User Tools

Site Tools

Trace: tutorials_dotfiles_.procmailrc_slugmax
vps_-_centos

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
vps_-_centos [2021/04/02 08:28] – [Basics] hc9vps_-_centos [2021/04/02 18:14] (current) – [Software Management] hc9
Line 1: Line 1:
 +====== CentOS on SDF VPS ======
 +
 +//Updated for CentOS 7//
 +
 +
 +
 +===== Basics =====
 +
 +Logging into your VPS for the first time you will need to use the default username and password listed below.\\  Default Username: root\\  Default Password: rootroot
 +
 +One of the first things you will want to do is change the default root password by typing //passwd// at the prompt. Don't forget this password as there is currently no way to recover it.
 +
 +It is a good habit to create a regular user account for working, using su to obtain root privileges as needed. To create a regular user account:
 +
 +  useradd -Gwheel <username>
 +
 +This user will be able to perform administrative tasks by runing //su// to obtain superuser privileges using the root password. CentOS ships with sudo installed, so adding the new user to wheel group and editing /etc/sudoers with //visudo// to uncoment the following line:
 +
 +<file config /etc/sudoers>
 +## Allows people in group wheel to run all commands
 +%wheel  ALL=(ALL)       ALL
 +</file>
 +
 +===== Networking =====
 +
 +You will need to ssh into the vps control panel server that you were given in your welcome email which should have the format of //vps<number>.sdf.org//.
 +
 +Once logged into your control panel you will see a line at the top of the screen that details your chosen Operating System and IP Address.\\ //VPS Maintenance Shell for <os> (205.166.94.xxx)//\\  This information will be important for setting up your server to have network access.
 +
 +Start your server, and log in via the console. (default= root:rootroot)
 +
 +Open /etc/sysconfig/network-scripts/ifcfg-eth0 in an editor and add the following, replacing the 'xxx' with the last octet of your assigned IP address, add:
 +
 +<file config /etc/sysconfig/network-scripts/ifcfg-eth0>
 +DEVICE=eth0
 +BOOTPROTO=none
 +IPADDR=205.166.94.xxx
 +NETMASK=255.255.255.0
 +GATEWAY=205.166.94.1
 +DNS1=205.166.94.20
 +ONBOOT=yes
 +</file>
 +
 +Your MAC address could be in the eth0 script, but if you only have one network interface with only one IP assigned to it, this should be enough.
 +
 +Change the next line in /etc/sysconfig/network:
 +
 +<file config /etc/sysconfig/network>
 +HOSTNAME=my.host.name
 +</file>
 +
 +Change hostname (FQDN and alias) in /etc/hosts so it reads like this:
 +
 +<file config /etc/hosts>
 +127.0.0.1       localhost.localdomain localhost
 +::1             localhost6.localdomain6 localhost6
 +205.166.94.xxx my.host.name   my
 +</file>
 +
 +You should also run the following commands (or reboot your server) in order for the changes to take effect:
 +
 +  /bin/hostname
 +  /bin/systemctl restart rsyslog
 +  /bin/systemctl restart network
 +
 +===== Setting up SSH =====
 +
 +You may wish to add ssh access to your VPS. It is highly recommended that you disable root login via ssh and use a normal user account to login. In CentOS the OpenSSH service is installed and enabled by default.
 +
 +==== Disable root Login ====
 +
 +Edit /etc/ssh/sshd_config and uncomment the line:
 +
 +<file config /etc/ssh/sshd_config>
 +#PermitRootLogin yes
 +</file>
 +
 +To:
 +
 +<file config /etc/ssh/sshd_config>
 +PermitRootLogin no
 +</file>
 +
 +Also you can raise the security level in OpenSSH a little bit by allowing only to certain users ssh access to your vps (eg. the user you have created before)
 +
 +Add one line at the end of /etc/ssh/sshd_config like this:
 +
 +<file config /etc/ssh/sshd_config>
 +AllowUsers username anotheruser
 +</file>
 +
 +Now restart sshd by running/typing:
 +
 +  /bin/systemctl restart sshd
 +
 +You can now test ssh by running ssh user@localhost.
 +
 +===== Security =====
 +
 +In CentOS SELinux is enabled by default, SDF's CentOS VPS has SELinux configured to run in permissive mode, so it will log any security problem but won't enforce any policy. If you are not familiar with SELinux I suggest you to leave it this way, you can learn more about SLinux in CentOS in the [[:vps_-_centos#references|Deployment Guide]]
 +
 +CentOS 7 uses firewalld, you can learn more about configuring firewalld [[https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-firewalld-on-centos-7|here]].
 +
 +===== Software Management =====
 +
 +Yellow Dog Updater Modified (yum) is the default package manager used in CentOS ( all versions ). It is used to install and update packages from CentOS (and 3rd party) Repositories.
 +
 +You can configure this repositoires in /etc/yum.repos.d, by default CentOS Base and CentOS Updates are enabled by default, SDF seems to be running [citation needed] default CentOS kernel, but to play safe I advise you to add the following line in /etc/yum.repos.d/CentOS-Base.repo once under sections //[base]// and //[updates]//:
 +
 +<file config /etc/yum.repos.d/CentOS-Base.repo>
 +exclude=kernel-PAE* kernel-debug* kernel-devel* kernel-doc* kernel-xen*
 +</file>
 +
 +CentOS is aimed to be 100% binary compatible with RHEL, so it is very enterprise oriented and the best advise is to stick with pre-built packages.
 +
 +==== Searching software ====
 +
 +If you wanted to look for GNU Screen, you can search yum database by running:
 +
 +  yum search screen
 +
 +yum will return a list of package names and descriptions matching the word used as parameter for //search//. CentOS has groups of packages available you can know what software groups are available for install as the software groups installed already.
 +
 +  yum grouplist
 +
 +This command will return installed and available for install software groups.
 +
 +Installed Groups in SDF VPS CentOS image:
 +
 +  * DNS Name Server
 +  * Dialup Networking Support
 +  * Editors
 +  * FTP Server
 +  * Legacy Network Server
 +  * Mail Server
 +  * MySQL Database
 +  * Network Servers
 +  * News Server
 +  * Server Configuration Tools
 +  * System Tools
 +  * Text-based Internet
 +  * Web Server
 +  * Windows File Server
 +  * Yum Utilities
 +
 +==== Installing software ====
 +
 +If you want to install GNU screen as in the example above, you must run the following:
 +
 +  yum install screen
 +
 +If you wish to install the development toolchain you can do it by running this command:
 +
 +  yum groupinstall "Development Tools"
 +
 +Be aware that this can be a lot of stuff and you may run out of space in hard drive, so start by removing unused software groups (e.g., yum groupremove "Windows File Server") and then move to install desired/needed software groups or standalone packages.
 +
 +==== 3rd party repos ====
 +
 +Most needs could do it well with repositoires shiped by default CentOS, but there are other options like the CentOS Plus repository, shiped but disabled by default, since this repo contains items that actually upgrade certain base CentOS components. This repo will change CentOS so that it is not exactly like the upstream provider's content. Popular packages from this repository include: postfix with database support, a rebuilt kernel with additional drivers & filesystem support, php5 and mysql5.
 +
 +contrib is also a disabled default in CentOS. This repository contains packages contributed by CentOS users which do not overlap with any of the core distribution packages. These packages have not been tested by the CentOS developers and may not track the upstream version releases very closely.
 +
 +To enable repositories temporarily, append <nowiki>--</nowiki>enablerepo=reponame before the command for yum, such as:
 +
 +  yum --enablerepo=centosplus --enablerepo=contrib search postfix
 +
 +Other popular repos are RPMForge, this repository provides over 4000 packages for CentOS. Read the instructions on [[http://wiki.centos.org/AdditionalResources/Repositories/RPMForge|Installing RPMForge]]. This repository is considered by many in the community to be stable and safe.
 +
 +EPEL, this repository (See http://fedoraproject.org/wiki/EPEL) provides rebuilds of Fedora packages for RedHat Enterprise Linux.
 +
 +===== Updating the System =====
 +
 +To update your system, run the following command:
 +
 +  * yum update
 +
 +===== References =====
 +
 +  * [[http://www.centos.org/docs/5/html/5.2/Deployment_Guide/| Deployment Guide]]
 +  * [[http://wiki.centos.org/|CentOS Wiki]]
 +
 +----
 + $Id: VPS_Centos.html,v 1.10 2017/01/04 17:30:19 kickback Exp $ [[http://sdf.org/?tutorials/VPS_Centos|CentOS on SDF VPS]] - traditional link (using [[wp>Revision_Control_System|RCS]])