SSH Application

In this lecture you are learning YUM package manager and SSH application service:

1. Yum Package Manager
2. SSH Application
3. Linux Services

YUM:

YUM is the package manager in RPM based Linux distributions. RPM is the Redhat Package Manager that is used to manage packages in Redhat like Operating Systems.

YUM package manager supports in below Operating Systems –

1. Amazon Linux
2. Redhat Enterprise Linux 
3. CentOS 
4. Fedora

What is Package?

1. Package is the software that needs to be installed on Linux system to add specific feature or service made available to the system.
2. Package can be a single executable binary file or can have multiple package file group as dependencies to install a specific service to the Linux system.
3. When we are installing a Service or Software to the system need to identify all packages that required to be installed on the system called as Dependency Packages.

What is RPM?

1. Red Hat Package Manager (RPM) utility is used to manage package in the Red Hat Linux Systems.
2. RPM utility cannot resolve dependencies automatically, hence need to explicitly supply all dependency packages for installation of any specific application software.
3. When we used RPM utility to install packages, it uses /var/lib/rpm file to track of the currently installed version of packages for better management of packages.

What is Repository?

All packages are stored in the publicly accessible web store is called Package Repository. YUM downloads the required packages from the repository. Each Operating System vendor maintains their own repository to supply the packages for download. 

Let say Amazon Linux operating system by default configured with Amazon Core and Amazon Extras Repositories to download the packages.

1. Package repository configuration details are stored in the repo file located in the /etc/yum.repos.d directory.
2. How YUM manages the package installation settings are listed in the config file - /etc/yum.conf

How to install a package: Below command shows how to install openssl packages. If the package already installed and its latest then YUM will skip the installation.

[root@ip-172-31-52-242 ~]# yum install openssl

Loaded plugins: extras_suggestions, langpacks, priorities, update-motd

Package 1:openssl-1.0.2k-24.amzn2.0.4.x86_64 already installed and latest version

Nothing to do

[root@ip-172-31-52-242 ~]#

How to List a package: Below command to check if the package already installed or not.

[root@ip-172-31-52-242 ~]# yum list openssl

Loaded plugins: extras_suggestions, langpacks, priorities, update-motd

Installed Packages

openssl.x86_64                          1:1.0.2k-24.amzn2.0.4                          installed

[root@ip-172-31-52-242 ~]#

How to update a package: Below command to update a package to the latest version. If the package already in latest version then YUM do nothing. 

[root@ip-172-31-52-242 ~]# yum update openssl

Loaded plugins: extras_suggestions, langpacks, priorities, update-motd

amzn2-core                                                              | 3.7 kB  00:00:00

No packages marked for update

[root@ip-172-31-52-242 ~]#

How to check history: Below command to check the history of packages that are altered. It helps to undo the package actions based on the ID associated in the history.

[root@ip-172-31-52-242 ~]# yum history

ID     | Command line             | Date and time    | Action(s)      | Altered

-------------------------------------------------------------------------------

     4 | install telnet           | 2023-02-04 03:52 | Install        |    1

     3 | install httpd -y         | 2023-02-04 03:52 | Install        |    2

     2 | remove httpd             | 2023-02-04 03:52 | Erase          |    2

     1 | install httpd -y         | 2023-02-04 03:51 | Install        |    9

history list

[root@ip-172-31-52-242 ~]#

How to uninstall a package: Below command to uninstall a package. Only some portion of the output shown below.

[root@ip-172-31-52-242 ~]# yum remove telnet

Running transaction

  Erasing    : 1:telnet-0.17-65.amzn2.x86_64                                                1/1

   Verifying  : 1:telnet-0.17-65.amzn2.x86_64                                                1/1

Removed:

   telnet.x86_64 1:0.17-65.amzn2

Complete!

[root@ip-172-31-52-242 ~]#

SSH Application:

Openssh is the application software that provide services like Secure Login and Secure File Transfer between client and servers. 

1. SSHD service by default listen to Port : 22
2. SSHD service follow SSH protocol to transfer the data between the server and client
3. SSHD service runs in the server side and it need SSH client software to establish the connection like putty.
4. SSH application home directory  - /etc/ssh
5. SSH application configuration fiel - /etc/ssh/sshd_config

Key Notes:

1. Note that Openssh is installed by default in most common Linux operating systems and also this is set to auto start after the server reboot 
2. Below steps to follow when you are setting up any new application
   1. Install Application using YUM package manager or any specific install method.
   2. Manage Services (Start/Stop/restart) using systemctl command
   3. Check Port is in LISTEN status using netstat –tupln command
   4. Enable Service Auto Start using systemctl enable comamnd
   5. Modify Configuration Files to customize the application
   6. Check Application Home Directory to know where the application configuration files are located
   7. Note that if any configuration changes must need the service to be restarted to take them into effect.

Linux Services:

What is Service?

• A Process which is running continuously on the system is called as service. Service program usually start at booting time and ends only at server shutdown time.
• Service is the responsible process to serve certain services to the client applications. 
• Service process can be controlled using 'service or systemctl' command.
• It is possible to start/stop/restart a service during the session as per the requirements.
• Service is also called as daemon.

Examples:  httpd, vsftpd, sshd etc...

What is systemctl?

• Systemctl is the command to control the service status like start, stop, and restart.
• Systemctl also to enable the service to auto start after the system reboot.

Commands used to control a service:

Syntax:

• #service <name of the service> status --- To check the status of the service
• #service <name of the service> start --- To start the service
• #service <name of the service > stop --- To stop a service
• #service <name of the service> reload --- To reload the service
• #service <name of the service> restart --- To restart the service

Examples:

[root@ip-172-31-52-242 ~]# systemctl status sshd

● sshd.service - OpenSSH server daemon

   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)

   Active: active (running) since Sat 2023-02-04 03:43:12 UTC; 25min ago

     Docs: man:sshd(8)

           man:sshd_config(5)

 Main PID: 3215 (sshd)

   CGroup: /system.slice/sshd.service

           └─3215 /usr/sbin/sshd -D

Feb 04 03:43:12 ip-172-31-52-242.ec2.internal systemd[1]: Starting OpenSSH server daemon...

Feb 04 03:43:12 ip-172-31-52-242.ec2.internal sshd[3215]: Server listening on 0.0.0.0 port 22.

Feb 04 03:43:12 ip-172-31-52-242.ec2.internal sshd[3215]: Server listening on :: port 22.

Feb 04 03:43:12 ip-172-31-52-242.ec2.internal systemd[1]: Started OpenSSH server daemon.

Feb 04 03:47:08 ip-172-31-52-242.ec2.internal sshd[3279]: Address 49.205.32.209 maps to bro...!

Feb 04 03:47:09 ip-172-31-52-242.ec2.internal sshd[3279]: Accepted publickey for ec2-user f...Y

Hint: Some lines were ellipsized, use -l to show in full.

[root@ip-172-31-52-242 ~]# systemctl stop sshd

[root@ip-172-31-52-242 ~]# systemctl restart sshd

[root@ip-172-31-52-242 ~]# systemctl reload sshd

[root@ip-172-31-52-242 ~]#