Fading Coder

One Final Commit for the Last Sprint

Home > Tech > Content

Configuring Network Services and SSH Key Authentication on Linux

Tech 1

1. Gateway Server and Host Configuration

Set up gateway server with dual NICs: ens36: 12.0.0.254/24, ens33: 192.168.241.254/24. Server1 uses 192.168.241.0/24. PC1 and Server2 obtain IP via DHCP. Enable remote SSH access (e.g., Xshell) to Server1 and the gateway.

Adjusting Network Interfaces

On the gateway, disable firewall and SELinux:

systemctl stop firewalld
setenforce 0

On Server1:

hostname server1
bash  # reload shell to apply hostname
systemctl stop firewalld
setenforce 0

On PC1:

hostname pc1
bash
systemctl stop firewalld
setenforce 0

Configuring NICs on Gateway

Copy the existing ens33 config to create ens36:

cd /etc/sysconfig/network-scripts/
cp ifcfg-ens33 ifcfg-ens36

Edit ifcfg-ens36 to set IP 12.0.0.254/24. Edit ifcfg-ens33 to set IP 192.168.241.254/24. Then restart network:

systemctl restart network
ip a

Configuring PC1's NIC

On PC1, edit /etc/sysconfig/network-scripts/ifcfg-ens33 to use DHCP, then restart network:

systemctl restart network

2. DHCP Server on Gateway

Install and configure DHCP to assign IPs to PC1 (192.168.241.x) and Server2 (12.0.0.x), including DNS server addresses.

Setting Up YUM Repository

cd /etc/yum.repos.d/
mkdir bak
mv *.repo bak/
vim local.repo

Add the following content:

[local]
name=local
baseurl=file:///mnt
gpgcheck=0

Mount the CD:

mount /dev/sr0 /mnt/

Install DHCP

yum install dhcp -y

Copy the sample configuration:

cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf

Edit /etc/dhcp/dhcpd.conf:

subnet 192.168.241.0 netmask 255.255.255.0 {
  range 192.168.241.20 192.168.241.50;
  option routers 192.168.241.254;
}

subnet 12.0.0.0 netmask 255.255.255.0 {
  range 12.0.0.20 12.0.0.50;
  option routers 12.0.0.254;
}

Start the DHCP service:

systemctl start dhcpd

On PC1/Server2, ensure their NICs are set to DHCP and restart network:

systemctl restart network

3. SSH Public Key Authentication

On Server1, generate an RSA key pair:

ssh-keygen

Leave passphrase empty when prompted.

Copy the public key to the gateway server:

ssh-copy-id -i .ssh/id_rsa.pub 192.168.241.254

Enter the root password of the gateway when prompted.

Test password-less login:

ssh 192.168.241.254

You should connect with out entering a password.

4. HTTPD with NFS Mount

Install and start Apache on Server1:

yum install httpd -y
systemctl start httpd

Initially, curl to localhost shows default page:

curl 192.168.241.254  # server1's own IP

Set Up NFS Export on Server2

On Server2, create a share directory and index.html:

mkdir /share
echo "Hello from NFS" > /share/index.html

Edit /etc/exports to export /share to all:

/share  *(ro,sync)

Apply exports:

exportfs -r
exportfs -v

Start NFS service:

systemctl start nfs

Mount NFS to Apache Document Root

On Server1, check available NFS exports:

showmount -e 192.168.241.20  # Server2's IP

Mount the remote share:

mount 192.168.241.20:/share /var/www/html

Verify with df -h; you should see the NFS mount.

Test the web server:

curl 192.168.241.254

Output should display the content from the NFS-mounted index.html (e.g., "Hello from NFS").

Tags: LinuxDHCPSSHNFSHTTPD
Back to List

Prev: String Algorithm Fundamentals: Border Theory, Z-Function, and Palindrome Automata

Next: Java Memory Model: Visibility, Ordering, and Synchronization Guarantees

Related Articles

Understanding Strong and Weak References in Java

Strong References Strong reference are the most prevalent type of object referencing in Java. When an object has a strong reference pointing to it, the garbage collector will not reclaim its memory. F...

Comprehensive Guide to SSTI Explained with Payload Bypass Techniques

Introduction Server-Side Template Injection (SSTI) is a vulnerability in web applications where user input is improper handled within the template engine and executed on the server. This exploit can r...

Implement Image Upload Functionality for Django Integrated TinyMCE Editor

Django’s Admin panel is highly user-friendly, and pairing it with TinyMCE, an effective rich text editor, simplifies content management significantly. Combining the two is particular useful for bloggi...

Leave a Comment

Anonymous

◎Feel free to join the discussion and share your thoughts.

Copyright © fadingcoder.top