CentOS 8/FineTune: verschil tussen versies
Uit WaaaghPedia
< CentOS 8
Geen bewerkingssamenvatting |
Geen bewerkingssamenvatting |
||
Regel 1: | Regel 1: | ||
https://plusbryan.com/my-first-5-minutes-on-a-server-or-essential-security-for-linux-servers | https://plusbryan.com/my-first-5-minutes-on-a-server-or-essential-security-for-linux-servers | ||
Regel 6: | Regel 4: | ||
{{:SSH_Keys}} | {{:SSH_Keys}} | ||
[https://www.waaagh.nl/CentOS_8_Maak_nieuwe_SUDO_User Maak nieuwe gebruiker en voeg deze in de sudoers groep] en voeg je keys ook toe aan deze gebruiker. (herhaal bovenstaande stap) | |||
'''Update CentOS''' | '''Update CentOS''' |
Versie van 16 mrt 2020 16:35
https://plusbryan.com/my-first-5-minutes-on-a-server-or-essential-security-for-linux-servers
Importeer SSH Sleutels
mkdir ~/.ssh touch ~/.ssh/authorized_keys chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDqOq7WMtPomV0qavAriuZzptMYrsTe4Dd19EfJkMqtZ7dEPVeeNqCA5Ytk892Gg7iKAVZWBrqIJmrJBPaf20mIA7A61SIEf4URaq9BbVDHQiFLewbSDLiZ3b/CfRWKCBXWwVC+wMtVEGzh8nbqJWY05BLfya2B+bPIV30TcTf6vKVhiKRLad/TEPJQml355dqFw1r1sPD/1TzgcGE8Unz8wVm7AiK+VmHNKOueSNMGOmDuOJwJqn6PdEtr+QtrjlG0Uw5RXqWc6R4YrhCXweR+XL2jKHT61ymc69luwxfn5n3He8b/k6ZIP3d1NySobHJQ5fVYVh3EIRbRwnpZXf5YeJrFvRgiWCze99tKAc7NUU9N3Pcmpk7vs2nRutZzkd2ku5EZli1bp7g1PFu2gBH1VmYtRuU0Xh3mjSiav4qtje8i70IW2qRl8Bnpa+4DsL/IV7dppgI8kYBLQcoO2hw3wo1S4zr3IyWsbhb5BmirpzKwk5tri4XlMqYHtoj4kr/uSXPIUYTQ0OYtqQrZoWVCq6tiTq4HHECGoaowTOGCz2LgBAq3S7gp274yq/2TRZ4NKXrgS/ORwpVQkfXACEQbTrCFdFNR0hrQlHM/By8zI/keC2M0jIxHlMH4gFkP2tuGk/VRVlluQEyRG6dW6+lSWAGDlHkTB1eETrWi9JYGdw== RonaldvanHeugten.nl Public SSH Key' >> ~/.ssh/authorized_keys
Extra beveiliging
#sudo sed -i /etc/ssh/sshd_config -r -e 's/^PermitRootLogin.*/PermitRootLogin no/g' sudo sed -i /etc/ssh/sshd_config -r -e 's/^ChallengeResponseAuthentication.*/ChallengeResponseAuthentication no/g' sudo sed -i /etc/ssh/sshd_config -r -e 's/^PasswordAuthentication.*/PasswordAuthentication no/g' sudo sed -i /etc/ssh/sshd_config -r -e 's/^UsePAM.*/UsePAM no/g' sudo sed -i /etc/ssh/sshd_config -r -e 's/^MaxAuthTries.*/MaxAuthTries 6/g' sudo systemctl reload sshd
Maak nieuwe gebruiker en voeg deze in de sudoers groep en voeg je keys ook toe aan deze gebruiker. (herhaal bovenstaande stap)
Update CentOS
sudo yum clean all sudo yum check-update sudo yum update -y --disableplugin=fastestmirror
Auto Update
https://computingforgeeks.com/enable-automatic-software-updates-on-centos-rhel-8/
Install packages
yum install -y epel-release yum install -y yum-utils yum install -y screen yum install -y gcc yum install -y git yum install -y tar yum install -y unzip yum install -y curl yum install -y NetworkManager-tui yum install -y net-tools yum install -y wget yum install -y nano yum install -y htop echo 'alias vi="nano"' >> ~/.bashrc echo 'alias ll="ls -ls"' >> ~/.bashrc echo 'export PS1="\[\033[38;5;11m\]\u\[$(tput sgr0)\]\[\033[38;5;15m\]@\h\[$(tput sgr0)\]\[\033[38;5;6m\][\w]:\[$(tput sgr0)\]\[\033[38;5;15m\] \[$(tput sgr0)\]"' >> ~/.bashrc
Draait u deze machine op en virtueel platform? Installeer dan de juiste Guest tools
SELinux Uitschakelen
sed -i /etc/selinux/config -r -e 's/^SELINUX=.*/SELINUX=disabled/g'