SUDO 1 2 3 sudo visudo # Or sudo vi /etc/sudoers 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 # User privilege specification root ALL=(ALL:ALL) ALL # Members of the admin group may gain root privileges %admin ALL=(ALL) ALL # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL # Allow Bob to run any command mark ALL=(ALL:ALL) ALL # Allow jake to run any command without sudo password jake ALL=(ALL) NOPASSWD:ALL # Allow Sarah to reboot the system sarah localhost=/usr/bin/shutdown -r now # See sudoers(5) for more information on "#include" directives: #includedir /etc/sudoers.

SSH with Username and Password 1 ssh <hostname OR IP Address> 1 ssh <user>@<hostname OR IP Address> SSH with Public and Private Key Generate Keys 1 ssh-keygen -t rsa Copy Public Key to the Server 1 ssh-copy-id mark@node01 Check the Copied Public Key on the Server 1 cat /home/mark/.ssh/authorized_keys Access the Server 1 ssh node01 Hardening SSH Service 1 vi /etc/ssh/sshd_config 1 2 3 4 ... PermitRootLogin no PasswordAuthentication no .

Rules Create Cluster in Private Network The Cluster(Private Network) is NOT ALLOWED public network. The Cluster(Private Network) can ACCESS VPN. The Cluster(Private Network) can ACCESS specific IP ranges. The Cluster(Private Network) can ACCESS who is needed. Server Account Types User Accounts User Accounts This is for normal user for ftp, ssh, etc. Superuser Account Superuser This is mean, typically root user. It’s UID = 0. System Accounts System This is for system programs.

Basic Secure Disable password based authentication Enable SSH key based authentication Without Authentication Certification Files Location Type File Server CRT /var/docker/server.pem Server Key /var/docker/serverkey.pem Daemon Configuration 1 cat /etc/docker/daemon.json 1 2 3 4 5 6 7 8 { "hosts": [ "tcp://192.168.1.10:2376" ], "tls": true, "tlscert": "/var/docker/server.pem", "tlskey": "/var/docker/serverkey.pem" } Client Docker CLI 1 docker --tls ps With Authentication Certification Files Location Type File Server CA /var/docker/cacert.pem Server CRT /var/docker/server.pem Server Key /var/docker/serverkey.

Check Service Status 1 systemctl start docker 1 systemctl status docker 1 systemctl stop docker 1 systemctl restart docker Start Manually 1 dockerd Start Manually With Debug 1 dockerd --debug Docker Using Unix Socket 1 /var/run/docker.sock Start Manually With Host 1 dockerd --debug --host=tcp:192.168.1.10:2375 Docker CLI Client Configuration 1 export DOCKER_HOST="tcp://192.168.1.10:2375" 1 docker ps TLS Encryption Port Description 2375 Un-encrypted 2376 Encrypted Docker Run With TLS 1 2 3 4 5 dockerd --debug \\ --host=tcp://192.

Verify Download Download from Releases 1 2 3 wget -O kubernetes.tar.gz https://github.com/kubernetes/kubernetes/archive/refs/tags/v1.21.2.tar.gz curl https://github.com/kubernetes/kubernetes/archive/refs/tags/v1.21.2.tar.gz -L -o kubernetes.tar.gz Generate SHA MacOS 1 shasum -a 512 kubernetes.tar.gz Linux 1 sha512sum kubernetes.tar.gz Compare with Released SHA512 Download In the Releases Notes, you can compare with SHA512.