Last active
August 28, 2016 01:49
-
-
Save cuibonobo/c4d6e7d478bbfe2599e4424d7105a155 to your computer and use it in GitHub Desktop.
The bare-minimum that needs to be run when you first switch on a CentOS 7 VPS.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Update the system | |
| yum update -y | |
| # Add a non-root user | |
| adduser jen | |
| passwd jen | |
| gpasswd -a jen wheel | |
| # Edit the SSH daemon configuration to change the SSH port, disable root logins, and disable password logins | |
| # | |
| # Port 57000 | |
| # PermitRootLogin no | |
| # PasswordAuthentication no | |
| vi /etc/ssh/sshd_config | |
| systemctl reload sshd | |
| # Get access to the `semanage` command to change the SSH port | |
| yum install -y policycoreutils-python | |
| # Make sure the firewall is installed and running | |
| systemctl start firewalld | |
| systemctl enable firewalld | |
| # Change the port in `semanage` and in your firewall | |
| semanage port -a -t ssh_port_t -p tcp 57000 | |
| firewall-cmd --permanent --remove-service=ssh | |
| firewall-cmd --permanent --add-port=23000/tcp | |
| # Go ahead and add some other services you'll need to the firewall | |
| firewall-cmd --permanent --add-service=http | |
| firewall-cmd --permanent --add-service=https | |
| # Enable these firewall changes | |
| firewall-cmd --reload | |
| # Set the timezone and install the NTP service | |
| timedatectl set-timezone America/New_York | |
| yum install -y ntp | |
| systemctl start ntpd | |
| systemctl enable ntpd |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment