Tag Archives: Linux

Running CentOS 8 with Oracle VirtualBox

Recently it was necessary for me to prepare couple of VMs with CentOS Linux 8 to do some labs/practice, and in this blog post I just want to share my notes about the process/steps involved into creating CentOS 8 VM using Virtual Box.

My base OS is Ubuntu 20.04, so I first needed grab DEB package with the latest version of Oracle Virtual Box from official downloads page. I then grabbed full x86-64 ISO file of CentOS Linux 8 (CentOS-Stream-8-x86_64-20210427-dvd1.iso) from CentOS downloads page to avoid any potential need for extra downloads during installation process.

After installing DEB package I quickly created new VM using the following options:

Creating VirtualBox VM – Name and OS
Creating VirtualBox VM – Memory Size
Creating VirtualBox VM – Hard disk
Creating VirtualBox VM – Hard disk file type
Creating VirtualBox VM – Storage on physical hard disk
Creating VirtualBox VM – File location and size

After creating VM I’ve started mounting CentOS iso file and selecting Install CentOS Linux 8

Starting CentOS 8 installation process

For my purposes it was OK to accept defaults for almost everything. English US for language settings:

CentOS 8 installation – language settings

I only changed installation type from default Server with GUI to Minimal Install and further assigned Root Password and configured Installation Destination with default options:

CentOS 8 installation – Installation Summary

Setting up weak root password (which is OK for test box) requires you to click Done twice:

CentOS 8 installation – Root Password

And for disk option it is OK to just accept defaults:

CentOS 8 installation – Installation Destination

With all settings in place we just hit begin Installation and wait/taking a coffee break 🙂

CentOS 8 installation – Installation Summary

It is now only a question of observing installation progress for some time and hitting Reboot System bottom at the very end of the process:

CentOS 8 installation – Installation Progress
CentOS 8 installation – Installation Completed

Once installation is over and system is rebooted we need to logon and install updates/make sure we have Internet connection, but if we run yum check-update immediately after logon we will see that VM has no internet access:

yum check-update – no connectivity

As you can see from the output we cannot connect/resolve host name to check for updates, so let’s check network status with nmcli general command:

Network connection status (nmcli general)

As you can see interfaces are enabled but we have no connectivity, basically it is because VM didn’t receive IP configuration from DHCHP and running dhclient -v command should resolve that (v flag only indicates that we need detailed output from this command):

Checking connection status after running dhclient -v

After that we can re-run nmcli general – state should change to connected and yum check-update or yum update commands should work just fine:

Running yum with working connection

But what I noticed is that after every reboot of VM network connection was again getting back to disconnected state, although yum check-update / yum update commands were not reporting connectivity errors, checking with nmcli general or with curl -I https://mikerodionov.com was showing that I can’t connect and dchclient command was helping only until next reboot. I checked network-scripts folder and interface configuration file did had BOOTPROTO=dhcp option which supposed to be responsible for use of DHCP at boot stage, but ONBOOT setting was set to no – changing it to yes made connectivity available immediately after reboot.

To edit these settings you can use vi as shown below:

Using vi to edit network configuration scripts
Configuration with ONBOOT option changed to yes

After that the only basic thing you may want to do is to adjust/verify hostname of VM which you can do with hostamectl command as shown below:

Changing and viewing hostname

With that we have CentOS 8 VM with internet connectivity and updates and at it is good idea to create baseline snapshot of VM at this stage. I guess these notes may come in handy to somebody else, especially final part on network configuration.

XRDP service error: Cannot read private key file

Recently it was necessary for me to enable XRDP service on Ubuntu 20.04 VM, so I followed the steps outlined in one of my old posts and get it working quickly. Unfortunately I run into some new issue with not being able to reset or shutdown Hyper-V VM for some reason, which I ignored for now, but after couple of power offs I realized that I cannot connect via XRDP until I open session locally. I then decided to check on the service status with sudo systemctl status xrdp command and got the output shown below:

XRDP Cannot read private key

Full error message says: [ERROR] Cannot read private key file /etc/xrdp/key.pem and I’m pretty sure that it didn’t show up when I used the same status command after initial configuration, though people tend to forget and miss things 🙂

Anyhow to clear up this the following command has to be executed:

sudo adduser xrdp ssl-cert

Abovementioned error occurs when the default user for XRDP’s service lacks access to the directory to which /etc/xrdp links, and with the command above you allow the user xrdp access through ssl-cert group membership. I hope that this information may come in handy to some one else 🙂

Unable to connect over SSH to EC2 instance from Linux

Common issue which occurs when trying to connect to AWS EC2 instances from Linux machines is the following error:

WARNING: UNPROTECTED PRIVATE KEY PAIR

As you can see on the screenshot octal representation of pem file permissions is 0644 and it means that everyone has read-only access to the file while security best practice requires to limit access to private key files more strictly. This 0644 permission translates into RW for Owner, R for Group, and R for other/word (Everyone counterpart of Windows ACLs).

If you want to view file permissions in Linux shell you have 2 couple of commands for that ls -l %filename% and stat %filename% and the latter will show you octal permissions value as shown below:

Checking file permissions using ls -l and stat commands

Actually AWS EC2 console indicates recommended pem file permissions configuration and gives us a command to set them:

Command to ensue that your key is not publicly viewable

So just run this command and you will be able to connect (be sure running all the commands after switching directory to the one which contains your pem file and make sure that you use correct pem file name – AWS will give you command specific for EC2 instance and uses access key name based on selection you’ve made for specific EC2 instance).

Adjusting pem file permissions and connecting to EC2 instance over SSH

Although this is not a big problem and all the explanations/solutions are given to you by respective commands output and AWS console I just decided to jot this down in case someone will get stuck with this and switches to googling bypassing reading error messages and instructions 🙂