Linux Up-Skill Challenge

March 12, 2021

These are my notes from the challenge https://old.reddit.com/r/linuxupskillchallenge

I'm sure they will be raw and un-edited.

Day 0

Linode, $5/mo VPS
Created new kdbx
About 1 minute to create (45.56.xx.xx)
SSH as root
apt update && apt upgrade
add user dom (https://old.reddit.com/r/linuxupskillchallenge/comments/i257zj/day_0_creating_your_own_server_with_a_5_digital/) adduser dom usermod -a -G sudo dom
disable root usermod -p “!” root

Day 1

https://old.reddit.com/r/linuxupskillchallenge/comments/l9kjrv/day_1_accessing_your_server/ – used ssh-copy-id to move public key (already had one)

Day 2

https://old.reddit.com/r/linuxupskillchallenge/comments/ey5h61/day_2_basic_navigation/ – Basic nav – Updated PS1 (in ~/.bashrc) to say “LINODE”

Runbook : fix kdbx password?

create new kdb file with root and dom
Use linode website to change root password to something new
ssh as root
use passwd command to change dom's PW passwd dom
verify that i can still access the new db
remove old kdb file

Day 3

https://old.reddit.com/r/linuxupskillchallenge/comments/eyvqv9/day_3_power_trip/ – sudo -i to 'become' root, prompt changes and everything – /var/log/auth.log has login and sudo attempts / failures – interesting to use tail -f to see attempts in real time

https://www.cyberciti.biz/tips/linux-unix-bsd-openssh-server-best-practices.html

Day 4

https://old.reddit.com/r/linuxupskillchallenge/comments/ezfqgl/day_4_installing_software_exploring_the_file/ – apt-cache search "midnight commander" <— how is this different than “apt search”? – midnight commander “mc” pretty powerful and not too confusing – navigate, copy, view, set up to edit with vim.tiny – lots of interesting config files in /etc/<appname> (including for mc), the apt source lists is on there – some interesting logs under /var/log – play hangman

https://help.ubuntu.com/community/SwitchingToUbuntu/FromLinux/RedHatEnterpriseLinuxAndFedora

Day 5

https://old.reddit.com/r/linuxupskillchallenge/comments/ezwxwl/day_5_more_or_less/ Five fundamental topics:

more/less

I never use more, but I am quite familiar with less, which has Vim-style key bindings. Using more, I am not quite sure when I would use it over less, but I'm going to try to understand how to use it better now.

tab completion history hidden files/config files nano/text editing

Day 6

https://old.reddit.com/r/linuxupskillchallenge/comments/f1fblc/day_6_editing_with_vim/ Vim ... I think I know Vim. Links: https://www.linux.com/news/sysadmin-sysadmin-getting-more-out-vim/ http://www.viemu.com/a_vi_vim_graphical_cheat_sheet_tutorial.html

Day 7

https://github.com/snori74/linuxupskillchallenge/blob/master/07.md (not on reddit Feb 17, 2021)

Used apt to install apache2 (updated first). It's automatically running after this. Config files in /etc (DocumentRoot shows path for hosted site content), logs in /var. https://www.digitalocean.com/community/tutorials/how-to-use-systemctl-to-manage-systemd-services-and-units

Day 8

https://github.com/snori74/linuxupskillchallenge/blob/master/08.md

cut -d “delimiter”
-f “field” cut -f 10- -d" "~
Google “linux sed tricks” or “awk one liners”

TODO Continue with sed and awk

Day 9

https://old.reddit.com/r/linuxupskillchallenge/comments/f2wh4k/day_9_ports_open_and_closed/ – netstat wasn't installed – used ufw to add some basic allow rules for http and ssh, enbaled then disabled it – Don't have a solid understanding of this, need to study more

Resources

UFW – Uncomplicated Firewall (https://help.ubuntu.com/community/UFW) Collection of basic Linux Firewall iptables rules (http://linuxconfig.org/collection-of-basic-linux-firewall-iptables-rules) 10 Netstat Command Example (http://www.thegeekstuff.com/2010/03/netstat-command-examples/) UFW Uncomplicated Firewall () (video) How to install nftables in Ubuntu (https://www.liquidweb.com/kb/how-to-install-nftables-in-ubuntu/)

Day 10

https://old.reddit.com/r/linuxupskillchallenge/comments/f51ye0/day_10_getting_the_computer_to_do_your_work_for/ CRON – systemwide cron table: /etc/crontab daily: /etc/cron.daily systemd timers: systemctl list-timers

Day 11

https://old.reddit.com/r/linuxupskillchallenge/comments/lk3z5a/day_11_finding_things/ Finally caught up to the class

locate
find 25 find tricks (useful bookmark for beginnners): https://www.linuxtechi.com/25-find-command-examples-for-linux-beginners/ I learned how to actually specify the size and mtime, and about ls -s
grep
which

Day 11

https://old.reddit.com/r/linuxupskillchallenge/comments/lkn2ms/day_12_copying_with_sftp/ SFTP – I guess i know this pretty well, from work – put, get, ls, lls, mkdir,!`

SCP $ scp WSL_Meme.jpg 45.56.100.114:~/images

Day 13

https://old.reddit.com/r/linuxupskillchallenge/comments/lldvda/day_13_who_has_permission/ -w = remove write +r = add read +x = add execute

u = owning user only g = owning group only o = 'other' ... everyone else a = “all” (ugo)

equals can be used to assign, examples: chmod g= file #sets the group permissions to none chmod u=r file #sets the user permissions to read only (remove any execute or write) can also assign multiples: chmod og=rw # set other and group to 'rw'

Day 14

https://old.reddit.com/r/linuxupskillchallenge/comments/lm4pn4/day_14_your_little_helper/ Adding a new (lesser-privledge) user: adduser, passwd not necessary on this distro

Use visudo to edit suoders file to allow ONLY reboot to be run with sudo by new user, and without a password!

# Allow user "helen" to run "sudo reboot"
# ...and don't prompt for a password
#
helen ALL = NOPASSWD:/sbin/reboot

Interesting note: Linode sends me a notification when the box reboots

Gonna try to set up SSH key for new user, kind of unsure how this will work. https://stackoverflow.com/questions/2419566/best-way-to-use-multiple-ssh-private-keys-on-one-client

Very cool to know about the ssh config file

Googled key creation: https://www.ssh.com/ssh/keygen/#creating-an-ssh-key-pair-for-user-authentication whoops, forgot this from above (like day 2 or something) > – used ssh-copy-id to move public key (already had one) Note to self: don't try to just manually copy the public key, use that tool instead.

Day 15

https://old.reddit.com/r/linuxupskillchallenge/comments/lmy0h4/day_15_deeper_into_repositories/ Fully-caught up with the class, after three days. Package manager stuff.

List every package in the cache: apt-cache dump | grep Package: 98,655 possible packages in apt-cache (on my host machine) 91,005 packages on the server

install netperf on server, need to enable multiverse? first

Actually already enabled, check out the sources.list file.

ppa == personal package archive

Will seldom have good reasons for hooking into more than one or two extra repositories
Need to read up about a repository first, to understand any potential disadvantages.

Day 16

https://github.com/snori74/linuxupskillchallenge/blob/master/16.md https://old.reddit.com/r/linuxupskillchallenge/comments/lp6zfz/day_16_tar_and_friends/ Basic tar stuff. tar cvf <filename> <files to compress>, tar xvf <filename>

bz2 = slower, small (similar to lzma, but less small/less slow)

Day 17

https://github.com/snori74/linuxupskillchallenge/blob/master/17.md https://old.reddit.com/r/linuxupskillchallenge/comments/lq09b4/day_17_from_the_source/ configure & make stuff In general /bin is for key parts of the operating system, /usr/bin for less critical utilities and /usr/local/bin for software you've chosed to manually install yourself.

Cool: http://www.linuxfromscratch.org/lfs/

Day 18

https://old.reddit.com/r/linuxupskillchallenge/comments/lqsv0f/day_18_log_rotation/ logrotate. Never dealt with this before.

pretty interesting, i like how this generalizes to all different types of log-producing programs and is very flexible. makes me wonder a little bit more about the Linux app install process and how these logrotate files are written ... is that something i'd seen in a 'make install'?

Day 19

https://old.reddit.com/r/linuxupskillchallenge/comments/lrnk8n/day_19_inodes_symlinks_and_stat/

VFS – virtual filesystem one level of indirection between files and filesystem inodes

ls - li

stat

Note that the permissions on a symlink generally show as allowing everthing – but what matters is the permission of the file it points to. The Differences

Hard links:

Only link to a file, not a directory Can't reference a file on a different disk/volume Links will reference a file even if it is moved Links reference inode/physical locations on the disk

Symbolic (soft) links:

Can link to directories Can reference a file/folder on a different hard disk/volume Links remain if the original file is deleted Links will NOT reference the file anymore if it is moved Links reference abstract filenames/directories and NOT physical locations. They have their own inode

Day 20

https://old.reddit.com/r/linuxupskillchallenge/comments/lsheqf/day_20_scripting/ Scripting. Shell = command interpreter

shell script: – save typing – flexibility thru parameters – automation – error-prevention – consistency

Shebang: 'feed the rest into specified program which will treat it as a script' (tested this with a quick test program/script, very cool!)
$ cat a.cpp
#include <iostream>
using namespace std;
int main(int argc, const char** argv)
{
	--argc;
	while (argc > 0)
		cout << argv[argc--];
}
``` $ cat a.test #!/home/dom/dev/test

hey

$ clang++ a.cpp

$ mv a.out test

$ ./a.test running my test script scripttestmyrunning./a.test ```

Day 21

https://old.reddit.com/r/linuxupskillchallenge/comments/lt0ybv/day_21_what_next/