1. | Your company bought another competitor on the opposite coast recently, just as the new corporate application was being deployed everywhere, so you sent the app to them, too. They use a Unix host for this application on their network. You need to be able to connect to this host securely for maintenance purposes on the new system-wide application you deployed. Both networks have Internet access. What do you do? | |
Answers
1. | If you need access now, and both systems are connected to the Internet, you can set up SSH for secure communications. If the other network does not already have it installed, have the administrator in the remote location download and install it, and then create an account for you. The basic steps outlined here may vary with the version of Unix used on the other network. If it's Red Hat Enterprise Linux, all you need are the SSH packages described in this chapter, but you may not have that luxury. Download the source code for OpenSSH and put it into a specific directory. Assuming your version of Unix can't handle RPMs, you'll need to unpack a tarball. You can then unpackage the files in the tarball and use the files in the resulting directory to compile and configure a Secure Shell server. Once it is configured, you have the option to set up private and public keys. If you don't need immediate access, you could, alternatively, configure a computer with Red Hat Enterprise Linux and a Secure Shell server. Send the computer to the administrator of the remote Unix network. Have the admin add it to his or her network, and you can check the problem from your site securely. The application is running on the Linux computer that you sent. (Alternatively, you can set up OpenSSH on Microsoft Windows, as described earlier in this chapter.) |
2. | You'll also need two Linux computers for this lab: one as a DHCP server and a second as a DHCP client. Using the DHCP server created earlier in this chapter, set up a static IP address for the computer of your choice. You'll want to assign a specific name for that server, precious.example.com, and a special IP address on the 10.11.12.0 network, 10.11.12.13. Assume that you've already set up the example.com network as well as an appropriately configured DNS server. | |
Answers
2. | Assuming you've read the chapter, you've seen the template in the dhcpd.conf.sample configuration file for a static IP address:
host ns { next-server marvin.redhat.com hardware ethernet 12:34:56:78:AB:CD; fixed-address 207.175.42.254; } As described in the chapter, the next-server command is associated with the boot server for this computer; since there is no boot server mentioned, you won't need this command. To set up the DHCP server, take the following steps:
|
3. | To do this lab, you'll need the help of a partner. Have him or her set up your system as described in the answer to this lab in the next section. The intent of this lab is to help improve your troubleshooting skills for the Troubleshooting and System Maintenance section of the RHCE exam. | |
Answers
3. |
Lab 3: Part 1 You're going to set up this lab for your partner (I've set up these "answers" in a different order, first the setup of the lab, to help discourage "shoulder surfing"), using the following steps:
Lab 3: Part 2
|
4. | This lab includes a matching scenario to Lab 3 for your partner. Refer to the "Lab Answers" section for what you need to configure. | |
Answers
4. |
Lab 4: Part 1
Lab 4: Part 2
|
5. | This lab requires two Red Hat-capable systems, or at least a second system that you know how to configure as an NTP client. Configure the RHEL system as an NTP server. Allow access on your local IP address subnet. Make sure the service is started and will start the next time you boot Linux. | |
Answers
5. | Before configuring a system as an NTP server, you have to first configure it as a client. The simplest method for doing so is to use the Date/Time Configuration tool, which can be started in the GUI with the system-config-date command. Once configured as a client, make sure the NTP service is running and set to start the next time Linux is booted on the local system. The simplest method involves the following commands, which should be familiar if you've configured other services on Red Hat systems:
# chkconfig ntpd on # service ntpd start Open the NTP configuration file, /etc/ntp.conf. Add an appropriate restrict directive to open access to other systems. One example suitable for the 192.168.1.0 network is shown in the comments to the file:
# restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap If your LAN uses a different network address and subnet mask, substitute accordingly. If it's an IPv6 network, the directive is restrict -6. After saving the changes, the following command makes NTP reread the service configuration file:
# service ntpd reload Now you can go to the second system and configure its client to connect to the local NTP server that you just created. If you have the Date/Time Configuration tool on that second server, the simplest method is to start it with the system-config-date command and point to the domain name or IP address of the NTP server you just created. |