Remote Access Troubleshooting

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
21 hours 25 minutes
Difficulty
Intermediate
CEU/CPE
21
Video Transcription
00:00
>> Hey, there Cybrarians. Welcome back to
00:00
the Linux Plus course here at Cybrary.
00:00
I'm your instructor Rob Gills.
00:00
In today's lesson, we're going to be talking
00:00
about remote access issues.
00:00
Upon completion of today's lesson,
00:00
you're going to be able to understand
00:00
the types of remote access issues that a user may
00:00
encounter and also find
00:00
remote access configuration files.
00:00
Most remote access issues are
00:00
generally going to boil down to one or two things.
00:00
It could be a network accessibility
00:00
problem or you might have
00:00
a configuration issue with
00:00
the remote connectivity and
00:00
the configuration files it uses.
00:00
We're going to certainly talk about
00:00
both of these in this lesson.
00:00
But there are some additional issues
00:00
>> you may come across.
00:00
>> For example, maybe you're using
00:00
TCP wrappers that's rarely
00:00
used but still potentially an issue.
00:00
We might also have service misconfiguration.
00:00
The service is just not running or it's
00:00
misconfigured and so it can't start.
00:00
Then maybe we have service specific
00:00
>> security restrictions
00:00
>> and the services configured
00:00
with these access restrictions.
00:00
You need to go in and check
00:00
the configuration file and see
00:00
what those restrictions are and
00:00
>> why they're set that way.
00:00
>> But in terms of network connectivity,
00:00
to verify network connectivity,
00:00
we can use just some simple tests.
00:00
We could do ping and see if the server returns
00:00
a ping or we can do traceroute
00:00
and see if the traceroute completes.
00:00
But beyond simple connectivity checking,
00:00
we can also verify name resolution,
00:00
and we can do that by checking
00:00
/etc/hosts or seeing what we have
00:00
set for our name servers in /etc/resolve.conf,
00:00
maybe we can also run dig and
00:00
some other commands like that to see what's going on.
00:00
On the server side, we can check things
00:00
like /etc/host.deny and /etc/hosts.allow
00:00
against the wrapper stuff.
00:00
We can also look at firewall configuration to
00:00
verify the necessary ports are open.
00:00
On a CentOS system,
00:00
that's generally be firewall-cmd.
00:00
You can do firewall-cmd--list-all
00:00
to see all the ports that are open.
00:00
On Ubuntu, we can run UFW status to see the same thing.
00:00
Now, if we're using
00:00
OpenSSH to connect as our connection method,
00:00
we need to verify and review the SSH configuration.
00:00
But on the server side,
00:00
the first thing we should do is
00:00
make sure the service is running.
00:00
Let's do system CTL status SSHD
00:00
and make sure that that is in fact running.
00:00
Then next we can verify that
00:00
port 22 is open in the firewall.
00:00
We can do firewall CMD list all
00:00
on a Red Hat or CentOS system.
00:00
If we are on Ubuntu, we could run UFW status.
00:00
Next, we can check those configurations,
00:00
the server-side SSH config is going
00:00
to be an /etc/ssh/sshd_config.
00:00
If the users logging in with a username and password,
00:00
for example, then password
00:00
authentication should be set to yes.
00:00
If we're using SSH keys instead,
00:00
we should also verify the client key has been
00:00
added to authorize hosts on the server.
00:00
Otherwise, you're not really ever getting there with
00:00
a SSH key if we have some other issues.
00:00
Now on the client-side of the SSH configuration,
00:00
we need to verify that as well.
00:00
We need to look at the user-specific SSH configuration.
00:00
Users can have their own SSH configuration
00:00
in the config file and is stored in
00:00
the user's home directory in the.SSH
00:00
directory in the file that's just named config.
00:00
Now, global client-side SSH configuration is also
00:00
set up and this is in /etc/ssh/ssh_config.
00:00
Remember sshd_config for the daemon of the servers,
00:00
ssh_config is for the client.
00:00
We're going to want to verify that
00:00
SSH key for remote host that we're
00:00
trying to connect to is
00:00
stored locally in /ssh/known_hosts.
00:00
In other words, in the user's home directory,
00:00
in that same SSH directory where the config file is,
00:00
we'll see a known_host file and
00:00
the SSH key for the host is trying to connect you
00:00
should be in that file or else we're never
00:00
really even getting that far if we have other issues.
00:00
There are other remote desktop applications
00:00
that users may use to connect.
00:00
They can use these to get a
00:00
remote GUI interface on a server.
00:00
We've talked about some of these previously,
00:00
things like NoMachine or NX,
00:00
VNC, xrdp, and Spice.
00:00
These are all options that we could
00:00
use and it's really beyond
00:00
the scope of the Linux Plus exam to troubleshoot these.
00:00
But just be aware that these are
00:00
other remote access options.
00:00
You can refer back to Module 14 for
00:00
more information on these applications.
00:00
With that, in this lesson,
00:00
we covered the types of remote access issues
00:00
that a user's likely to encounter.
00:00
Then we talked about finding
00:00
remote access configuration files for SSH.
00:00
Thanks so much for being here and I look
00:00
forward to seeing you in the next lesson.
Up Next