ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    nadnerB's CloudatCost Project Journal

    Scheduled Pinned Locked Moved IT Discussion
    cloudatcostcentos 7linux
    49 Posts 6 Posters 10.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ?
      A Former User
      last edited by A Former User

      Looks like the last one is stopping. You can also start it by systemctl start firewalld and enable it at system start with systemctl enable firewalld

      1 Reply Last reply Reply Quote 1
      • nadnerBN
        nadnerB
        last edited by

        Thanks šŸ™‚ that got it

        1 Reply Last reply Reply Quote 0
        • nadnerBN
          nadnerB
          last edited by

          Following the instructions kindly provided by @JaredBusch on installing Fail2Ban
          http://mangolassi.it/topic/4108/how-to-fail2ban-on-centos-7

          1 Reply Last reply Reply Quote 1
          • nadnerBN
            nadnerB
            last edited by

            Righto, so the firewall (enabled and on but no custom configs yet) and fail2ban are done.

            1 Reply Last reply Reply Quote 0
            • nadnerBN
              nadnerB
              last edited by

              So, today I'd like to set up SSH but I'll check on the fail2ban that I did yesterday.
              Ā 
              Logged in as my non-root user account
              fail2ban-client status sshd ... looks like it requires use of sudo to check
              Apparently my non-root account requires listing in a 'sudoers file'... righto.
              Ā 
              One goes the lab coat as I step into the research mode...

              1 Reply Last reply Reply Quote 0
              • nadnerBN
                nadnerB
                last edited by

                I think I'll do this by group permissions instead of individual permissions.
                New group created groupadd <group name>
                User added usermod <user> -G <groupname>
                Check members of the group grep ^<group name> /etc/group

                • success šŸ™‚
                1 Reply Last reply Reply Quote 0
                • nadnerBN
                  nadnerB
                  last edited by nadnerB

                  Righto, so it looks like the Sudoers file, that I need to edit, is read only.
                  However, I have found what looks like a good set of instructions here: https://www.digitalocean.com/community/tutorials/how-to-edit-the-sudoers-file-on-ubuntu-and-centos
                  EDIT: This initial setup guide has a slightly different (I think) way of doing it (step 4) https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-12-04

                  scottalanmillerS 1 Reply Last reply Reply Quote 0
                  • nadnerBN
                    nadnerB
                    last edited by nadnerB

                    Hmmm, perhaps editing the Sudoers file is not a good idea...
                    Should I edit the file and add my username or just use su?
                    Comments @JaredBusch, @thecreativeone91, @scottalanmiller or @thanksajdotcom ?
                    EDIT: I'll hold off on deploying this for now.

                    thanksajdotcomT ? 2 Replies Last reply Reply Quote 0
                    • thanksajdotcomT
                      thanksajdotcom @nadnerB
                      last edited by

                      @nadnerB said:

                      Hmmm, perhaps this is not a good idea...
                      Comments @JaredBusch, @thecreativeone91, @scottalanmiller or @thanksajdotcom ?
                      EDIT: I'll hold off on deploying this for now.

                      I log in as root directly to all my servers.

                      ? nadnerBN scottalanmillerS 3 Replies Last reply Reply Quote 0
                      • ?
                        A Former User @nadnerB
                        last edited by

                        @nadnerB said:

                        Hmmm, perhaps this is not a good idea...
                        Comments @JaredBusch, @thecreativeone91, @scottalanmiller or @thanksajdotcom ?
                        EDIT: I'll hold off on deploying this for now.

                        You don't edit the file You'd gpasswd -a nadnerb wheel where nadnerb is the username you wish to give sudo privileges too.

                        nadnerBN 1 Reply Last reply Reply Quote 1
                        • ?
                          A Former User @thanksajdotcom
                          last edited by

                          @thanksajdotcom said:

                          @nadnerB said:

                          Hmmm, perhaps this is not a good idea...
                          Comments @JaredBusch, @thecreativeone91, @scottalanmiller or @thanksajdotcom ?
                          EDIT: I'll hold off on deploying this for now.

                          I log in as root directly to all my servers.

                          I personally would disable root access over SSH after the initial setup.

                          nadnerBN 1 Reply Last reply Reply Quote 1
                          • nadnerBN
                            nadnerB @thanksajdotcom
                            last edited by

                            @thanksajdotcom said:

                            @nadnerB said:

                            Hmmm, perhaps this is not a good idea...
                            Comments @JaredBusch, @thecreativeone91, @scottalanmiller or @thanksajdotcom ?
                            EDIT: I'll hold off on deploying this for now.

                            I log in as root directly to all my servers.

                            Thanks for your input but I won't be doing this šŸ™‚

                            1 Reply Last reply Reply Quote 0
                            • nadnerBN
                              nadnerB @A Former User
                              last edited by

                              @thecreativeone91 said:

                              @nadnerB said:

                              Hmmm, perhaps this is not a good idea...
                              Comments @JaredBusch, @thecreativeone91, @scottalanmiller or @thanksajdotcom ?
                              EDIT: I'll hold off on deploying this for now.

                              You don't edit the file You'd gpasswd -a nadnerb wheel where nadnerb is the username you wish to give sudo privileges too.

                              Fantastic! Thanks! šŸ™‚

                              ? 1 Reply Last reply Reply Quote 0
                              • nadnerBN
                                nadnerB @A Former User
                                last edited by

                                @thecreativeone91 said:

                                @thanksajdotcom said:

                                @nadnerB said:

                                Hmmm, perhaps this is not a good idea...
                                Comments @JaredBusch, @thecreativeone91, @scottalanmiller or @thanksajdotcom ?
                                EDIT: I'll hold off on deploying this for now.

                                I log in as root directly to all my servers.

                                I personally would disable root access over SSH after the initial setup.

                                On the secret To-Do list

                                1 Reply Last reply Reply Quote 0
                                • ?
                                  A Former User @nadnerB
                                  last edited by

                                  @nadnerB said:

                                  @thecreativeone91 said:

                                  @nadnerB said:

                                  Hmmm, perhaps this is not a good idea...
                                  Comments @JaredBusch, @thecreativeone91, @scottalanmiller or @thanksajdotcom ?
                                  EDIT: I'll hold off on deploying this for now.

                                  You don't edit the file You'd gpasswd -a nadnerb wheel where nadnerb is the username you wish to give sudo privileges too.

                                  Fantastic! Thanks! šŸ™‚

                                  No Problem. It's just a group you add it to, as the group has sudo premissions (sudoers file) .

                                  1 Reply Last reply Reply Quote 1
                                  • scottalanmillerS
                                    scottalanmiller @thanksajdotcom
                                    last edited by

                                    @thanksajdotcom said:

                                    I log in as root directly to all my servers.

                                    Why?

                                    1 Reply Last reply Reply Quote 1
                                    • scottalanmillerS
                                      scottalanmiller @nadnerB
                                      last edited by

                                      @nadnerB said:

                                      Righto, so it looks like the Sudoers file, that I need to edit, is read only.

                                      Just means you have to tell the editor that you "mean it" when you save. In vi that means :w! instead of :w

                                      1 Reply Last reply Reply Quote 2
                                      • nadnerBN
                                        nadnerB
                                        last edited by

                                        Righto, I've blocked root access via SSH and renamed the server to something more useful (for ron... later on)

                                        1 Reply Last reply Reply Quote 0
                                        • nadnerBN
                                          nadnerB
                                          last edited by

                                          Hmmm, attempting to install htop is proving to be more difficult than yum -y install htop.
                                          I can't seem to connect to any of the mirrors.
                                          *http://mirror.netflash.net/centos/7.0.1406/updates/x86_64/repodata/repomd.xml: [Errno 14] curl#6 - "Could not *resolve host: mirror.netflash.net; Unknown error"
                                          Trying other mirror.

                                          1 Reply Last reply Reply Quote 0
                                          • scottalanmillerS
                                            scottalanmiller
                                            last edited by

                                            Often that means that DNS isn't set up. Can you lookup addresses in general?

                                            1 Reply Last reply Reply Quote 1
                                            • 1
                                            • 2
                                            • 3
                                            • 1 / 3
                                            • First post
                                              Last post