after my last server install I realized a lot of things were improvised and broken, also there were no new binaries for owncloud on Ubuntu 12.02 and no disk encryption and no systemd and so on and as I want to learn something I wanted to match it with my new love for Fedora so it became a Centos7 server.
basic vmware install using vSphere I found the first bug: using full disk encryption I cannot boot anymore
reason is a known bug
At the GRUB boot menu, press e to edit the boot config and remove
then disable it permanently by removing
/etc/default/grub and execute
grub2-mkconfig -o /boot/grub2/grub.cfg to update your boot grub.cfg.
next thing was I could not enter the passphrase using the vSphere console as characters were autorepeated.
Solution via VMware
- Power off the virtual machine.
- Add a line, similar to this, at the end of your virtual machine’s configuration (.vmx) file:
keyboard.typematicMinDelay = “2000000”
The delay is specified in micro-seconds, so the line in the example above increases the repeat time to 2 seconds. This should ensure that you never get auto-repeat unless you intend it.
- Power on the virtual machine.
that out of the way I could boot up CentOS and update it and install vmware tools
yum install net-tools perl
mount /dev/cdrom /mnt/cdrom
tar zxf /mnt/cdrom/VMwareTools-5.0.0-<xxxx>.tar.gz
Now, let’s get started.
First get EPEL started (Extra Packages for Enterprise Linux)
yum install epel-release
enable UTF-8 support
edit /etc/environment and add this:
also use ‘localectl’ to show and set a different locale
localectl set-locale LANG=en_US.utf8
add this to .bash_profile
#export GREP_OPTIONS='--color=auto' GREP_COLOR='1;32'
yum install mosh htop
then allow UDP for ports 60001-60010
sudo iptables -I INPUT 1 -p udp --dport 60001:60010 -j ACCEPT
so in systemd this will be:
– create /etc/firewalld/services/mosh.xml
< ?xml version="1.0" encoding="utf-8"?>
<description>Mosh (mosh.mit.edu) is a free replacement for SSH that allows roaming and supports intermittent connectivity.</description>
<port protocol="udp" port="60001"></port>
<port protocol="udp" port="60002"></port>
<port protocol="udp" port="60003"></port>
<port protocol="udp" port="60004"></port>
<port protocol="udp" port="60005"></port>
<port protocol="udp" port="60006"></port>
<port protocol="udp" port="60007"></port>
<port protocol="udp" port="60008"></port>
<port protocol="udp" port="60009"></port>
– firewall-cmd –add-service=mosh –permanent
– firewall-cmd –reload
Note: In Fedora21+ this is already present (the xml file for mosh)
this will open 10 ports but that should be more than enough for me.
and start mosh as a server using “mosh-server” – defaults should work fine!
I am not even sure this is needed.. as long as mosh is installed on the server it should connect via SSH and start mosh and hand over the connection!
yum install htop
yum install fail2ban
then make a copy of /etc/fail2ban/jail.conf and save it as jail.local
there set at least this:
enabled = true
enable and start service
systemctl enable fail2ban
systemctl start fail2ban
check journalctl for selinux related issues but this should be fixed now
journalctl -lfu fail2ban
install basic developer tools (build-essentials)
yum groupinstall 'Development Tools'