Unix System Administration Assignment
Design assignment based on the network configuration below.
jump: must be the single node from the secondary subnet
i.e
node a = 10.128.2.201
node b = 10.128.1.202<< jump
node c = 10.128.2.202
server-a and server-b are both from the same subnet
in order to access the servers, first you need to login into the university network then ssh to the nodes.
node a = 10.128.1.101 root pw = 5037458
node b = 10.128.2.101 << jump - root pw = 5037458
node c = 10.128.1.102 -root pw = 5037458
YOUR PANTHER ID HERE = 5037458
the cvs file is on this link
https://users.cis.fiu.edu/~ggome002/cts4348/files/dpere297.csv
1. disable SSH login for root. // all nodes
2. SSH connections
restrict incoming SSH connection to server-a and server-b from the following server:
jump = 10.128.1.202
ocelot.aul.fiu.edu
users.cs.fiu.edu
cts4348-a.cs.fiu.edu
cts4348-b.cs.fiu.edu
10.128.1.90
3. // SSH keys
create a user with username [ YOUR PANTHER ID HERE ] on all nodes
configure the RSA key pair on jump
copy the private key to server a and server b
test key authentication between jump and server a / b
make sure that user [ YOUR PANTHER ID HERE ] does not have passwords configure in any of the boxes
download the users CSV from the following url.
https://users.cis.fiu.edu/~ggome002/cts4348/files/[ USERNAME ].csv
https://users.cis.fiu.edu/~ggome002/cts4348/files/dpere297.csv
4. add all users to the jump server
// basic useradd
i.euseradd roary001
5. // 1 - 299
// add the name of the user as a comment
i.euseradd roary001 -c "roary the panther "
server a - add only male users
server b - add only female users
6. // 300 - 599
// add users, make sure that the home folder is located
// in the directory /home/finishers
server a - add only overall position 1 - 3k
server b - add only overall position 1 - 6k
7. // 600 - 900
// add users, make sure that the home folder is located in the
// company name listed on the csv. i.e. /home/company/[COMPANY NAME]
// in addition make sure to add the company name as group in the
// system and add the users to that group
server a - add only overall position A - M
server b - add only overall position N - Z
8. // delete all user from jump that finish the race over 40 min
9. install fail2ban on all nodes. ( 2 point )
// make sure to fail.local
[DEFAULT]
# Ban hosts for 5 min:
bantime = 300
# Override /etc/fail2ban/jail.d/00-firewalld.conf:
banaction = iptables-multiport
[sshd]
enabled = true
Attachment:- Assignment.rar