Advanced Linux Concepts & System Administration

Today I shifted focus from basic Linux operations to administrative control and system-level management.
The goal was to understand how Linux handles users, permissions, services, networking, and secure data movement, and to practice enabling password-based SSH authentication for flexibility in connecting to servers.

---

1. Stream Editor (SED)

The sed command is a stream editor used to quickly modify file contents without opening them in editors like vi or nano.
This is especially useful for automated changes in scripts, or when working with large log/config files.

Example 1 – Replace "dev" with "prod" in config.txt:
sed -i 's/dev/prod/g' config.txt

• -i → edits the file in place instead of printing to screen

• s/dev/prod/g → search for dev, replace with prod, g means “global” in each line

Example 2 – Remove all lines containing the word "DEBUG":
sed -i '/DEBUG/d' app.log

• /DEBUG/ → find any line with the word DEBUG

• d → delete those lines

---

2. Linux Directory Structure

Linux is organized in a hierarchical tree structure.
Understanding where files are stored helps when troubleshooting or configuring services.

• / → Root directory (top of the filesystem)

• /home → Home directories for regular users (/home/ec2-user)

• /etc → Configuration files (e.g., /etc/ssh/sshd_config)

• /var → Variable data like logs (/var/log/messages)

• /bin → Essential system binaries (commands like ls, cp)

• /usr → Applications and user programs (/usr/bin/python3)

• /tmp → Temporary files (auto-cleared on reboot)

Example – To read the Apache web server configuration:
cat /etc/httpd/conf/httpd.conf

---

3. File Permissions

Every file or directory in Linux has an access control setting defining what users can do.

Three groups:

• User (u) → Owner of the file

• Group (g) → Members of the file’s group

• Others (o) → All other users

Permission types:

• r = Read → view file contents or list directory

• w = Write → modify file contents or create/delete in a directory

• x = Execute → run a script/program, or enter a directory

Example – Output of ls -l file.txt:
rw- r-- r-- file.txt

• User: rw- → can read & write

• Group: r-- → can read only

• Others: r-- → can read only

Changing permissions:

• Give execute permission to user → chmod u+x script.sh

• rwx for user, r-x for group & others → chmod 755 script.sh

• Add specific rights → chmod u+r,g+rx,o+rw file.txt

---

4. Changing File Ownership

The chown command changes file ownership. This is essential when files are moved between users or services that need access.

Example – Assign ownership to ec2-user:
sudo chown ec2-user:ec2-user file.txt

Here, user:group format changes both the owner and the group in one command.

---

5. Package Management

Every Linux distribution uses a package manager to install, update, and remove software.

• Amazon Linux / RHEL / CentOS: sudo yum install httpd

• Ubuntu / Debian: sudo apt install apache2

Package managers handle dependencies, so you don’t need to manually find and install them.

---

6. Environment Variables

Environment variables store key-value pairs that can be used by applications and scripts.

• Temporary variable → export NAME="Akanksha"

• View value → echo $NAME

• Remove variable → unset NAME

To make variables permanent, add them to your ~/.bashrc file:
export NAME="Akanksha"
Then reload → source ~/.bashrc

Permanent variables are useful for paths, credentials, and configuration values used across sessions.

---

7. Managing Services with systemctl

systemctl controls services in systemd-based Linux systems.

• Start service → sudo systemctl start httpd

• Stop service → sudo systemctl stop httpd

• Restart service → sudo systemctl restart httpd

• Enable on boot → sudo systemctl enable httpd

• Check status → sudo systemctl status httpd

This is important when working with web servers, databases, or background services.

---

8. Networking Commands

• ping google.com → Test network connectivity

• ifconfig or ip addr → Show network interfaces and IPs

• wget URL → Download a file from the internet

• curl URL → Send HTTP request and fetch response

Example – Check if your instance can reach AWS:
ping amazon.com

---

9. File Transfers Between Systems

Windows ↔ Linux (EC2)

• GUI Method: WinSCP – connect using Public IP, username (ec2-user), and .pem key

• Command-line: scp -i key.pem file.txt ec2-user@<IP_ADDRESS>:/home/ec2-user/

Linux ↔ Linux

• Using scp: scp -i key.pem file.txt ec2-user@<IP_ADDRESS>:/home/ec2-user/

• Using rsync: rsync -avz -e "ssh -i key.pem" file.txt ec2-user@<IP_ADDRESS>:/home/ec2-user/

rsync is faster for large transfers because it copies only changes instead of the whole file again.

---

10. Setting Up Password-Based SSH Authentication

AWS EC2 by default disables password login for security. But for lab setups or quick connections, you can enable it.

Step 1: Connect with .pem key.

Step 2: Set a password for the user:
sudo passwd ec2-user

Step 3: Edit SSH config:
sudo vi /etc/ssh/sshd_config

• Change PasswordAuthentication no → PasswordAuthentication yes

• Change PermitRootLogin prohibit-password → PermitRootLogin yes

Step 4: Restart SSH service:
sudo systemctl restart sshd

Step 5: Login using → ssh ec2-user@<IP_ADDRESS> and enter the password.

Use key-based authentication in production — password logins are more vulnerable to brute-force attacks.

---

✅ Today’s Takeaways:

• Learned file permissions and ownership deeply

• Managed services, packages, and users

• Understood environment variables and where to store them

• Practiced secure file transfers between systems

• Enabled password-based SSH for lab flexibility