[LINUX] yps parallel running memorandum Task1 EC2 instance creation-SSH connection-environment setting @ Win environment

The curriculum yps, which is open to the public on Twitter for free, has started running in parallel from this month. I will write down all the memorandums.

By the way, my environment is a Win environment, which is probably a small number, so I hope it will be useful for those who are in trouble because of the minors. The terms and understanding are appropriate, so please let me know if you make a mistake ...

Advance preparation -Read Task0 first to understand the rules --Amazon AWS account --GitHub account (no need for task3)

Recommendation

-Linux standard textbook

• Free PDF, read if you get lost with Linux commands

• TeraTerm

• Recommended by yotaro, personally no inconvenience at VS Code x command prompt so far

Task1 Preparing the cloud environment

** What to do in advance ** --Open AWS account --Keep the command prompt ready to use (I'm pinned to the taskbar)

Task1 procedure

Reference: https://github.com/yotaro-ok/yps/blob/master/task_1.md

Step1. Create a CentOS instance on EC2 (set up a virtual server in the cloud)

** Crisp flow ** EC2 ⇒ Instance ⇒ Create instance ⇒ Select CentOS 7 for free frame ⇒ Check the price list, select t2.micro (free frame) ⇒ Change storage to 30 GiB ⇒ Create and start instance ⇒ Create key pair ⇒ Display instance

** Step details **

1. Select ** "EC2" ** in the AWS Management Console
2. Select ** Instance ** from the menu on the left
3. Press the blue ** "Create Instance" ** button
4. Check ** "Free tier only" on the left side ** and click ** "AWS Marketplace" **
5. Type ** "CentOS 7" ** in the search bar at the top and Enter
6. Click ** Continue ** at the bottom right as the price list will appear after the free tier ends.
7. On the instance type selection screen, check the second from the top, ** "Target for free usage" ** and ** "t2.micro" ** displayed in green.
8. Click ** "Next Step: Set Instance Details" ** at the bottom right
9. There is nothing to set in detail, so just click ** "Next Step: Add Storage" ** at the bottom right.
10. There is a box with size (GiB) written in the middle, so enter ** 30 ** (* Initially it is probably 8)
11. Click ** "Next Step: Add Tag" **
12. You don't need to add any tags, so if you don't add them, click ** "Next Step: Security Group Settings" **
13. Click ** "Confirm and Create" **
14. Click "Launch" and the message "Select an existing key pair or create a new key pair" will be displayed. ** Select "Create a new key pair", give it an appropriate name, and download * * (This file will replace the password later)
15. If you are worried about billing, you can set up an email from "Create billing alert" and you will be notified when the free tier is about to be used up.
16. Click ** View Instance **
17. ** Creation is complete if the instance status is "running" ** (This window will be used as it is in the environment settings, so leave it unclosed.)

Step.2 SSH connection (connect to the instance created in the cloud from your own computer)

1. Move the downloaded private key file (.pem file) to your desktop
2. Select the created instance and copy the one that says IPv4 public IP (* It is recommended to use it because the copy icon appears on the right side)
3. Open a command prompt and type the following 3 to 5 commands in order.
4. mkdir .ssh (** Explanation: Create a hidden folder called **. Ssh)
5. copy Desktop \ xxxx.pem .ssh (** Explanation: ** Copy the desktop private key file to the .ssh file created earlier)
6. ssh [email protected] -i .ssh / xxx.pem (** Explanation: ** As a centos user, ssh connect to the IP address of xx.xx.xx.xx after -i I will use the private key file)
7. Type whoami and if centos is displayed, the connection is complete.

Step.3 Environment settings (change settings so that you can play around with them and prevent malicious connections)

Disable SELinux by entering the following command while connected with the above SSH, so that you can change the settings

2. sudo setenforce 0 (** Explanation: ** sudo is a command that allows you to use administrator privileges, temporarily disables SELinux)
3. sudo vi / etc / selinux / config (** Explanation: ** Edit SELinux file)
4. Find the place where ** "SELINUX = enforcing" ** is displayed on the screen and change it to ** "SELINUX = disabled" ** -* Press i key to edit mode, wq to save and exit
5. If you type getenforce and return ** Permissive **, it's OK.
6. Return to the AWS management console screen and click the blue text link ** starting with ** "CentOs 7" next to the security group at the bottom right.
7. Click ** "Inbound Rules" ** at the bottom, then click the ** "Edit Inbound Rules" ** button.
8. Click ** "Add Rule" ** on the left side
9. Select ** "Custom TCP" ** as the type
10. Enter ** "Any number within 49152 to 65536" ** in the port range (port ≒ door number to enter the server)
11. The source is ** "Custom" ** and enter ** 0.0.0.0/0 ** in the magnifying glass next to it.
12. Click ** "Save Rule" ** at the bottom right
13. Enter the following command at the command prompt
14. sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.org (** Explanation: ** Back up the original file of sshd_config with the file name sshd_config.org)
15. sudo vi / etc / ssh / sshd_config (** Explanation: ** Edit the sshd_config file to configure the server computer access settings)
16. sshd_config file changes (operation that prohibits the login of the root user so that it can only be entered from the port set by yourself) --Change the number 22 where "#Port 22" is written to the port number set in 10. (# is a comment out, so remove it) --Changed the place where "#PermitRootLogin Yes" is written to "PermitRootLogin No" (# is a comment out, so remove it) --i exits edit mode,: wq saves changes and returns to terminal
17. Check if the change is correct --If nothing is displayed by typing sudo sshd -t, the setting is OK. --Restart the server with sudo systemctl restart sshd for the settings to take effect
18. Type the following command to create a swap area (sshd area to use when the server's main memory runs out)

• sudo -s /bin/dd if=/dev/zero of=/var/swap.1 bs=1M count=1024
• sudo -s /sbin/mkswap /var/swap.1
• sudo -s /sbin/swapon /var/swap.1

Step.4 Confirmation of completion of environment setting

1. Type ʻexit` on the logged-in terminal screen to log out once.
2. Check if you can log in by typing the following command at the command prompt --ssh -p xxxxxx (set port number) [email protected] (EC2 IP address) -i .ssh / xxx (private key file name) .pem
3. If you can log in, the port settings have been completed without any problems.
4. Return to AWS Management Console
5. From editing inbound rules
6. Delete SSH (port 22), save rule

** In addition, AWS will be charged if one or more instances are running, so stop or terminate other than the instance you are using **

If you can do so far, Task 1 is finished because the server has been created in the cloud for the time being