Centos 7 Base Build
Here are some basic build notes for Centos 7
Get Latest Updates
yum update
Timezone
timedatectl set-timezone Europe/London
NTP
sudo yum install ntp
Next, you need to start the service for this session. We will also enable the service so that it is automatically started each time the server boots:
sudo systemctl start ntpd sudo systemctl enable ntpd
Swapfile
dd if=/dev/zero of=/mnt/swapfile bs=1M count=1024 mkswap /mnt/swapfile chmod 600 /mnt/swapfile sh -c 'echo "/mnt/swapfile none swap sw 0 0" >> /etc/fstab' swapon /mnt/swapfile free -m
Essentials
yum install epel-release yum install wget htop sysstat net-tools zip unzip mailx
SSH
/etc/ssh/sshd_config Add / Change SSH Port 2222 #Check Firewall port is added – Firewall maybe running by default firewall-cmd --zone=public --add-port=2222/tcp --permanent firewall-cmd --reload
Add SElinux check
semanage port -a -t ssh_port_t -p tcp 2222 service sshd restart
Enable SElinux
yum install policycoreutils-python vi /etc/selinux/config
Create user (with sudo)
adduser user usermod -aG wheel user passwd user
Enable SysStat
systemctl enable sysstat systemctl start sysstat
Using SSH Public Keys
vi /etc/ssh/sshd_config PermitRootLogin no PubkeyAuthentication yes AuthorizedKeyFile .ssh/authorized_keys PasswordAuthentication no ChallengeResponseAuthentication no systemctl restart sshd su - user mkdir .ssh chmod 700 .ssh cd .ssh touch authorized_keys chmod 600 authorized_keys