vps_-_centos
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
vps_-_centos [2021/04/02 08:39] – [Basics] hc9 | vps_-_centos [2021/04/02 18:12] – [Disable root Login] hc9 | ||
---|---|---|---|
Line 20: | Line 20: | ||
## Allows people in group wheel to run all commands | ## Allows people in group wheel to run all commands | ||
%wheel | %wheel | ||
- | < | + | </file> |
===== Networking ===== | ===== Networking ===== | ||
Line 46: | Line 46: | ||
Change the next line in / | Change the next line in / | ||
- | | + | <file config / |
+ | HOSTNAME=my.host.name | ||
+ | </ | ||
Change hostname (FQDN and alias) in /etc/hosts so it reads like this: | Change hostname (FQDN and alias) in /etc/hosts so it reads like this: | ||
Line 70: | Line 72: | ||
Edit / | Edit / | ||
- | # | + | <file config / |
+ | # | ||
+ | </ | ||
To: | To: | ||
- | PermitRootLogin no | + | <file config / |
+ | PermitRootLogin no | ||
+ | </ | ||
Also you can raise the security level in OpenSSH a little bit by allowing only to certain users ssh access to your vps (eg. the user you have created before) | Also you can raise the security level in OpenSSH a little bit by allowing only to certain users ssh access to your vps (eg. the user you have created before) | ||
Line 80: | Line 86: | ||
Add one line at the end of / | Add one line at the end of / | ||
- | AllowUsers username anotheruser | + | <file config / |
+ | AllowUsers username anotheruser | ||
+ | </ | ||
Now restart sshd by running/ | Now restart sshd by running/ | ||
- | / | + | |
You can now test ssh by running ssh user@localhost. | You can now test ssh by running ssh user@localhost. | ||
Line 90: | Line 98: | ||
===== Security ===== | ===== Security ===== | ||
- | In CentOS SELinux is enabled by default, SDF's CentOS VPS has SELinux configured to run in permissive mode, so it will log any security problem but won't enforce any policy. If you are not familiar with SELinux I suggest you to leave it this way, you can learn more about SLinux in CentOS in the [[#reference|Deployment Guide]] | + | In CentOS SELinux is enabled by default, SDF's CentOS VPS has SELinux configured to run in permissive mode, so it will log any security problem but won't enforce any policy. If you are not familiar with SELinux I suggest you to leave it this way, you can learn more about SLinux in CentOS in the [[: |
CentOS 7 uses firewalld, you can learn more about configuring firewalld [[https:// | CentOS 7 uses firewalld, you can learn more about configuring firewalld [[https:// | ||
Line 100: | Line 108: | ||
You can configure this repositoires in / | You can configure this repositoires in / | ||
- | exclude=kernel-PAE* kernel-debug* kernel-devel* kernel-doc* kernel-xen* | + | |
CentOS is aimed to be 100% binary compatible with RHEL, so it is very enterprise oriented and the best advise is to stick with pre-built packages. | CentOS is aimed to be 100% binary compatible with RHEL, so it is very enterprise oriented and the best advise is to stick with pre-built packages. | ||
Line 108: | Line 116: | ||
If you wanted to look for GNU Screen, you can search yum database by running: | If you wanted to look for GNU Screen, you can search yum database by running: | ||
- | yum search screen | + | |
yum will return a list of package names and descriptions matching the word used as parameter for //search//. CentOS has groups of packages available you can know what software groups are available for install as the software groups installed already. | yum will return a list of package names and descriptions matching the word used as parameter for //search//. CentOS has groups of packages available you can know what software groups are available for install as the software groups installed already. | ||
- | yum grouplist | + | |
This command will return installed and available for install software groups. | This command will return installed and available for install software groups. | ||
Line 138: | Line 146: | ||
If you want to install GNU screen as in the example above, you must run the following: | If you want to install GNU screen as in the example above, you must run the following: | ||
- | yum install screen | + | |
If you wish to install the development toolchain you can do it by running this command: | If you wish to install the development toolchain you can do it by running this command: | ||
- | yum groupinstall " | + | |
Be aware that this can be a lot of stuff and you may run out of space in hard drive, so start by removing unused software groups (e.g., yum groupremove " | Be aware that this can be a lot of stuff and you may run out of space in hard drive, so start by removing unused software groups (e.g., yum groupremove " | ||
Line 148: | Line 156: | ||
==== 3rd party repos ==== | ==== 3rd party repos ==== | ||
- | Most needs could do it well with repositoires shiped by default CentOS, but there are other options like the CentOS Plus repository, shiped but disabled by default, since this repo contains items that actually upgrade certain base CentOS components. This repo will change CentOS so that it is not exactly like the upstream provider' | + | Most needs could do it well with repositoires shiped by default CentOS, but there are other options like the CentOS Plus repository, shiped but disabled by default, since this repo contains items that actually upgrade certain base CentOS components. This repo will change CentOS so that it is not exactly like the upstream provider' |
contrib is also a disabled default in CentOS. This repository contains packages contributed by CentOS users which do not overlap with any of the core distribution packages. These packages have not been tested by the CentOS developers and may not track the upstream version releases very closely. | contrib is also a disabled default in CentOS. This repository contains packages contributed by CentOS users which do not overlap with any of the core distribution packages. These packages have not been tested by the CentOS developers and may not track the upstream version releases very closely. | ||
- | To enable repositories temporarily, | + | To enable repositories temporarily, |
- | yum --enablerepo=centosplus --enablerepo=contrib search postfix | + | |
Other popular repos are RPMForge, this repository provides over 4000 packages for CentOS. Read the instructions on [[http:// | Other popular repos are RPMForge, this repository provides over 4000 packages for CentOS. Read the instructions on [[http:// | ||
Line 172: | Line 180: | ||
---- | ---- | ||
- | $Id: VPS_Centos.html, | + | $Id: VPS_Centos.html, |
vps_-_centos.txt · Last modified: 2021/04/02 18:14 by hc9