LPIC-1 Topic 105: Shells and Shell Scripting

Questions and Answers

What is the main purpose of OpenSSH Server Host Keys?

• To encrypt data transmitted over the network
• To establish a secure connection between client and server (correct)
• To generate a unique identifier for each SSH client
• To authenticate users using a username and password

Which of the following is a feature of GnuPG?

• Encryption, decryption, signing, and verification of files (correct)
• File transfer protocol for secure data transfer
• Remote access protocol for secure access
• Key exchange protocol for secure communication

What is the primary function of SSH Port Tunnels?

• To encrypt data transmitted over the network
• To forward network traffic from one network to another (correct)
• To authenticate users using a username and password
• To establish a secure connection between client and server

What is the objective of Basic OpenSSH Client Configuration and Usage?

To configure the OpenSSH client for secure connections (D)

What is the purpose of performing Basic GnuPG Configuration, Usage and Revocation?

To configure GnuPG for secure file encryption and decryption (A)

Study Notes

Topic 110: Security

• Perform security administration tasks:
  • Checking for files with the SUID and SGID set
  • Password management and aging
  • Discovering open ports
  • Limits on users' logins, processes, and memory usage
  • Dealing with logged-in users

Topic 105: Shells and Shell Scripting

• Customize and use the shell environment:
  • Set environment variables (e.g., PATH) at login or when spawning a new shell
  • Write Bash functions for frequently used sequences of commands
  • Maintain skeleton directories for new user accounts
  • Set command search path with the proper directory
• Key concepts:
  • ~/.bash_profile, ~/.bash_login, ~/.bash_logout, ~/.profile, ~/.bashrc
  • source, env, export, set, and unset commands
  • Creating environment variables: var_sub, BIRD, NEW_BIRD
  • Creating a bin folder in the home directory and adding it to the PATH
  • Using if statements to guarantee the value of PATH remains unaltered across reboots

Topic 107: Administrative Tasks

• Automate system administration tasks by scheduling jobs:
  • Using at to run one-time jobs at a specific time
  • Managing at jobs: atq, atrm, /etc/at.allow, and /etc/at.deny
  • Configuring user access to at job scheduling
  • Using systemd-run as an alternative to at for one-time scheduling
• Key concepts:
  • Creating at jobs with specific time specifications
  • Reviewing and deleting at jobs
  • Using atq and atrm commands
  • Configure user access to at job scheduling with /etc/at.allow and /etc/at.deny files

Topic 110: Security

110.1 Perform Security Administration Tasks

• Checking for files with the SUID and SGID set is a crucial security task
• Password management and aging involves managing passwords and setting expiration dates
• Discovering open ports is essential to identify potential security vulnerabilities
• Limits on user logins, processes, and memory usage can be set to prevent abuse
• Dealing with logged-in users involves managing and monitoring user accounts
• Basic sudo configuration and usage involves setting up and using superuser privileges

110.2 Setup Host Security

• Improving authentication security with shadow passwords involves using encrypted passwords
• Using a superdaemon to listen for incoming network connections helps to centralize service management
• Checking services for unnecessary daemons is essential to prevent security vulnerabilities
• TCP wrappers can be used as a simple firewall to filter incoming network traffic

110.3 Securing Data with Encryption

• Basic OpenSSH client configuration and usage involves setting up secure remote connections
• The OpenSSH server host keys play a critical role in encrypting and decrypting data
• SSH port tunnels can be used to encrypt and forward traffic between networks
• Performing basic GnuPG configuration, usage, and revocation involves setting up and managing encryption keys
• GnuPG can be used to encrypt, decrypt, sign, and verify files to ensure data integrity

Description

Quiz on shells and shell scripting, including environment variables and searching for variables using set, env and grep commands.