CentOS 8/FineTune: verschil tussen versies
Uit WaaaghPedia
< CentOS 8
Geen bewerkingssamenvatting |
Geen bewerkingssamenvatting |
||
| (4 tussenliggende versies door dezelfde gebruiker niet weergegeven) | |||
| Regel 1: | Regel 1: | ||
https://plusbryan.com/my-first-5-minutes-on-a-server-or-essential-security-for-linux-servers | https://plusbryan.com/my-first-5-minutes-on-a-server-or-essential-security-for-linux-servers | ||
| Regel 6: | Regel 4: | ||
{{:SSH_Keys}} | {{:SSH_Keys}} | ||
[https://www.waaagh.nl/CentOS_8_Maak_nieuwe_SUDO_User Maak nieuwe gebruiker en voeg deze in de sudoers groep] en voeg je keys ook toe aan deze gebruiker. (herhaal bovenstaande stap) | |||
'''Update CentOS''' | '''Update CentOS''' | ||
| Regel 14: | Regel 14: | ||
<pre> | <pre> | ||
yum install -y epel-release | sudo yum install -y epel-release | ||
yum install -y yum-utils | sudo yum install -y yum-utils | ||
yum install -y screen | sudo yum install -y screen | ||
yum install -y gcc | sudo yum install -y gcc | ||
yum install -y git | sudo yum install -y git | ||
yum install -y tar | sudo yum install -y tar | ||
yum install -y unzip | sudo yum install -y unzip | ||
yum install -y curl | sudo yum install -y curl | ||
yum install -y NetworkManager-tui | sudo yum install -y NetworkManager-tui | ||
yum install -y net-tools | sudo yum install -y net-tools | ||
yum install -y wget | sudo yum install -y wget | ||
yum install -y nano | sudo yum install -y nano | ||
yum install -y htop | sudo yum install -y htop | ||
echo 'alias vi="nano"' >> ~/.bashrc | echo 'alias vi="nano"' >> ~/.bashrc | ||
echo 'alias ll="ls -ls"' >> ~/.bashrc | echo 'alias ll="ls -ls"' >> ~/.bashrc | ||
| Regel 37: | Regel 37: | ||
'''SELinux Uitschakelen''' | '''SELinux Uitschakelen''' | ||
<pre>sed -i /etc/selinux/config -r -e 's/^SELINUX=.*/SELINUX=disabled/g'</pre> | <pre>sudo sed -i /etc/selinux/config -r -e 's/^SELINUX=.*/SELINUX=disabled/g'</pre> | ||
[[Category:CentOS]] | [[Category:CentOS 8]] | ||
Huidige versie van 29 jul 2021 om 14:01
https://plusbryan.com/my-first-5-minutes-on-a-server-or-essential-security-for-linux-servers
Importeer SSH Sleutels
mkdir ~/.ssh touch ~/.ssh/authorized_keys chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDqOq7WMtPomV0qavAriuZzptMYrsTe4Dd19EfJkMqtZ7dEPVeeNqCA5Ytk892Gg7iKAVZWBrqIJmrJBPaf20mIA7A61SIEf4URaq9BbVDHQiFLewbSDLiZ3b/CfRWKCBXWwVC+wMtVEGzh8nbqJWY05BLfya2B+bPIV30TcTf6vKVhiKRLad/TEPJQml355dqFw1r1sPD/1TzgcGE8Unz8wVm7AiK+VmHNKOueSNMGOmDuOJwJqn6PdEtr+QtrjlG0Uw5RXqWc6R4YrhCXweR+XL2jKHT61ymc69luwxfn5n3He8b/k6ZIP3d1NySobHJQ5fVYVh3EIRbRwnpZXf5YeJrFvRgiWCze99tKAc7NUU9N3Pcmpk7vs2nRutZzkd2ku5EZli1bp7g1PFu2gBH1VmYtRuU0Xh3mjSiav4qtje8i70IW2qRl8Bnpa+4DsL/IV7dppgI8kYBLQcoO2hw3wo1S4zr3IyWsbhb5BmirpzKwk5tri4XlMqYHtoj4kr/uSXPIUYTQ0OYtqQrZoWVCq6tiTq4HHECGoaowTOGCz2LgBAq3S7gp274yq/2TRZ4NKXrgS/ORwpVQkfXACEQbTrCFdFNR0hrQlHM/By8zI/keC2M0jIxHlMH4gFkP2tuGk/VRVlluQEyRG6dW6+lSWAGDlHkTB1eETrWi9JYGdw== RonaldvanHeugten.nl Public SSH Key' >> ~/.ssh/authorized_keys
Extra beveiliging
#sudo sed -i /etc/ssh/sshd_config -r -e 's/^PermitRootLogin.*/PermitRootLogin no/g' sudo sed -i /etc/ssh/sshd_config -r -e 's/^ChallengeResponseAuthentication.*/ChallengeResponseAuthentication no/g' sudo sed -i /etc/ssh/sshd_config -r -e 's/^PasswordAuthentication.*/PasswordAuthentication no/g' sudo sed -i /etc/ssh/sshd_config -r -e 's/^UsePAM.*/UsePAM no/g' sudo sed -i /etc/ssh/sshd_config -r -e 's/^MaxAuthTries.*/MaxAuthTries 6/g' sudo systemctl reload sshd
Maak nieuwe gebruiker en voeg deze in de sudoers groep en voeg je keys ook toe aan deze gebruiker. (herhaal bovenstaande stap)
Update CentOS
sudo yum clean all sudo yum check-update sudo yum update -y --disableplugin=fastestmirror
Auto Update
https://computingforgeeks.com/enable-automatic-software-updates-on-centos-rhel-8/
Install packages
sudo yum install -y epel-release sudo yum install -y yum-utils sudo yum install -y screen sudo yum install -y gcc sudo yum install -y git sudo yum install -y tar sudo yum install -y unzip sudo yum install -y curl sudo yum install -y NetworkManager-tui sudo yum install -y net-tools sudo yum install -y wget sudo yum install -y nano sudo yum install -y htop echo 'alias vi="nano"' >> ~/.bashrc echo 'alias ll="ls -ls"' >> ~/.bashrc echo 'export PS1="\[\033[38;5;11m\]\u\[$(tput sgr0)\]\[\033[38;5;15m\]@\h\[$(tput sgr0)\]\[\033[38;5;6m\][\w]:\[$(tput sgr0)\]\[\033[38;5;15m\] \[$(tput sgr0)\]"' >> ~/.bashrc
Draait u deze machine op en virtueel platform? Installeer dan de juiste Guest tools
SELinux Uitschakelen
sudo sed -i /etc/selinux/config -r -e 's/^SELINUX=.*/SELINUX=disabled/g'
