IT Fundamentals Handbook

Hypervisors

Proxmox

Video Tutorial

Virtual Machines

1. Visit https://www.proxmox.com/en/ to go to the downloads page and download the "Virtual Environment" ISO.
2. Next you need a boot loader to properly load the ISO onto a flash drive. I prefer Rufus: https://rufus.ie/en/.
3. Connect your USB drive to your computer and launch Rufus.
4. Select flash drive device and ISO image and start.

Rufus 49.2256 Interface

5. Once image is finished:
   • Plug ethernet into soon to be Hypervisor Machine.
   • Attach flasher drive into Hypervisor Machine.
   • Boot to bios/uefi and change boot option #1 to the flash drive and reboot.

6. Follow through with installation:
   • Host name and static IP are of important note[cite: 478].
7. Once installation finishes. Set machine to the side. You can now log in using the web UI[cite: 479].
8. Log into web server by typing in URL https://(static IP):8006[cite: 480].
9. Login and select PVE and then Shell[cite: 481].

# I like to install tailscale on the host that way I can remote/connect to into the machine outside of the network[cite: 482].

# This installs the latest version for your OS automatically[cite: 485].

10. Start Tailscale service:
    sudo tailscale up

    # You will see an authentication URL[cite: 488]:

    "To authenticate, visit: https://login.tailscale.com/a/xxxxxx" [cite: 489]
11. Copy the URL from SSH output and open it on your local browser[cite: 490].
12. Log in with your preferred identity provider (Google, GitHub, Microsoft, etc.)[cite: 491].
    • Once authenticated, the machine will appear in your Tailscale admin dashboard[cite: 492].

Check Tailscale status:

11. On the left hand side select local(PVE)[cite: 495].
12. Here ISO images can be uploaded and container images can be uploaded and downloaded[cite: 496].

Core Services

Tailscale

1. Connect to your remote server via SSH:
   ssh user@your_server_ip
2. Ensure you have sudo privileges on the target machine.

Install Tailscale

3. Update package list (Debian/Ubuntu):
   sudo apt update && sudo apt install -y curl
4. Download & install Tailscale:
   curl -fsSL https://tailscale.com/install.sh | sh

   # This installs the latest version for your OS automatically.

Authenticate Server

5. Start Tailscale service:
   sudo tailscale up
6. You will see an authentication URL in the terminal: # "To authenticate, visit: https://login.tailscale.com/a/xxxxxx"
7. Copy the URL from the SSH output and open it in your local browser.
8. Log in with your preferred identity provider (Google, GitHub, Microsoft, etc.).
   • Once authenticated, the machine will appear in your Tailscale admin dashboard.

SSH

Install OpenSSH Server:

Verify it is running:

Allow through the Firewall:

Key-Based Authentication

Windows Tutorial

Windows

On your machine in command line:

Note file save path location!

If you want login username & password enter it:

If not just enter enter enter…

On host machine:

Paste contents of .pub file into nano authorized_keys

Set password authentication to “no”

• Delete the # in its front

Mac

On your machine in command line:

Or

Note file save path location!

If you want login username & password enter it:

If not just enter enter enter…

On host machine:

Paste contents of .pub file into nano authorized_keys

Set password authentication to “no”

• Delete the # in its front

Docker

https://docs.docker.com/engine/install

# Add Docker's official GPG key:

# Add the repository to Apt sources:

2. Install the Docker packages

To install the latest version, run:

3. Verify that the Docker Engine installation is successful by running the hello-world image.

This command downloads a test image and runs it in a container. When the container runs, it prints a confirmation message and exits.

Docker Compose

https://docs.docker.com/compose/install/

CURL

Htop

Depending on your Linux distribution, use the corresponding command below:

For Ubuntu, Debian, Linux Mint, or Kali:

For CentOS, RHEL, or Rocky Linux:

# First, enable the EPEL repository

# Then install htop

For Fedora:

For Arch Linux:

How to use htop

Once installed, simply type htop in your terminal to launch it. [cite: 1716]

Quick Cheat Sheet for htop

Once the interface is open, you can use these keyboard shortcuts to navigate: [cite: 1718]

• F2 (Setup): Customize the colors, meters, and columns. [cite: 1719]
• F3 (Search): Find a specific process by name. [cite: 1720]
• F4 (Filter): Hide everything except processes matching your keyword. [cite: 1721]
• F5 (Tree): See the parent-child relationship between processes. [cite: 1722]
• F6 (Sort): Choose to sort by CPU%, Memory%, PID, etc. [cite: 1723]
• F9 (Kill): Send a signal (like SIGKILL) to stop a process safely. [cite: 1724]
• F10 (Quit): Exit the program. [cite: 1725]

You can use your mouse inside htop to click on columns for sorting or to select specific processes. [cite: 1726]

Vim/Nano

Installation Steps

Most Linux distributions come with at least one of these pre-installed, but here is how to get them (or the full version of Vim) on your system: [cite: 1729]

For Ubuntu, Debian, or Raspberry Pi OS:

For CentOS, RHEL, or Rocky Linux:

For Arch Linux:

How to use them

Using Nano: [cite: 1738]

• To open a file: nano filename.txt [cite: 1739]
• Save: Press Ctrl + O then Enter. [cite: 1740]
• Exit: Press Ctrl + X. [cite: 1741]
• Search: Press Ctrl + W. [cite: 1742]

Using Vim: [cite: 1743]

• To open a file: vim filename.txt. Vim starts in Normal Mode. [cite: 1744]
• Type Text: Press i to enter Insert Mode. [cite: 1745]
• Stop Typing: Press Esc to return to Normal Mode. [cite: 1746]
• Save & Exit: In Normal Mode, type :wq and hit Enter. [cite: 1747]
• Exit without Saving: In Normal Mode, type :q! and hit Enter. [cite: 1748]

Net-tools

Installation Steps

For Ubuntu, Debian, Linux Mint, or Kali:

For CentOS, RHEL, Fedora, or Rocky Linux:

For Arch Linux:

What’s inside net-tools

Once installed, you’ll regain access to these specific commands:

Quick Examples

• Check your IP address: Simply type ifconfig. You’ll see your hardware address (MAC), your local IP (inet), and data packet statistics[cite: 1291].
• Check listening ports: sudo netstat -plnt. This shows which programs are listening on which ports (e.g., port 80 for HTTP)[cite: 1292].
• Check your default gateway: route -n[cite: 1293].

Note: While net-tools is great for muscle memory, it hasn't been actively developed in years. It’s a good idea to eventually get comfortable with the ip command[cite: 1294, 1295].

Samba

Step 1: Install Samba

First, ensure your system is up to date and install the Samba package[cite: 1298].

For Ubuntu/Debian:

For RHEL/CentOS/Fedora:

Step 2: Create the Shared Directory

You need a specific folder that you want to share. While you can put this anywhere, /samba/ is a common organized choice[cite: 1305, 1306].

Create the folder:

Set permissions: To allow everyone to read and write (adjust as needed for security)[cite: 1308]:

Step 3: Configure the Samba Share

Samba’s settings are stored in a single configuration file[cite: 1310].

Back up the original config:

Edit the file: sudo nano /etc/samba/smb.conf. Scroll to the very bottom and paste the following[cite: 1312, 1313]:

Step 4: Setup User Accounts (Optional but Recommended)

If you want a private share instead of a guest one, you must create a Samba password for your user[cite: 1323].

Step 5: Restart Samba & Update Firewall

For the changes to take effect, restart the services[cite: 1327, 1328].

If you have a firewall (UFW) enabled, allow Samba traffic[cite: 1330]:

Step 6: How to Access the Share [cite: 1332]

From Windows:

1. Open File Explorer[cite: 1334].
2. In the address bar, type: \\<YOUR_STATIC_IP>\PublicShare (e.g., \\192.168.38.120\PublicShare)[cite: 1335].
3. Press Enter[cite: 1336].

From Linux:

1. Open your file manager (Nautilus, Thunar, etc.)[cite: 1338].
2. Select "Other Locations" or "Connect to Server"[cite: 1339].
3. Enter: smb://192.168.38.120/PublicShare[cite: 1340].

Summary of smb.conf Parameters [cite: 1341]

Static IP

Linux

METHOD 1: UBUNTU NETPLAN

1. Find your interface name:
   ip -c a

   # Or in some cases:

   ip addr

   Look for names like eth0 or enp0s3[cite: 1349].

2. Note the IP route addresses:
   ip route
3. Locate and edit the config file:
   cd /etc/netplan ls sudo nano 50-cloud-init.yaml
4. Insert the configuration:

   “addresses:” will be the static IP. “via” will be the IP route[cite: 1356].

   
5. Apply changes:
   sudo netplan apply ip -c a

   # Verify the change with the last command.

METHOD 2: DEBIAN INTERFACES

1. Find interface and route:
   ip -c a
   ip r
2. Locate the config file:
   sudo nano /etc/network/interfaces
3. Apply configuration:
   
4. Restart service and verify:
   sudo systemctl restart networking.service ip -c a

Windows

1. Go to Control Panel.
2. Select Network and Internet.
3. Go to Network and Sharing Center.
4. Click on your active connection (e.g., Connections: Ethernet).
5. Select Properties.
6. Click on Internet Protocol Version 4 (TCP/IPv4) and select Properties.
7. Here a static IP, Subnet mask, and Default gateway can be manually set.

DNS

How to put an HTML website online

Useful Links:

• https://ap.www.namecheap.com
• https://mxtoolbox.com/DNSLookup.aspx

Part 1: Hosting Your Website for Free (GitHub Pages)

GitHub Pages is a free service that hosts your static files directly from a GitHub repository.

1. Create a GitHub Account: Go to github.com and sign up or log in[cite: 997].
2. Create a New Repository:
   • Click your profile icon (top right) > Your repositories > New[cite: 998].
   • Give it a name (e.g., my-website) and ensure it is set to Public[cite: 999].

3. Upload Your Files:
   • Click "uploading an existing file".
   • Drag and drop your index.html (and any CSS/Images) into the box.
   • Scroll down and click Commit changes.
4. Enable GitHub Pages:
   • Go to Settings (top tab) > Pages (left sidebar).
   • Under Build and deployment, ensure "Deploy from a branch" is selected and the branch is set to main.
   • Click Save. After a minute, you’ll see a link like: https://your-username.github.io/my-website/.

Part 2: Using a Custom Domain (Namecheap)

If you want a professional address (like www.yourname.com), you need to point your domain to GitHub’s servers.

1. Buy a Domain: Purchase one from Namecheap.
2. Configure GitHub:
   • In your GitHub Repo Settings > Pages, scroll to Custom domain.
   • Type your domain (e.g., yourname.com) and click Save.
3. Configure Namecheap (DNS Records):
   • Log in to Namecheap > Domain List > Manage > Advanced DNS.
   • Add four A Records pointing to GitHub’s IP addresses:
     • 185.199.108.153
     • 185.199.109.153
     • 185.199.110.153
     • 185.199.111.153
   • Add a CNAME Record:
     • Host: www
     • Value: your-username.github.io
     • Link Domain in GitHub:
     • Return to your GitHub repository Settings > Pages
     • Under Custom domain, type your new domain (e.g., example.com) and click Save
     4. Link Domain in GitHub:
        • Return to your GitHub repository Settings > Pages.
        • Under Custom domain, type your new domain (e.g., example.com) and click Save.
     5. Enable Security (HTTPS):
        • Once the domain is verified, check the Enforce HTTPS box. This ensures your site has the "lock" icon in the browser for security.
     17

Windows Server

Section 1: Initial Server Setup & Role Installation

Before beginning, ensure your server has a static IP address configured (e.g., 192.168.49.5)[cite: 73].

1. Open Server Manager: Click Manage > Add Roles and Features[cite: 74].
2. Select Installation Type: Choose Role-based or feature-based installation and select your server[cite: 75].
3. Select Server Roles: Check the boxes for:
   • Active Directory Domain Services (AD DS)[cite: 76].
   • DHCP Server[cite: 76].
   • DNS Server[cite: 76].
   • Note: Click "Add Features" whenever prompted for management tools[cite: 77].
4. Install: Follow the prompts and click Install[cite: 77].
5. Promote to Domain Controller: Once installed, click the notification flag and select Promote this server to a domain controller[cite: 78].
6. Deployment: Select Add a new forest and enter your Root domain name (e.g., mylab.local)[cite: 79].
7. Configuration: Set a Directory Services Restore Mode (DSRM) password and complete the wizard[cite: 80].
8. The server will automatically reboot after installation.

Section 2: DNS - Configuring Lookup Zones

Active Directory creates Forward Lookup Zones automatically, but you must manually configure the Reverse Lookup Zone.

Configuring Reverse Lookup Zones:

9. Open DNS Manager: Go to Tools > DNS[cite: 82].
10. Create New Zone: Right-click Reverse Lookup Zones > New Zone[cite: 83].
11. Select Primary Zone and check "Store the zone in Active Directory"[cite: 84].
12. Replication Scope: Select "To all DNS servers running on domain controllers in this domain"[cite: 85].
13. Select IPv4 Reverse Lookup Zone[cite: 86].
14. Network ID: Enter the first three octets of your network (e.g., 192.168.49)[cite: 86].
15. Dynamic Updates: Choose Allow only secure dynamic updates[cite: 87].
16. Add Pointer (PTR) Record:
    • Right-click your new zone > New Pointer (PTR)[cite: 87].
    • Browse to find your Host (A) record in the Forward Lookup Zone to map the IP to the Hostname[cite: 88].
17. Final DNS Tweak: In your Ethernet adapter settings, change the Preferred DNS server from 127.0.0.1 to the server's actual static IP (192.168.49.5)[cite: 89].

Section 3: DHCP - Post-Install & Scope Configuration

18. Post-Deployment: Click the notification flag in Server Manager and select Complete DHCP configuration[cite: 90].
    • This creates security groups and authorizes the server in Active Directory[cite: 91].
19. Open DHCP Manager: Go to Tools > DHCP[cite: 92].
20. Create New Scope: Right-click IPv4 > New Scope[cite: 92].
21. Name: Provide a name (e.g., Scope1)[cite: 93].
22. IP Range: Enter Start (e.g., .20) and End (e.g., .250) addresses[cite: 93].
23. Lease Duration: Set to desired time (e.g., 8 hours)[cite: 94].
24. Configure DHCP Options:
    • Router (Default Gateway): Add your gateway IP (e.g., 192.168.49.1)[cite: 95].
    • DNS Server: Ensure your Domain Controller IP is listed[cite: 96].
25. Activate: Select Yes, I want to activate this scope now[cite: 97].

Section 4: Joining a Client to the Domain

26. Client Network Check: On a Windows 10 PC, ensure the adapter is set to "Obtain IP address automatically"[cite: 98].
27. Run ipconfig /all to verify it received an IP from the new DHCP server[cite: 99].
28. Join Domain:
    • Go to Settings > System > About > Join a domain[cite: 100].
    • Enter the domain name (mylab.local) and provide Domain Administrator credentials[cite: 101].
    • Restart the client computer[cite: 101].
29. Verify: In Server Manager, go to Active Directory Users and Computers > Computers to see the newly joined client listed[cite: 102].