Linux Basics Training

Prepared By
Rediet Solomon
2024
1. Introduction to Linux 3
1.1. Basic history and philosophy of Linux 3
1.2. Understanding different Linux distributions 4
1.3. Installation and basic configuration 6
2. Command Line Basics 7
2.1. Introduction to the terminal 7
2.2. Basic commands 7
2.3. Understanding the Prompt: 7
2.4. File permissions (chmod, chown) 8
2.5. Input/output redirection and piping 10
3. File System Hierarchy 11
3.1. Understanding the Linux file system structure 11
3.2. Important directories and their purposes 11
4. Users and Groups 13
4.1. User management (add, modify, delete users) 13
4.2. Group management 14
4.3. User permissions and access control 14
5. Package Management 15
5.1. Introduction to package managers (apt, yum, etc.) 15
5.2. Installing, updating, and removing software packages 16
6. System Configuration and Maintenance 17
6.1. Managing services (start, stop, restart, enable, disable) 17
6.2. Basic system configuration files (/etc/) 18
6.3. System monitoring and troubleshooting 18
7. Networking 19
7.1. Configuring network interfaces 19
7.2. Basic network troubleshooting 19
7.3. Firewall configuration (iptables, firewalld) 20
8. Shell Scripting 21
8.1. Basics of shell scripting 21
8.2. Writing simple scripts to automate tasks 22
9. Security 23
9.1. User authentication (passwords, SSH keys) 23
9.2. Basic firewall setup and configuration 24
9.3. System hardening best practices 25
10. Advanced Topics 26
10.1. Disk management (partitioning, LVM) 26
10.2. Remote administration (SSH, SCP, rsync) 26
10.3. Virtualization basics (VirtualBox, KVM) 27
1. Introduction to Linux
1.1. Basic history and philosophy of Linux
Linux, born out of the ideals of free and open-source software, has a rich history and a
philosophy deeply rooted in collaboration, transparency, and community-driven development.

The story of Linux begins with Linus Torvalds, a Finnish computer science student, who in 1991,
sought to create a Unix-like operating system kernel. He released the initial version of Linux as
open-source, inviting collaboration and contributions from fellow enthusiasts around the world.
This decision laid the foundation for what would become one of the most influential projects in
the history of computing.

The philosophy behind Linux is encapsulated in the famous "open-source" ethos, which
emphasizes the freedom to use, study, modify, and distribute software. Unlike proprietary
operating systems, Linux is built upon the principles of transparency and accessibility, enabling
users to inspect and modify its source code to suit their needs.

Another fundamental aspect of Linux philosophy is its commitment to community-driven

development. Thousands of developers, enthusiasts, and organizations contribute to the Linux
ecosystem, collectively enhancing its functionality, reliability, and security. This collaborative
approach has led to the rapid evolution of Linux, with frequent updates and improvements
driven by real-world feedback and contributions.

Moreover, Linux embodies the spirit of customization and flexibility, offering a vast array of
distributions (or "distros") tailored to different use cases, preferences, and hardware
configurations. From lightweight distributions for older hardware to specialized distributions for
servers, embedded systems, and scientific computing, Linux caters to a diverse range of needs
and requirements.

Additionally, Linux champions the idea of democratizing technology by making powerful

computing resources accessible to everyone, regardless of financial means or geographic
location. Its low cost, high performance, and robust security have made it the preferred choice
for a wide range of applications, from personal computers to enterprise servers and everything
in between.
 1.2. Understanding different Linux distributions
Linux distributions, often referred to as "distros," are variations of the Linux operating system
that package together the Linux kernel with various software packages and tools to create a
complete operating system. Each distribution is designed with specific goals, philosophies, and
target audiences in mind. Here's an overview of some popular Linux distributions:

A Linux distribution is more than just a collection of software; it's a comprehensive operating
system package that encompasses everything needed to run a computer effectively. At its core,
a Linux distribution consists of the Linux kernel—the foundational software that interacts with
hardware—and additional software layers, including system libraries, utilities, and application
programs. These components are bundled together and managed through a package
management system, which simplifies the installation, update, and removal of software
packages.

In essence, the formula for a Linux distribution can be distilled as follows

Linux Kernel + Additional Software (System Libraries, Utilities, Applications) + Package

Management System = Linux Distro

By combining these elements, a Linux distribution provides users with a cohesive environment
for computing tasks, whether they're using the system for everyday desktop use, server
operations, development, or specialized purposes.

Linux distributions can be classified into several lineages or "ancestors," each with its own
package management system and community

Debian (apt) Debian is one of the oldest and most influential Linux distributions. It is known for
its commitment to free and open-source software principles, stability, and versatility. Debian
uses the APT (Advanced Package Tool) package management system, which simplifies
software installation and management.
Ubuntu Based on Debian, Ubuntu aims to provide a user-friendly and accessible Linux
experience for desktop users. It builds upon Debian's foundations while adding its own software
repositories, desktop environments, and user-focused features. Ubuntu also uses the APT
package management system.

Red Hat Linux (dnf) Red Hat Linux, developed by the company Red Hat, is a distribution
primarily targeted at enterprise and server environments. It emphasizes stability, security, and
support services. Red Hat Linux uses the DNF (Dandified YUM) package manager, which is a
successor to the YUM (Yellowdog Updater, Modified) package manager.

CentO: CentOS (Community Enterprise Operating System) is a community-driven distribution

built from the source code of Red Hat Enterprise Linux (RHEL). It aims to provide a free, stable,
and compatible alternative to RHEL. Like RHEL, CentOS also uses the DNF package
management system.

Arch Linux (Pacman): Arch Linux follows a minimalist and "rolling release" model, offering a
lightweight base system that users can customize extensively. It provides the Pacman package
manager, which simplifies software installation and management through a straightforward
command-line interface.

ArcoLinux: Based on Arch Linux, ArcoLinux aims to make Arch more accessible to newcomers
by providing pre-configured desktop environments, themes, and software choices. It inherits
Arch's Pacman package management system and rolling release model.

Slackware (Sailx OS): One of the oldest surviving Linux distributions, Slackware emphasizes
simplicity, stability, and traditional Unix design principles. It uses the tar command and .tgz
format for package management, eschewing more sophisticated package managers in favor of
simplicity and transparency.

These Linux distribution "grandparents" serve as foundational pillars from which numerous other
distributions have emerged, each catering to specific user needs, preferences, and use cases.
Whether you're a beginner looking for an easy-to-use desktop environment, a power user
seeking customization and control, or a system administrator managing servers, there's likely a
Linux distribution that fits your requirements.
 1.3. Installation and basic configuration

1.Download Ubuntu-server ISO File

2.Install VirtualBox
3.Open VirtualBox and Create a new VBox Machine
4.Assign RAM
5.Create a Virtual Hard Disk
6.Assign Disk size to your vm
7.Mount the iso file and continue with the installation process of ubunt-server
2. Command Line Basics
2.1. Introduction to the terminal
The command line, often referred to as the terminal or shell, is a powerful interface for
interacting with a computer's operating system. While modern graphical user interfaces (GUIs)
provide intuitive ways to navigate and operate a system, the command line offers unparalleled
efficiency and control over various tasks.

Use the Tab key for auto-completion, which helps reduce typing errors and speeds up command
entry.

Press Ctrl+C to cancel or stop a running command.

To repeat a previous command, use the up arrow key to navigate through command history.

Use man followed by a command name to display the manual page for that command. For
example, man ls displays information about the ls command.

Understanding the basics of the command line is essential for efficient system administration,
development, and automation tasks. With practice, you can leverage the power of the terminal
to streamline your workflow and accomplish tasks more effectively.

2.2. Basic commands

Opening the Terminal
On Linux You can typically open a terminal by searching for "Terminal" in the applications menu
or by pressing Ctrl+Alt+T.
On macOS The Terminal app can be found in the Utilities folder within the Applications folder.
On Windows You can use Command Prompt (cmd.exe) or PowerShell.

2.3. Understanding the Prompt:

Upon opening the terminal, you'll see a prompt, indicating that the terminal is ready to receive
commands. The prompt usually includes information such as the current directory and
username.
File and Directory Manipulation

mv Moves files or directories from one location to another.

Syntax mv source destination.
cp Copies files or directories.
Syntax cp source destination.
rm Deletes files or directories. Use with caution, as this action is irreversible.
Syntax rm file or rm -r directory.
cat Displays the contents of a file.
Syntax cat filename.

File System Navigation

pwd Prints the current working directory.

cd Changes the current directory. Use
cd .. to move up one directory and
cd to return to the home directory.
ls Lists the contents of the current directory. Use
ls -l for a detailed listing and
ls -a to show hidden files.

2.4. File permissions (chmod, chown)

File permissions in Unix-based systems like Linux are managed using the chmod (change
mode) and chown (change owner) commands.

chmod This command is used to change the permissions of a file or directory. The permissions
determine who can read, write, or execute the file. The basic syntax of chmod is:

chmod [options] mode file

Here, mode represents the permissions you want to set, and file is the name of the file or
directory you want to modify.

Options:

-R Recursively change permissions of directories and their contents.

 -v Verbose mode, it displays a message for each file processed.

-c Similar to -v, but only displays output when a change is made.

Mode The mode consists of three components: who (user, group, others), what (read, write,
execute), and which file types (regular file, directory, symbolic link). It's represented by a
three-digit octal number

chmod [ugoa][+-=][rwxXstugo] file

u stands for user/owner, g for group, o for others, a for all.

+ adds permissions,

- removes permissions,

= sets permissions explicitly.

r for read,

w for write,

x for execution.

x adds execute permission only if the file is a directory or already has execute permission for
some user.

Example

chmod u+x file.txt

chmod 755 script.sh

chown This command is used to change the owner and group of a file or directory. The basic
syntax of chown is

chown [options] new_owner:new_group file

Options

-R: Recursively change ownership of directories and their contents.

-v: Verbose mode, it displays a message for each file processed.

 -c: Similar to -v, but only displays output when a change is made.

Example

chown user1:group1 file.txt

chown -R user1:group1 folder/

By using chmod and chown commands, you can effectively manage file permissions and
ownership in Unix-like operating systems.

2.5. Input/output redirection and piping

Input/output redirection and piping are powerful concepts in Unix-like operating systems,
allowing you to control how information flows between commands and files.

Input/Output Redirection

Output Redirection (>) It allows you to redirect the output of a command to a file instead of
printing it to the terminal. If the specified file already exists, it will be overwritten.

Example

ls > files.txt

Appending Output (>>) This appends the output of a command to the end of a file without
overwriting the existing content.

Example

echo "New line" >> files.txt

Input Redirection (<) It allows you to redirect the input of a command to come from a file rather
than from the keyboard.

Example:

wc -l < files.txt

Here Document (<<) It allows you to feed a block of text into a command as its input.

Example
 cat << EOF
This is
a multiline
text
EOF
Piping (|)

Piping allows you to take the output of one command and use it as the input for another
command. It enables you to chain commands together, creating powerful combinations.

Example

ls -l | grep ".txt"

Here, the output of ls -l is fed into grep ".txt", which searches for lines containing ".txt".

3. File System Hierarchy

The Linux File System Hierarchy Standard (FHS) defines the structure of directories in Unix-like
operating systems, including Linux. Understanding the Linux file system structure is crucial for
navigating, organizing, and managing files and directories efficiently

3.1. Understanding the Linux file system structure

The Linux file system is hierarchical, meaning it is organized in a tree-like structure with
directories (folders) at various levels. The root directory ("/") serves as the top-level directory
from which all other directories branch out.

3.2. Important directories and their purposes

Here are some of the most essential directories in the Linux file system and their purposes:

/bin Contains essential binary executable files (commands) required for system boot and repair.
Common commands like ls, cp, mv, mkdir, etc., reside here.

/boot Contains boot loader-related files, including the Linux kernel, initial ramdisk
(initrd/initramfs), and boot configuration files.
/dev Contains device files representing hardware devices connected to the system, including
disks, partitions, terminals, etc.

/etc Stores system-wide configuration files for various applications and services. Configuration
files for networking, user authentication, system startup, etc., are typically found here.

/home Contains user home directories. Each user has a separate subdirectory here to store
their files and personal settings.

/lib and /lib64 Contains shared library files required by programs at runtime.

/mnt and /media These directories are used for mounting external file systems, such as USB
drives, CD-ROMs, network shares, etc.

/opt Typically used for installing optional software packages. It's often used by third-party
applications that don't follow the standard Linux file system hierarchy.

/proc and /sys These directories provide interfaces to kernel data structures and configuration
parameters. They are used for system monitoring and configuration.

/root Home directory for the root user (superuser). Unlike other users, the root user's home
directory is located at /root.

/sbin Contains system binaries, similar to /bin, but these are typically used by the superuser for
system administration tasks.

/tmp Used for temporary files created by applications and system processes. Files in this
directory are typically deleted on system reboot.

/usr Contains user-related programs, libraries, documentation, and other files not required for
basic system operation. It's subdivided into directories like /usr/bin, /usr/sbin, /usr/lib, etc.

/var Contains variable files such as log files, spool directories, temporary files, etc., which are
expected to grow in size during normal system operation.
4. Users and Groups
Users and Groups and user management are fundamental aspects of Linux-like operating
systems. They play a crucial role in controlling access to resources, managing permissions, and
ensuring system security.

User

A user is an individual who interacts with the system. Each user has a unique username and
user ID (UID) assigned to them. Users have their own home directories where they can store
their files and personalize their environment.

Group

A group is a collection of users. Groups help in organizing users with similar access
requirements. Each group has a unique group name and group ID (GID) assigned to it. Users
can belong to one or more groups.

4.1. User management (add, modify, delete users)

User management involves tasks such as adding, modifying, and deleting users. Here are some
common commands for user management:

Adding Users

useradd Command to add a new user.

Example sudo useradd username

Modifying Users

usermod Command to modify user attributes.

Example sudo usermod -aG groupname username (Adds user to a group)

Deleting Users

userdel Command to delete a user.

Example sudo userdel username

 4.2. Group management
Group management involves creating, modifying, and deleting groups. Here are some common
commands for group management

Creating Groups

groupadd Command to create a new group.

Example sudo groupadd groupname

Modifying Groups

groupmod Command to modify group attributes.

Example sudo groupmod -n newgroupname oldgroupname (Renames a group)

Deleting Groups

groupdel Command to delete a group.

Example sudo groupdel groupname

4.3. User permissions and access control

User permissions control who can access and manipulate files and directories. Permissions are
set for three categories: owner, group, and others. Common commands for managing
permissions include

chmod Command to change file permissions.

Example

chmod 755 filename (Gives read, write, and execute permission to the owner, and read
and execute permission to the group and others)

chown Command to change the owner and group of a file.

Example

chown username:groupname filename (Changes the owner and group of the file)
5. Package Management
Package Management refers to the process of installing, updating, and removing software
packages on a computer system. It involves the use of package managers, which are tools
designed to automate the management of software packages, dependencies, and repositories.
Package managers ensure that software installations are smooth, efficient, and consistent
across different systems.

5.1. Introduction to package managers (apt, yum, etc.)

Package managers are software tools that simplify the process of installing, updating, and
removing software packages. They handle dependencies, resolve conflicts, and manage
software repositories.

Common package managers in Linux include

Advanced Package Tool (APT) APT is a package management system used primarily by
Debian-based Linux distributions, such as Debian, Ubuntu, and Linux Mint. It consists of
command-line tools like apt-get and apt.

Yellowdog Updater, Modified (YUM) YUM is a package management system used primarily by
Red Hat-based Linux distributions, such as CentOS, Fedora, and RHEL (Red Hat Enterprise
Linux). It consists of command-line tools like yum.

dnf DNF (Dandified YUM) is the next-generation package manager used by newer versions of
Red Hat-based distributions, including Fedora and CentOS/RHEL 8 and later. It replaces YUM
with improved performance and features.

Pacman Pacman is the package manager used by Arch Linux and its derivatives. It is known for
its simplicity and powerful dependency resolution capabilities.

Zypper Zypper is the default package manager for openSUSE and SUSE Linux Enterprise
distributions. It is a command-line tool for package management and repository management.
 5.2. Installing, updating, and removing software packages
Package managers provide commands and utilities to perform various operations related to
software packages

Installing Packages

Using APT: sudo apt-get install package_name

Using YUM/DNF: sudo yum/dnf install package_name

Example: sudo apt-get install firefox

Updating Packages

Using APT: sudo apt-get update && sudo apt-get upgrade

Using YUM/DNF: sudo yum/dnf update

Example: sudo apt-get update && sudo apt-get upgrade

Removing Packages

Using APT: sudo apt-get remove package_name

Using YUM/DNF: sudo yum/dnf remove package_name

Example: sudo apt-get remove firefox

Package managers automatically handle dependencies when installing or removing packages,

ensuring that all required components are properly managed. They also enable system
administrators to manage software repositories, add or remove package sources, and perform
other administrative tasks related to software management
6. System Configuration and Maintenance
System Configuration and Maintenance encompasses tasks related to managing and
maintaining the configuration and functionality of a computer system. This includes managing
services, configuring system settings, monitoring system performance, and troubleshooting
issues.

6.1. Managing services (start, stop, restart, enable, disable)

Services are background processes or daemons that run continuously to provide specific
functionality or perform tasks on a system. Managing services involves starting, stopping,
restarting, enabling, and disabling them as needed.

Start a Service Initiate the execution of a service.

Command sudo service <service_name> start

Example sudo service apache2 start

Stop a Service Terminates the execution of a service.

Command: sudo service <service_name> stop

Example sudo service apache2 stop

Restart a Service Stop and then start a service, often used to apply configuration changes.

Command sudo service <service_name> restart

Example sudo service apache2 restart

Enable a Service Configure a service to start automatically upon system boot.

Command sudo systemctl enable <service_name>

Example sudo systemctl enable apache2

Disable a Service Prevent a service from starting automatically upon system boot.

Command sudo systemctl disable <service_name>

 Example: sudo systemctl disable apache2

6.2. Basic system configuration files (/etc/)

The /etc/ directory contains configuration files for various system components and services.
These files store settings and parameters that determine the behavior and operation of the
system.

Examples of Configuration Files:

/etc/passwd User account information.

/etc/group Group information.

/etc/hosts Mapping of hostnames to IP addresses.

/etc/network/interfaces Network interface configuration.

/etc/apt/sources.list APT package manager repository configuration.

6.3. System monitoring and troubleshooting

System monitoring involves observing system performance metrics, resource usage, and
system health indicators to ensure proper functioning. Troubleshooting involves diagnosing and
resolving issues that arise in the system.

Monitoring Tools

● top Display real-time system resource usage.

● htop Interactive version of top with more features.
● vmstat Report virtual memory statistics.
● sar Collect, report, and save system activity information.
● iostat Report CPU utilization and I/O statistics.
● netstat Display network connections, routing tables, interface statistics, etc.

Troubleshooting Techniques
 ● Checking system logs (/var/log/) for errors and warnings.
● Investigating specific processes or services using monitoring tools.
● Verifying network connectivity and configuration.
● Analyzing disk usage and performance.
● Inspecting system hardware for faults or failures.

7. Networking
Networking involves the configuration, management, and troubleshooting of network
connections and communication on computer systems. It encompasses tasks such as
configuring network interfaces, troubleshooting network issues, and managing network security
through firewall configuration.

7.1. Configuring network interfaces

Network interfaces allow computers to connect to networks and communicate with other
devices. Configuring network interfaces involves setting IP addresses, subnet masks, gateway
addresses, DNS servers, and other network parameters.

Commands for Configuring Network Interfaces

● ifconfig Display or configure network interfaces (older command).

○ Example sudo ifconfig eth0 192.168.1.100 netmask 255.255.255.0
● ip A more modern command for network configuration.
○ Example sudo ip address add 192.168.1.100/24 dev eth0

Configuration Files.

● /etc/network/interfaces (Debian/Ubuntu) Configuration file for network interfaces.

● /etc/sysconfig/network-scripts/ifcfg-eth0 (Red Hat-based)- Configuration file for
network interfaces.

7.2. Basic network troubleshooting

Network troubleshooting involves diagnosing and resolving issues related to network
connectivity, performance, and configuration.

Common Network Troubleshooting Steps:

Checking physical connections and cable integrity.

Verifying network interface configurations (ifconfig, ip addr).

Testing network connectivity using tools like ping and traceroute.

Inspecting DNS resolution (nslookup, dig).

Analyzing network traffic with tools like tcpdump for wireshark.

7.3. Firewall configuration (iptables, firewalld)

Firewalls are security mechanisms that control incoming and outgoing network traffic based on
predefined rules. Common firewall configuration utilities include iptables and firewalld.

IP-tables

A command-line utility for managing packet filtering rules in the Linux kernel.

Examples

Allow incoming SSH traffic: sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Block all incoming traffic: sudo iptables -P INPUT DROP

Configuration typically involves writing rules directly or using scripts.

Firewalld

A dynamic firewall management tool that provides a more user-friendly interface.

Examples

Allow incoming SSH traffic

sudo firewall-cmd --add-service=ssh --permanent

Block all incoming traffic

sudo firewall-cmd --set-default-zone=drop

Firewall configuration helps protect systems from unauthorized access and network-based
attacks by controlling the flow of traffic in and out of the system.
8. Shell Scripting
8.1. Basics of shell scripting
Shell scripting involves writing scripts or programs using shell commands and syntax to
automate tasks, perform system administration tasks, or execute commands sequentially. The
shell is the command-line interface that allows users to interact with the operating system.
Common shells include Bash (Bourne Again Shell), sh (Bourne Shell), and others.

Basics of Shell Scripting

1. Shebang Line

The first line of a shell script specifies the interpreter to use. It starts with #! followed by the path
to the shell interpreter.

Example: #!/bin/bash specifies that the script should be executed using Bash.

2. Comments

Comments in shell scripts start with # and are ignored by the interpreter.

Example # This is a comment.

3. Variables

Variables store data that can be manipulated and used within the script.

Example: name="John"

Basic Commands

Shell scripts can execute system commands just like you would in the terminal.

Example: ls -l, echo "Hello"

Input/Output

Shell scripts can take input from users or files and produce output.

Input: Using read command.

Output: Using echo or printf.

Control Structures

Shell scripts support basic control structures like loops (for, while), conditionals (if, else, elif),
and case statements (case).

Example

if [ "$name" == "John" ]; then

echo "Hello, John!"

fi

8.2. Writing simple scripts to automate tasks

Identify Task

Determine the task or tasks you want to automate using a shell script.

Plan and Design

Plan the steps needed to accomplish the task.

Design the script by breaking down the task into smaller, manageable steps.

Write the Script

Use a text editor to write the shell script, following the planned steps and utilizing shell scripting
syntax.

Save the script with a .sh extension for easy identification.

Test and Debug

Test the script to ensure it performs as expected.

Debug any errors or unexpected behavior by checking syntax, variable values, and command
outputs.
Execute the Script

Make the script executable using chmod +x script.sh.

Execute the script using ./script.sh or bash script.sh.

Refine and Improve

Refine the script based on feedback and requirements.

Improve efficiency by optimizing code and handling edge cases.

Shell scripting is a powerful tool for automating repetitive tasks, managing system
configurations, and performing various administrative tasks efficiently. By mastering the basics
of shell scripting, users can enhance productivity and streamline their workflow in linux-like
operating systems.

9. Security
9.1. User authentication (passwords, SSH keys)
User authentication is the process of verifying the identity of users attempting to access a
system. It ensures that only authorized users can log in and access resources. Authentication
methods commonly involve passwords and SSH keys.

● Passwords

○ Users authenticate by providing a username and password combination.

○ Best practices include:

■ Enforcing strong password policies (length, complexity, expiration).

■ Using password hashing techniques to securely store passwords.

■ Implementing account lockout mechanisms to prevent brute-force attacks.

● SSH Keys

○ SSH (Secure Shell) keys provide a more secure method of authentication

compared to passwords.
 ○ Users generate a key pair (public and private) and upload the public key to the
server.

○ The server verifies the user's identity based on the private key.

○ Best practices include

■ Disabling password authentication and allowing only SSH key

authentication.

■ Encrypting SSH private keys with a passphrase.

■ Regularly rotating SSH keys for enhanced security.

9.2. Basic firewall setup and configuration

Firewalls are essential for controlling network traffic and protecting systems from unauthorized
access and malicious activities. Setting up and configuring a firewall involves defining rules that
determine which connections are allowed or blocked.

● iptables (Netfilter)
● iptables is a command-line utility for configuring packet filtering rules in the Linux
kernel.
● Common tasks include:
● Allowing specific incoming and outgoing connections based on port
numbers, IP addresses, or protocols.
● Blocking malicious traffic such as DoS (Denial of Service) attacks or port
scans.
● firewalld
● firewalld is a dynamic firewall management tool that provides a more
user-friendly interface compared to iptables.
● Features include:
● Zone-based configuration to define trust levels for network interfaces.
● Easy management of services and ports using predefined service
definitions.
● Support for runtime and permanent configurations.
 9.3. System hardening best practices
System hardening involves configuring a system to reduce its attack surface and enhance its
security posture. Adopting best practices helps mitigate security risks and vulnerabilities.

Common System Hardening Practices

● Patch Management- Regularly updates the system with security patches and
software updates to address known vulnerabilities.
● Least Privilege Principle- Grant users and processes only the minimum level of
access necessary to perform their tasks.
● Disable Unused Services- Turn off unnecessary services and daemons to
minimize exposure to potential threats.
● File System Encryption- Encrypt sensitive data and file systems to protect against
unauthorized access in case of theft or unauthorized access.
● Network Segmentation- Divide the network into smaller segments and apply
access controls to restrict lateral movement by attackers.
● Monitoring and Logging- Implement robust monitoring and logging mechanisms
to detect and respond to security incidents effectively.

Security is a critical aspect of system administration, and understanding user authentication,

firewall configuration, and system hardening best practices is essential for safeguarding
systems and data against security threats and breaches.
10. Advanced Topics
10.1. Disk management (partitioning, LVM)
Disk management involves organizing and optimizing storage resources on a computer system.
It includes partitioning disks, managing file systems, and utilizing advanced techniques like
Logical Volume Management (LVM).

● Partitioning
○ Partitioning divides a physical disk into multiple logical sections called partitions.
○ Common partitioning tools include fdisk, parted, and gparted.
○ Best practices include:
○ Separating system files, user data, and swap space into different partitions.
○ Aligning partitions to optimize disk performance.
● Logical Volume Management (LVM):
○ LVM provides advanced disk management capabilities, allowing dynamic resizing
of logical volumes (LVs) and flexible allocation of storage space.
○ Key components include physical volumes (PVs), volume groups (VGs), and
logical volumes (LVs).
● Benefits of LVM include
○ Simplified management of disk space with the ability to resize volumes on the fly.
○ Enhanced data availability and flexibility through features like snapshots and
mirroring.

10.2. Remote administration (SSH, SCP, rsync)

Remote administration enables users to manage and administer systems from remote locations
over a network. Key tools for remote administration include SSH (Secure Shell), SCP (Secure
Copy), and rsync.

SSH (Secure Shell)

● SSH provides secure remote access to systems using encrypted communication.

● Users can remotely log in to a system, execute commands, and transfer files securely.
● SSH key-based authentication enhances security by eliminating the need for passwords.
SCP (Secure Copy)

● SCP is a command-line tool for securely copying files between systems using SSH.
● Syntax- scp [options] source_file destination_file
○ Example: scp /local/file.txt user@remotehost:/remote/path/

rsync

● rsync is a powerful utility for synchronizing files and directories between systems.
● It efficiently transfers only the differences between source and destination, minimizing
bandwidth usage.
● Syntax rsync [options] source destination
○ Example rsync -avz /local/directory/ user@remotehost:/remote/directory/

10.3. Virtualization basics (VirtualBox, KVM)

Virtualization Basics (VirtualBox, KVM)

Virtualization enables the creation and management of virtual machines (VMs) on a single
physical hardware platform. Common virtualization platforms include VirtualBox and
Kernel-based Virtual Machine (KVM).

VirtualBox

● VirtualBox is a cross-platform virtualization software that allows users to run multiple

guest operating systems on a single host.
● It provides features such as snapshotting, virtual networking, and USB device support.
● Users can create, configure, and manage VMs through an intuitive graphical user
interface (GUI).

Kernel-based Virtual Machine (KVM)

● KVM is a virtualization module built into the Linux kernel, providing native virtualization
capabilities.
● It leverages hardware virtualization extensions (e.g., Intel VT-x, AMD-V) to achieve high
performance.
● KVM can be managed using command-line tools like virsh or graphical frontends like
virt-manager.
Advanced Topics in disk management, remote administration, and virtualization expand the
capabilities of system administrators, allowing them to optimize storage resources, efficiently
manage remote systems, and create virtual environments for testing and development
purposes. Understanding these concepts is crucial for handling complex IT infrastructure and
achieving efficient resource utilization.