RHCE Objectives: Network services

Network services are an important subset of the exam objectives. RHCE candidates should be capable of meeting the following objectives for each of the network services listed below:

  • Install the packages needed to provide the service
  • Configure SELinux to support the service
  • Use SELinux port labeling to allow services to use non-standard ports
  • Configure the service to start when the system is booted
  • Configure the service for basic operation
  • Configure host-based and user-based security for the service
  • Configure key-based authentication
  • Configure additional options described in documentation

Install: yum install sshd (technically it’s already in place but to satisfy the listing above). You’ll need to add it to the firewall if it’s not there already: firewall-cmd –permanent –add-service=ssh; firewall-cmd –reload

Configure SELinux to support: Should already be there

Use SELinux Port labeling: See NTP. You’ll need to change /etc/ssh/sshd_config port command if you use a different port.

Configure the service to start: systemctl enable sshd

Configure the service for basic operation: again, already started.

Configure host-based and user-based security for the service:


Configure key-based authentication: Simple enough. In your home directory, create a .ssh directory chmod 700. Run ssh-keygen -t rsa and hit enter through the prompts. On the second machine, create a .ssh directory also chmod 700 and copy the id_rsa.pub file from server 1 to server to:.ssh/authorized_keys

Configure additional options: Edit the /etc/ssh/sshd_config file. The file itself is pretty clearly documented. Commented out commands show the default option. Restart the service after changes (systemctl restart sshd).

This entry was posted in Computers and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *