Question $6$ test $10$

$0$ out of $5$ points

Please provide the command that will accomplish the following task:

You are already logged to CollegeServer$1$ using the account CODUser$1$ and you want to run a date command on the CollegeServer$2,$ but want to stay at CollegeServer$1$ and not jump and stay to the interactive shell on CollegeServer$2.$ What command should you use to perform this task?

Selected Answer: ssh CollegeServer$2$

ssh CODUser$1$@CollegeServer$1$ CollegeServer$2$

ssh CollegeServer$2$ date

Response Feedback: Secure Shell Examples

The following ssh command would log you in on the remote server remotehost using the same user name as the current local user. In this example, the remote system prompts you to authenticate with that user's password.

$[$user$01$@host ~$]$$ ssh remotehost

user$01$@remotehost's password: redhat

$...$output omitted...

$[$user$01$@remotehost ~$]$$

You can the exit command to log out of the remote system.

$[$user$01$@remotehost ~$]$$ exit

logout

Connection to remotehost closed.

$[$user$01$@host ~$]$$

The next ssh command would log you in on the remote server remotehost using the user name user$02.$ Again, you are prompted by the remote system to authenticate with that user's password.

$[$user$01$@host ~$]$$ ssh user$02$@remotehost user$02$@remotehost's password: shadowman $...$output omitted... $[$user$02$@remotehost ~$]$$

This ssh command would run the hostname command on the remotehost remote system as the user$02$ user without accessing the remote interactive shell.

$[$user$01$@host ~$]$$ ssh user$02$@remotehost hostname

user$02$@remotehost's password: shadowman

remotehost.lab.example.com

$[$user$01$@host ~$]$$

Notice that the preceding command displayed the output in the local system's terminal.

Identifying Remote Users

The w command displays a list of users currently logged into the computer. This is especially useful to show which users are logged in using ssh from which remote locations, and what they are doing.

$[$user$01$@host ~$]$$ ssh user$01$@remotehost

user$01$@remotehost's password: redhat

$[$user$01$@remotehost ~$]$$ w

$16$:$13$:$38$ up $36$ min, $1$ user, load average: $0\mathrm{.}00,0\mathrm{.}00,0\mathrm{.}00$

USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT

user$02$ pts$/0172\mathrm{.}25\mathrm{.}250\mathrm{.}1016$:$137$:$300\mathrm{.}01$s $0\mathrm{.}01$s $-$bash

user$01$ pts$/1172\mathrm{.}25\mathrm{.}250\mathrm{.}1016$:$243\mathrm{.}00$s $0\mathrm{.}01$s $0\mathrm{.}00$s w

$[$user$02$@remotehost ~$]$$

$$ Question $9$

$0$ out of $5$ points

Please provide the command that will accomplish the following task:

You want to create a matched pair of cryptographic SSH key files and set a passphrase password when you use the private key for authentication. The passphrase will be stored in the file named: secretCOD$.$ What command should you use to perform this task?

Selected Answer: ssh$-$keygen $-$f $.$ssh$/$key$-$with$-$pas

ssh$-$keygen $-$p $-$f $/$path$/$to$/$private$/$key $-$P old$\_$passphrase $-$N new$\_$passphrase

Response Feedback: SSH Key$-$based Authentication

You can configure an SSH server to allow you to authenticate without a password by using key$-$based authentication. This is based on a private$-$public key scheme.

To do this, you generate a matched pair of cryptographic key files. One is a private key, the other a matching public key. The private key file is used as the authentication credential and, like a password, must be kept secret and secure$.$ The public key is copied to systems the user wants to connect to$,$ and is used to verify the private key. The public key does not need to be secret.

You put a copy of the public key in your account on the server. When you try to log in$,$ the SSH server can use the public key to issue a challenge that can only be correctly answered by using the private key. As a result, your ssh client can automatically authenticate your login to the server with your unique copy of the private key. This allows you to securely access systems in a way that doesn't require you to enter a password interactively every time.

Generating SSH Keys

To create a private key and matching public key for authentication, use the ssh$-$keygen command. By default, your private and public keys are saved in your ~$/.$ssh$/$id$\_$rsa and ~$/.$ssh$/$id$\_$rsa.pub files, respectively.

$[$user@host ~$]$$ ssh$-$keygen

Generating public$/$private rsa key pair.

Enter file in which to save the key $(/$home$/$user$/.$ssh$/$id$\_$rsa$)$: Enter

Created directory $\text{'}/$home$/$user$/.$ssh$\text{'}.$

Enter passphrase $($empty for no passphrase$)$:

Enter Enter same passphrase again: Enter

Your identification has been saved in $/$home$/$user$/.$ssh$/$id$\_$rsa.

Your public key has been saved in $/$home$/$user$/.$ssh$/$id$\_$rsa.pub.

The key fingerprint is:

SHA$256$:vxutUNPio$3$QDCyvkYm$1$oIx$35$hmMrHpPKWFdIYu$3$HV$+$w user@host.lab.example.com

The key's randomart image is:

$+---[$RSA $2048]----+$

$||$

$|..|$

$|$ o o o $|$

$|.=$ o o $.|$

$|$ o $+=$ S E $.|$

$|..$O o $+*+|$

$|.+\%$ O $.+$ B $.|$

$|=*$oO $..+*|$

$|++..+.|$

$+----[$SHA$256]-----+$

If you do not specify a passphrase when ssh$-$keygen prompts you, the generated private key is not protected. In this case, anyone with your private key file could use it for authentication. If you set a passphrase, then you will need to enter