Can someone point me at a good guide for the initial set up of a linux server ala...
create a user and add them to the admin group. disable root logins apt-get update / clean / distro etc disabling ipv6 ntp. config ssh for rsa2 and pass phrase autoupdates
There are a bunch of chores that always need to be done when setting up a basic server lab/semi-prod environment.
I don't know what I don't know ... However I'm pretty sure I'm missing a few.
Some of the guides on the internet are just silly... i.e. So you are installing software on your Centos box. Step 1. Turn off file protections ... Step 2. Disable your firewall. Big Sigh!
Looking for basic on getting a box set up prior to deciding its a zabbix box or a dns server or ldap etc.
I have a few I am building ... A pxe server, a lamp server, ad server using samba 4, proxmox, freenas, probably a freenas server as smtp/ftp/ secondary ad server. Those are off the top of my head.
The question has nothing to do with what kind of server I am building. There are a set of tasks that need doing with a clean Linux Server install without regard to what kind of server I am building.
I always want to get my patches, turn on auto-updates, get ssh configured properly, hve ntp running and disable root logins and create an administrative user.
What else needs to be on a checklist to do so and can someone point me at a decent checklist/url.
Not what I mean I'm afraid. My Pfsense firewall provides most of what is in that list and it doesn't speak at all to initial steps in establishing a good working environment.
Installing Tripwire and getting md5 checksums on all your executable comes long after a decent backup strategy which also wasn't the question I asked. I will just keep building my scripts and create a base VM . Thank anyhoo.
If you're setting up servers on a regular basis you should be using a tool like Chef/Puppet/Ansible. That way you can ensure that nothing is missed. I personally use Foreman & Puppet for deploying and configuring to AWS and Libvirt. Once my server build is complete ssh is properly configured, my user is added, ssh public keys added and sudo correctly configured. More importantly nothing is missed