In this IT Pro Challenges virtual lab, learners are introduced to skills required to manage Ubuntu Linux using Microsoft Azure. Exercises in this lab teach users how to deploy Azure VM, RSA key pairs, PuTTY Key Generator, and user groups. The topics covered in this lab are critical for learners to be effective in SOC analyst job roles in cybersecu...
Linux is the most-used open-source operating system. As an operating system, Linux lies beneath all of the other programs on a machine, getting requests from those software and sending these requests to the hardware.
In this hands-on lab, you will get familiar with using Microsoft Azure and manage Ubuntu Linux. First, you will configure and deploy a virtual machine using Microsoft Azure, and then you will configure a virtual server that runs Ubuntu Linux. Next, you will generate a public and private RSA key pair using the PuTTY Key Generator. Then, you will configure printing, manage users and user groups, create a scheduled backup, and configure time and time zones by using the Azure command-line interface (CLI). Finally, you will perform network security scans by using Nmap, and then learn how to configure system log message forwarding.
Understand the Scenario
In this lab, you will perform administrative tasks in a virtual machine that runs Linux. To accomplish this task, you will use a virtual machine named W10-Admin that runs Windows 10 and two virtual machines, Ubuntu1 and Ubuntu2, that run Ubuntu Linux. A Microsoft Azure account has been created for you.
Configure and deploy a virtual machine infrastructure in Azure
In this section of the lab, you will create the Azure storage and network resources required to create a virtual machine infrastructure. Microsoft Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers. First, in Azure services, you will select Storage accounts to create a storage account resource and then add the resource group, storage account name, and other necessary information. Next, you will click on the review and create it. You will see a validation passed notification indicating that Azure has the information necessary to create the storage account resource. Finally, you will create a resource and virtual network and verify the resources you created in this section.
Create a virtual Linux server in Azure
In this section of the lab, you will deploy an Azure virtual machine running Ubuntu Linux by using the infrastructure created in the previous task. Then you will test connectivity to the virtual machine by using Secure Shell (SSH). First, in the Azure portal, you will select __Create a resource __to display the Azure Marketplace and select the most recent version of Ubuntu Server, and then select you will create it by configuring various properties. You will see a Validation passed message on the Create a virtual machine page. This indicates that Azure has the parameters necessary to deploy the virtual machine. Wait for the deployment to finish before proceeding to the next step. A virtual machine deployment can take several minutes to complete. When connecting to a server for the first time by using SSH, you will use PuTTY to configure PuTTY Security Alert message box indicating that the host computer may not be trusted. This is a security feature of SSH, and the message will not reappear with subsequent connections to the server from the same computer. Finally, you will close the SSH session.
Generate new SSH RSA keys by using PuTTYgen
In this section of the lab, you will implement a public and private key pair. First, you will generate a public and private RSA key pair by using the PuTTY Key Generator. Next, you will install the new public key in the LinuxVM SSH public key cache. Finally, you will create a PuTTY SSH session that will connect to LinuxVM by using the private key. RSA key pair generation provides a robust security measure to ensure host computer authenticity when connecting by using SSH. Generating a key pair provides you with two strings of characters: a public key and a private key. In this case, the private key pair will be associated with a passphrase.
Manage an Azure Linux virtual machine by using the Azure CLI
In this section of the virtual lab, you will use the Azure CLI to list the deployed Azure virtual machines, and then you will change the labadmin password using the Azure CLI. The Azure CLI is a command-line tool designed to manage Azure resources. First, you will open Windows PowerShell and run a command to view the virtual machines defined in this Azure subscription. The output of the az vm list command will display the resource attributes associated with the LinuxVM virtual machine in a JSON file format. Finally, you will change the labadmin account password on LinuxVM.
Configure and manage printing in Linux
In this section of the lab, you will install the Linux CUPS print server and the LPR command line printing tools to create and manage print jobs. To accomplish this task, first, you will switch to Ubuntu1 and install the CUPS package by using the sudo command. The sudo command prefix allows a user to run programs by using the security privileges of another user — by default, the superuser. For the remainder of this lab, sudo will not be required as you are automatically signed in to the Ubuntu1 and Ubuntu2 virtual machines as the root user. Next, you will verify that the CUPS service is running and then install the LPR package and verify the installation of the LPR package. Next, you will create a CUPS printer named Printer1 and confirm that Printer1 is configured and ready to accept print jobs. Finally, you will print the /etc/passwd and /etc/hosts files to Printer1 to display print jobs in the print queue and run a command to delete the 2nd print job in the print queue.
Manage users and user groups in Linux
In this section of the lab, you will create and manage user accounts and user groups on Ubuntu1. First, on Ubuntu1, learners will create a new user named jsmith and create a password for this new user. Next, they will create a secondary user group named sales and add jsmith to the sales user group and verify the user group membership for the user jsmith. Here, learners will learn the id -nG command. The id -nG command output shows that jsmith belongs to the jsmith and sales user groups. When you create a user account in Linux, the useradd command, by default, creates a primary user group by using the name of the new user account. After this, learners will create a secondary user group named marketing and create a user named jdoe, who has a home directory and is a member of the sales and marketing user groups. Finally, they will verify the group membership for jdoe and then delete the jsmith user account.
Create a scheduled Linux backup
In this section of the lab, you will create a Linux backup script, and then create a scheduled job that will execute the backup script using crontab. First, you will create a backup target directory named /root/backup and ensure that you are in the /root directory and then create a backup script named /root/backup.sh by using nano. Nano is a text editor for UNIX-like computing systems or operating environments that use a command-line interface. Next, you will use the tar command to rip a collection of files and directories into a single archive file known as a tarball. In this script, you will back up the /etc/passwd file by using the tar command. Next, you will use the cron utility. The cron software utility is a time-based job scheduler in UNIX-like computer operating systems. Crontab is a file that contains the schedule of cron entries to be run at specified times. Finally, you will stop the scheduled backup and clear the schedule entry in the crontab file.
Configure time and time zones in Linux
In this section of the lab, you will configure time zones and manage Linux system time synchronization. To accomplish this task, first, on Ubuntu1, you will view the current date, time, and time zone. Servers that run Linux default to the Coordinated Universal Time (UTC) time zone. UTC is the time at zero degrees longitude. Consistently using UTC reduces confusion when infrastructure spans multiple time zones. Next, you will display the available time zones and then view the American time zones. Finally, you will change the current time zone to America/New_York.
Perform a network security scan by using Nmap
In this section, you will install the Nmap network scanner and Apache2 web server package and perform a network security scan by using Nmap. Finally, you will secure Ubuntu2 by configuring the Uncomplicated Firewall (UFW). UFW is the default firewall configuration tool for Ubuntu. It eases the iptables firewall configuration and gives a user-friendly method to build an IPv4 or IPv6 host-based firewall. By default UFW is disabled.
Configure rsyslog forwarding in Linux
In this section, you will configure rsyslog on Ubuntu1 to filter and forward log messages. This will allow Ubuntu2 to accept log messages sent from Ubuntu1. You will switch to Ubuntu2 and configure rsyslog on Ubuntu2 to accept log messages from Ubuntu1. Rsyslog is an open-source program for transferring log messages between computer systems over an IP network.
Lab Summary Conclusion
After completing the “Linux+” virtual lab, you will have accomplished the following:
- Configured and deployed an Azure virtual machine.
- Configured a virtual server running Ubuntu Linux.
- Generated a public and private RSA key pair by using the PuTTY Key Generator.
- Managed a virtual server running Ubuntu Linux by using the Azure CLI.
- Performed network security scans by using Nmap.
- Configured system log message forwarding.