From the course: Red Hat Enterprise Linux 8 Essential Training
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Configure host- and user-based security
From the course: Red Hat Enterprise Linux 8 Essential Training
Configure host- and user-based security
- [Instructor] It's generally a bad idea to log into a server as a root user. Logging in as a regular user and then elevating privileges via sudo or the SU command is a much better strategy. If we allow root logins, even if the password is very strong, then hackers will target that account. The solution is to restrict root logins by way of SSH, which is fairly easy to do. It doesn't matter which VM you do this on, I'll be using my rhhost1 vm. Let's make sure that we can login to our vm now as root. Type in ssh root@local host and hit enter. Type in root's password and hit enter again. This shows we can login as root. Having a strong password is a good idea, but not allowing root logins is better. Type in exit to logout. Now lets open the SSHD_config file in VI. Type in clear and then type in sudo vi/etc/ssh/sshd_config and hit enter. Type in your password if prompted and then hit enter. Now lets search for the word permit by pressing the forward slash and typing permit with an…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
Lab setup introduction7m 24s
-
(Locked)
Install interactively in a guest VM2m 33s
-
(Locked)
Installing from a DVD ISO Image7m 43s
-
(Locked)
Update system software3m 50s
-
(Locked)
Install Linux Guest Additions4m 18s
-
(Locked)
Virtual machine snapshots4m 56s
-
(Locked)
Reconfigure or migrate CentOS6m 6s
-
-
-
(Locked)
iSCSI target introduction19s
-
(Locked)
Install and configure packages2m 50s
-
(Locked)
Create an iSCSI backstore3m 26s
-
Create iSCSI target2m 43s
-
(Locked)
Create an iSCSI LUN1m 31s
-
(Locked)
Create access control3m 20s
-
(Locked)
Configure firewalld58s
-
(Locked)
Create an iSCSI initiator5m 54s
-
(Locked)
Mount target automatically4m 8s
-
(Locked)
Challenge: iSCSI target and initiator43s
-
(Locked)
Solution: iSCSI target and initiator8m 27s
-
(Locked)
-
-
Authentication services introduction26s
-
(Locked)
Install and prepare LDAP server5m 56s
-
(Locked)
Configure LDAP server2m 35s
-
(Locked)
Set up an LDAP database2m 24s
-
(Locked)
Create an LDAP user2m 24s
-
(Locked)
Finish the LDAP server configuration1m 46s
-
(Locked)
Install and configure LDAP client6m 56s
-
(Locked)
Install and configure Kerberos server packages3m 3s
-
(Locked)
Create a Kerberos database4m 45s
-
(Locked)
Configure Kerberos client authentication3m 58s
-
-
-
Network services introduction44s
-
(Locked)
Consistent network device naming4m 31s
-
(Locked)
Gather network information5m 37s
-
(Locked)
Configure IP and subnet mask3m 46s
-
(Locked)
Configure interface bonding using nmcli4m 14s
-
(Locked)
Configure interface teaming using nmcli6m 5s
-
(Locked)
Configure IPv6 and perform basic troubleshooting1m 30s
-
(Locked)
Use firewalld for packet filtering3m 16s
-
(Locked)
Use firewalld zones3m 42s
-
(Locked)
Use firewalld for NAT3m 32s
-
(Locked)
Use firewalld rich rules3m
-
(Locked)
Route IP traffic and create static routes2m 6s
-
(Locked)
Challenge: Network services1m 13s
-
(Locked)
Solution: Network services6m 45s
-
-
-
Database services introduction44s
-
(Locked)
Install and configure MariaDB2m 3s
-
(Locked)
Manage SELinux for database services2m 58s
-
(Locked)
Perform logical database backups4m 5s
-
(Locked)
Create a database with tables4m 37s
-
(Locked)
Restore logical database backups2m 17s
-
(Locked)
Perform simple SQL queries3m 1s
-
(Locked)
Perform logical database backups4m 5s
-
(Locked)
Restore logical database backups2m 17s
-
(Locked)
Recover the MariaDB root password2m 47s
-
(Locked)
Set the root database password2m 8s
-
-
-
DNS services introduction34s
-
(Locked)
Installing DNS packages58s
-
(Locked)
About the BIND configuration file1m 8s
-
(Locked)
About BIND zone files1m 36s
-
(Locked)
Configure a caching-only name server3m 49s
-
(Locked)
Troubleshoot DNS client issues2m 57s
-
(Locked)
Use dig to resolve DNS records5m 16s
-
-
-
Web services introduction44s
-
(Locked)
Install and configure Apache4m 47s
-
(Locked)
Manage SELinux for web services3m 22s
-
(Locked)
Configure a basic Apache web server2m 6s
-
(Locked)
Configure access control on directories2m 2s
-
(Locked)
Configure private access using basic auth7m 24s
-
(Locked)
Configure group-managed content7m 32s
-
(Locked)
Configure a virtual host5m 36s
-
(Locked)
Configure a virtual host on a nonstandard port6m 5s
-
(Locked)
Configure a secure virtual host4m 24s
-
Deploy a basic CGI application2m 24s
-
(Locked)
Generating key pairs and self-signed certificates4m 28s
-
(Locked)
Challenge: Web services private site53s
-
(Locked)
Solution: Web services private site6m 25s
-
(Locked)
Deploy a basic CGI application2m 13s
-
-
-
(Locked)
NFS services introduction38s
-
(Locked)
Install NFS and configure NFS services1m 55s
-
(Locked)
Manage SELinux for NFS services3m 24s
-
Provide network shares to specific clients4m 21s
-
(Locked)
Mount a simple NFS share1m 38s
-
(Locked)
Create an NFS share for group collaboration4m 31s
-
(Locked)
Mount an NFS share for group collaboration3m 56s
-
(Locked)
Challenge: NFS share for group collaboration52s
-
(Locked)
Solution: NFS share for group collaboration7m 17s
-
(Locked)
-
-
(Locked)
smb services introduction39s
-
(Locked)
Install and configure Samba services2m 11s
-
(Locked)
Manage SELinux for SMB services2m 24s
-
(Locked)
Samba global configuration options1m 45s
-
(Locked)
Samba share configuration definitions1m 1s
-
(Locked)
Create a simple public share5m 5s
-
(Locked)
Provide network shares to specific clients5m 23s
-
(Locked)
Automount using a credentials file2m 24s
-
(Locked)
Provide network shares suitable for group collaboration5m 31s
-
(Locked)
Mount a share for group collaboration1m 58s
-
(Locked)
Challenge: SMB share for group collaboration55s
-
(Locked)
Solution: SMB share for group server6m 6s
-
(Locked)
Solution: SMB share for group client3m 52s
-
(Locked)
-
-
(Locked)
SSH services introduction28s
-
(Locked)
Install SSH additional packages56s
-
(Locked)
SSH client configuration2m 42s
-
(Locked)
SSH server configuration2m 2s
-
(Locked)
SSH per user client configuration4m 30s
-
(Locked)
Configure key-based authentication3m 32s
-
(Locked)
Configure host- and user-based security3m 38s
-
(Locked)