Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- debian@Radar:/home$ sudo su
- root@Radar:/home# su -
- root@Radar:~# ls -ltr
- total 0
- root@Radar:~# cd home
- -bash: cd: home: No such file or directory
- root@Radar:~# cd /home
- root@Radar:/home# mkdir ~/.ssh
- mkdir: cannot create directory ‘/root/.ssh’: File exists
- root@Radar:/home# cd debian
- root@Radar:/home/debian# su -
- root@Radar:~# apt update
- Get:1 http://security.debia ...
- ...
- root@Radar:~# apt install git
- Reading package lists... Done
- Building ...
- ...
- root@Radar:~# git clone https://github.com/gacallea/itn1_cluster.git /root/itn1_cluster_repo
- Cloning into '/root/itn1_cluster_repo'...
- ...
- root@Radar:~# nano /root/itn1_cluster_repo/itn1_cluster/files/node-secret.yaml
- root@Radar:~# nano /root/itn1_cluster_repo/itn1_cluster/scripts/itn1_config
- root@Radar:~# cd /root/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers/
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# groupadd ssh-users
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# grep "ssh-users" /etc/group
- ssh-users:x:1001:
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# useradd -c "griff" -m -d /home/griff -s /bin/bash -G sudo,ssh-users griff
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# groups griff
- griff : griff sudo ssh-users
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# passwd griff
- New password:
- Retype new password:
- passwd: password updated successfully
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# su - griff
- griff@Radar:~$ mkdir ~/.ssh
- griff@Radar:~$ sudo nano ~/.ssh/authorized_keys
- griff@Radar:~$ sudo su -
- root@Radar:~# cd /root/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers/
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# ./itn1_prepare --create-pool-user
- passwd: password expiry information changed.
- User 'pooldozer' successfully created with home dir '/home/pooldozer' ***shit meant for that to be 'pooluser'
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# apt update
- Hit:1 http://security.debian.org buster/upda ...
- ...
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# apt install bc cbm ccze chrony curl dateutils fail2ban
- htop jq musl net-tools ripgrep speedtest-cli sysstat tcptraceroute wget
- Reading package lists... Done
- ...root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# nano /etc/apt/sources.list
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# sudo systemctl restart sshd
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# ./itn1_prepare --install-software
- Hit:1 http://security.debian.org buster/updates InRelease
- Hit:2 http://deb.debian.org/d ...
- ...
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# curl -sLOJ https://github.com/input-output-hk/jormungandr/releases/download/v0.8.16/jormungandr-v0.8.16-x86_64-unknown-linux-gnu-generic.tar.gz
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# tar xzvf jormungandr-v0.8.16-x86_64-unknown-linux-gnu-generic.tar.gz
- jormungandr
- jcli
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# mv jcli /usr/local/bin/
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# mv jormungandr /usr/local/bin/
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# chmod +x /usr/local/bin/jcli
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# chmod +x /usr/local/bin/jormungandr
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# chown -R root\: /usr/local/bin/
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# update-alternatives --config iptables
- There are 2 choices for the alternative iptables (providing /usr/sbin/iptables).
- Selection Path Priority Status
- ------------------------------------------------------------
- * 0 /usr/sbin/iptables-nft 20 auto mode
- 1 /usr/sbin/iptables-legacy 10 manual mode
- 2 /usr/sbin/iptables-nft 20 manual mode
- Press <enter> to keep the current choice[*], or type selection number:
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# FirewallBackend=nftables
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# LogDenied=all
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# firewall-cmd --permanent --zone=public --add-service=ssh
- Warning: ALREADY_ENABLED: ssh
- success
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# firewall-cmd --permanent --zone=public --add-port=5269/tcp
- success
- root@Radar:~/itn1_cluster_repo/itn1_cluster/scripts/itn1_helpers# ./itn1_prepare --set-firewall
- success
- success
- success
- Reloading firewall
- Error: COMMAND_FAILED: '/usr/sbin/iptables-restore -w -n' failed: iptables-restore v1.8.2 (nf_tables):
- line 4: RULE_REPLACE failed (No such file or directory): rule in chain INPUT
- line 4: RULE_REPLACE failed (No such file or directory): rule in chain OUTPUT
- These are your new firewall rules:
- public
- target: default
- icmp-block-inversion: no
- interfaces:
- sources:
- services:
- ports:
- protocols:
- masquerade: no
- forward-ports:
- source-ports:
- icmp-blocks:
- rich rules:
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement