Unit 9 Lab – Certificates and Keys

Required Materials

- Putty or other connection tool
- Lab Server
- Root or sudo command access

LAB
These labs focus on Certificates and Keys in securing systems and systems communication.
Certificates to secure TLS for rsyslog communication

1. Complete the lab here: https://killercoda.com/het-tanis/course/Linux-Labs/211-setting-up-rsyslog-with-tls
2. When you finish the lab, review the following items.
    a. https://spiffe.io/pdf/Solving-the-bottom-turtle-SPIFFE-SPIRE-Book.pdf Pages 41-48
        i. Does the diagram on page 44 make sense to you for what you did with a
           certificate authority in this lab?

SSH – Public and Private key pairs

1. Complete the lab here: https://killercoda.com/het-tanis/course/Linux-Labs/212-public-private-keys-with-ssh
    a. What is the significance of they permission settings that you saw on the generated
       public and private key pairs?


Digging Deeper challenge (not required for finishing lab)

1. Complete the following labs and see if they reinforce any of your understanding of certificates with
   the use of Kubernetes.
    a. https://killercoda.com/killer-shell-cks/scenario/certificate-signing-requests-sign-manually
    b. https://killercoda.com/killer-shell-cks/scenario/certificate-signing-requests-sign-k8s
2. Read the rest of:
   https://spiffe.io/pdf/Solving-the-bottom-turtle-SPIFFE-SPIRE-Book.pdf 
    a. How does that align with your understanding of zero-trust? 
    b. If you haven’t read about zero-trust, start here: 
       https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf