search
No edit summary
(Update to mjnk version)
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
=Introduction=
=Introduction=
In this lab you will install the latest version of Debian Linux in a virtual machine, learn how to login and check the IP address of the system, and learn to remotely access the system with SSH and SFTP.
:In this lab you will perform the following tasks:
*Access NetLab to access the environment for you virtual machine
*Install the latest version of Debian Linux in a virtual machine
*Learn how to login and check the IP address of the system
*Learn to remotely access the system with SSH and SFTP.


=VM Setup=
You will be introduced to the following commands:
# Connect to the ITCnet either by directly plugging into an ITCnet port in one of the ITC labs or by connecting to the [[ITC_VPN_Instructions|VPN]].
#* Note: If you want to connect using a wireless connection on campus you need to [[Connecting to Eduroam|connect to the eduroam network]] before connecting to the VPN.
# Make sure you have the required VMware remote console software installed on your computer and you're able to log in to the VMware vSphere Web Client. See [[ITC_vmWare_Access_Instructions|these instructions]] for details on accessing the ITC VMware infrastructure and getting the required software installed on your computer.
# Connect to the ITC VMware vSphere Web Client
# Click the "Hosts and Clusters" tab on the left side of the screen under "Inventory Trees"
# Expand the ITC -> Cluster One -> "2480" resource pool by clicking the small black triangles to the left of each part of the tree.
# In the center panel of your screen find your virtual machine (which your instructor has given you an ID letter for) and click on it, for example, mine is "2480-BF". If you see one do not use the second VM (like "2480-BF-II") yet.
# Right click on your virtual machine and select "Edit Settings..."
# When the settings panel loads click the small grey triangle to the left of "CD/DVD drive 1"
## Ensure the CD/DVD drive is set to "Datastore ISO File"
## Ensure the "Connect At Power On" box is checked
## Click the OK button again to close the settings dialog box.
# Your VM is now setup and ready to be installed.


=Debian Linux Installation=
*'''[https://linux.die.net/man/8/apt apt]'''
# Right-click on your virtual machine and select "Power On"
*'''[https://linux.die.net/man/8/sudo sudo]'''
# Click OK on the "Power On Recommendations" dialog box
*'''[https://linux.die.net/man/8/useradd adduser]'''
# Click on the miniature screenshot of your VM in the upper left corner of the VMware display to open a local console in a new window.
*'''[https://linux.die.net/man/8/shutdown shutdown]'''
# Once the CD boots to the "Installer Boot Menu" choose "Install" and '''not''' "Graphical Install" which does not fully work correctly in the VMware web console. If you make an incorrect choice you can reboot your virtual machine (power off and on) before installing to get back to the menu.
*'''[https://linux.die.net/man/8/ip ip address show]'''
# In the installer you will use the space bar to select and unselect "checkboxes", the tab key to move between fields and buttons, and the enter key to continue.
# Select ''English'' as the language, ''United States'' as your location, and ''American English'' as the keymap.
# Set ''ens192'' as your primary network interface.
# Set a hostname for the system the same as your assigned machine name (e.g. ''2480-BF'')
# Set the domain name to ''itc2480.campus.ihitc.net''
# Set the root password to something you will NOT FORGET, this is the administrator account, ''cisco'' might be a good choice for our purposes though that would not be secure for a system directly accessible from the Internet (we are protected by a firewall which you are bypassing via the VPN connection)
# Create a new user account by entering your name. The system will automatically use your first name (all lowercase) as the username and then you should set the password to another password you will not forget
# Select your timezone
# Choose "Guided - Use entire disk" as the partitioning method and select the ''sda'' drive and "All files in one partition" as the partitioning scheme, "Finish partitioning and write the changes to the disk", and then finally confirm you want to write the changes.
# You do not want to scan any other CDs or DVDs at this time.
# You want to select a mirror located close to you with good speed. Because your VM is actually running from the campus and is connected to the campus Internet connection a good option is "debian.uchicago.edu" with no http proxy.
# Choose whether you want to participate in the package usage survey, for our purposes either choice is just fine.
# On the software selection screen UNSELECT "Debian desktop environment" and "Print server" and make sure that "SSH server" and "Standard system utilities" are the only two selected options.
#* NOTE: To select and unselect options move your cursor over the option and press the space bar.
# Choose that yes you want to install GRUB to the master boot record on the ''/dev/sda'' device.
# When the installation is complete you can select continue to "eject" the virtual CD and reboot into the new install


=Installing sudo and checking your IP address=
=Lab Procedure=
# Login through the local console with your root account and password (username ''root'', password as set during the installation)
==Netlab Access==
#* NOTE: When entering a password on the command line of a Linux system it is normal that nothing should appear and the cursor will not move when you are typing. This prevents someone who is able to see your computer screen from seeing what your password is or even how long it is. Just type your password and trust that the system is receiving it, press enter to submit your password.
'''''[https://www.youtube.com/watch?v=-hLejbDfPGM&feature=youtu.be Video Tutorial - NetLab Access]'''''
# For security purposes it is usually the case that you do not want to log in as the root user. Instead, best practice is to log in as a standard user and then execute specific commands that require root access with administrative privileges through the '''sudo''' program. The '''sudo''' program is not installed by default so after you have logged in to the root account enter '''apt update''' and press enter which will update the list of software available for installation and then '''apt install sudo''' and press enter to install the sudo software.
<ol>
# We now need to add our standard user account to the group which is allowed to have administrative access to do this enter the command '''adduser ''<username>'' sudo''' and press enter, replacing ''<username>'' with the name of your standard user account (set during the setup process, probably your first name in lowercase). We'll learn more about these commands later in the course.
<li> Connect to the ITCnet </li>
# Reboot your system using the '''shutdown -r now''' command to apply the changes
: This can be accomplished by directly plugging into an ITCnet port in one of the ITC labs or by connecting to the [[ITC_VPN_Instructions|VPN]].
# Log in as your standard user account
:'' Note: If you want to connect using a wireless connection on campus you need to [[Connecting to Eduroam|connect to the eduroam network]] before connecting to the VPN.
# Use the '''ip address show''' command to check the IP address of your system. The IP address should be something like ''172.17.50.xxx'' and be an ''inet'' address on the ''ens192'' adapter.
<li> After you are connected to ITCnet (by VPN or wired connection) you simply need to open a web browser and access https://ihcc-netlab.campus.ihitc.net</li>
# Try running the same command as the administrator by typing '''sudo ip address show''', you will need to enter in your password again when you run this command.
*  The first time you visit this site in a browser you may need to accept a self-signed security certificate
# To log out of the console type '''exit''' and press enter.
*  You will need to log in with a username and password established by your instructor.
*  The first time you log in you will need to change your password and set your timezone. Make sure your timezone is set correctly so you can schedule reservations to work with equipment at convenient times.
<li> Once you are logged in click the blue "New Lab Reservation" button</li>
: Next, in the lower left corner of the screen, select "Schedule a Lab for Myself". Reservations are used to hold a place on the Netlab system to work on labs during a specific time. You only need reservations in this class when working with the GUI, which will come later in the class, if you need to turn the power back on to your VM, or during the installation process. The rest of the time you will be able to connect directly to your Linux server using the SSH protocol, but more on that in a bit.
:'' Note: If you are enrolled in more than one class that is using Netlab you will be presented with a list of classes you are enrolled in, click on your Linux System Administration course of you see this screen.
: All of our lab work in this class is done in a single "Lab Environment" and your progress will be saved from one reservation to another. As a result there is only one lab listed in this course "Linux System Administration Labs". Click on this lab title.
<li> Use the calendar to choose a date, time, and specific pod to reserve for your lab activity (when you will begin your Debian server installation).</li>
: The red line on this screen indicates the current time. If you want to get started right away you can click just below this line. Pay attention to the title of the column at the top, it will say something like "LSA Pod Z". The letter at the end of this pod name is your "pod letter" which you will use to set the host name and IP address of your machine in the future so make note of it.
: You will be presented with a summary screen for your reservation where you can set the end time of your reservation (up to a maximum). It is suggested to make your reservation a couple hours long the first time you plan to install Debian, though you can extend it if needed. Click submit once you are ready to make the reservation.
<li>You will see a confirmation screen that your reservation has been made.</li>
: You are now ready to progress on to the Debian Linux Installation (as long as your reservation is right away).
</ol>


=Logging in to a remote terminal=
==Debian Linux Installation==
A faster way to interact with your system is not through the VMWare local console but through a remote SSH session. For our purposes you will always need to connect to the ITCnet VPN before doing this so that you have access to the 172.17.50.0 network.
'''''[https://www.youtube.com/watch?v=H0DcdEytpFQ&feature=youtu.be Video Tutorial - Debian Linux Installation]'''''
# Assuming you are running Windows, install the PuTTY software on your home PC from [http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html this website].
<ol>
# Run the PuTTY software on your computer and enter in the IP address of your VM in the "Host Name" box and click the "Open" button.
<li> Log in to the Netlab system</li>
# Click Yes to save the host key on your system
: Access this using a web browser at https://ihcc-netlab.campus.ihitc.net if you are not already logged in.
# Enter the standard username and password for your Linux system to connect.
: If you have a currently active reservation you will see a green "Enter Lab" button on your list of reservations. Click the green "Enter Lab" button. If not, you will need to make a reservation (see above) and then click the "Enter Lab" button.
# You should receive a prompt just like the one you had on the local VMWare console.
: Your virtual machines (VMs) will automatically power on when your reservation begins and because there is no operating system currently installed to their virtual hard drives they will boot from their virtual CD/DVD drives which have been pre-loaded with the installation discs for Linux.
# Type '''exit''' to close the connection while leaving your VM running.
<li> Access you virtual machine console</li>
: Once you are in your pod you can either click on the image of the "Linux Server" on the topology diagram or use the tabs across the top of your screen to access the console of your Linux Server VM.
: The console shows the display of your VM and allows you to type and interact with your VM just as if you were physically sitting down in front of a server with a monitor, keyboard, and mouse attached. Just like a separate physical machine you will not be able to copy and paste text or drag and drop files in and out of this console window. We will use other utilities across the network connection to do those things just like we would with a physical server.
<li>Learn to "Power Cycle" your virtual machine</li>
: By now your VM has likely already booted from it's virtual CD/DVD drive and should be at the "Debian GNU/Linux installer menu". Before continuing let's practice rebooting your system so you can watch the system boot and see how to reboot the system if needed. Click the down arrow button on the right side of the "Linux Server" tab at the top of your screen and choose "Power Off" then click the red "Power Off" button on the popup to power off your VM. This is the equivalent of just pulling out the power cord, at least until we install the VMware Tools software which allows for a graceful shutdown, so you'll want to be careful to only do this if absolutely needed until then.
<li>Power on you Virtual machine</li>
: Click the down arrow button on the right side of the "Linux Server" tab at the top of your screen and choose "Power On", or press the blue "Power On" button in the middle of your screen, then press the green "Power On" button to boot your system.
<li>Install Debian Linux</li>
: Once the system has rebooted and is back to the "Debian GNU/Linux installer menu" choose "Install" and '''not''' "Graphical Install". If you make an incorrect choice you can reboot your virtual machine (power off and on) before installing to get back to the menu.
: In the installer you will use the space bar to select and unselect "checkboxes", the tab key to move between fields and buttons, and the enter key to continue. You will be prompted for the following choices
* Select ''English'' as the language, ''United States'' as your location, and ''American English'' as the keymap.
* Set ''ens192'' as your primary network interface.
* Set a hostname for the system to 2480 followed by a dash and then your pod ID letter, like ''2480-Z'' for LSA Pod Z. If you have forgotten your pod ID letter look up at the top of your screen above the line with the "Topology" and "Linux Server" tabs and you should see a line with "LSA Pod" followed by a letter, that letter is your pod ID letter.
:'' Note: These steps are critical to future success in labs, check your spelling carefully''
: [[File:Lab1_hostname.png|link=https://wiki.ihitc.net/mediawiki/images/5/57/Lab1_hostname.png|500px]]
: [[Media:Lab1_hostname.png|Click here for a larger image]]
* Set the domain name to ''itc2480.campus.ihitc.net''
: [[File:Lab1_domainname.png|link=https://wiki.ihitc.net/mediawiki/images/5/5a/Lab1_domainname.png|500px]]
: [[Media:Lab1_domainname.png|Click here for a larger images]]
* Set the root password to something you will NOT FORGET, this is the administrator account, ''cisco'' might be a good choice for our purposes though that would not be secure for a system directly accessible from the Internet (we are protected by a firewall which you are bypassing via the VPN connection)
* Create a new user account by entering your name. The system will automatically use your first name (all lowercase) as the username and then you should set the password to another password you will not forget
* Select your timezone
* Choose "Guided - Use entire disk" as the partitioning method and select the ''sda'' drive and "All files in one partition" as the partitioning scheme, "Finish partitioning and write the changes to the disk", and then finally confirm you want to write the changes.
* You do not want to scan any other CDs or DVDs at this time.
* You want to select a mirror located close to you with good speed. Because your VM is actually running from the campus and is connected to the campus Internet connection a good option is "debian.uchicago.edu" with no http proxy.
* Choose whether you want to participate in the package usage survey, for our purposes either choice is just fine.
* On the software selection screen UNSELECT "Debian desktop environment" and "Print server" and make sure that "SSH server" and "Standard system utilities" are the only two selected options.
:'' Note: To select and unselect options move your cursor over the option and press the space bar.
* Choose that yes you want to install GRUB to the master boot record on the ''/dev/sda'' device.
<li>Complete the installation</li>
: When the installation is complete you can select continue to "eject" the virtual CD and reboot into the new install
</ol>


=Remote File Transfer=
==Installing sudo and Checking Your IP Address==
The easiest way to transfer files to and from your VM is with SFTP software. For our purposes you will always need to connect to the ITCnet VPN before doing this so that you have access to the 172.17.50.0 network.
'''''[https://www.youtube.com/watch?v=TwXp5YfAvlw&feature=youtu.be Video Tutorial - Installing sudo and checking your IP address]'''''
# Install the FileZilla client software on your home PC from [https://filezilla-project.org/download.php?type=client this website]
<ol>
# Run FileZilla and use the Quick Connect bar at the top of the screen to access your system. Enter the IP address of your Linux system in the "Host:" box, your standard username and password in the appropriate boxes and ''22'' in the "Port:" box and click the "Quickconnect" button.
<li>Log in to NetLab</li>
# You should see some connection text scroll on the top of the screen and some files on the right side of the screen now such as ''.bashrc'' and ''.profile'' The right side of the screen is the drive on your Linux system and the left side of the screen is the drive on your home system. Files and folders can be dragged between the two sides to transfer them back and forth.
: Login through the Netlab local console with your root account and password (username ''root'', password as set during the installation)
# Close the FileZilla software to disconnect.
:'' Note: When entering a password on the command line of a Linux system it is normal that nothing should appear and the cursor will not move when you are typing. This prevents someone who is able to see your computer screen from seeing what your password is or even how long it is. Just type your password and trust that the system is receiving it, press enter to submit your password.
<li>Install '''sudo''' from the command line using:
: ''Note: A good practice is to update your system before installing any packages, this should be completed using '''apt update''', ensure to use '''sudo''' when not logged in as root.
: <code>apt update</code>
: <code>apt install sudo</code></li>
: For security purposes it is usually the case that you do not want to log in as the root user. Instead, best practice is to log in as a standard user and then execute specific commands that require root access with administrative privileges through the '''sudo''' program. The '''sudo''' program is not installed by default so after you have logged in to the root account enter '''apt update''' and press enter which will update the list of software available for installation and then '''apt install sudo''' and press enter to install the sudo software.
<li>Add sudo privileges to our standard user account.
<code>adduser <username> sudo</code></li>
: We now need to add our standard user account to the group which is allowed to have administrative access to do this enter the command '''sudo adduser ''<username>'' sudo''' and press enter, replacing ''<username>'' with the name of your standard user account (set during the setup process, probably your first name in lowercase). We'll learn more about these commands later in the course.
<li>Reboot system</li>
<code>shutdown -r now</code>
: Reboot your system using the '''shutdown -r now''' command to apply the changes
<li>Log in as your standard user account, determine system IP address.
: Once you are logged in use the following command at the command line to determine the IP address of your system
<code>ip address show</code></li>
: Using the '''ip address show''' command will allow you to check the IP address of your system. The IP address should be something like ''172.17.50.xxx'' and be an ''inet'' address on the ''ens192'' adapter.
[[File:Lab1_ip_address_show2.PNG|500px]]
<li>Test sudo privileges</li>
: Try running the same command as the administrator by typing '''sudo ip address show''', you will need to enter in your password again when you run this command.
<code>sudo ip address show</code>
<li>Exit from the local console</li>
: To log out of the console type '''exit''' and press enter.
</ol>


=Install VM Tools=
==Logging in to a Remote Terminal==
Because your Debian Linux server is running as a virtual machine on a vmWare host system in order to achieve the best performance and driver integration we should install the vmWare Tools software package in your virtual machine.
'''''[https://www.youtube.com/watch?v=JEiDkrlPMNw&feature=youtu.be Video Tutorial - Logging into a remote terminal]'''''
# Connect in to your system using the remote SSH console method explained above.
# Run the '''sudo apt install open-vm-tools''' command to install the vmWare Tools. You will be prompted about several additional software packages required to be installed, type ''y'' and press enter to install the software.


A faster way to interact with your system is not through the Netlab local console but through a remote SSH session over the network directly to your server. Once you have mastered this you will be able to copy and paste text to your Linux server and will not need to make a reservation in Netlab to work on labs. For our purposes you will always need to connect to the ITCnet VPN before doing this so that you have access to the 172.17.50.0 network.
<ol>
<li>Install Putty</li>
: Assuming you are running Windows, install the PuTTY software on your home PC from [http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html this website].
: ''  Note: For other operating systems there are other ways and software you can use to make an SSH connection, you will need to research what tools are used for making SSH connections from your particular operating system.
<li>Open an SSH session</li>
:* Run the PuTTY software on your computer and enter in the IP address of your VM in the "Host Name" box and click the "Open" button.
:[[File:Lab1_putty.png|link=https://wiki.ihitc.net/mediawiki/images/f/f5/Lab1_putty.png|500px]]
:[[Media:Lab1_putty.png| Click here for larger image]]
:* Click Yes to save the host key on your system
: [[File:Lab1_puttycert.png|link=https://wiki.ihitc.net/mediawiki/images/4/4b/Lab1_puttycert.png|500px]]
: [[Media:Lab1_puttycert.png|Click here for larger image]]
:* Enter the standard username and password for your Linux system to connect.
: ''  Note: You should receive a prompt just like the one you had on the Netlab local console but it is now a direct connection from your computer over the ITCnet to your server.
<li>Close the SSH session</li>
: Type '''exit''' to close the connection while leaving your VM running.
</ol>


=Safely Shutdown=
==Remote File Transfer==
We will normally leave our VM running but it is important that you know how to shutdown a Linux system correctly so this time we'll turn it off.
'''''[https://www.youtube.com/watch?v=JEiDkrlPMNw&feature=youtu.be Video Tutorial - Remote File Transfer]'''''
# Connect in to your system using the remote SSH console method explained above.
 
# Run the '''sudo shutdown -h now''' command to safely shutdown the system. You should soon get a message that PuTTY has lost it's connection. Click OK and then you can close the PuTTY window.
The easiest way to transfer files to and from your VM is with SFTP software. For our purposes, you will always need to connect to the ITCnet VPN before doing this so that you have access to the 172.17.50.0 network.
# Now would be a good time to make sure that you have disconnected the virtual CD so that your system will not try to boot into the installer again.
<ol>
## Right click on your virtual machine and select "Edit Settings..."
<li>Install FileZilla</li>
## When the settings panel loads click the small grey triangle to the left of "CD/DVD drive 1"
: Install the FileZilla client software on your home PC from [https://filezilla-project.org/download.php?type=client this website]
### Ensure the CD/DVD drive is set to "Datastore ISO File"
<li>Open a SFTP session to your server</li>
### Ensure the "Connect At Power On" box is NOT checked
: Run FileZilla and use the Quick Connect bar at the top of the screen to access your system.
# You can now close any of the VMWare browser windows you may still have open.
:*  Enter the IP address of your Linux system in the "Host:" box
:*  Enter your standard username and password in the appropriate boxes
:*  Enter ''22'' in the "Port:" box
:*  Click the "Quickconnect" button.
: [[File:Lab1_filezillanew.png|link=https://wiki.ihitc.net/mediawiki/images/b/b1/Lab1_filezillanew.png|500px]]
: [[Media:Lab1_filezillanew.png|Click here for larger image]]
: You should see some connection text scroll on the top of the screen and some files on the right side of the screen now such as ''.bashrc'' and ''.profile'' The right side of the screen is the drive on your Linux system and the left side of the screen is the drive on your home system. Files and folders can be dragged between the two sides to transfer them back and forth.
: [[File:Lab1_filezillaconnected.png|link=https://wiki.ihitc.net/mediawiki/images/c/ca/Lab1_filezillaconnected.png|500px]]
: [[Media:Lab1_filezillaconnected.png|Click here for larger image]]
<li>Close the FileZilla software to disconnect.</li>
</ol>
 
==Install VM Tools==
'''''[https://www.youtube.com/watch?v=gLC1liwVJ8s&feature=youtu.be Video Tutorial - Install VM Tools]'''''
: Because your Debian Linux server is running as a virtual machine on a vmWare host system in order to achieve the best performance and driver integration we should install the vmWare Tools software package in your virtual machine.
<ol>
<li>Open a SSH session to your server</li>
: Connect into your system using the remote SSH console method explained above.
<li>Install '''open-vm-tools'''</li>
: Run the '''sudo apt install open-vm-tools''' command to install the vmWare Tools. You will be prompted about several additional software packages required to be installed, type '''y''' and press enter to install the software.
<code>sudo apt install open-vm-tools</code>
</ol>
 
==Install Python==
In order to check your work in the labs of this course you will need to have an application called [https://www.python.org/ Python] installed on your Linux system.
<ol>
<li> Download ''python3'' using '''apt'''</li>
* When prompted type Y to install the app and its dependencies</li>
<ul>''NOTE: This may take a while.''</ul>
* When prompted to specify the name of the host where the TANGO database server is running, just select ok.</li>
<ul> [[File:Python_tango.png|link=https://wiki.ihitc.net/mediawiki/images/4/4c/Python_tango.png|500px]]</ul>
<ul> [[Media:Python_tango.png | Click for Larger Image]]</ul>
<li> Run the following command to verify that python version 3.6 is installed.</li>
<code>python3 --version</code>
<ul> [[File:Python_version.png|link=https://wiki.ihitc.net/mediawiki/images/7/70/Python_version.png|500px]]</ul>
<ul> [[Media:Python_version.png | Click for Larger Image]]</ul>
</ol>
 
==Install Nmap==
:Nmap is a tool we will learn more about later in the course but it will likely be used to check many of the labs for completion while working through the course.  This course's labwork often builds upon the work you have done in previous labs.  The self-check scripts are to assist you in ensuring you have not missed any ''critical'' steps in your work that would affect your success in subsequent labs.
 
:* ''NOTE: Before we begin the installation of this tool it is important to remember that scanning a system is often seen as an attack against the system and should not be done unless you are the administrator of both the system that you are scanning from and the system you are scanning or have the explicit permission of the system administrator of those systems! In some areas people have been legally charged and prosecuted for scanning of systems which they are not authorized to do. You have been warned!
:*At this time all you will be doing is installing the tool as it will be used to self-check your lab work to verify you are ready to move on to the next lab.
<ol>
<li>Open a SSH session to your server</li>
: Run the following command at the command line.
<code>sudo apt install nmap</code>
: Run the '''sudo apt install nmap''' command to install the nmap tool. You will be prompted about additional software packages required to be installed, type '''y''' and press enter to install the software.
</ol>
 
==Install Curl==
:Curl is a tool that lets you run scripts that are not saved to your virtual machine. It will be used to check the labs for completion while working through the course. 
<ol>
<li> Run the following command at the command line. </li>
<code>sudo apt install curl</code>
: If prompted to install additional packages type "y"
<li> Automatically check your results by running this command:</li>
:    Installing Curl will allow you to check each of your labs for completion of some of the critical objectives of the lab work using a command in the "Checking your Work" section of the labs.  This will usually be completed as the last step of the lab, but for this lab please run the following command now to check your work.
<code><nowiki>
curl https://raw.githubusercontent.com/mnjk-inver/Linux-2480-Rebuild/main/lab_01_revised.py | python3
</nowiki></code>
<li>Close the SSH session</li>
: Type '''exit''' to close the connection while leaving your VM running.
</ol>
 
==Safely Shutdown==
'''''[https://www.youtube.com/watch?v=gLC1liwVJ8s&feature=youtu.be Video Tutorial - Safely Shutdown]'''''
:We will normally leave our VM running but it is important that you know how to shutdown a Linux system correctly so this time we'll turn it off.
<ol>
<li>Open a SSH session to your server</li>
: Connect in to your system using the remote SSH console method explained above.
<li> Safely shutdown you server</li>
:* Run the '''sudo shutdown -h now''' at the command line to safely shutdown the system.
<code>sudo shutdown -h now</code>
: You should soon get a message that PuTTY has lost it's connection. Click OK and then you can close the PuTTY window.
<li>End NetLab Reservation</li>
: If you still have time left in your reservation in Netlab it's polite to end the reservation so other users can work on the system, only a limited number of reservations can be made at one time. You can do this by logging into Netlab, opening your lab, and clicking the "Reservation" menu at the top of the screen and choose to "End Reservation Now" followed by confirming that you want to end the reservation.
</ol>
 
=Checking your Work=
<ol>
  <li>This section will cover ways to manually check your work</li>
    <ul>For this lab each section was tested in the process of the lab.  You should have successfully connected an SSH session with putty, and an ftp session with FileZilla.</ul>
    <ul>You should have shut down you server in one of the last steps, so no further testing is necessary at this time.</ul>
<li> Automatically check your results by running this command:</li>
<code><nowiki>
curl https://raw.githubusercontent.com/mnjk-inver/Linux-2480-Rebuild/main/lab_01_revised.py | python3
</nowiki></code>
<br>
</ol>
 
=Web App=
 
You can check your progress on any of the labs in the ITC-2480 course from a web app from this link:  <br>
[http://webcheck.itc2480.campus.ihitc.net webcheck.itc2480.campus.ihitc.net]<br>
You must be logged into the campus VPN to use this application. <br>
In order to use the web app, follow the link and enter the username, password and IP Address for your Linux server into the form.  The address must be on the 172.17.50.0/24 subnet or the app will make you re-enter it.  When you've entered your credentials, click the Sign In button on the bottom.  You should see a 3x4 grid of buttons with the names of each of the labs.  Click the lab you want to check and the application will automatically run the check-script for that lab!

Latest revision as of 02:46, 25 August 2021

Introduction

In this lab you will perform the following tasks:
  • Access NetLab to access the environment for you virtual machine
  • Install the latest version of Debian Linux in a virtual machine
  • Learn how to login and check the IP address of the system
  • Learn to remotely access the system with SSH and SFTP.

You will be introduced to the following commands:

Lab Procedure

Netlab Access

Video Tutorial - NetLab Access

  1. Connect to the ITCnet
  2. This can be accomplished by directly plugging into an ITCnet port in one of the ITC labs or by connecting to the VPN.
    Note: If you want to connect using a wireless connection on campus you need to connect to the eduroam network before connecting to the VPN.
  3. After you are connected to ITCnet (by VPN or wired connection) you simply need to open a web browser and access https://ihcc-netlab.campus.ihitc.net
    • The first time you visit this site in a browser you may need to accept a self-signed security certificate
    • You will need to log in with a username and password established by your instructor.
    • The first time you log in you will need to change your password and set your timezone. Make sure your timezone is set correctly so you can schedule reservations to work with equipment at convenient times.
  4. Once you are logged in click the blue "New Lab Reservation" button
  5. Next, in the lower left corner of the screen, select "Schedule a Lab for Myself". Reservations are used to hold a place on the Netlab system to work on labs during a specific time. You only need reservations in this class when working with the GUI, which will come later in the class, if you need to turn the power back on to your VM, or during the installation process. The rest of the time you will be able to connect directly to your Linux server using the SSH protocol, but more on that in a bit.
    Note: If you are enrolled in more than one class that is using Netlab you will be presented with a list of classes you are enrolled in, click on your Linux System Administration course of you see this screen.
    All of our lab work in this class is done in a single "Lab Environment" and your progress will be saved from one reservation to another. As a result there is only one lab listed in this course "Linux System Administration Labs". Click on this lab title.
  6. Use the calendar to choose a date, time, and specific pod to reserve for your lab activity (when you will begin your Debian server installation).
  7. The red line on this screen indicates the current time. If you want to get started right away you can click just below this line. Pay attention to the title of the column at the top, it will say something like "LSA Pod Z". The letter at the end of this pod name is your "pod letter" which you will use to set the host name and IP address of your machine in the future so make note of it.
    You will be presented with a summary screen for your reservation where you can set the end time of your reservation (up to a maximum). It is suggested to make your reservation a couple hours long the first time you plan to install Debian, though you can extend it if needed. Click submit once you are ready to make the reservation.
  8. You will see a confirmation screen that your reservation has been made.
  9. You are now ready to progress on to the Debian Linux Installation (as long as your reservation is right away).

Debian Linux Installation

Video Tutorial - Debian Linux Installation

  1. Log in to the Netlab system
  2. Access this using a web browser at https://ihcc-netlab.campus.ihitc.net if you are not already logged in.
    If you have a currently active reservation you will see a green "Enter Lab" button on your list of reservations. Click the green "Enter Lab" button. If not, you will need to make a reservation (see above) and then click the "Enter Lab" button.
    Your virtual machines (VMs) will automatically power on when your reservation begins and because there is no operating system currently installed to their virtual hard drives they will boot from their virtual CD/DVD drives which have been pre-loaded with the installation discs for Linux.
  3. Access you virtual machine console
  4. Once you are in your pod you can either click on the image of the "Linux Server" on the topology diagram or use the tabs across the top of your screen to access the console of your Linux Server VM.
    The console shows the display of your VM and allows you to type and interact with your VM just as if you were physically sitting down in front of a server with a monitor, keyboard, and mouse attached. Just like a separate physical machine you will not be able to copy and paste text or drag and drop files in and out of this console window. We will use other utilities across the network connection to do those things just like we would with a physical server.
  5. Learn to "Power Cycle" your virtual machine
  6. By now your VM has likely already booted from it's virtual CD/DVD drive and should be at the "Debian GNU/Linux installer menu". Before continuing let's practice rebooting your system so you can watch the system boot and see how to reboot the system if needed. Click the down arrow button on the right side of the "Linux Server" tab at the top of your screen and choose "Power Off" then click the red "Power Off" button on the popup to power off your VM. This is the equivalent of just pulling out the power cord, at least until we install the VMware Tools software which allows for a graceful shutdown, so you'll want to be careful to only do this if absolutely needed until then.
  7. Power on you Virtual machine
  8. Click the down arrow button on the right side of the "Linux Server" tab at the top of your screen and choose "Power On", or press the blue "Power On" button in the middle of your screen, then press the green "Power On" button to boot your system.
  9. Install Debian Linux
  10. Once the system has rebooted and is back to the "Debian GNU/Linux installer menu" choose "Install" and not "Graphical Install". If you make an incorrect choice you can reboot your virtual machine (power off and on) before installing to get back to the menu.
    In the installer you will use the space bar to select and unselect "checkboxes", the tab key to move between fields and buttons, and the enter key to continue. You will be prompted for the following choices
    • Select English as the language, United States as your location, and American English as the keymap.
    • Set ens192 as your primary network interface.
    • Set a hostname for the system to 2480 followed by a dash and then your pod ID letter, like 2480-Z for LSA Pod Z. If you have forgotten your pod ID letter look up at the top of your screen above the line with the "Topology" and "Linux Server" tabs and you should see a line with "LSA Pod" followed by a letter, that letter is your pod ID letter.
    Note: These steps are critical to future success in labs, check your spelling carefully
    Lab1 hostname.png
    Click here for a larger image
    • Set the domain name to itc2480.campus.ihitc.net
    Lab1 domainname.png
    Click here for a larger images
    • Set the root password to something you will NOT FORGET, this is the administrator account, cisco might be a good choice for our purposes though that would not be secure for a system directly accessible from the Internet (we are protected by a firewall which you are bypassing via the VPN connection)
    • Create a new user account by entering your name. The system will automatically use your first name (all lowercase) as the username and then you should set the password to another password you will not forget
    • Select your timezone
    • Choose "Guided - Use entire disk" as the partitioning method and select the sda drive and "All files in one partition" as the partitioning scheme, "Finish partitioning and write the changes to the disk", and then finally confirm you want to write the changes.
    • You do not want to scan any other CDs or DVDs at this time.
    • You want to select a mirror located close to you with good speed. Because your VM is actually running from the campus and is connected to the campus Internet connection a good option is "debian.uchicago.edu" with no http proxy.
    • Choose whether you want to participate in the package usage survey, for our purposes either choice is just fine.
    • On the software selection screen UNSELECT "Debian desktop environment" and "Print server" and make sure that "SSH server" and "Standard system utilities" are the only two selected options.
    Note: To select and unselect options move your cursor over the option and press the space bar.
    • Choose that yes you want to install GRUB to the master boot record on the /dev/sda device.
  11. Complete the installation
  12. When the installation is complete you can select continue to "eject" the virtual CD and reboot into the new install

Installing sudo and Checking Your IP Address

Video Tutorial - Installing sudo and checking your IP address

  1. Log in to NetLab
  2. Login through the Netlab local console with your root account and password (username root, password as set during the installation)
    Note: When entering a password on the command line of a Linux system it is normal that nothing should appear and the cursor will not move when you are typing. This prevents someone who is able to see your computer screen from seeing what your password is or even how long it is. Just type your password and trust that the system is receiving it, press enter to submit your password.
  3. Install sudo from the command line using:
    Note: A good practice is to update your system before installing any packages, this should be completed using apt update, ensure to use sudo when not logged in as root.
    apt update
    apt install sudo
  4. For security purposes it is usually the case that you do not want to log in as the root user. Instead, best practice is to log in as a standard user and then execute specific commands that require root access with administrative privileges through the sudo program. The sudo program is not installed by default so after you have logged in to the root account enter apt update and press enter which will update the list of software available for installation and then apt install sudo and press enter to install the sudo software.
  5. Add sudo privileges to our standard user account. adduser <username> sudo
  6. We now need to add our standard user account to the group which is allowed to have administrative access to do this enter the command sudo adduser <username> sudo and press enter, replacing <username> with the name of your standard user account (set during the setup process, probably your first name in lowercase). We'll learn more about these commands later in the course.
  7. Reboot system
  8. shutdown -r now
    Reboot your system using the shutdown -r now command to apply the changes
  9. Log in as your standard user account, determine system IP address.
    Once you are logged in use the following command at the command line to determine the IP address of your system
    ip address show
  10. Using the ip address show command will allow you to check the IP address of your system. The IP address should be something like 172.17.50.xxx and be an inet address on the ens192 adapter.
    Lab1 ip address show2.PNG
  11. Test sudo privileges
  12. Try running the same command as the administrator by typing sudo ip address show, you will need to enter in your password again when you run this command.
    sudo ip address show
  13. Exit from the local console
  14. To log out of the console type exit and press enter.

Logging in to a Remote Terminal

Video Tutorial - Logging into a remote terminal

A faster way to interact with your system is not through the Netlab local console but through a remote SSH session over the network directly to your server. Once you have mastered this you will be able to copy and paste text to your Linux server and will not need to make a reservation in Netlab to work on labs. For our purposes you will always need to connect to the ITCnet VPN before doing this so that you have access to the 172.17.50.0 network.

  1. Install Putty
  2. Assuming you are running Windows, install the PuTTY software on your home PC from this website.
    Note: For other operating systems there are other ways and software you can use to make an SSH connection, you will need to research what tools are used for making SSH connections from your particular operating system.
  3. Open an SSH session
    • Run the PuTTY software on your computer and enter in the IP address of your VM in the "Host Name" box and click the "Open" button.
    Lab1 putty.png
    Click here for larger image
    • Click Yes to save the host key on your system
    Lab1 puttycert.png
    Click here for larger image
    • Enter the standard username and password for your Linux system to connect.
    Note: You should receive a prompt just like the one you had on the Netlab local console but it is now a direct connection from your computer over the ITCnet to your server.
  4. Close the SSH session
  5. Type exit to close the connection while leaving your VM running.

Remote File Transfer

Video Tutorial - Remote File Transfer

The easiest way to transfer files to and from your VM is with SFTP software. For our purposes, you will always need to connect to the ITCnet VPN before doing this so that you have access to the 172.17.50.0 network.

  1. Install FileZilla
  2. Install the FileZilla client software on your home PC from this website
  3. Open a SFTP session to your server
  4. Run FileZilla and use the Quick Connect bar at the top of the screen to access your system.
    • Enter the IP address of your Linux system in the "Host:" box
    • Enter your standard username and password in the appropriate boxes
    • Enter 22 in the "Port:" box
    • Click the "Quickconnect" button.
    Lab1 filezillanew.png
    Click here for larger image
    You should see some connection text scroll on the top of the screen and some files on the right side of the screen now such as .bashrc and .profile The right side of the screen is the drive on your Linux system and the left side of the screen is the drive on your home system. Files and folders can be dragged between the two sides to transfer them back and forth.
    Lab1 filezillaconnected.png
    Click here for larger image
  5. Close the FileZilla software to disconnect.

Install VM Tools

Video Tutorial - Install VM Tools

Because your Debian Linux server is running as a virtual machine on a vmWare host system in order to achieve the best performance and driver integration we should install the vmWare Tools software package in your virtual machine.
  1. Open a SSH session to your server
  2. Connect into your system using the remote SSH console method explained above.
  3. Install open-vm-tools
  4. Run the sudo apt install open-vm-tools command to install the vmWare Tools. You will be prompted about several additional software packages required to be installed, type y and press enter to install the software.
    sudo apt install open-vm-tools

Install Python

In order to check your work in the labs of this course you will need to have an application called Python installed on your Linux system.

  1. Download python3 using apt
    • When prompted type Y to install the app and its dependencies
      NOTE: This may take a while.
    • When prompted to specify the name of the host where the TANGO database server is running, just select ok.
      Python tango.png
  2. Run the following command to verify that python version 3.6 is installed.
  3. python3 --version
      Python version.png

Install Nmap

Nmap is a tool we will learn more about later in the course but it will likely be used to check many of the labs for completion while working through the course. This course's labwork often builds upon the work you have done in previous labs. The self-check scripts are to assist you in ensuring you have not missed any critical steps in your work that would affect your success in subsequent labs.
  • NOTE: Before we begin the installation of this tool it is important to remember that scanning a system is often seen as an attack against the system and should not be done unless you are the administrator of both the system that you are scanning from and the system you are scanning or have the explicit permission of the system administrator of those systems! In some areas people have been legally charged and prosecuted for scanning of systems which they are not authorized to do. You have been warned!
  • At this time all you will be doing is installing the tool as it will be used to self-check your lab work to verify you are ready to move on to the next lab.
  1. Open a SSH session to your server
  2. Run the following command at the command line.
    sudo apt install nmap
    Run the sudo apt install nmap command to install the nmap tool. You will be prompted about additional software packages required to be installed, type y and press enter to install the software.

Install Curl

Curl is a tool that lets you run scripts that are not saved to your virtual machine. It will be used to check the labs for completion while working through the course.
  1. Run the following command at the command line.
  2. sudo apt install curl
    If prompted to install additional packages type "y"
  3. Automatically check your results by running this command:
  4. Installing Curl will allow you to check each of your labs for completion of some of the critical objectives of the lab work using a command in the "Checking your Work" section of the labs. This will usually be completed as the last step of the lab, but for this lab please run the following command now to check your work.
    curl https://raw.githubusercontent.com/mnjk-inver/Linux-2480-Rebuild/main/lab_01_revised.py | python3
  5. Close the SSH session
  6. Type exit to close the connection while leaving your VM running.

Safely Shutdown

Video Tutorial - Safely Shutdown

We will normally leave our VM running but it is important that you know how to shutdown a Linux system correctly so this time we'll turn it off.
  1. Open a SSH session to your server
  2. Connect in to your system using the remote SSH console method explained above.
  3. Safely shutdown you server
    • Run the sudo shutdown -h now at the command line to safely shutdown the system.
    sudo shutdown -h now
    You should soon get a message that PuTTY has lost it's connection. Click OK and then you can close the PuTTY window.
  4. End NetLab Reservation
  5. If you still have time left in your reservation in Netlab it's polite to end the reservation so other users can work on the system, only a limited number of reservations can be made at one time. You can do this by logging into Netlab, opening your lab, and clicking the "Reservation" menu at the top of the screen and choose to "End Reservation Now" followed by confirming that you want to end the reservation.

Checking your Work

  1. This section will cover ways to manually check your work
    • For this lab each section was tested in the process of the lab. You should have successfully connected an SSH session with putty, and an ftp session with FileZilla.
      You should have shut down you server in one of the last steps, so no further testing is necessary at this time.
  2. Automatically check your results by running this command:
  3. curl https://raw.githubusercontent.com/mnjk-inver/Linux-2480-Rebuild/main/lab_01_revised.py | python3

Web App

You can check your progress on any of the labs in the ITC-2480 course from a web app from this link:
webcheck.itc2480.campus.ihitc.net
You must be logged into the campus VPN to use this application.
In order to use the web app, follow the link and enter the username, password and IP Address for your Linux server into the form. The address must be on the 172.17.50.0/24 subnet or the app will make you re-enter it. When you've entered your credentials, click the Sign In button on the bottom. You should see a 3x4 grid of buttons with the names of each of the labs. Click the lab you want to check and the application will automatically run the check-script for that lab!