SSH and Sudoers

After I had set up the server to connect to my internet source, the next step to cover was a way to communicate to it without using the User Interface. As there are many solutions, one of the most common, safe and secure is the SSH protocol (Secure SHell).

In order to archive this in the Ubuntu Server, I followed this tutorial:

 # sudo apt-get install openssh-client openssh-server 

Just one command line does the job, but that is not enough. Because I knew which computers were going to connect, also I set up the SSH to trust those connections coming from a certified key, also I followed this tutorial. Those are easy steps, first create a certificate on the client (1), transfer the public key from the client to the server (2) and add the definition to the file of "Authorized keys" (3)

 (1) Client # ssh-keygen -t rsa
 (2) C -> S # CP rsa_pub -> ~/.ssh/
 (3) Server # cat rsa_pub >> authorized_keys 

With that, the next time you are trying to authenticate, if everything went right, it will automatically prompt the console of the remote server.

With this in place, the only missing part was to have a script that automatically reseted the Wlan0 everytime it would (re)start the OS. To archive this, I started searching for the SUDOers and how to execute scripts on init, this is what I found:

 # sudo nano /etc/sudoers
 (TO THE END OF THE FILE)

- Cmnd_Alias SHUTDOWN_CMDS = /sbin/shutdown, 
      /sbin/halt, /sbin/reboot
- USER_NAME ALL=(ALL) NOPASSWD: SHUTDOWN_CMDS
# The user can the control machine's reset/shutdown
- USER_NAME ALL=(ALL) NOPASSWD: /etc/network/wlanStart.sh  
# The script on this folder can be SUDOer
 

And then set up the script to run on startup.

Easy, not??

Sources:

• OpenSSH Server
• SSH/OpenSSH/Keys
• Sudoers
• Automate SUDO commands at startup e.g. for enabling WIFI
• How to autostart a .sh after login?
• How to harden an SSH server?