Linux Administrators Essentials

How to encrypt a file

  • gpg -e (or --encrypt) -r recipient file_name

  • gpg -d (or --decrypt) file_name

  • gpg -c (-symmetric) file prompts for password

How to SCP a file to a vpn location

  • scp <file> <username>@<IP address or hostname>:<Destination>


  1. How to create static entry for host in DNS, in the file: /etc/resolv.conf

  • search,

  1. If you need to mount a file at startup what file do you set this up in?

  • /etc/fstab

  1. How to tell which ports are listening and which have connections

  • netstat –nat all Internet connections

  • sudo netstat -atpn all Connections currently in use

  • netstat –tulpn all listening ports

  • netstat –tue all established connections

  • more /etc/services list of services with ports

  1. How to test connectivity between machines, like for email,

  • telnet localhost 25

  • netcat localhost 25

  1. Test if port is open for each of the 3 email protocols and what are they? IMAP, POP, SMTP?

  • IMAP uses port 143, but SSL/TLS encrypted IMAPs uses port 993.

  • POP uses port 110, pop3 but SSL/TLS encrypted POP3s uses port 995.

  • SMTP uses port 25, but SSL/TLS encrypted SMTP uses port 465.

  1. Configured NFS, and Samba, in what files are the configs?

  • #vim /etc/samba/smb.conf

    • sudo mount -t cifs //ip_address/myshare /opt/CIFS -o username=samb_user,noexec

  • #vim /etc/default/nfs-common

    • sudo mount –t nfs4 ip_or_host_name:/ /opt/NFSMount

    • /etc/exports

  1. What are the couple of modules in Apache we enabled and what do they do? Modrewrite and ? How do you enable them?

  • sudo a2ensite default-ssl Enable SSL

  • sudo a2enmod rewrite Enable mod rewrite

  • or copy from /etc/apache2/mods-available to /etc/apache2/mods-enabled

  1. How to enable sites, looked at apache config, know how to change default port apache listens on

  • sudo a2ensite sitename

  • sudo a2dissite sitename

  • or create a link ln -s /etc/apache2/sites-available/conf /etc/apache2/sites-enabled/conf

  1. Understand public and private key encryption, if you want to encrypt a file and send it to someone what key (public or private) do you use? Using asymmetric cryptography

  • If you encrypt (“lock”) something with your private key, anyone can decrypt it with your public key (“unlock”), but this serves as a proof you encrypted it: it’s “digitally signed” by you.

  • Any person can encrypt a message using the receiver's public key. That encrypted message can only be decrypted with the receiver's private key

  • gpg --encrypt file_name

  • gpg --decrypt file_name

  • gpg –list-keys

  • gpg -e (or --encrypt) -r recipient file_name

  1. SNMP, Mibs and traps, what they are

  • SNMP uses MIB to provide information about a device and all associated features

  • Trap – A client will decide if something interesting happened, based on Traps, and send that information to the server

  • snmpd (the Daemon) snmp (the tools)

  • snmpwalk -c public -v1 localhost | less

  1. TCPdump and Tshark, what are the switches for: adapters, write to file, read from file, source port, destination port

  • sudo tcpdump host localhost and dst port 2049

    • -n switch can be used to prevent domain name resolution.

    • -v option will provide more verbose data, the more v’s you add, the more verbose it gets.

    • -w switch will save data to a file,

    • -r switch will read a file in

  • tshark -i eth0 -c 50 -w /var/tmp/capture.pcap not tcp port 22 and not host

    • -c is the count for how many packets to capture,

    • -w is the file to capture to and the filter statements are at the end.

  1. forward and reverse lookup zone, he will give us an IP and we should know its reverse zone lookup

  • nslookup IP-address for reverse lookup use IP to find name

  • dig -t MX Show mail record types

  • dig record types: NS - Name server, SOA - Start of Authorit, CNAME - pointer for an alias, A - Basic host record (dig will also search each server listed in /etc/resolv.conf)

  1. From HW5 sys stats packge, what package is it

  • sar

  • sudo sar -n DEV 1 1 This shows Network -n network

  • sudo sar -b 1 1 This shows Disk IO

  • sudo sar 1 1 This shows CPU -p processor

  • sudo sar -u 1 1 This shows CPU -u utilization

  • sudo sar -S 1 1 This shows Swap -S

  1. What port is used for http (80) https (443)

  • 80 http

  • 443 https

  1. NTP (Network Time Protocol) which daemon is running for it on debian, named differently the file you used to use to set which servers to use to get time but no longer used in the new one

  • timesyncd replaces ntpd and ntpdate

  • timedatectl status

  • service systemd-timesyncd

  1. stop, restart and reload a daemon service

  • sudo service apache2 restart

  • sudo service apache2 stop

  • sudo service apache2 reload

  • sudo systemctl start apache2.service

  • sudo journalctl -u apache2

  1. standard typical web has 3 servers, DB-App-Web, which is apache and which is tomcat


  • Tomcat - Java application server

  • Apache – Web server

  1. Where main bind config file is and its path

  • /etc/bind/named.conf.local

  • template for zone sudo cp /etc/bind/db.local /etc/bind/

  • sudo /etc/init.d/bind9 restart

  1. Name of bind daemon

  • bind9

  • or sudo /etc/init.d/bind9 restart

  1. Basic Bind record types

  • Record format: priority, host, points to, TTL

  • A record: for the name server

  • CNAME: Canonical or alias

  • MX record: mail exchange

  • NS record: name server

  • SPF record: Sender Policy Framework = list of email server FQDN (fully qualified Domain)

  • PTR record: reverse lookup for each A record

  • DNS records

  1. From test 1, know the commands to configure UFW (uncomplicated fireWall) to allow ports for email, 3 protocols

  • sudo ufw allow 25 (or by name nfs samba )

  1. From Advanced Networking, know the command to tcp to figure our what OS and what other stuff is at a network address/port

  • tshark -c 5 -w vartmp/jeff.pcap not tcp port 22

  • tshark -r vartmp/jeff.pcap

  1. Last question is easy

  2. Copy a file

  • scp <file> <username>@<IP address or hostname>:<Destination>