# L4. Configuration Services. Exercises ## Exercise 1 – System Services 1. Check the status of the current active services 1. Check the system log (journalctl) --- ## Exercise 2 – SSH 1. Start the SSH service, then check the service status 1. From a different Linux machine, try SSH to root user 1. Go to the SSH configuration file to modify the option to SSH to root 1. Try to SSH root once again --- ## Exercise 3 – Security SSH Config* 1. Disable Root Logins 2. Use Another Port 3. Configure Idle Timeout Interval 4. Limit Users’ SSH Access (user1, user2) 5. Disable Empty Passwords 6. Only Use SSH Protocol 2 7. Allow Only Specific Clients (IP + iptables) --- ## Exercise 4 – Security SSH Config 2* 1. Task from "Exercise 3 – Security SSH Config*" (1-6), but use only "sed" command --- ## Exercise 5 – Public/Private Keys for Authentication* 1. Use Public/Private Keys for SSH Authentication --- ## Exercise 6 – FTP 1. Install the VSFTPD service 1. From a different machine, try to connect to the FTP service via CLI with a username and password, and capture the network traffic with Wireshark to observe the non-encrypted credentials --- ## Exercise 7 – tFTP 1. Start the "tftp" service with atftpd package --- ## Exercise 8 – Samba 1. Install the Samba service 1. Create a folder and assign it every permission possible 1. Edit the Samba configuration file, and add the shared folder location and settings 1. Start the “smbd” service 1. Connect from a Windows machine to the shared folder with credentials --- ## Exercise 9 – sFTP* 1. Make sure the SSH and FTP services are both installed and active 1. Navigate to SSH config file 1. Add the necessary configurations to allow and sFTP connection 1. Create a group to match the configuration and add a user to that group 1. Open the Wireshark listener 1. Connect with the user in sFTP group to sFTP service from another machine, and try to fetch the credentials via Wireshark ---