SlideShare una empresa de Scribd logo

Linux class 9 15 oct 2021-5

Khawar Nehal khawar.nehal@atrc.net.pk
Khawar Nehal khawar.nehal@atrc.net.pk

Linux class 9 15 oct 2021-5

Educación
1 de 50
Descargar para leer sin conexión
Linux accounting
Linux accounting By : Khawar Nehal 15 October 2021
Agenda yum dnf for psacct / acct Monitoring user activity Kerberos LDAP Active Directory System utility commands (date, uptime, hostname, which, cal, bc etc.)
Dnf and yum The DNF package manager offers robust features for installing, updating, and removing packages. Dandified yum, better known as DNF, is a software package manager for RPM-based Linux distributions that installs, updates, and removes packages. It was first introduced in Fedora 18 in a testable state (i.e., tech preview), but it's been Fedora's default package manager since Fedora 22.
Dnf and yum Since it is the next-generation version of the traditional yum package manager, it has more advanced and robust features than you'll find in yum.
Dnf and yum For more details and practice https://opensource.com/article/18/8/guide-yum-dnf
User activity This program provides an excellent way to monitor what users are doing, what commands are they firing, how much resources are being consumed by them, how long users are active on the system. Another great feature of this program is it gives total resources consumed by services like Apache, MySQL, FTP,SSH etc.
User activity The psacct or acct package provides several features for monitoring process activities. ac command prints the statistics of user logins/logouts (connect time) in hours. lastcomm command prints the information of previously executed commands of user.
User activity accton commands is used to turn on/off process for accounting. sa command summarizes information of previously executed commands. last and lastb commands show listing of last logged in users.
User activity psacct or acct both are similar packages and there is not much difference between them, but the psacct package only available for rpm based distributions such as RHEL, CentOS and Fedora, whereas acct package available for distributions like Ubuntu, Debian and Linux Mint. To install psacct package under rpm based distributions issue the following yum command. # yum install psacct
User activity o install acct package using apt-get command under Ubuntu / Debian / Linux Mint. $ sudo apt-get install acct OR # apt-get install acct
Starting psacct or acct service By default psacct service is in disabled mode and you need to start it manually under RHEL/CentOS/Fedora systems. Use the following command to check the status of service. # /etc/init.d/psacct status Process accounting is disabled.
Starting psacct or acct service You see the status showing as disabled, so let’s start it manually using the following both commands. These two commands will create a /var/account/pacct file and start services.
Starting psacct or acct service # chkconfig psacct on # /etc/init.d/psacct start Starting process accounting: [ OK ] After starting service, check the status again, you will get status as enabled as shown below. # /etc/init.d/psacct status Process accounting is enabled.
Starting psacct or acct service Under Ubuntu, Debian and Mint service is started automatically, you don’t need to start it again.
Display Statistics of Users Connect Time Under Ubuntu, Debian and Mint service is started automatically, you don’t need to start it again.
Display Statistics of Users Connect Time ac command without specifying any argument will displays total statistics of connect time in hours based on the user logins/logouts from the current wtmp file. # ac total 1814.03
Display Statistics of Users Day-wise Using command “ac -d” will prints out the total login time in hours by day-wise. # ac -d Sep 17 total 5.23 Sep 18 total 15.20 Sep 24 total 3.21 Sep 25 total 2.27 Sep 26 total 2.64 Sep 27 total 6.19 Oct 1 total 6.41 Oct 3 total 2.42 Oct 4 total 2.52 Oct 5 total 6.11 Oct 8 total 12.98 Oct 9 total 22.65 Oct 11 total 16.18
Display Time Totals for each User Using command “ac -p” will print the total login time of each user in hours. # ac -p root 1645.18 tecmint 168.96 total 1814.14
Display Individual User Time To get the total login statistics time of user “khawar” in hours, use the command as. # ac khawar total 168.96
Display Day-Wise Logn Time of User The following command will prints the day-wise total login time of user “tecmint” in hours. # ac -d tecmint Oct 11 total 8.01 Oct 12 total 24.00 Oct 15 total 70.50 Oct 16 total 23.57 Oct 17 total 24.00 Oct 18 total 18.70 Nov 20 total 0.18
Print All Account Activity Information The “sa” command is used to print the summary of commands that were executed by users. # sa 2 9.86re 0.00cp 2466k sshd* 8 1.05re 0.00cp 1064k man 2 10.08re 0.00cp 2562k sshd 12 0.00re 0.00cp 1298k psacct 2 0.00re 0.00cp 1575k troff 14 0.00re 0.00cp 503k ac 10 0.00re 0.00cp 1264k psacct* 10 0.00re 0.00cp 466k consoletype 9 0.00re 0.00cp 509k sa 8 0.02re 0.00cp 769k udisks-helper-a 6 0.00re 0.00cp 1057k touch 6 0.00re 0.00cp 592k gzip
Print All Account Activity Information Where 9.86re is a “real time” as per wall clock minutes 0.01cp is a sum of system/user time in cpu minutes 2466k is a cpu-time averaged core usage, i.e. 1k units sshd command name Core memory is another (old) word for RAM.
Print All Account Activity Information Core memory. Not included in this course. Just for reference. https://www.youtube.com/watch?v=AwsInQLmjXc https://www.youtube.com/watch?v=paQ3zIsz1-8 https://www.youtube.com/watch?v=7ozNMgx7WtQ
Print Individual User Information To get the information of individual user, use the options - u. # sa -u root 0.00 cpu 465k mem accton root 0.00 cpu 1057k mem touch root 0.00 cpu 1298k mem psacct root 0.00 cpu 466k mem consoletype root 0.00 cpu 1264k mem psacct * root 0.00 cpu 1298k mem psacct root 0.00 cpu 466k mem consoletype root 0.00 cpu 1264k mem psacct * root 0.00 cpu 1298k mem psacct root 0.00 cpu 466k mem consoletype root 0.00 cpu 1264k mem psacct * root 0.00 cpu 465k mem accton root 0.00 cpu 1057k mem touch
Print Number of Processes This command prints the total number of processes and CPU minutes. If you see continue increase in these numbers, then its time to look into the system about what is happening. # sa -m sshd 2 9.86re 0.00cp 2466k root 127 14.29re 0.00cp 909k
Print Sort by Percentage The command “sa -c” displays the highest percentage of users. # sa -c 132 100.00% 24.16re 100.00% 0.01cp 100.00% 923k 2 1.52% 9.86re 40.83% 0.00cp 53.33% 2466k sshd* 8 6.06% 1.05re 4.34% 0.00cp 20.00% 1064k man 2 1.52% 10.08re 41.73% 0.00cp 13.33% 2562k sshd 12 9.09% 0.00re 0.01% 0.00cp 6.67% 1298k psacct 2 1.52% 0.00re 0.00% 0.00cp 6.67% 1575k troff 18 13.64% 0.00re 0.00% 0.00cp 0.00% 509k sa 14 10.61% 0.00re 0.00% 0.00cp 0.00% 503k ac 10 7.58% 0.00re 0.00% 0.00cp 0.00% 1264k psacct* 10 7.58% 0.00re 0.00% 0.00cp 0.00% 466k consoletype 8 6.06% 0.02re 0.07% 0.00cp 0.00% 769k udisks-helper-a 6 4.55% 0.00re 0.00% 0.00cp 0.00% 1057k touch 6 4.55% 0.00re 0.00% 0.00cp 0.00% 592k gzip
List Last Executed Commands of User The ‘latcomm‘ command is used to search and display previously executed user commands information. You can also search commands of individual usernames. For example, we see commands of user (tecmint).
List Last Executed Commands of User # lastcomm tecmint su tecmint pts/0 0.00 secs Wed Feb 13 15:56 ls tecmint pts/0 0.00 secs Wed Feb 13 15:56 ls tecmint pts/0 0.00 secs Wed Feb 13 15:56 ls tecmint pts/0 0.00 secs Wed Feb 13 15:56 bash F tecmint pts/0 0.00 secs Wed Feb 13 15:56 id tecmint pts/0 0.00 secs Wed Feb 13 15:56 grep tecmint pts/0 0.00 secs Wed Feb 13 15:56 grep tecmint pts/0 0.00 secs Wed Feb 13 15:56 bash F tecmint pts/0 0.00 secs Wed Feb 13 15:56 dircolors tecmint pts/0 0.00 secs Wed Feb 13 15:56 bash F tecmint pts/0 0.00 secs Wed Feb 13 15:56 tput tecmint pts/0 0.00 secs Wed Feb 13 15:56
Search Logs for Commands With the help of the lastcomm command you will be able to view individual use of an each commands. # lastcomm ls ls tecmint pts/0 0.00 secs Wed Feb 13 15:56 ls tecmint pts/0 0.00 secs Wed Feb 13 15:56 ls tecmint pts/0 0.00 secs Wed Feb 13 15:56
User activity For more practice https://www.tecmint.com/how-to-monitor-user-acti vity-with-psacct-or-acct-tools/
Directory Services Kerberos is used to manage credentials securely (authentication) while LDAP is used for holding authoritative information about the accounts, such as what they're allowed to access (authorization), the user's full name and uid. Active Directory is a combination of Kerberos and LDAP.
Kerberos Kerberos (/ k rb r s/) is a computer-network ˈ ɜː ə ɒ authentication protocol that works on the basis of tickets to allow nodes communicating over a non- secure network to prove their identity to one another in a secure manner.
Kerberos The protocol was named after the character Kerberos (or Cerberus) from Greek mythology, the ferocious three-headed guard dog of Hades. Its designers aimed it primarily at a client–server model, and it provides mutual authentication— both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks.
Kerberos
Kerberos Kerberos builds on symmetric-key cryptography and requires a trusted third party, and optionally may use public-key cryptography during certain phases of authentication.[2] Kerberos uses UDP port 88 by default.
Kerberos The client authenticates itself to the Authentication Server (AS) which forwards the username to a key distribution center (KDC). The KDC issues a ticket-granting ticket (TGT), which is time stamped and encrypts it using the ticket-granting service's (TGS) secret key and returns the encrypted result to the user's workstation.
Kerberos This is done infrequently, typically at user logon; the TGT expires at some point although it may be transparently renewed by the user's session manager while they are logged in.
Kerberos When the client needs to communicate with a service on another node (a "principal", in Kerberos parlance), the client sends the TGT to the TGS, which usually shares the same host as the KDC. The service must have already been registered with the TGS with a Service Principal Name (SPN). The client uses the SPN to request access to this service.
Kerberos After verifying that the TGT is valid and that the user is permitted to access the requested service, the TGS issues ticket and session keys to the client. The client then sends the ticket to the service server (SS) along with its service request.
Kerberos
Kerberos Some explanation of how Kerberos works https://www.youtube.com/watch?v=kp5d8Yv3-0c
LDAP LDAP (Lightweight Directory Access Protocol) is a software protocol for enabling anyone to locate data about organizations, individuals and other resources such as files and devices in a network -- whether on the public Internet or on a corporate Intranet. LDAP is a "lightweight" (smaller amount of code) version of Directory Access Protocol (DAP), which is part of X.500, a standard for directory services in a network.
LDAP A directory tells the user where in the network something is located. On TCP/IP networks (including the internet), the domain name system (DNS) is the directory system used to relate the domain name to a specific network address (a unique location on the network). However, the user may not know the domain name. LDAP allows a user to search for an individual without knowing where they're located (although additional information will help with the search).
Uses of LDAP The common use of LDAP is to provide a central place for authentication -- meaning it stores usernames and passwords. LDAP can then be used in different applications or services to validate users with a plugin. As some examples, LDAP can be used to validate usernames and passwords with Docker, Jenkins, Kubernetes, Open VPN and Linux Samba servers. LDAP single sign-on can also be used by system administrators to control access to an LDAP database.
Uses of LDAP LDAP can also be used to add operations into a directory server database, authenticate -- or bind -- sessions, delete LDAP entries, search and compare entries using different commands, modify existing entries, extend entries, abandon requests or unbind operations.
LDAP https://www.youtube.com/watch?v=SK8Yw-CiRHk https://www.youtube.com/watch?v=lp5z8HQGAH8 https://www.youtube.com/watch?v=di5hZZ8Ty8g
System Utilities https://cppsecrets.com/users/3912100105112101 1151041099711011049534864103109971051084 699111109/System-Utility-Commands.php
System Utilities Try cal 9 1752 https://www.historic-uk.com/HistoryUK/HistoryofBr itain/Give-us-our-eleven-days/
Agenda yum dnf for psacct / acct Monitoring user activity Kerberos LDAP Active Directory System utility commands (date, uptime, hostname, which, cal, bc etc.)

Recomendados

Linux class 10 15 oct 2021-6
Linux class 10 15 oct 2021-6Linux class 10 15 oct 2021-6
Linux class 10 15 oct 2021-6Khawar Nehal khawar.nehal@atrc.net.pk
 
Linux class 8 tar
Linux class 8 tar Linux class 8 tar
Linux class 8 tar Khawar Nehal khawar.nehal@atrc.net.pk
 
Linux system admin useful commands
Linux system admin useful commandsLinux system admin useful commands
Linux system admin useful commandsali98091
 
Basic linux commands
Basic linux commands Basic linux commands
Basic linux commands Raghav Arora
 
Common linux ubuntu commands overview
Common linux ubuntu commands overviewCommon linux ubuntu commands overview
Common linux ubuntu commands overviewAmeer Sameer
 
Basic command ppt
Basic command pptBasic command ppt
Basic command pptRohit Kumar
 
BASIC COMMANDS OF LINUX
BASIC COMMANDS OF LINUXBASIC COMMANDS OF LINUX
BASIC COMMANDS OF LINUXMr.AKHILESH KUMAR {Computer Lab Technician}
 
Linux Network commands
Linux Network commandsLinux Network commands
Linux Network commandsHanan Nmr
 

Recomendados

Linux class 10 15 oct 2021-6
Linux class 10 15 oct 2021-6Linux class 10 15 oct 2021-6
Linux class 10 15 oct 2021-6Khawar Nehal khawar.nehal@atrc.net.pk
 
Linux class 8 tar
Linux class 8 tar Linux class 8 tar
Linux class 8 tar Khawar Nehal khawar.nehal@atrc.net.pk
 
Linux system admin useful commands
Linux system admin useful commandsLinux system admin useful commands
Linux system admin useful commandsali98091
 
Basic linux commands
Basic linux commands Basic linux commands
Basic linux commands Raghav Arora
 
Common linux ubuntu commands overview
Common linux ubuntu commands overviewCommon linux ubuntu commands overview
Common linux ubuntu commands overviewAmeer Sameer
 
Basic command ppt
Basic command pptBasic command ppt
Basic command pptRohit Kumar
 
BASIC COMMANDS OF LINUX
BASIC COMMANDS OF LINUXBASIC COMMANDS OF LINUX
BASIC COMMANDS OF LINUXMr.AKHILESH KUMAR {Computer Lab Technician}
 
Linux Network commands
Linux Network commandsLinux Network commands
Linux Network commandsHanan Nmr
 
linux-commandline-magic-Joomla-World-Conference-2014
linux-commandline-magic-Joomla-World-Conference-2014linux-commandline-magic-Joomla-World-Conference-2014
linux-commandline-magic-Joomla-World-Conference-2014Peter Martin
 
Unix - Filters/Editors
Unix - Filters/EditorsUnix - Filters/Editors
Unix - Filters/Editorsananthimurugesan
 
Introduction to linux day-3
Introduction to linux day-3Introduction to linux day-3
Introduction to linux day-3Gourav Varma
 
[PDF] 2021 Termux basic commands list
[PDF] 2021 Termux basic commands list [PDF] 2021 Termux basic commands list
[PDF] 2021 Termux basic commands list nisivaasdfghj
 
2345014 unix-linux-bsd-cheat-sheets-i
2345014 unix-linux-bsd-cheat-sheets-i2345014 unix-linux-bsd-cheat-sheets-i
2345014 unix-linux-bsd-cheat-sheets-iLogesh Kumar Anandhan
 
Linux commands
Linux commandsLinux commands
Linux commandsHemakumar.S
 
Useful Linux and Unix commands handbook
Useful Linux and Unix commands handbookUseful Linux and Unix commands handbook
Useful Linux and Unix commands handbookWave Digitech
 
Linux Bash Shell Cheat Sheet for Beginners
Linux Bash Shell Cheat Sheet for BeginnersLinux Bash Shell Cheat Sheet for Beginners
Linux Bash Shell Cheat Sheet for BeginnersDavide Ciambelli
 
Shell programming
Shell programmingShell programming
Shell programmingMoayad Moawiah
 
Linux shell scripting
Linux shell scriptingLinux shell scripting
Linux shell scriptingMohamed Abubakar Sittik A
 
Linux Commands
Linux CommandsLinux Commands
Linux Commandslucita cabral
 
Anandha ganesh linux1.ppt
Anandha ganesh linux1.pptAnandha ganesh linux1.ppt
Anandha ganesh linux1.pptanandha ganesh
 
50 most frequently used unix linux commands (with examples)
50 most frequently used unix linux commands (with examples)50 most frequently used unix linux commands (with examples)
50 most frequently used unix linux commands (with examples)Rodrigo Maia
 
Linux Networking Commands
Linux Networking CommandsLinux Networking Commands
Linux Networking Commandstmavroidis
 
55 best linux tips, tricks and command lines
55 best linux tips, tricks and command lines55 best linux tips, tricks and command lines
55 best linux tips, tricks and command linesArif Wahyudi
 
Linux
LinuxLinux
Linuxsravan kumar
 
Linux commands
Linux commandsLinux commands
Linux commandspenetration Tester
 
One Page Linux Manual
One Page Linux ManualOne Page Linux Manual
One Page Linux Manualdummy
 
Linux powerpoint
Linux powerpointLinux powerpoint
Linux powerpointbijanshr
 
system management -shell programming by gaurav raikar
system management -shell programming by gaurav raikarsystem management -shell programming by gaurav raikar
system management -shell programming by gaurav raikarGauravRaikar3
 
KCC_Final.pdf
KCC_Final.pdfKCC_Final.pdf
KCC_Final.pdfOleg Sehelin
 
Jana treek 4
Jana treek 4Jana treek 4
Jana treek 4Jana Treek
 

Más contenido relacionado

La actualidad más candente

linux-commandline-magic-Joomla-World-Conference-2014
linux-commandline-magic-Joomla-World-Conference-2014linux-commandline-magic-Joomla-World-Conference-2014
linux-commandline-magic-Joomla-World-Conference-2014Peter Martin
 
Introduction to linux day-3
Introduction to linux day-3Introduction to linux day-3
Introduction to linux day-3Gourav Varma
 
[PDF] 2021 Termux basic commands list
[PDF] 2021 Termux basic commands list [PDF] 2021 Termux basic commands list
[PDF] 2021 Termux basic commands list nisivaasdfghj
 
2345014 unix-linux-bsd-cheat-sheets-i
2345014 unix-linux-bsd-cheat-sheets-i2345014 unix-linux-bsd-cheat-sheets-i
2345014 unix-linux-bsd-cheat-sheets-iLogesh Kumar Anandhan
 
Useful Linux and Unix commands handbook
Useful Linux and Unix commands handbookUseful Linux and Unix commands handbook
Useful Linux and Unix commands handbookWave Digitech
 
Linux Bash Shell Cheat Sheet for Beginners
Linux Bash Shell Cheat Sheet for BeginnersLinux Bash Shell Cheat Sheet for Beginners
Linux Bash Shell Cheat Sheet for BeginnersDavide Ciambelli
 
Anandha ganesh linux1.ppt
Anandha ganesh linux1.pptAnandha ganesh linux1.ppt
Anandha ganesh linux1.pptanandha ganesh
 
50 most frequently used unix linux commands (with examples)
50 most frequently used unix linux commands (with examples)50 most frequently used unix linux commands (with examples)
50 most frequently used unix linux commands (with examples)Rodrigo Maia
 
Linux Networking Commands
Linux Networking CommandsLinux Networking Commands
Linux Networking Commandstmavroidis
 
55 best linux tips, tricks and command lines
55 best linux tips, tricks and command lines55 best linux tips, tricks and command lines
55 best linux tips, tricks and command linesArif Wahyudi
 
One Page Linux Manual
One Page Linux ManualOne Page Linux Manual
One Page Linux Manualdummy
 
Linux powerpoint
Linux powerpointLinux powerpoint
Linux powerpointbijanshr
 
system management -shell programming by gaurav raikar
system management -shell programming by gaurav raikarsystem management -shell programming by gaurav raikar
system management -shell programming by gaurav raikarGauravRaikar3
 

La actualidad más candente (20)

linux-commandline-magic-Joomla-World-Conference-2014
linux-commandline-magic-Joomla-World-Conference-2014linux-commandline-magic-Joomla-World-Conference-2014
linux-commandline-magic-Joomla-World-Conference-2014
 
Unix - Filters/Editors
Unix - Filters/EditorsUnix - Filters/Editors
Unix - Filters/Editors
 
Introduction to linux day-3
Introduction to linux day-3Introduction to linux day-3
Introduction to linux day-3
 
[PDF] 2021 Termux basic commands list
[PDF] 2021 Termux basic commands list [PDF] 2021 Termux basic commands list
[PDF] 2021 Termux basic commands list
 
2345014 unix-linux-bsd-cheat-sheets-i
2345014 unix-linux-bsd-cheat-sheets-i2345014 unix-linux-bsd-cheat-sheets-i
2345014 unix-linux-bsd-cheat-sheets-i
 
Linux commands
Linux commandsLinux commands
Linux commands
 
Useful Linux and Unix commands handbook
Useful Linux and Unix commands handbookUseful Linux and Unix commands handbook
Useful Linux and Unix commands handbook
 
Linux Bash Shell Cheat Sheet for Beginners
Linux Bash Shell Cheat Sheet for BeginnersLinux Bash Shell Cheat Sheet for Beginners
Linux Bash Shell Cheat Sheet for Beginners
 
Shell programming
Shell programmingShell programming
Shell programming
 
Linux shell scripting
Linux shell scriptingLinux shell scripting
Linux shell scripting
 
Linux Commands
Linux CommandsLinux Commands
Linux Commands
 
Anandha ganesh linux1.ppt
Anandha ganesh linux1.pptAnandha ganesh linux1.ppt
Anandha ganesh linux1.ppt
 
50 most frequently used unix linux commands (with examples)
50 most frequently used unix linux commands (with examples)50 most frequently used unix linux commands (with examples)
50 most frequently used unix linux commands (with examples)
 
Linux Networking Commands
Linux Networking CommandsLinux Networking Commands
Linux Networking Commands
 
55 best linux tips, tricks and command lines
55 best linux tips, tricks and command lines55 best linux tips, tricks and command lines
55 best linux tips, tricks and command lines
 
Linux
LinuxLinux
Linux
 
Linux commands
Linux commandsLinux commands
Linux commands
 
One Page Linux Manual
One Page Linux ManualOne Page Linux Manual
One Page Linux Manual
 
Linux powerpoint
Linux powerpointLinux powerpoint
Linux powerpoint
 
system management -shell programming by gaurav raikar
system management -shell programming by gaurav raikarsystem management -shell programming by gaurav raikar
system management -shell programming by gaurav raikar
 

Similar a Linux class 9 15 oct 2021-5

Linux Capabilities - eng - v2.1.5, compact
Linux Capabilities - eng - v2.1.5, compactLinux Capabilities - eng - v2.1.5, compact
Linux Capabilities - eng - v2.1.5, compactAlessandro Selli
 
Install websphere message broker 8 RHEL 6 64 bits
Install websphere message broker 8 RHEL 6 64 bitsInstall websphere message broker 8 RHEL 6 64 bits
Install websphere message broker 8 RHEL 6 64 bitsManuel Vega
 
Linux advanced privilege escalation
Linux advanced privilege escalationLinux advanced privilege escalation
Linux advanced privilege escalationJameel Nabbo
 
Linux or unix interview questions
Linux or unix interview questionsLinux or unix interview questions
Linux or unix interview questionsTeja Bheemanapally
 
Linux Server Deep Dives (DrupalCon Amsterdam)
Linux Server Deep Dives (DrupalCon Amsterdam)Linux Server Deep Dives (DrupalCon Amsterdam)
Linux Server Deep Dives (DrupalCon Amsterdam)Amin Astaneh
 
Really useful linux commands
Really useful linux commandsReally useful linux commands
Really useful linux commandsMichael J Geiser
 
Trying and evaluating the new features of GlusterFS 3.5
Trying and evaluating the new features of GlusterFS 3.5Trying and evaluating the new features of GlusterFS 3.5
Trying and evaluating the new features of GlusterFS 3.5Keisuke Takahashi
 
Designing Tracing Tools
Designing Tracing ToolsDesigning Tracing Tools
Designing Tracing ToolsSysdig
 
linux_Commads
linux_Commadslinux_Commads
linux_Commadstastedone
 
Containers with systemd-nspawn
Containers with systemd-nspawnContainers with systemd-nspawn
Containers with systemd-nspawnGábor Nyers
 
The New Systems Performance
The New Systems PerformanceThe New Systems Performance
The New Systems PerformanceBrendan Gregg
 

Similar a Linux class 9 15 oct 2021-5 (20)

KCC_Final.pdf
KCC_Final.pdfKCC_Final.pdf
KCC_Final.pdf
 
Jana treek 4
Jana treek 4Jana treek 4
Jana treek 4
 
Linux Capabilities - eng - v2.1.5, compact
Linux Capabilities - eng - v2.1.5, compactLinux Capabilities - eng - v2.1.5, compact
Linux Capabilities - eng - v2.1.5, compact
 
unixtoolbox
unixtoolboxunixtoolbox
unixtoolbox
 
Install websphere message broker 8 RHEL 6 64 bits
Install websphere message broker 8 RHEL 6 64 bitsInstall websphere message broker 8 RHEL 6 64 bits
Install websphere message broker 8 RHEL 6 64 bits
 
Docker practice
Docker practiceDocker practice
Docker practice
 
Linux advanced privilege escalation
Linux advanced privilege escalationLinux advanced privilege escalation
Linux advanced privilege escalation
 
Linux or unix interview questions
Linux or unix interview questionsLinux or unix interview questions
Linux or unix interview questions
 
Linux Server Deep Dives (DrupalCon Amsterdam)
Linux Server Deep Dives (DrupalCon Amsterdam)Linux Server Deep Dives (DrupalCon Amsterdam)
Linux Server Deep Dives (DrupalCon Amsterdam)
 
Really useful linux commands
Really useful linux commandsReally useful linux commands
Really useful linux commands
 
Basic Linux kernel
Basic Linux kernelBasic Linux kernel
Basic Linux kernel
 
Linux lecture6
Linux lecture6Linux lecture6
Linux lecture6
 
Trying and evaluating the new features of GlusterFS 3.5
Trying and evaluating the new features of GlusterFS 3.5Trying and evaluating the new features of GlusterFS 3.5
Trying and evaluating the new features of GlusterFS 3.5
 
Linux startup
Linux startupLinux startup
Linux startup
 
Designing Tracing Tools
Designing Tracing ToolsDesigning Tracing Tools
Designing Tracing Tools
 
Linux
LinuxLinux
Linux
 
linux_Commads
linux_Commadslinux_Commads
linux_Commads
 
Containers with systemd-nspawn
Containers with systemd-nspawnContainers with systemd-nspawn
Containers with systemd-nspawn
 
The New Systems Performance
The New Systems PerformanceThe New Systems Performance
The New Systems Performance
 
Alta disponibilidad en GNU/Linux
Alta disponibilidad en GNU/LinuxAlta disponibilidad en GNU/Linux
Alta disponibilidad en GNU/Linux
 

Más de Khawar Nehal khawar.nehal@atrc.net.pk

Más de Khawar Nehal khawar.nehal@atrc.net.pk (20)

Linux Class 1 Reasons to use linux
Linux Class 1 Reasons to use linux Linux Class 1 Reasons to use linux
Linux Class 1 Reasons to use linux
 
Same old lessons in investing
Same old lessons in investingSame old lessons in investing
Same old lessons in investing
 
Linux class 15 26 oct 2021
Linux class 15 26 oct 2021Linux class 15 26 oct 2021
Linux class 15 26 oct 2021
 
File systems linux class 8
File systems linux class 8File systems linux class 8
File systems linux class 8
 
Linux commands Class 5 - 8 oct 2021
Linux commands Class 5 - 8 oct 2021Linux commands Class 5 - 8 oct 2021
Linux commands Class 5 - 8 oct 2021
 
Linux course fhs file hierarchy standard
Linux course fhs file hierarchy standardLinux course fhs file hierarchy standard
Linux course fhs file hierarchy standard
 
Linux passwords class 4
Linux passwords class 4Linux passwords class 4
Linux passwords class 4
 
Using linux 5 oct 2021 3
Using linux 5 oct 2021 3Using linux 5 oct 2021 3
Using linux 5 oct 2021 3
 
Everyday uses of linux
Everyday uses of linux Everyday uses of linux
Everyday uses of linux
 
Computing people
Computing people Computing people
Computing people
 
Artificial Intelligence by Khawar Nehal
Artificial Intelligence by Khawar NehalArtificial Intelligence by Khawar Nehal
Artificial Intelligence by Khawar Nehal
 
Artificial Intelligence in Banking
Artificial Intelligence in BankingArtificial Intelligence in Banking
Artificial Intelligence in Banking
 
Electric Vehicles
Electric VehiclesElectric Vehicles
Electric Vehicles
 
Electric Vehicles
Electric VehiclesElectric Vehicles
Electric Vehicles
 
RevOps Revenue Operations
RevOps Revenue OperationsRevOps Revenue Operations
RevOps Revenue Operations
 
Management techniques of the world by khawar nehal 4 august 2020-1
Management techniques of the world by khawar nehal 4 august 2020-1Management techniques of the world by khawar nehal 4 august 2020-1
Management techniques of the world by khawar nehal 4 august 2020-1
 
Kona (TM) Autonomous Cars Anti Collision System
Kona (TM) Autonomous Cars Anti Collision SystemKona (TM) Autonomous Cars Anti Collision System
Kona (TM) Autonomous Cars Anti Collision System
 
What was learned about what works in distance learning in 2020
What was learned about what works in distance learning in 2020What was learned about what works in distance learning in 2020
What was learned about what works in distance learning in 2020
 
Values provided by businesses
Values provided by businesses Values provided by businesses
Values provided by businesses
 
Effective and complete Cybersecurity HOWTO
Effective and complete Cybersecurity HOWTOEffective and complete Cybersecurity HOWTO
Effective and complete Cybersecurity HOWTO
 

Último

SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...christianmathematics
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024Janet Corral
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 

Último (20)

SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 

Linux class 9 15 oct 2021-5

  • 2. Linux accounting By : Khawar Nehal 15 October 2021
  • 3. Agenda yum dnf for psacct / acct Monitoring user activity Kerberos LDAP Active Directory System utility commands (date, uptime, hostname, which, cal, bc etc.)
  • 4. Dnf and yum The DNF package manager offers robust features for installing, updating, and removing packages. Dandified yum, better known as DNF, is a software package manager for RPM-based Linux distributions that installs, updates, and removes packages. It was first introduced in Fedora 18 in a testable state (i.e., tech preview), but it's been Fedora's default package manager since Fedora 22.
  • 5. Dnf and yum Since it is the next-generation version of the traditional yum package manager, it has more advanced and robust features than you'll find in yum.
  • 6. Dnf and yum For more details and practice https://opensource.com/article/18/8/guide-yum-dnf
  • 7. User activity This program provides an excellent way to monitor what users are doing, what commands are they firing, how much resources are being consumed by them, how long users are active on the system. Another great feature of this program is it gives total resources consumed by services like Apache, MySQL, FTP,SSH etc.
  • 8. User activity The psacct or acct package provides several features for monitoring process activities. ac command prints the statistics of user logins/logouts (connect time) in hours. lastcomm command prints the information of previously executed commands of user.
  • 9. User activity accton commands is used to turn on/off process for accounting. sa command summarizes information of previously executed commands. last and lastb commands show listing of last logged in users.
  • 10. User activity psacct or acct both are similar packages and there is not much difference between them, but the psacct package only available for rpm based distributions such as RHEL, CentOS and Fedora, whereas acct package available for distributions like Ubuntu, Debian and Linux Mint. To install psacct package under rpm based distributions issue the following yum command. # yum install psacct
  • 11. User activity o install acct package using apt-get command under Ubuntu / Debian / Linux Mint. $ sudo apt-get install acct OR # apt-get install acct
  • 12. Starting psacct or acct service By default psacct service is in disabled mode and you need to start it manually under RHEL/CentOS/Fedora systems. Use the following command to check the status of service. # /etc/init.d/psacct status Process accounting is disabled.
  • 13. Starting psacct or acct service You see the status showing as disabled, so let’s start it manually using the following both commands. These two commands will create a /var/account/pacct file and start services.
  • 14. Starting psacct or acct service # chkconfig psacct on # /etc/init.d/psacct start Starting process accounting: [ OK ] After starting service, check the status again, you will get status as enabled as shown below. # /etc/init.d/psacct status Process accounting is enabled.
  • 15. Starting psacct or acct service Under Ubuntu, Debian and Mint service is started automatically, you don’t need to start it again.
  • 16. Display Statistics of Users Connect Time Under Ubuntu, Debian and Mint service is started automatically, you don’t need to start it again.
  • 17. Display Statistics of Users Connect Time ac command without specifying any argument will displays total statistics of connect time in hours based on the user logins/logouts from the current wtmp file. # ac total 1814.03
  • 18. Display Statistics of Users Day-wise Using command “ac -d” will prints out the total login time in hours by day-wise. # ac -d Sep 17 total 5.23 Sep 18 total 15.20 Sep 24 total 3.21 Sep 25 total 2.27 Sep 26 total 2.64 Sep 27 total 6.19 Oct 1 total 6.41 Oct 3 total 2.42 Oct 4 total 2.52 Oct 5 total 6.11 Oct 8 total 12.98 Oct 9 total 22.65 Oct 11 total 16.18
  • 19. Display Time Totals for each User Using command “ac -p” will print the total login time of each user in hours. # ac -p root 1645.18 tecmint 168.96 total 1814.14
  • 20. Display Individual User Time To get the total login statistics time of user “khawar” in hours, use the command as. # ac khawar total 168.96
  • 21. Display Day-Wise Logn Time of User The following command will prints the day-wise total login time of user “tecmint” in hours. # ac -d tecmint Oct 11 total 8.01 Oct 12 total 24.00 Oct 15 total 70.50 Oct 16 total 23.57 Oct 17 total 24.00 Oct 18 total 18.70 Nov 20 total 0.18
  • 22. Print All Account Activity Information The “sa” command is used to print the summary of commands that were executed by users. # sa 2 9.86re 0.00cp 2466k sshd* 8 1.05re 0.00cp 1064k man 2 10.08re 0.00cp 2562k sshd 12 0.00re 0.00cp 1298k psacct 2 0.00re 0.00cp 1575k troff 14 0.00re 0.00cp 503k ac 10 0.00re 0.00cp 1264k psacct* 10 0.00re 0.00cp 466k consoletype 9 0.00re 0.00cp 509k sa 8 0.02re 0.00cp 769k udisks-helper-a 6 0.00re 0.00cp 1057k touch 6 0.00re 0.00cp 592k gzip
  • 23. Print All Account Activity Information Where 9.86re is a “real time” as per wall clock minutes 0.01cp is a sum of system/user time in cpu minutes 2466k is a cpu-time averaged core usage, i.e. 1k units sshd command name Core memory is another (old) word for RAM.
  • 24. Print All Account Activity Information Core memory. Not included in this course. Just for reference. https://www.youtube.com/watch?v=AwsInQLmjXc https://www.youtube.com/watch?v=paQ3zIsz1-8 https://www.youtube.com/watch?v=7ozNMgx7WtQ
  • 25. Print Individual User Information To get the information of individual user, use the options - u. # sa -u root 0.00 cpu 465k mem accton root 0.00 cpu 1057k mem touch root 0.00 cpu 1298k mem psacct root 0.00 cpu 466k mem consoletype root 0.00 cpu 1264k mem psacct * root 0.00 cpu 1298k mem psacct root 0.00 cpu 466k mem consoletype root 0.00 cpu 1264k mem psacct * root 0.00 cpu 1298k mem psacct root 0.00 cpu 466k mem consoletype root 0.00 cpu 1264k mem psacct * root 0.00 cpu 465k mem accton root 0.00 cpu 1057k mem touch
  • 26. Print Number of Processes This command prints the total number of processes and CPU minutes. If you see continue increase in these numbers, then its time to look into the system about what is happening. # sa -m sshd 2 9.86re 0.00cp 2466k root 127 14.29re 0.00cp 909k
  • 27. Print Sort by Percentage The command “sa -c” displays the highest percentage of users. # sa -c 132 100.00% 24.16re 100.00% 0.01cp 100.00% 923k 2 1.52% 9.86re 40.83% 0.00cp 53.33% 2466k sshd* 8 6.06% 1.05re 4.34% 0.00cp 20.00% 1064k man 2 1.52% 10.08re 41.73% 0.00cp 13.33% 2562k sshd 12 9.09% 0.00re 0.01% 0.00cp 6.67% 1298k psacct 2 1.52% 0.00re 0.00% 0.00cp 6.67% 1575k troff 18 13.64% 0.00re 0.00% 0.00cp 0.00% 509k sa 14 10.61% 0.00re 0.00% 0.00cp 0.00% 503k ac 10 7.58% 0.00re 0.00% 0.00cp 0.00% 1264k psacct* 10 7.58% 0.00re 0.00% 0.00cp 0.00% 466k consoletype 8 6.06% 0.02re 0.07% 0.00cp 0.00% 769k udisks-helper-a 6 4.55% 0.00re 0.00% 0.00cp 0.00% 1057k touch 6 4.55% 0.00re 0.00% 0.00cp 0.00% 592k gzip
  • 28. List Last Executed Commands of User The ‘latcomm‘ command is used to search and display previously executed user commands information. You can also search commands of individual usernames. For example, we see commands of user (tecmint).
  • 29. List Last Executed Commands of User # lastcomm tecmint su tecmint pts/0 0.00 secs Wed Feb 13 15:56 ls tecmint pts/0 0.00 secs Wed Feb 13 15:56 ls tecmint pts/0 0.00 secs Wed Feb 13 15:56 ls tecmint pts/0 0.00 secs Wed Feb 13 15:56 bash F tecmint pts/0 0.00 secs Wed Feb 13 15:56 id tecmint pts/0 0.00 secs Wed Feb 13 15:56 grep tecmint pts/0 0.00 secs Wed Feb 13 15:56 grep tecmint pts/0 0.00 secs Wed Feb 13 15:56 bash F tecmint pts/0 0.00 secs Wed Feb 13 15:56 dircolors tecmint pts/0 0.00 secs Wed Feb 13 15:56 bash F tecmint pts/0 0.00 secs Wed Feb 13 15:56 tput tecmint pts/0 0.00 secs Wed Feb 13 15:56
  • 30. Search Logs for Commands With the help of the lastcomm command you will be able to view individual use of an each commands. # lastcomm ls ls tecmint pts/0 0.00 secs Wed Feb 13 15:56 ls tecmint pts/0 0.00 secs Wed Feb 13 15:56 ls tecmint pts/0 0.00 secs Wed Feb 13 15:56
  • 31. User activity For more practice https://www.tecmint.com/how-to-monitor-user-acti vity-with-psacct-or-acct-tools/
  • 32. Directory Services Kerberos is used to manage credentials securely (authentication) while LDAP is used for holding authoritative information about the accounts, such as what they're allowed to access (authorization), the user's full name and uid. Active Directory is a combination of Kerberos and LDAP.
  • 33. Kerberos Kerberos (/ k rb r s/) is a computer-network ˈ ɜː ə ɒ authentication protocol that works on the basis of tickets to allow nodes communicating over a non- secure network to prove their identity to one another in a secure manner.
  • 34. Kerberos The protocol was named after the character Kerberos (or Cerberus) from Greek mythology, the ferocious three-headed guard dog of Hades. Its designers aimed it primarily at a client–server model, and it provides mutual authentication— both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks.
  • 36. Kerberos Kerberos builds on symmetric-key cryptography and requires a trusted third party, and optionally may use public-key cryptography during certain phases of authentication.[2] Kerberos uses UDP port 88 by default.
  • 37. Kerberos The client authenticates itself to the Authentication Server (AS) which forwards the username to a key distribution center (KDC). The KDC issues a ticket-granting ticket (TGT), which is time stamped and encrypts it using the ticket-granting service's (TGS) secret key and returns the encrypted result to the user's workstation.
  • 38. Kerberos This is done infrequently, typically at user logon; the TGT expires at some point although it may be transparently renewed by the user's session manager while they are logged in.
  • 39. Kerberos When the client needs to communicate with a service on another node (a "principal", in Kerberos parlance), the client sends the TGT to the TGS, which usually shares the same host as the KDC. The service must have already been registered with the TGS with a Service Principal Name (SPN). The client uses the SPN to request access to this service.
  • 40. Kerberos After verifying that the TGT is valid and that the user is permitted to access the requested service, the TGS issues ticket and session keys to the client. The client then sends the ticket to the service server (SS) along with its service request.
  • 42. Kerberos Some explanation of how Kerberos works https://www.youtube.com/watch?v=kp5d8Yv3-0c
  • 43. LDAP LDAP (Lightweight Directory Access Protocol) is a software protocol for enabling anyone to locate data about organizations, individuals and other resources such as files and devices in a network -- whether on the public Internet or on a corporate Intranet. LDAP is a "lightweight" (smaller amount of code) version of Directory Access Protocol (DAP), which is part of X.500, a standard for directory services in a network.
  • 44. LDAP A directory tells the user where in the network something is located. On TCP/IP networks (including the internet), the domain name system (DNS) is the directory system used to relate the domain name to a specific network address (a unique location on the network). However, the user may not know the domain name. LDAP allows a user to search for an individual without knowing where they're located (although additional information will help with the search).
  • 45. Uses of LDAP The common use of LDAP is to provide a central place for authentication -- meaning it stores usernames and passwords. LDAP can then be used in different applications or services to validate users with a plugin. As some examples, LDAP can be used to validate usernames and passwords with Docker, Jenkins, Kubernetes, Open VPN and Linux Samba servers. LDAP single sign-on can also be used by system administrators to control access to an LDAP database.
  • 46. Uses of LDAP LDAP can also be used to add operations into a directory server database, authenticate -- or bind -- sessions, delete LDAP entries, search and compare entries using different commands, modify existing entries, extend entries, abandon requests or unbind operations.
  • 49. System Utilities Try cal 9 1752 https://www.historic-uk.com/HistoryUK/HistoryofBr itain/Give-us-our-eleven-days/
  • 50. Agenda yum dnf for psacct / acct Monitoring user activity Kerberos LDAP Active Directory System utility commands (date, uptime, hostname, which, cal, bc etc.)