Scribd
Upload
7 views

Final group Assignment SNA

This document outlines a group assignment for System and Network Administration, focusing on the installation of Ubuntu in VMware Workstation and various network configurations. It includes detailed steps for downloading Ubuntu, setting up a virtual machine, managing files and directories, configuring network settings, and establishing a Network File System (NFS). Additionally, it covers firewall configuration and creating a Certificate Authority on Ubuntu.

Uploaded by

saroj122pr
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
7 views

Final group Assignment SNA

This document outlines a group assignment for System and Network Administration, focusing on the installation of Ubuntu in VMware Workstation and various network configurations. It includes detailed steps for downloading Ubuntu, setting up a virtual machine, managing files and directories, configuring network settings, and establishing a Network File System (NFS). Additionally, it covers firewall configuration and creating a Certificate Authority on Ubuntu.

Uploaded by

saroj122pr
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 37

Group Assignment Group 8 System and Network

Administration

ASSIGNMENT
TECHNOLOGY PARK MALAYSIA
CT106-3-2-SNA
SYSTEMS AND NETWORK ADMINISTRATION
NPT1F2309IT

HAND OUT DATE :

HAND IN DATE :

WEIGHTAGE :

Student Name Student TP number


Devaki Tamang NP069790
Nikita Shrestha NP069710
Kareena Acharaya NP069680
Prashnna Dhaulakoti NP069726
Nishk Bhattrai NP069717

Asia Pacific
university
Group Assignment Group 8 System and Network
Administration
Table of Contents
Installation Process of Ubuntu in VMware Workstation...............................................................................1
Step 1: Download Ubuntu ISO..................................................................................................................1
Step 2: Install VMware Workstation (if not installed)...............................................................................2
Step 3: Create a New Virtual Machine......................................................................................................2
Step 4: Adjust VM Settings.......................................................................................................................3
Step 5: Specify the Ubuntu ISO.................................................................................................................4
Step 6: Customize Hardware (Optional)....................................................................................................4
Step 9: Start the Virtual Machine...............................................................................................................5
File and Directory Management..................................................................................................................15
C. Network Configuration...........................................................................................................................17
Setting/Changing an IP address...............................................................................................................17
1. Determine the Name of Your Network Interface............................................................................17
2. Install network Manager :................................................................................................................17
3. Verify Installation:...........................................................................................................................18
4. Edit the Network Manager Configuration:......................................................................................18
5. Check device status..........................................................................................................................18
6. Setting/Changing an IP address.......................................................................................................19
Setting up/Changing Hostname...............................................................................................................20
Editing a host file:....................................................................................................................................20
Firewall configuration..................................................................................................................................21
Network File System (NFS) Configuration.................................................................................................24
Install NFS Server....................................................................................................................................24
Create a Shared Directory........................................................................................................................24
Set Directory Permissions........................................................................................................................25
Configure NFS Exports File....................................................................................................................25
Restart the NFS Server.............................................................................................................................26
Configure the Firewall.............................................................................................................................26
Verify Firewall Status..............................................................................................................................26
Install NFS Client....................................................................................................................................26
Create a Mount Point on the Client..........................................................................................................27
Mount the NFS Share on the Client.........................................................................................................27
Verify NFS Connection...........................................................................................................................27

Asia Pacific
university
Group Assignment Group 8 System and Network
Administration
Persistent Mounting of NFS Share..........................................................................................................28
Creating a Certificate Authority (CA) on Ubuntu.......................................................................................29
Install Easy-RSA......................................................................................................................................29
Set Up PKI Directory...............................................................................................................................29
Initialize PKI............................................................................................................................................30
Configure Variables.................................................................................................................................31
Build CA..................................................................................................................................................32
Verify CA Files........................................................................................................................................33
Appendix......................................................................................................................................................34
Workload Matrix:.....................................................................................................................................34

Asia Pacific
university
Group Assignment Group 8 System and Network
Administration

Installation Process of Ubuntu in VMware Workstation

Through VMware Workstation users can run two or more Virtual Machines (VMs)
simultaneously on their physical computing device. The software allows multiple operating systems
including Windows Linux and macOS to operate in parallel through single machine hardware. Software
development and testing along with application running takes advantage of this program in separate
contained environments.

The open-source operating system Ubuntu uses Linux distribution to run applications. The
operating system dominates personal computing along with providing stable performance for servers and
always maintaining security while being simple to utilize. The Ubuntu platform exists in multiple
versions through which users can select Ubuntu Desktop for personal utilization while Ubuntu Server
serves businesses and clouds, and Ubuntu Core operates IoT devices.

Step 1: Download Ubuntu ISO


i. Go to the official Ubuntu website:
🔗 https://ubuntu.com/download/desktop

1
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

ii. Download the latest version of Ubuntu (choose Ubuntu Desktop for general use).
iii. Save the ISO file to a location on your computer.

Step 2: Install VMware Workstation (if not installed)


i. Download VMware Workstation Player or VMware Workstation Pro from:
🔗 https://www.vmware.com/products/desktop-hypervisor/workstation-and-fusion
ii. Install it by following the on-screen instructions.

Step 3: Create a New Virtual Machine


i. Initiate VMware Workstation and click on Create a New Virtual Machine.
ii. Select "Installer disc image file (ISO)" and navigate to the Ubuntu ISO that you previously
downloaded.

iii. Click Next and adhere to the setup instructions

2
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration
Step 4: Adjust VM Settings
i. Designate a name for the VM (for example, "Ubuntu").

ii. Allocate RAM (which should be at least 50 GB to ensure smooth performance). Assign CPU
cores (according to assignment)

iii. Create a Virtual Hard Disk (with a minimum of 50GB recommended). Depending on your
internet preference, choose either NAT or Bridged network

3
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration
Step 5: Specify the Ubuntu ISO
i. Choose the option labeled “Installer disc image file (iso)” and then click on “Browse.”
ii. Proceed to the directory where you have saved the Ubuntu ISO file and select it. However, ensure
that you are in the correct folder, because this step is crucial for the installation process. Although
it may seem simple, this action is essential for moving forward.

iii. Click “Next” to proceed.

Step 6: Customize Hardware (Optional)


It is possible to customize (the) hardware settings if necessary; this allows for adjustments to be made
regarding the number of processors, memory and various other settings. However, these modifications
should be tailored to align with your system's specific capabilities. Although you may find it tempting to
make drastic changes, it is essential to approach this task with careful consideration.
i. Finish and Install
ii. Review your settings and click “Finish.”

4
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

Step 9: Start the Virtual Machine


The virtual machine (VM) will initiate its boot sequence from the Ubuntu ISO. 2: Adhere to the
on-screen prompts to successfully install Ubuntu. However, it is crucial to pay attention to each step,
because any oversight could lead to complications. Although the process may seem straightforward,
diligence is required to ensure smooth installation.

Now, Choose Language

5
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

Then, If you want to update , Click on Update to the new installer otherwise choose Continue without
Updating as given below:

6
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

Click on the “Done”

Click on Done

Now, Check you Network Configuration and then click on Done.

7
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration
If you want to set Proxy Configuration, you can set. If you don’t want just to click done. It will make
default proxy address.

From here, Set mirror Configuration. Click on Done to continue.

8
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

9
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

Now, Set Username, Server name, username as you want and Click on Continue.

Click on Continue.

Click on Done.
10
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

Click on “Done”

On here, after complete view full log, There will be Reboot now option. Then you will able to login into
Ubuntu.

11
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

The command “sudo neofetch” is used to run to displays system information and confirm
environment Setup.

A new user named amer is created using the command sudo adduser amer, which includes a
home directory and default configurations.
12
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

The command ‘echo “amer:deco | sudo chpsswd” changes the password for amer to “deco” by
providing the password and username to the chpsswd command, which modifies the password
database on the system.

The current working directory is indicated by the line /home/group8$, which seems to be a
terminal prompt.

Again, amer’s password is changed once more to “mytask” by echoing “amer:mytask” | sudo
chpsswd.

13
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

File and Directory Management


In this part we need to create new files and directory

The first command assigns the nickname and second one assigns the value to the np number that
is to be used in other following commands.

The command in the first line “mkdir -p” created a path to the file, the second line command
prints the text” Created directory” where the output appears in third line.

The first command helps to create the file name” Info.doc” in previous created file and the data
“This is my project” is written in it which is redirected by”>” symbol. The second command
gives the output and file has been created.

The first command helps in creating the path. The second command provides the output of a
confirmed message stating that the directory is created.

The first command creates a directory path and the second command confirms the message and
prints the final confirmed output.

14
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration
The first command “pwd” prints the working directory that appears in the path and the second
command “echo” displays the confirmation message from the file path and adds the data.

The first command helps in creating the “Bukit Jalil” directory, but the second command
confirms the directory and is created.

The first command creates Time.docx file and adds data using “-v timedatectl &>//dev/null” and
the output is redirected.

The first command creates the new file named ”EVENT” with the previously created directory.

The command is used to create “Big” the path directory.

The first command is used to create the Sub directory and the second command successfully
creates the directory.

The first command “whoami” create the Mine.txt file and second command creates the file
successfully and adds the data.

The command “chmod 777” changes the permission for “University”.

The command changes the owner and group for “Info.doc” to “root”.

15
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration
Finally, the command helps in copying the “Mine.text” to “Big”.
Echo ”Script completed”.

16
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

C. Network Configuration

Setting/Changing an IP address

1. Determine the Name of Your Network Interface


First, make sure you are aware of the precise name of your Ethernet interface (current
Ubuntu versions no longer use the old eth0 naming scheme). To get a list of every network
interface, use the following command:
On an Ubuntu system (or any Linux-based system), the IP addresses assigned to each
network interface are shown with the “ip addr show” command. It is a component of the IP
command suite, which is used to manage networks.

2. Install network Manager :


By using the command “sudo apt install network-manager”, you can easily manage network
connections using the nmcli command-line tool or the graphical NetworkManger interface.

Enable and Start NetworkManager service(if it isn’t already running):

17
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

3. Verify Installation:
You can check the status of NetworkManager after installation to make sure it's operational by
using command “sudo systemctl status NetworkManager”

4. Edit the Network Manager Configuration:


Type "sudo nano /etc/NetworkManager/NetworkManager.conf" to open the NetworkManager
configuration file with superuser access in the nano text editor.

5. Check device status


The network interface states under NetworkManager management can be checked with the
“nmcli device status” command. A command shows interface connection statuses alongside their
managed status.

18
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

6. Setting/Changing an IP address
The command “sudo nmcli connection edit ens33” is used to edit the network connection
associated with the interfaces ens33 using nmclil.

From this mode, you can view the current settings, modify settings, set static IP or change to
DHCP and save the changes as given below:

By using goto ipv4 inside the nmcli tool to acces the ipv4 settings:

On an Ubuntu system (or any Linux-based system), the IP addresses assigned to each network
interface are shown with the “ip addr show” command. It is a component of the IP command
suite, which is used to manage networks.

19
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

Setting up/Changing Hostname


Setting up a hostname on Ubuntu requires using the command ‘sudo nano /etc/hostname’. By
executing this command you can access the file for hostname entry. Type Ctrl + X to exit while
pressing Ctrl + O to save.

Editing a host file:


If you want to modify the hosts file in Ubuntu you should use the command 'sudo nano
/etc/hosts'. The file opens allowing users to update hostname and IP address data within it.
Navigation to the exit leads through pressing Ctrl + X while using Ctrl + O to save your work

20
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration
Firewall configuration
Print out a list of three chains, input, forward and output

The INPUT, FORWARD, and OUTPUT chains are among the firewall rules that are currently
displayed by this command.

This command adds a rule to the iptables firewall to allow incoming traffic from a certain IP
address. While other connections might still be blocked by the firewall, these rules ensure that
SSH, HTTP and HTTPS communication is allowed.

This code uses iptables to add firewall rules that allows incoming HTTP(port 80) and SSH(port
22) traffic. The rules are added to the INPUT chain, which anages incoming connections, by
using the -A INPUT option. The TCP protocol is specified by the -p tcp flag, while the
destination port (80 for HTTP and 22 for SSH) are defined by the -- dport option. At last, -j
ACCEPT makes sure that the firewall does not restrict traffic to these ports.

21
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration
We can backup our iptables configuration by using the ‘sudo iptables-save > rules.v4’ command,
which saves the current rules to the file called rules.v4.

The ‘sudo iptables-restore < rules.v4’ command, applies the saved setting to restore the firewall
rules from the rules.v4 file. This ensures that firewall settings won’t change even after a system
reboot or modification.

All of the existing iptables firewall rules with extra information are loisted by running ‘sudo
iptables -L -v -n’ command.

Installing the iptables-persistent package with the command sudo apt install iptables-persistent -y
allows firewall rules to be saved and immediately refreshed upon system startup. apt install
installsthe packages, sudo executes it with administrator rigths, and -y automatically verifies the
installation without asking the user. This makes sure that even after a reboot, iptables rules will
continue to function.

The command ‘sudo netfilter-persistent save’ stores the current iptables rules so they remain in
effect following a system reboot.

22
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

The command ‘sudo netfilter-persistent reload’ reloads the saved firewall rules without restarting
the system. These commands makes sure that any iptables rules that have been configures stay
active and start up automatically.

23
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration
Network File System (NFS) Configuration
Install NFS Server
Updating system package lists stands as a prerequisite for NFS server deployment. The process of
updating package index and server NFS software installation requires running these commands:

Running apt update enables users to retrieve the newest version of available packages. Install the NFS
server package by running apt install nfs-kernel-server because it contains all needed tools to configure
and manage NFS file sharing services.

Create a Shared Directory


To establish NFS server functionality the system needs to specify a certain directory intended for inter-
client sharing. Organize and define a directory which will act as the shared storage area.

The directory creation process through mkdir -p command operates without errors due to the -p flag when
directories already exist.

24
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration
Set Directory Permissions
Adequate permissions applied to the directory will enable all client systems to access it.

Using chmod 777 command allows all users to obtain total access which includes reading, writing and
executing.
By setting directory ownership to nogroup nobody through chown nobody:nogroup the directory becomes
usable by all anonymous clients.

Configure NFS Exports File


The NFS server shares accessible directories through the entries found in its /etc/exports configuration
file. Users can access the file through a text editor to view its contents.

The NFS server needs a new entry within the exports file to define both the shared directory and its
permissions specification.

Through rw access authority both reading and writing functions are enabled.
The sync option executes disk writes before allowing any more access to files which makes the system
more stable.
The no_subtree_check option stops the server from performing unneeded checks on directory parents to
increase its speed.
Click CTRL+X to save the file and follow it with Y and Enter.
Export the NFS Directory
The directory requires a set of export settings to become accessible to clients.

Through this command the system shares network-accessible directories as mentioned in the /etc/exports
file.

25
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration
Restart the NFS Server
Restart the NFS service to apply the changes:

The systemctl restart command ensures that all new configurations take effect immediately.

Configure the Firewall


By default, firewalls may block NFS traffic. Allow traffic on port 2049, which is used by NFS:

This command enables the firewall and allows network traffic through the necessary port.

Verify Firewall Status


After configuring the firewall, verify the applied rules:

Ensure that port 2049 is listed as allowed in the output.

Install NFS Client


On the client machine (the system that will access the shared directory), install the required NFS client
package:

26
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

The nfs-common package contains the necessary tools to mount and access NFS shares.

Create a Mount Point on the Client


To access the shared directory, create a local mount point on the client machine:

This directory will act as the access point for the remote NFS share.

Mount the NFS Share on the Client


Identify the NFS server’s IP address by running:
ip a
Then, on the client machine, mount the shared directory:

This command mounts the shared directory at /mnt/nfs_client, allowing the client machine to access it as
if it were a local folder.

Verify NFS Connection


To ensure that the NFS share is successfully mounted, check the mounted filesystems:

27
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

List the contents of the mounted directory:

If the share is mounted successfully, the client should be able to view and modify files inside
/mnt/nfs_client.

Persistent Mounting of NFS Share


To ensure that the NFS share remains mounted after a reboot, add it to the client’s /etc/fstab file. Open the
file:

Add the following entry:

This entry ensures that the NFS share is mounted automatically at system startup. Save the file and exit
(CTRL+X, then Y, and Enter).

28
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

Creating a Certificate Authority (CA) on Ubuntu

Install Easy-RSA

The installation of Easy-RSA as your Public-Key Infrastructure (PKI) management tool comes first
when establishing a Certificate Authority (CA) on Ubuntu. Users can set up the Certificate Authority
through running this command.
“sudo apt update && sudo apt install easy-rsa -y”

The command updates package lists while Easy-RSA installation begins since all necessary
dependencies will be installed. The Easy-RSA software suite gives users access to tools with which
they create and handle certificates after installation. The PKI directory setup happens following
installation since it serves as a storage unit for certificates and keys.

Set Up PKI Directory

29
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration
Easy-RSA users establish their Public Key Infrastructure (PKI) directory at this point. Running mkdir
~/easy-rsa generates a new file directory specifically for PKI files inside the home folder of the user.
The command ln -s /usr/share/easy-rsa/* ~/easy-rsa/ establishes symbolic links which grant users
access to the Easy-RSA scripts and files that originally reside in the default system directory at
/usr/share/easy-rsa/. The chmod 700 ~/easy-rsa command assigns the current user full control over
this directory for both reading and writing and executing files while preventing all other access. This
prevents unauthorized access during the PKI setup. The user moves into the directory through cd
~/easy-rsa to get ready for the following steps towards Certificate Authority (CA) setup.

Initialize PKI

Starting the initialization process of Easy-RSA Public Key Infrastructure (PKI) occurs when you
execute the ./easyrsa init-pki command into the terminal. The output of this step shows both the
completion of the initialization process along with the creation of a new PKI directory at
/home/group8/easy-rsa/pki. The statement 'Using Easy-RSA configuration: undefined' appears
because the system lacks an active configuration file among vars or other similar variables. The
system must perform this step to prepare the environment for creating a Certificate Authority along
with certificate request generation and managing cryptographic keys. The PKI initialization process
leads to building a CA through the generation of a root certificate alongside its private key.

30
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

Configure Variables

Users open the vars configuration file inside nano to set essential Easy-RSA parameters in order to
generate standardized certificates. The variables determine specific details about the environment by
including the country MY, province Kuala Lumpur, city Technology Park, organization TPM and the
email address admin@tpm.edu.my. The organizational unit value within the vars configuration file is
set as "Networking" to effectively organize certificates. The application implements 4096-bit
encryption together with EC cryptography while utilizing SHA-512 for certificate signature hashing.
Multiple important variables must be configured to establish security protocols when requesting
certificates so the Certificate Authority can efficiently administer the platform. Building the CA
follows the variable loading process as the next standard procedure

31
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration
Build CA

The data shows the execution of the basic ./easyrsa build-ca system command that generates a
Certificate Authority (CA). When executing the next step the already configured vars file performs
the designated settings. The system requires users to establish and verify a CA Key Passphrase
because this phrase controls the signing process of future certificates. During the process the
application asks users to assign a Common Name (CN) to the CA where default naming is set to
"Easy-RSA CA" but users have selected "TPM-Root-CA" instead. The system reports success in CA
certificate generation before saving the ca.crt file at /home/group8/easy-rsa/pki/ location. The CA
certificate maintains its role for verifying and signing additional certificates which belong to the
Public Key Infrastructure (PKI). The production of server and client certificates is normally
performed after the creation step.

32
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration
Verify CA Files

The verification process of newly created Certificate Authority (CA) must confirm that both its
necessary files and their proper storage positions. The Easy-RSA directory verification begins by
utilizing mkdir ~/easy-rsa and then proceeds to create symbolic links through ln -s /usr/share/easy-
rsa/* ~/easy-rsa/ to achieve file access from the default system location. The setup becomes secure by
issuing the command chmod 700 ~/easy-rsa which allows access to the current user. The cd ~/easy-
rsa command leads the system to the directory which becomes ready for certificate administration.
Verifying CA file creation happens when running ls -l ~/easy-rsa/pki to check the PKI directory
contents because the CA certificate (ca.crt) and private key (private/ca.key) should appear. The
existence of these files confirms the complete setup of Certificate Authority for issuing certificates.

33
Asia Pacific
University
Group Assignment Group 8 System and Network
Administration

Appendix
Workload Matrix:
S. N Name APU Number Task

1 Kareena Acharya NP069680 System Configuration, Certificate


Authority Configuration
2 Devaki Tamang NP069790 System Installation, Network
configuration
3 Nikita Shrestha NP069710 Firewall Configuration

4 Prashna Dhaulakoti NP069726 File and Dictionary management,


Documentation
5 Nishk Bhattarai NP069717 Network file System (NFS)

34
Asia Pacific
University

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy