Unit 9 Lab - Certificate and Key Madness
Info
If you are unable to finish the lab in the ProLUG lab environment we ask you reboot the machine from the command line so that other students will have the intended environment.
Required Materials
- Putty or other connection tool Lab Server
- Root or sudo command access
- STIG Viewer 2.18 (download from https://public.cyber.mil/stigs/downloads/ )
Lab 🧪
These labs focus on pulling metric information and then visualizing that data quickly on dashboards for real time analysis.
Downloads
The lab has been provided below. The document(s) can be transposed to
the desired format so long as the content is preserved. For example, the .txt
could be transposed to a .md file.
Setting up Rsyslog with TLS
- Complete the lab: https://killercoda.com/het-tanis/course/Linux-Labs/211-setting-up-rsyslog-with-tls
Review Solving the Bottom Turtle
- Review pages 41-48 of https://spiffe.io/pdf/Solving-the-bottom-turtle-SPIFFE-SPIRE-Book.pdf
- Does the diagram on page 44 make sense to you for what you did with a certificate authority in this lab?
SSH – Public and Private key pairs
- Complete the lab: https://killercoda.com/het-tanis/course/Linux-Labs/212-public-private-keys-with-ssh
- What is the significance of the permission settings that you saw on the generated public and private key pairs?
Digging Deeper challenge (not required for finishing lab)
-
Complete the following labs and see if they reinforce any of your understanding of certificates with the use of Kubernetes.
-
Read the rest of https://spiffe.io/pdf/Solving-the-bottom-turtle-SPIFFE-SPIRE-Book.pdf
- How does that align with your understanding of zero-trust? if you haven't read about zero-trust, start here:
- https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf
Info
Be sure to reboot the lab machine from the command line when you are done.