Lab 00: A noobs questions about SSH

LFCS
#1

I have a question regarding the first lab.

LAB: LOGGING IN AND SYSTEM DOCUMENTATION

In the first lab it prompts me to use the ssh command to do the following:

SSH into dev-host01 host from centos-host and create a blank file called /home/bob/myfile in dev-host01 host.

You should be able to create the file using touch /home/bob/myfile command.


Please find below the SSH credentials for dev-host01 host:

Host: dev-host01
Username: bob

Password: *********

Remember to type exit when you finish this task.

What I tried:

  • Recognized a mistake
[bob@centos-host ~]$ ssh centos-host@dev-host01
The authenticity of host 'dev-host01 (192.19.26.3)' can't be established.
ECDSA key fingerprint is SHA256:hfO5K6iTZOS3EJ1YtBH0Kls1Yg/bSJe6Pwg2mXWvZW0.
Are you sure you want to continue connecting (yes/no/[fingerprint])? no
Host key verification failed.

In this block above, I attempted to connect to some user (wrong name) at some domain dev-host01. I recognized the mistake and typed no.

  • Making another mistake?
[bob@centos-host ~]$ ssh bob@dev-host01
The authenticity of host 'dev-host01 (192.19.26.3)' can't be established.
ECDSA key fingerprint is SHA256:hfO5K6iTZOS3EJ1YtBH0Kls1Yg/bSJe6Pwg2mXWvZW0.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'dev-host01,192.19.26.3' (ECDSA) to the list of known hosts.
bob@dev-host01's password:
Permission denied, please try again.
bob@dev-host01's password:
Permission denied, please try again.
bob@dev-host01's password:
Last failed login: Fri Oct 20 12:25:23 UTC 2023 from 192.19.26.12 on ssh:notty
There were 2 failed login attempts since the last successful login.

In this block you can see that I have tried to connect to bob@dev-host01. I thought that was correct? However, the password was not correct. I am 100% sure I typed the correct password.

Big Questions

  1. Did I do something wrong?
  2. What is the correct command? I thought it was ssh user_name@host_name.
  3. I forgot to do this Remember to type exit when you finish this task.. Is this a problem? Or does the environment tear itself down after some time?
  4. Did I do something that could compromise my own device’s security? Or is this all running as a sandboxed environment? Who did I connect to?
#2

Hi @will.fehlhaber

I recently made the lab with these steps:

ssh bob@dev-host01
yes
passwordInput
touch /home/bob/myfile
exit

So you are correct, that’s how it’s done. If you check well the password then maybe the ssh login could get locked by the many attemps you tried first. But if you reload the lab that should not be a problem.

So try again, maybe there was a bug issue, or maybe you locked the ssh login (If the lab have that implemented of course, I’m not 100% sure). Another theory that what could happend: if some packet went lost during the handshake [but that’s just a theory because if the connection is TCP that will not happen] maybe you can’t get access to the login.

Answering your 4 point: No you didn’t compromise your device because you never login to the ssh, and the labs are sandboxed as you said, there are working in containers in the backend services of KodeKloud. So by simple trying to get login through ssh, in your case you can relax and be almost certain that your devices doesn’t get affected. But if you think it does, by some reason, contact the KodeKloud service. I’m just a regular user trying to help you in my study break time. But in simple a simple answer: If you think that the Kodekloud Backend and Frontend web services was well deployed in your computer, and maybe you just have a bad luck by any mentioned above, then the answer is no, you don’t get infected by something. But as cibersecurity is a long topic and I don’t kow how you use your computer, maybe you can contact the kodekloud team to ask if they can check your lab logs, and tell you if you are fine.

Hope it helps!