/Operating Systems – Remote Access & UNIX Shell

Learning Outcomes

After completing these activities you should be able to:

This lesson introduces you to UNIX, an OS you probably are not familiar with. Part and parcel with that, we'll learn how to use a UNIX machine remotely - i.e. use it even though we don't have physical access to it - using a tool called ssh. The UNIX command shell is similar to the Windows command shell, but not identical: many command names are different, UNIX uses forward slashes (/) instead of back slashes (\) to separate elements of path names, and in UNIX there's only one file system hierarchy, rather than many file system hierarchies, each rooted at a different drive letter (e.g. "C:"). Finally, in this lesson we revisit and expand on the OS's role in managing user accounts and controlling access to the file-system.

rona, ssh, and using a computer remotely

The course server is a UNIX machine (a computer running a UNIX operating system rather than Windows) named rona that we all have accounts on. We can all use rona at the same time ... but what does "use" mean when you don't have physical access to the computer like your laptops? It means we can open a shell, execute commands, and create-view-edit files. The Program ssh gives us a shell whose commands execute on rona, but display to and get keyboard input from our laptops. So, with ssh we can use rona from the comfort of our own laptop.

If your user name is mxxxx here's how you would use the ssh command in a Windows shell on your laptop to open up a shell whose commands actually execute on rona:

C:\> ssh mxxxx@rona.academy.usna.edu
So, the command is ssh, and the argument is m18xxxx@rona.academy.usna.edu, which is the user name, @ the name of the computer you want to login to. Of course you'll have to give your password before you're allowed on! A new shell window will pop up, and commands entered into this shell window execute on the remote computer (rona), not on your laptop.

UNIX and the UNIX command shell

Now that you are a UNIX user see what your future holds!
Linux User at Best Buy
http://xkcd.com/272/

UNIX in the military



In your limited experience as a Plebe here at USNA, your OS experience is probably all Windows. However, UNIX is in widespread use in the military. Click on the image on the right and read about the Navy choosing UNIX for controlling drones.
UNIX is already used to run the most advanced Fire Control and Sonar systems in the submarine fleet.

Your CAC has an Operating System.

"Open Platform Version 2.1.1" is the operating system installed on your CAC. It has a file-system, runs programs written in "JavaCard" (a subset of the Java programming language), and can run multiple processes at the same time.

rona's OS is called Linux, which is an open-source UNIX operating system. By contrast, Mac OS X, is a closed source UNIX operating system. At any rate, we won't distinguish much between the different flavors of UNIX, and we'll just call them "UNIX". So, why do you need to be familiar with UNIX? Because there are a lot of computers running UNIX out there, and because a lot of security-related tools are for UNIX or based on UNIX.

UNIX commands and the UNIX shell should look pretty familiar, since you have experience with the Windows shell. The concepts of commands and arguments are basically the same, and you still have tab-completion and the up-arrow to retrieve previous commands. Ctrl-c kills an executing command, just like in the Windows shell. However, there are a few important differences that you need to understand to do much of anything.

  1. Elements of a file-system path are separated by forward slashes (/) instead of back slashes (\).
  2. Case (as in UPPER CASE vs. lower case) matters in command names and path names, e.g. Foo, FOO and foo are all different names in UNIX.
  3. Instead of many file systems, each rooted at a different drive letter, there is only one file system on a UNIX system, and it is rooted at forward slash (/).
  4. Lots of the command names are different — usually shorter. For example the Windows shell command
    copy name.txt myname.txt
    would be written in a UNIX shell as
    cp name.txt myname.txt
    which means the same thing, just uses the name cp instead of copy. Under course resources (the "r" button in the navigation bar) there is a link to a short Windows/UNIX Dictionary that you can refer to.
In class, you logged into your rona account via ssh and did the same kind of file system operations from a shell on rona that you did the previous class from a Windows shell on your laptop.

The basic concepts of process, user names, file ownership and OS control over what processes can access which files are all there in UNIX, just as in Windows. On rona, where there are hundreds of users, controlling who accesses what is really important!

Return to Windows: Revisiting the OS's role in user accounts and controlling access

OS control over access to files is a really important topic — especially to a student of cyber security! Recall: Every process has an owner (given by user name), and every file/directory has an owner (given by user name) and, in the normal course of events, process X is only allowed access to file/directory Y if the owner of X is the same as the owner of Y. There are two exceptions:
  1. the owner of a file/directory can choose to explicitly allow access to the file by other users; and
  2. there are privileged users (Administrator account in Windows, root account in UNIX), a process owned by a privileged user can access files/directories they don't own. The Administrator and root accounts are super-user accounts. A process owned by Administrator/root can access any file/directory.
For extra practice with file system operations in a shell, work through these activities.


http://www.xkcd.com