eodenyire

Current Task

Given a text file, which will be piped to your command through STDIN, use grep to display all those lines which contain any of the following words in them:
the
that
then
those
The search should not be sensitive to case. Display only those lines of an input file, which contain the required words.

Input Format

eodenyire

#!/bin/bash

set -eu

if ! command -v ssh-keygen &> /dev/null ;then
    echo "Cant seem to find 'ssh-keygen' binary, are you sure its installed ?"
    exit 1
fi
if ! command -v ssh &> /dev/null ;then
    echo "Cant seem to find 'ssh' binary, are you sure its installed ?"

eodenyire

Install and Configure DB Server - KodeKloud

We recently migrated one of our WordPress websites from an old server to a new infrastructure in Stratos Datacenter. We have already set up LAMP, except for the database. We have also restored website code; however, we need to restore the database to make it work on the new infra. Please perform the below given steps on DB host:

a. Install/Configure MariaDB server.

b. Create a database with name kodekloud_db3.

c. There is a DB dump on jump_host under location /home/thor/db.sql. Restore this database in newly created database.

d. Create a user kodekloud_aim and set any password you like.

e. Grant full permissions to user kodekloud_aim on database kodekloud_db3.

f. Update database-related details in /data/wp-config.php file on storage server, which is our NFS server having a share /data mounted on each app server on location /var/www/html. (for more details about how to update WordPress config file please visit https://wordpr

eodenyire

Pam Authentication for Apache - KodeKloud

The document root /var/www/html of all web apps is on NFS share /data on storage server in Stratos Datacenter. We have a requirement where we want to password protect a directory in the Apache web server document root. We want to password protect http://:<apache_port>/protected URL as per the following requirements (you can use any website-url for it like local host since there are no specific requirements as of now):

a. We want to use basic authentication

b. We do not want to use htpasswd file base authentication. Instead, we want to use PAM authentication, i.e. Basic Auth + PAM so that we can authenticate with a Linux user.

c. We already have a user james with password GyQkFRVNr3 which you need to provide access to.

d. You can access the website on the LBR Link. To do so click on the + button on the top of your terminal, select Select port to view on Host 1, and after adding port 80 click on Display port.

Solution

eodenyire

Linux Firewalld Setup - KodeKloud

Click on Black Tick to Do Task Again

To secure our Nautilus infrastructure in Stratos Datacenter we have decided to install and configure firewalld on all app servers. We have Apache and Nginx services running on these apps. Nginx is running as a reverse proxy server for Apache. We might have more robust firewall settings in the future, but for now we have decided to go with the given requirements listed below:

1. Allow all incoming connections on Nginx port.
2. Allow incoming connections from LB host only on Apache port and block for all others.
3. All rules must be permanent.
4. Zone should be public.
5. If Apache or Nginx services aren't running already, please make sure to start them.

Solution:

eodenyire

NFS Troubleshooting - KodeKloud

The Nautilus production support team was trying to fix issues with their storage server. The storage server has a shared directory /webdata, which is mounted on all app servers at location /var/www/html so that whatever data they store on storage server under /webdata can be shared among all app servers. Somehow NFS server is broken and having some issues. Identify the root cause of the issue and fix it to make sure sharing works fine among all app servers and storage server.

Click on ✔ and Do Task Again

Solution:

Open 4 terminal

ssh on all 4 terminal

ssh tony@stapp01

eodenyire

LinuxBanner - kodekloud

During the monthly compliance meeting, it was pointed out that several servers in the Stratos DC do not have a valid banner. The security team has provided serveral approved templates which should be applied to the servers to maintain compliance. These will be displayed to the user upon a successful login. Update the message of the day on all application and db servers for Nautilus. Make use of the approved template located at /tmp/nautilus_banner on jump host

Click on ✔ and Do Task Again

Solution:

Open 5 Terminal

On Jump Server

sudo scp -r  /root/nautilus_banner tony@stapp01:/home/tony
sudo scp -r  /root/nautilus_banner steve@stapp02:/home/steve 

eodenyire

DNS Troubleshooting

The system admins team of xFusionCorp Industries has noticed intermittent issues with DNS resolution in several apps . App Server 1 in Stratos Datacenter is having some DNS resolution issues, so we want to add some additional DNS nameservers on this server. As a temporary fix we have decided to go with Google public DNS (ipv4). Please make appropriate changes on this server.

Solution:-

ssh on App Server According to task

ssh tony@stapp01  #App Server 1  Ir0nM@n
### OR
ssh steve@stapp02 #App Server 2 Am3ric@

eodenyire

Click on ✔ and Do The Task Again

During a routine security audit, the team identified an issue on the Nautilus App Server. Some malicious content was identified within the website code. After digging into the issue they found that there might be more infected files. Before doing a cleanup they would like to find all similar files and copy them to a safe location for further investigation. Accomplish the task as per the following requirements:

1. On App Server 3 at location /var/www/html/blog find out all files (not directories) having .js extension.
2. Copy all those files along with their parent directory structure to location /blog on same server.
3. Please make sure not to copy the entire /var/www/html/blog directory content.

SSh on App Server According To Task

ssh tony@stapp01  # App server 1
ssh steve@stapp02 # App server 2

eodenyire

Setup SSL for Nginx

The system admins team of xFusionCorp Industries needs to deploy a new application on App Server 1 in Stratos Datacenter. They have some pre-requites to get ready that server for application deployment. Prepare the server as per requirements shared below: Install and configure nginx on App Server 1. On App Server 1 there is a self signed SSL certificate and key present at location /tmp/nautilus.crt and /tmp/nautilus.key. Move them to some appropriate location and deploy the same in Nginx. Create an index.html file with content Welcome! under Nginx document root. For final testing try to access the App Server 1 link (either hostname or IP) from jump host using curl command. For example curl -Ik https:// /.

Click on ✔ and Do Task Again

Solution:-

SSh on App Server According to Task

ssh tony@stapp01
sudo  yum install epel-release -y