Lab 1 mnjk

From ITCwiki
Jump to navigation Jump to search

Introduction

In this lab you will perform the following tasks:
  • Access NetLab to access the environment for you virtual machine
  • Install the latest version of Debian Linux in a virtual machine
  • Learn how to login and check the IP address of the system
  • Learn to remotely access the system with SSH and SFTP.

You will use the following commands:

Netlab Access

Video tutorial - NetLab Access

  1. Connect to the ITCnet
  2. This can be accomplished by directly plugging into an ITCnet port in one of the ITC labs or by connecting to the VPN.
    Note: If you want to connect using a wireless connection on campus you need to connect to the eduroam network before connecting to the VPN.
  3. After you are connected to ITCnet (by VPN or wired connection) you simply need to open a web browser and access https://ihcc-netlab.campus.ihitc.net
    • The first time you visit this site in a browser you may need to accept a self-signed security certificate
    • You will need to log in with a username and password established by your instructor.
    • The first time you log in you will need to change your password and set your timezone. Make sure your timezone is set correctly so you can schedule reservations to work with equipment at convenient times.
  4. Once you are logged in click the blue "New Lab Reservation" button
  5. Next, in the lower left corner of the screen, select "Schedule a Lab for Myself". Reservations are used to hold a place on the Netlab system to work on labs during a specific time. You only need reservations in this class when working with the GUI, which will come later in the class, if you need to turn the power back on to your VM, or during the installation process. The rest of the time you will be able to connect directly to your Linux server using the SSH protocol, but more on that in a bit.
    • Note: If you are enrolled in more than one class that is using Netlab you will be presented with a list of classes you are enrolled in, click on your Linux System Administration course of you see this screen.
    All of our lab work in this class is done in a single "Lab Environment" and your progress will be saved from one reservation to another. As a result there is only one lab listed in this course "Linux System Administration Labs". Click on this lab title.
  6. Use the calendar to choose a date, time, and specific pod to reserve for your lab activity (when you will begin your Debian server installation).
  7. The red line on this screen indicates the current time. If you want to get started right away you can click just below this line. Pay attention to the title of the column at the top, it will say something like "LSA Pod Z". The letter at the end of this pod name is your "pod letter" which you will use to set the host name and IP address of your machine in the future so make note of it.
    You will be presented with a summary screen for your reservation where you can set the end time of your reservation (up to a maximum). It is suggested to make your reservation a couple hours long the first time you plan to install Debian, though you can extend it if needed. Click submit once you are ready to make the reservation.
  8. You will see a confirmation screen that your reservation has been made.
  9. You are now ready to progress on to the Debian Linux Installation (as long as your reservation is right away).

Debian Linux Installation

Video tutorial - Debian Linux Installation

  1. Log in to the Netlab system
  2. Access this using a web browser at https://ihcc-netlab.campus.ihitc.net if you are not already logged in.
    If you have a currently active reservation you will see a green "Enter Lab" button on your list of reservations. Click the green "Enter Lab" button. If not, you will need to make a reservation (see above) and then click the "Enter Lab" button.
    Your virtual machines (VMs) will automatically power on when your reservation begins and because there is no operating system currently installed to their virtual hard drives they will boot from their virtual CD/DVD drives which have been pre-loaded with the installation discs for Linux.
  3. Access you virtual machine console
  4. Once you are in your pod you can either click on the image of the "Linux Server" on the topology diagram or use the tabs across the top of your screen to access the console of your Linux Server VM.
    The console shows the display of your VM and allows you to type and interact with your VM just as if you were physically sitting down in front of a server with a monitor, keyboard, and mouse attached. Just like a separate physical machine you will not be able to copy and paste text or drag and drop files in and out of this console window. We will use other utilities across the network connection to do those things just like we would with a physical server.
  5. Learn to "Power Cycle" your virtual machine
  6. By now your VM has likely already booted from it's virtual CD/DVD drive and should be at the "Debian GNU/Linux installer menu". Before continuing let's practice rebooting your system so you can watch the system boot and see how to reboot the system if needed. Click the down arrow button on the right side of the "Linux Server" tab at the top of your screen and choose "Power Off" then click the red "Power Off" button on the popup to power off your VM. This is the equivalent of just pulling out the power cord, at least until we install the VMware Tools software which allows for a graceful shutdown, so you'll want to be careful to only do this if absolutely needed until then.
  7. Power on you Virtual machine
  8. Click the down arrow button on the right side of the "Linux Server" tab at the top of your screen and choose "Power On", or press the blue "Power On" button in the middle of your screen, then press the green "Power On" button to boot your system.
  9. Install Debian Linux
  10. Once the system has rebooted and is back to the "Debian GNU/Linux installer menu" choose "Install" and not "Graphical Install". If you make an incorrect choice you can reboot your virtual machine (power off and on) before installing to get back to the menu.
    In the installer you will use the space bar to select and unselect "checkboxes", the tab key to move between fields and buttons, and the enter key to continue. You will be prompted for the following choices
    • Select English as the language, United States as your location, and American English as the keymap.
    • Set ens192 as your primary network interface.
    • Set a hostname for the system to 2480 followed by a dash and then your pod ID letter, like 2480-Z for LSA Pod Z. If you have forgotten your pod ID letter look up at the top of your screen above the line with the "Topology" and "Linux Server" tabs and you should see a line with "LSA Pod" followed by a letter, that letter is your pod ID letter.
    Note: These steps are critical to future success in labs, check your spelling carefully
    Lab1 hostname.png
    • Set the domain name to itc2480.campus.ihitc.net
    Lab1 domainname.png
    Click her for a larger images
    • Set the root password to something you will NOT FORGET, this is the administrator account, cisco might be a good choice for our purposes though that would not be secure for a system directly accessible from the Internet (we are protected by a firewall which you are bypassing via the VPN connection)
    • Create a new user account by entering your name. The system will automatically use your first name (all lowercase) as the username and then you should set the password to another password you will not forget
    • Select your timezone
    • Choose "Guided - Use entire disk" as the partitioning method and select the sda drive and "All files in one partition" as the partitioning scheme, "Finish partitioning and write the changes to the disk", and then finally confirm you want to write the changes.
    • You do not want to scan any other CDs or DVDs at this time.
    • You want to select a mirror located close to you with good speed. Because your VM is actually running from the campus and is connected to the campus Internet connection a good option is "debian.uchicago.edu" with no http proxy.
    • Choose whether you want to participate in the package usage survey, for our purposes either choice is just fine.
    • On the software selection screen UNSELECT "Debian desktop environment" and "Print server" and make sure that "SSH server" and "Standard system utilities" are the only two selected options.
    NOTE: To select and unselect options move your cursor over the option and press the space bar.
    • Choose that yes you want to install GRUB to the master boot record on the /dev/sda device.
  11. Complete the installation
  12. When the installation is complete you can select continue to "eject" the virtual CD and reboot into the new install

Installing sudo and checking your IP address

Video tutorial - Installing sudo and checking your IP address

  1. Log in to NetLab
  2. Login through the Netlab local console with your root account and password (username root, password as set during the installation)
    • NOTE: When entering a password on the command line of a Linux system it is normal that nothing should appear and the cursor will not move when you are typing. This prevents someone who is able to see your computer screen from seeing what your password is or even how long it is. Just type your password and trust that the system is receiving it, press enter to submit your password.
  3. Install sudo from the command line using:
    apt update
    apt install sudo
  4. For security purposes it is usually the case that you do not want to log in as the root user. Instead, best practice is to log in as a standard user and then execute specific commands that require root access with administrative privileges through the sudo program. The sudo program is not installed by default so after you have logged in to the root account enter apt update and press enter which will update the list of software available for installation and then apt install sudo and press enter to install the sudo software.
  5. Add sudo privileges to our standard user account.
    adduser <username> sudo
  6. We now need to add our standard user account to the group which is allowed to have administrative access to do this enter the command sudo adduser <username> sudo and press enter, replacing <username> with the name of your standard user account (set during the setup process, probably your first name in lowercase). We'll learn more about these commands later in the course.
  7. Reboot system
  8. shutdown -r now
    Reboot your system using the shutdown -r now command to apply the changes
  9. Log in as your standard user account, determine system IP address.
    Once you are logged in use the following command at the command line to determine the IP address of your system
    ip address show
  10. Using the ip address show command will allow you to check the IP address of your system. The IP address should be something like 172.17.50.xxx and be an inet address on the ens192 adapter.
  11. Test sudo privileges
  12. Try running the same command as the administrator by typing sudo ip address show, you will need to enter in your password again when you run this command.
    sudo ip address show
  13. Exit from the local console
  14. To log out of the console type exit and press enter.

Logging in to a remote terminal

Video tutorial - Logging into a remote terminal

A faster way to interact with your system is not through the Netlab local console but through a remote SSH session over the network directly to your server. Once you have mastered this you will be able to copy and paste text to your Linux server and will not need to make a reservation in Netlab to work on labs. For our purposes you will always need to connect to the ITCnet VPN before doing this so that you have access to the 172.17.50.0 network.
  1. Install Putty
  2. Assuming you are running Windows, install the PuTTY software on your home PC from this website.
    Note: For other operating systems there are other ways and software you can use to make an SSH connection, you will need to research what tools are used for making SSH connections from your particular operating system.
  3. Open an SSH session
    • Run the PuTTY software on your computer and enter in the IP address of your VM in the "Host Name" box and click the "Open" button.
    Lab1 putty.png
    Click here for larger image
    • Click Yes to save the host key on your system
    Lab1 puttycert.png
    Click here for larger image
    • Enter the standard username and password for your Linux system to connect.
    Note: You should receive a prompt just like the one you had on the Netlab local console but it is now a direct connection from your computer over the ITCnet to your server.
  4. Close the SSH session
  5. Type exit to close the connection while leaving your VM running.

Remote File Transfer

Video tutorial - Remote File Transfer

The easiest way to transfer files to and from your VM is with SFTP software. For our purposes, you will always need to connect to the ITCnet VPN before doing this so that you have access to the 172.17.50.0 network.
  1. Install FileZilla
  2. Install the FileZilla client software on your home PC from this website
  3. Open a SFTP session to your server
  4. Run FileZilla and use the Quick Connect bar at the top of the screen to access your system.
    • Enter the IP address of your Linux system in the "Host:" box
    • Enter your standard username and password in the appropriate boxes
    • Enter 22 in the "Port:" box
    • Click the "Quickconnect" button.
    Lab1 filezillanew.png
    Click here for larger image
    You should see some connection text scroll on the top of the screen and some files on the right side of the screen now such as .bashrc and .profile The right side of the screen is the drive on your Linux system and the left side of the screen is the drive on your home system. Files and folders can be dragged between the two sides to transfer them back and forth.
    Lab1 filezillaconnected.png
    Click here for larger image
  5. Close the FileZilla software to disconnect.

Install VM Tools

Video tutorial - Install VM Tools

Because your Debian Linux server is running as a virtual machine on a vmWare host system in order to achieve the best performance and driver integration we should install the vmWare Tools software package in your virtual machine.
  1. Open a SSH session to your server
  2. Connect into your system using the remote SSH console method explained above.
  3. Install open-vm-tools
  4. Run the sudo apt install open-vm-tools command to install the vmWare Tools. You will be prompted about several additional software packages required to be installed, type y and press enter to install the software.
    sudo apt install open-vm-tools

Install Nmap

Nmap is a tool we will learn more about later in the course but it will likely be used to check many of the labs for completion while working through the course. This course's labwork often builds upon the work you have done in previous labs. The self-check scripts are to assist you in ensuring you have not missed any critical steps in your work that would affect your success in subsequent labs.
  • NOTE: Before we begin the installation of this tool it is important to remember that scanning a system is often seen as an attack against the system and should not be done unless you are the administrator of both the system that you are scanning from and the system you are scanning or have the explicit permission of the system administrator of those systems! In some areas people have been legally charged and prosecuted for scanning of systems which they are not authorized to do. You have been warned!
  • At this time all you will be doing is installing the tool as it will be used to self-check your lab work to verify you are ready to move on to the next lab.
  1. Open a SSH session to your server
  2. Run the following command at the command line.
    sudo apt install nmap
    Run the sudo apt install nmap command to install the nmap tool. You will be prompted about additional software packages required to be installed, type y and press enter to install the software.
  3. Close the SSH session
  4. Type exit to close the connection while leaving your VM running.

Safely Shutdown

Video tutorial - Safely Shutdown

We will normally leave our VM running but it is important that you know how to shutdown a Linux system correctly so this time we'll turn it off.
  1. Open a SSH session to your server
  2. Connect in to your system using the remote SSH console method explained above.
  3. Safely shutdown you server
    • Run the sudo shutdown -h now at the command line to safely shutdown the system.
    sudo shutdown -h now
    You should soon get a message that PuTTY has lost it's connection. Click OK and then you can close the PuTTY window.
  4. End NetLab Reservation
  5. If you still have time left in your reservation in Netlab it's polite to end the reservation so other users can work on the system, only a limited number of reservations can be made at one time. You can do this by logging into Netlab, opening your lab, and clicking the "Reservation" menu at the top of the screen and choose to "End Reservation Now" followed by confirming that you want to end the reservation.