CentOS 8/FineTune
Uit WaaaghPedia
< CentOS 8
https://plusbryan.com/my-first-5-minutes-on-a-server-or-essential-security-for-linux-servers
Importeer SSH Sleutels
mkdir ~/.ssh touch ~/.ssh/authorized_keys chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDqOq7WMtPomV0qavAriuZzptMYrsTe4Dd19EfJkMqtZ7dEPVeeNqCA5Ytk892Gg7iKAVZWBrqIJmrJBPaf20mIA7A61SIEf4URaq9BbVDHQiFLewbSDLiZ3b/CfRWKCBXWwVC+wMtVEGzh8nbqJWY05BLfya2B+bPIV30TcTf6vKVhiKRLad/TEPJQml355dqFw1r1sPD/1TzgcGE8Unz8wVm7AiK+VmHNKOueSNMGOmDuOJwJqn6PdEtr+QtrjlG0Uw5RXqWc6R4YrhCXweR+XL2jKHT61ymc69luwxfn5n3He8b/k6ZIP3d1NySobHJQ5fVYVh3EIRbRwnpZXf5YeJrFvRgiWCze99tKAc7NUU9N3Pcmpk7vs2nRutZzkd2ku5EZli1bp7g1PFu2gBH1VmYtRuU0Xh3mjSiav4qtje8i70IW2qRl8Bnpa+4DsL/IV7dppgI8kYBLQcoO2hw3wo1S4zr3IyWsbhb5BmirpzKwk5tri4XlMqYHtoj4kr/uSXPIUYTQ0OYtqQrZoWVCq6tiTq4HHECGoaowTOGCz2LgBAq3S7gp274yq/2TRZ4NKXrgS/ORwpVQkfXACEQbTrCFdFNR0hrQlHM/By8zI/keC2M0jIxHlMH4gFkP2tuGk/VRVlluQEyRG6dW6+lSWAGDlHkTB1eETrWi9JYGdw== RonaldvanHeugten.nl Public SSH Key' >> ~/.ssh/authorized_keys
Extra beveiliging
#sudo sed -i /etc/ssh/sshd_config -r -e 's/^PermitRootLogin.*/PermitRootLogin no/g' sudo sed -i /etc/ssh/sshd_config -r -e 's/^ChallengeResponseAuthentication.*/ChallengeResponseAuthentication no/g' sudo sed -i /etc/ssh/sshd_config -r -e 's/^PasswordAuthentication.*/PasswordAuthentication no/g' sudo sed -i /etc/ssh/sshd_config -r -e 's/^UsePAM.*/UsePAM no/g' sudo sed -i /etc/ssh/sshd_config -r -e 's/^MaxAuthTries.*/MaxAuthTries 6/g' sudo systemctl reload sshd
Maak nieuwe gebruiker en voeg deze in de sudoers groep en voeg je keys ook toe aan deze gebruiker. (herhaal bovenstaande stap)
Update CentOS
sudo yum clean all sudo yum check-update sudo yum update -y --disableplugin=fastestmirror
Auto Update
https://computingforgeeks.com/enable-automatic-software-updates-on-centos-rhel-8/
Install packages
sudo yum install -y epel-release sudo yum install -y yum-utils sudo yum install -y screen sudo yum install -y gcc sudo yum install -y git sudo yum install -y tar sudo yum install -y unzip sudo yum install -y curl sudo yum install -y NetworkManager-tui sudo yum install -y net-tools sudo yum install -y wget sudo yum install -y nano sudo yum install -y htop echo 'alias vi="nano"' >> ~/.bashrc echo 'alias ll="ls -ls"' >> ~/.bashrc echo 'export PS1="\[\033[38;5;11m\]\u\[$(tput sgr0)\]\[\033[38;5;15m\]@\h\[$(tput sgr0)\]\[\033[38;5;6m\][\w]:\[$(tput sgr0)\]\[\033[38;5;15m\] \[$(tput sgr0)\]"' >> ~/.bashrc
Draait u deze machine op en virtueel platform? Installeer dan de juiste Guest tools
SELinux Uitschakelen
sudo sed -i /etc/selinux/config -r -e 's/^SELINUX=.*/SELINUX=disabled/g'