{"id":67602,"date":"2021-07-25T21:30:09","date_gmt":"2021-07-26T01:30:09","guid":{"rendered":"http:\/\/bangla.salearningschool.com\/recent-posts\/experiment-with-ssh-and-tcp-wrappers-devops\/"},"modified":"2021-07-25T21:30:09","modified_gmt":"2021-07-26T01:30:09","slug":"experiment-with-ssh-and-tcp-wrappers-devops","status":"publish","type":"post","link":"http:\/\/bangla.sitestree.com\/?p=67602","title":{"rendered":"Experiment with SSH and TCP Wrappers #DevOps"},"content":{"rendered":"<p>The idea was :<\/p>\n<p>use two servers; server1, and server2<br \/>\ncreate user: user1 in both server1 and server2<br \/>\nuse nmtui to assign IP Addresses to both<br \/>\nuse ifdown and ifup to check if IPs are assigned properly<br \/>\nchange \/etc\/hosts and add the server ips and names<br \/>\nuse ping to know that you can reach each other<br \/>\nuse ssh-key gen to create key files<br \/>\nuse ssh-copy-id to transfer public key file to remote hosts<br \/>\nthen use ssh commands to reach to without passwords<br \/>\ntry scp and sftp : to copy files\/folder to and from<\/p>\n<p>Then use TCP wrappers to allow or deny remote hosts, users, or domains<\/p>\n<p><strong>SSH:<\/strong><\/p>\n<p>2 useradd user1<br \/>\n3 passwd user1<br \/>\n4 ip addr<br \/>\n5 nmtui<br \/>\n6 vim \/etc\/hosts<br \/>\n7 ping server2<br \/>\n8 ip addr<br \/>\n9 nmtui<br \/>\n10 ifdown ens33<br \/>\n11 ifup ens33<br \/>\n12 ping 192.168.1.200<br \/>\n13 vim \/etc\/hosts<br \/>\n14 ping server2<br \/>\n15 su user1<\/p>\n<p>ssh-keygen<br \/>\n1 ssh server2 \/bin\/ls -l<br \/>\n2 scp file1 server2:<br \/>\n3 touch file1<br \/>\n4 scp file1 server2:<br \/>\n5 scp server2:\/usr\/bin\/zip .<\/p>\n<p>7 sftp server2<br \/>\n8 su root<\/p>\n<p>10 w<br \/>\n11 last<\/p>\n<p>13 tail \/var\/log\/secure<\/p>\n<p>15 sudo tail \/var\/log\/secure<\/p>\n<p>19 getcwd<\/p>\n<p>24 ssh-keygen<\/p>\n<p>27 ssh-copy-id -i ~\/.ssh\/id_rsa.pub server2<\/p>\n<p>31 vim .ssh\/authorized_keys<br \/>\n32 ssh server2<\/p>\n<p>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;<br \/>\n<strong><br \/>\nTCP wrappers<\/strong><br \/>\n\/etc\/hosts.allow : to allow to services from whom<br \/>\n\/etc\/hosts.allow : to deny to services from whom<\/p>\n<p>Install TCP Wrappers. I used rpm as I turned off internet in the VMware workstation I used<\/p>\n<p>27 rpm -ivh tcp_wrappers*<br \/>\n28 yum info tcp_wrappers<br \/>\n29 ls \/etc\/hosts.allow<br \/>\n30 vim \/etc\/hosts.allow<br \/>\n30 vim \/etc\/hosts.allow<\/p>\n<p>example rules on hosts.allow<\/p>\n<p>All:All<br \/>\nAll:user1<br \/>\nAll:user1@server2<br \/>\nAll:.justetc.com<br \/>\nsshd:LOCAL<br \/>\nvsftpd:192.168.1.200<br \/>\nAll Except sshd:192.168.1.200 From: http:\/\/sitestree.com\/?p=11978<br \/> Categories:DevOps<br \/>Tags:<br \/> Post Data:2017-12-15 12:37:07<\/p>\n<p>\t\tShop Online: <a href='https:\/\/www.ShopForSoul.com\/' target='new' rel=\"noopener\">https:\/\/www.ShopForSoul.com\/<\/a><br \/>\n\t\t(Big Data, Cloud, Security, Machine Learning): Courses: <a href='http:\/\/Training.SitesTree.com' target='new' rel=\"noopener\"> http:\/\/Training.SitesTree.com<\/a><br \/>\n\t\tIn Bengali: <a href='http:\/\/Bangla.SaLearningSchool.com' target='new' rel=\"noopener\">http:\/\/Bangla.SaLearningSchool.com<\/a><br \/>\n\t\t<a href='http:\/\/SitesTree.com' target='new' rel=\"noopener\">http:\/\/SitesTree.com<\/a><br \/>\n\t\t8112223 Canada Inc.\/JustEtc: <a href='http:\/\/JustEtc.net' target='new' rel=\"noopener\">http:\/\/JustEtc.net (Software\/Web\/Mobile\/Big-Data\/Machine Learning) <\/a><br \/>\n\t\tShop Online: <a href='https:\/\/www.ShopForSoul.com'> https:\/\/www.ShopForSoul.com\/<\/a><br \/>\n\t\tMedium: <a href='https:\/\/medium.com\/@SayedAhmedCanada' target='new' rel=\"noopener\"> https:\/\/medium.com\/@SayedAhmedCanada <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The idea was : use two servers; server1, and server2 create user: user1 in both server1 and server2 use nmtui to assign IP Addresses to both use ifdown and ifup to check if IPs are assigned properly change \/etc\/hosts and add the server ips and names use ping to know that you can reach each &hellip; <\/p>\n<p><a class=\"more-link btn\" href=\"http:\/\/bangla.sitestree.com\/?p=67602\">Continue reading<\/a><\/p>\n","protected":false},"author":8,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1917],"tags":[],"class_list":["post-67602","post","type-post","status-publish","format-standard","hentry","category-fromsitestree-com","item-wrap"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":14027,"url":"http:\/\/bangla.sitestree.com\/?p=14027","url_meta":{"origin":67602,"position":0},"title":"SSH\/SSHD\/OpenSSH in CentOS\/Redhat Linux","author":"Sayed","date":"December 24, 2017","format":false,"excerpt":"Experiment with SSH\/SSHD\/OpenSSH in CentOS\/Redhat Linux Yes, from\u00a0 my history (Probably a review for the technical people, who already knew these sometimes in the past) 461 echo \"dec 24th, 2017\" 462 vim \/etc\/ssh\/sshd_config 463 echo \"SSH Related Commands\" 464 scp -> secure copy 465 tscp -> secure copy for windows\u2026","rel":"","context":"In &quot;\u09b2\u09bf\u09a8\u09be\u0995\u09cd\u09b8 \u098f\u09ac\u0982 \u0989\u09a8\u09bf\u0995\u09cd\u09b8 \u0964 Linux and Unix&quot;","block_context":{"text":"\u09b2\u09bf\u09a8\u09be\u0995\u09cd\u09b8 \u098f\u09ac\u0982 \u0989\u09a8\u09bf\u0995\u09cd\u09b8 \u0964 Linux and Unix","link":"http:\/\/bangla.sitestree.com\/?cat=1231"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":14031,"url":"http:\/\/bangla.sitestree.com\/?p=14031","url_meta":{"origin":67602,"position":1},"title":"Network Interface, Network Clients related Linux\/Redhat\/CentOS commands","author":"Sayed","date":"December 24, 2017","format":false,"excerpt":"echo \"Dec 24th, 2017\" 532 echo \"Basic Networking in Linux\" 533 hostname 534 uname -a 535 uname -n 536 cat \/etc\/hostname 537 nmcli general hostname 538 changing hostname temporarily 539 hostname server10.example.com 540 for permanent change 541 hostnamectl set-hostname server100.example.com 542 or change \/etc\/hostname file 543 vim \/etc\/hostname 544 restart\u2026","rel":"","context":"In &quot;\u09b2\u09bf\u09a8\u09be\u0995\u09cd\u09b8 \u098f\u09ac\u0982 \u0989\u09a8\u09bf\u0995\u09cd\u09b8 \u0964 Linux and Unix&quot;","block_context":{"text":"\u09b2\u09bf\u09a8\u09be\u0995\u09cd\u09b8 \u098f\u09ac\u0982 \u0989\u09a8\u09bf\u0995\u09cd\u09b8 \u0964 Linux and Unix","link":"http:\/\/bangla.sitestree.com\/?cat=1231"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":67594,"url":"http:\/\/bangla.sitestree.com\/?p=67594","url_meta":{"origin":67602,"position":2},"title":"Network Interface, Network Clients related Linux\/Redhat\/CentOS commands #DevOps #RHCSA","author":"Author-Check- Article-or-Video","date":"July 25, 2021","format":false,"excerpt":"echo \"Dec 24th, 2017\" 532 echo \"Basic Networking in Linux\" 533 hostname 534 uname -a 535 uname -n 536 cat \/etc\/hostname 537 nmcli general hostname 538 changing hostname temporarily 539 hostname server10.example.com 540 for permanent change 541 hostnamectl set-hostname server100.example.com 542 or change \/etc\/hostname file 543 vim \/etc\/hostname 544 restart\u2026","rel":"","context":"In &quot;FromSitesTree.com&quot;","block_context":{"text":"FromSitesTree.com","link":"http:\/\/bangla.sitestree.com\/?cat=1917"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":14013,"url":"http:\/\/bangla.sitestree.com\/?p=14013","url_meta":{"origin":67602,"position":3},"title":"Centos\/Redhat \u09b2\u09bf\u09a8\u09be\u0995\u09cd\u09b8 \u098f yum \u0987\u09a8\u09cd\u09b8\u099f\u09b2\u09be\u09b0 \u09b8\u09be\u09b0\u09cd\u09ad\u09be\u09b0 \u0995\u09bf\u09ad\u09be\u09ac\u09c7 \u0995\u09a8\u09ab\u09bf\u0997\u09be\u09b0 \u0995\u09b0\u09ac\u09c7\u09a8","author":"Sayed","date":"December 7, 2017","format":false,"excerpt":"Centos\/Redhat \u09b2\u09bf\u09a8\u09be\u0995\u09cd\u09b8 \u098f yum \u0987\u09a8\u09cd\u09b8\u099f\u09b2\u09be\u09b0 \u09b8\u09be\u09b0\u09cd\u09ad\u09be\u09b0 \u0995\u09bf\u09ad\u09be\u09ac\u09c7 \u0995\u09a8\u09ab\u09bf\u0997\u09be\u09b0 \u0995\u09b0\u09ac\u09c7\u09a8 Mount Installer ISO mkdir \/mnt\/dvd1 mount \/dev\/sr0 \/mnt\/dvd1 Check if FTP server is installed systemctl status vsftpd systemctl start vsftpd Install ftp Server. Using rpm as yum is not available yet [default yum needs the internet, kindof] cd \/mnt\/dvd1\/Packages\/ rpm -ivh\u2026","rel":"","context":"In &quot;\u09b2\u09bf\u09a8\u09be\u0995\u09cd\u09b8 \u098f\u09ac\u0982 \u0989\u09a8\u09bf\u0995\u09cd\u09b8 \u0964 Linux and Unix&quot;","block_context":{"text":"\u09b2\u09bf\u09a8\u09be\u0995\u09cd\u09b8 \u098f\u09ac\u0982 \u0989\u09a8\u09bf\u0995\u09cd\u09b8 \u0964 Linux and Unix","link":"http:\/\/bangla.sitestree.com\/?cat=1231"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":14029,"url":"http:\/\/bangla.sitestree.com\/?p=14029","url_meta":{"origin":67602,"position":4},"title":"TCP Wrappers in Linux\/CentOS\/Redhat\/Fedora","author":"Sayed","date":"December 24, 2017","format":false,"excerpt":"TCP Wrappers in Linux\/CentOS\/Redhat\/Fedora yum info tcp_wrappers yum install tcp_wrappers-devel.x86_64 506 reboot 507 ifdown ens33 508 ifup ens33 509 yum install tcp_wrappers-devel.x86_64 510 yum -y install tcp_wrappers-devel.x86_64 511 ls \/var\/ftp\/pub\/Packages\/ 512 ls \/etc\/yum.repos.d\/local.repo 513 vim \/etc\/yum.repos.d\/local.repo 514 systemctl status vsftpd 515 systemctl start vsftpd 516 systemctl enable vsftpd 517 yum\u2026","rel":"","context":"In &quot;\u09b2\u09bf\u09a8\u09be\u0995\u09cd\u09b8 \u098f\u09ac\u0982 \u0989\u09a8\u09bf\u0995\u09cd\u09b8 \u0964 Linux and Unix&quot;","block_context":{"text":"\u09b2\u09bf\u09a8\u09be\u0995\u09cd\u09b8 \u098f\u09ac\u0982 \u0989\u09a8\u09bf\u0995\u09cd\u09b8 \u0964 Linux and Unix","link":"http:\/\/bangla.sitestree.com\/?cat=1231"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":78455,"url":"http:\/\/bangla.sitestree.com\/?p=78455","url_meta":{"origin":67602,"position":5},"title":"Visual Comparison of Flat vs Hierarchical DNS Namespaces","author":"Sayed","date":"September 8, 2025","format":false,"excerpt":"Visual Comparison of Flat vs Hierarchical DNS Namespaces 1. Flat DNS Namespace example.com \u251c\u2500\u2500 server1.example.com \u251c\u2500\u2500 server2.example.com \u251c\u2500\u2500 printer1.example.com \u2514\u2500\u2500 laptop-john.example.com All hosts are directly under the main domain. Simple, but hard to scale for larger networks. 2. Hierarchical DNS Namespace example.com \u251c\u2500\u2500 hr.example.com \u2502 \u251c\u2500\u2500 server1.hr.example.com \u2502 \u2514\u2500\u2500 server2.hr.example.com\u2026","rel":"","context":"In &quot;Computer Networks&quot;","block_context":{"text":"Computer Networks","link":"http:\/\/bangla.sitestree.com\/?cat=1978"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/posts\/67602","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=67602"}],"version-history":[{"count":0,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/posts\/67602\/revisions"}],"wp:attachment":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=67602"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=67602"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=67602"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}