Explore key concepts and best practices for SSH, SCP, and secure remote access in Linux environments. This quiz challenges your understanding of secure shell commands, file transfers, and remote session management critical for DevOps workflows.
Which method allows passwordless SSH login by using a public and private key pair, as commonly implemented for server automation tasks?
Explanation: Public key authentication enables passwordless SSH logins by verifying the private key on the client and the authorized public key on the server. Username passphrase refers to simply using a password for login and does not achieve passwordless access. Two-factor authentication involves an additional code or device and, while secure, is not specifically the method for passwordless SSH. Kerberos authentication uses ticket-based access, which is different from public key-based SSH authentication.
When transferring a local file named 'backup.tar.gz' to the '/var/backup' directory on a remote server with SCP, which command format should you use?
Explanation: The correct command format is 'scp backup.tar.gz user@remote:/var/backup/', which sends the file from your local system to the remote server under the specified directory. The second and fourth options reverse the source and destination or mix up the order, making them invalid. The third option incorrectly places the remote host information at the wrong location in the command.
Which SSH feature allows you to securely tunnel network connections from your local machine to a remote service through an encrypted channel?
Explanation: Port forwarding lets you tunnel network connections using SSH, providing secure access to remote services not directly reachable. A reverse shell refers to a shell session initiated from the target back to the attacker, which is unrelated to SSH tunneling. Remote desktop provides graphical interface access, not SSH channel tunneling. Key forwarding allows your authentication key to be used on remote servers, not for network tunneling.
What is the recommended way to limit remote SSH access to a specific set of users on a Linux server?
Explanation: Setting the AllowUsers directive in the SSH configuration file restricts SSH access to only specified users for better security. Simply removing users from /etc/group does not effectively stop them from attempting SSH logins if their accounts exist. Changing the server hostname has no impact on SSH user access. Setting a root password is not related to user access control for SSH and can be insecure.
By default, which TCP port does the SSH service listen on for incoming connections in standard Linux installations?
Explanation: SSH uses TCP port 22 by default for secure remote connections. Port 21 is used for FTP, port 80 for HTTP, and port 443 for HTTPS. Changing the default SSH port (22) is possible for additional security, but unless specifically modified, SSH listens on port 22.