wEEK 10
Networking and SSH
This week introduces how Linux handles network configuration, connectivity checks, and secure remote access through SSH. You’ll explore how to view network interfaces, inspect routes, analyze active sockets, query DNS, and manage SSH keys and configurations. These are essential skills for developers and administrators working with cloud environments, servers, and secure deployments.
N-E-T-S (Network → Explore → Trust → SSH)
N — Network
Linux provides powerful tools to inspect and manage network interfaces and routing. Every network interface (physical or virtual) has an IP address, link state, and connection role.
1. Viewing Network Interfaces
Command: ip -br addr
Example Output:
lo UNKNOWN 127.0.0.1/8
eth0@if8 UP 10.88.0.4/16
docker0 DOWN 172.17.0.1/16
Explanation:
This command displays all active network interfaces in a concise (brief) format.
| Term | Description |
|---|---|
| lo | Loopback interface used for local traffic on the host (127.0.0.1). |
| eth0 | Primary Ethernet interface connected to the external network. |
| docker0 | Virtual bridge created by Docker for container networking. |
| UP / DOWN | Indicates whether the interface is active or inactive. |
| @if8 | Interface index assigned by the kernel for internal reference. |
2. Viewing the Routing Table
Command: ip route
Example Output:
default via 10.88.0.1 dev eth0
10.88.0.0/16 dev eth0 proto kernel scope link src 10.88.0.4
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
Explanation:
This command shows how traffic moves between networks and which gateway or interface is responsible for routing it.
| Field | Meaning |
|---|---|
| default via | Defines the gateway used for all outbound traffic not matching other routes. |
| dev eth0 | The interface used for this route. |
| proto kernel | Route automatically added by the Linux kernel. |
| scope link | Indicates the route is local to that subnet. |
| src | The source IP address used when sending traffic through this route. |
3. Inspecting Active Connections
Command: ss -tuna | head
Example Output:
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
tcp ESTAB 0 0 127.0.0.1:3000 127.0.0.1:40572
tcp TIME-WAIT 0 0 10.88.0.4:58680 172.217.203.100:443
Explanation:
The ss command lists all active network sockets and their states, replacing the older netstat utility.
| Term | Description |
|---|---|
| Netid | Type of protocol (TCP, UDP, etc.). |
| State | Connection status (LISTEN, ESTAB, TIME-WAIT). |
| Recv-Q / Send-Q | Data queued for receiving or sending. |
| Local Address:Port | The IP and port on your machine. |
| Peer Address:Port | The remote IP and port of the other side of the connection. |
| Common TCP States | Explanation |
|---|---|
| LISTEN | Service waiting for incoming connections. |
| ESTAB | Established connection between two endpoints. |
| TIME-WAIT | Waiting to ensure connection closure is complete. |
E — Explore
Once you understand your network setup, the next step is exploring how Linux resolves names and connects to other systems.
1. Checking DNS Configuration
Command: cat /etc/resolv.conf | sed -n ‘1,20p’
Example Output:
This is /run/systemd/resolve/resolv.conf managed by systemd-resolved.
nameserver 169.254.169.254
search us-east1-b.c.internal google.internal
Explanation:
This file specifies which DNS servers the system uses to translate domain names into IP addresses.
| Field | Description |
|---|---|
| nameserver | IP address of the DNS resolver. |
| search | Default domains appended to unqualified hostnames. |
| systemd-resolved | A service managing DNS resolution dynamically in modern Linux systems. |
2. DNS Lookup with dig
Commands:
dig +short A example.com
dig +short AAAA example.com
Example Output:
A: 23.192.228.80
AAAA: 2600:1406:5e00:6::17ce:bc12
Explanation:
The dig command queries DNS servers directly for different types of records.
| Record Type | Description |
|---|---|
| A | Maps a domain name to its IPv4 address. |
| AAAA | Maps a domain name to its IPv6 address. |
| CNAME | Points one domain to another (canonical name). |
| MX | Mail exchange records for email servers. |
3. Host Database Lookup
Command: getent hosts example.com
Example Output:
2600:1406:5e00:6::17ce:bc12 example.com
2600:1408:ec00:36::1736:7f31 example.com
Explanation:getent checks system databases (DNS, /etc/hosts, LDAP) for hostname information.
It is a universal way to verify name resolution across different sources.
4. HTTP and Connectivity Testing
Commands:
curl -I https://example.com
curl -s https://example.com/ | head -n 20
Example Output:
HTTP/2 200
content-type: text/html
etag: “bc2473a18e003bdb249eba5ce893033f”
date: Sun, 19 Oct 2025 22:41:55 GMT
Explanation:curl tests HTTP or HTTPS connections, returning headers or page content.
| Header | Description |
|---|---|
| HTTP/2 200 | Successful HTTP response code. |
| content-type | Specifies file format (e.g., text/html). |
| etag | Unique version identifier used for caching. |
| date | Server response timestamp. |
| cache-control | Defines how long content can be cached. |
| Task | Nano | VIM | Professional Note |
|---|---|---|---|
| Open file | nano notes.txt | vim notes.txt | Use nano for short notes, vim for configs/code. |
| Save changes | Ctrl+O | :w | Both must write to disk explicitly. |
| Exit | Ctrl+X | :q, :wq, :q! | VIM’s flexibility makes it harder to quit, but safer against mistakes. |
T — Trust
Establishing trust is critical for secure networking. Linux verifies identities using certificates, host fingerprints, and cryptographic keys.
1. DNS and HTTPS Validation
Using curl -I https://example.com ensures that domain names resolve correctly and SSL/TLS certificates are valid.
A successful HTTP/2 200 response confirms both encryption and authentication between client and server.
| Term | Meaning |
|---|---|
| SSL/TLS | Secure Sockets Layer / Transport Layer Security; encrypts traffic. |
| Certificate | Digital proof of a site’s authenticity. |
| HTTPS | HTTP over TLS providing encrypted communication. |
2. SSH Host Verification
Command: ssh-keyscan -T 5 github.com | tee -a ~/.ssh/known_hosts
Example Output:
github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl
Explanation:
SSH uses host fingerprints to verify server identity and prevent tampering.
| Concept | Description |
|---|---|
| ssh-keyscan | Retrieves a host’s SSH public keys for verification. |
| known_hosts | File storing trusted server fingerprints. |
| Fingerprint | A unique hash representing a host’s key. |
| Man-in-the-middle attack | Intercepted connection impersonating a trusted host. |
Navigate the tree
S — SSH (Secure Shell)
SSH provides encrypted communication between client and server, allowing command execution and file transfer securely.
1. Viewing SSH Configuration
Command: less /etc/ssh/ssh_config
Example Output (Partial):
Host *
Port 22
StrictHostKeyChecking ask
IdentityFile ~/.ssh/id_ed25519
GSSAPIAuthentication yes
| Setting | Description |
|---|---|
| Port | Default SSH port (22). |
| StrictHostKeyChecking | Prompts before connecting to unknown hosts. |
| IdentityFile | Specifies default key file used for authentication. |
| GSSAPIAuthentication | Enables Kerberos-based enterprise authentication. |
2. Creating SSH Key Pairs
Command: ssh-keygen -t ed25519 -C “week10-demo” -f ~/.ssh/week10_demo -N “”
Example Output:
Generating public/private ed25519 key pair.
Your identification has been saved in /home/user/.ssh/week10_demo
Your public key has been saved in /home/user/.ssh/week10_demo.pub
| Option | Description |
|---|---|
| -t ed25519 | Specifies the algorithm type for the key. |
| -C | Adds a label or comment for identification. |
| -f | Defines the file location for saving the key. |
| -N | Sets the passphrase (empty string here). |
3. Managing the SSH Agent
Commands:
eval “$(ssh-agent -s)”
ssh-add ~/.ssh/week10_demo
Example Output:
Agent pid 1411
Identity added: /home/user/.ssh/week10_demo (week10-demo)
| Tool | Function |
|---|---|
| ssh-agent | Background program that holds decrypted private keys in memory. |
| ssh-add | Adds keys to the active agent session for use without re-entering passphrases. |
4. Inspecting SSH Capabilities
Command: ssh -Q key | head
Example Output:
ssh-ed25519
ecdsa-sha2-nistp256
rsa-sha2-512
Explanation:
Displays supported SSH key algorithms for your OpenSSH version.
| Algorithm | Description |
|---|---|
| Ed25519 | Modern, fast, and secure key algorithm (recommended). |
| ECDSA | Elliptic Curve Digital Signature Algorithm. |
| RSA | Legacy but widely supported encryption standard. |
5. Debugging and Connection Details
Command: ssh -o BatchMode=yes -vvv -G github.com | sed -n ‘1,40p’
Example Output (Partial):
OpenSSH_9.6p1 Ubuntu-3ubuntu13.14
debug1: Reading configuration data /etc/ssh/ssh_config
host github.com
user elena_reynova
port 22
pubkeyauthentication true
Explanation:
This command prints SSH configuration for a given host and displays verbose debugging logs.
| Option | Description |
|---|---|
| -vvv | Enables detailed debugging output. |
| -G | Prints final configuration after applying defaults and overrides. |
| BatchMode=yes | Disables password prompts (for automation). |
| File | Purpose |
|---|---|
| /etc/ssh/ssh_config | System-wide SSH client defaults. |
| /etc/ssh/sshd_config | SSH server configuration. |
| ~/.ssh/id_ed25519 | Private SSH key for authentication. |
| ~/.ssh/id_ed25519.pub | Public key shared with remote servers. |
| ~/.ssh/known_hosts | Trusted host fingerprints. |
| ~/.ssh/config | User-specific SSH client overrides. |
This concludes Lecture 10: Networking and SSH. Please return to Blackboard to access the Week 10 materials.