-
Notifications
You must be signed in to change notification settings - Fork 0
/
RHEL 7 Basic Command
190 lines (150 loc) · 4.96 KB
/
RHEL 7 Basic Command
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
BASIC RHEL 7 Initial Setup
===============================
yum check-update
yum update
yum clean all
yum install nano wget curl net-tools lsof bash-completion
Network
========
nmtui
nmtui-hostname
nmtui-connect
vi etc/hosts
192.168.0.18 box1.rbl.dc box1
192.168.0.20 box2.rbl.dc box2
ifconfig enp0s3
ip a
ping -c2 google.com
ethtool enp0s3
mii-tool enp0s3
USER
============
adduser rbl_user
passwd rbl_user
chage -d0 rbl_user
usermod -aG wheel rbl_user
su - rbl_user
sudo yum update
Configure SSH Public Key Authentication on RHEL 7
su - rbl_user
ssh-keygen -t RSA (add passphrase)
ssh-copy-id [email protected]
cat ~/.ssh/id_rsa
Secure SSH
==============
sudo vi /etc/ssh/sshd_config
PermitRootLogin no
sudo systemctl restart sshd
su -c 'echo "TMOUT=300" >> /etc/bashrc'
tail /etc/bashrc
Configure Firewall (Firewalld)
==============================
sudo systemctl status firewalld
sudo systemctl start firewalld
sudo systemctl enable firewalld
sudo firewall-cmd --add-service=ssh --permanent
sudo firewall-cmd --reload
sudo firewall-cmd --add-service=sshd (For Temp)
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --permanent --add-service=smtp
sudo firewall-cmd --permanent --list-all
Remove Unneeded Services
=========================
sudo ss -tulpn
sudo systemctl stop postfix.service
sudo yum remove postfix
NTP
=============
sudo hwclock
sudo hwclock --set --date="09/09/2015 12:33:00"
uptime
:r /etc/passwd (Insert existing file)
sudo systemctl stop chronyd.service
sudo yum remove chrony
sudo ss -tulpn
sudo yum install ntpdate
sudo ntpdate 0.asia.pool.ntp.org
sudo crontab -e
@daily /usr/sbin/ntpdate 0.asia.pool.ntp.org
Server Hardening Security
====xxxxxxxxxxxxxxxx=======
/(root)
/boot
/home
/tmp
/var
yum update
rpm -qa
yum list installed >> installed.txt
yum remove package_name
ss -tulpn
systemctl list-units -t service
yum remove postfix
VNC console via SSH
====================
ssh -L 5902:localhost:5901 remote_machine
vncviewer localhost:5902
nmap -sT -O 192.168.1.10
yum install firewalld
systemctl start firewalld.service
systemctl enable firewalld.service
firewall-cmd --list-all
getenforce
setenforce 1
sestatus
find / -nouser -o -nogroup -exec ls -l {} \;
pwmake 128
vim /etc/pam.d/passwd (Apply Strong Password Policy)
password required pam_pwquality.so retry=3
chage -M 45 username
chage -d 0 username
# passwd -l username
# usermod -L username
To unlock accounts use the -u option for passwd command and -U option for usermod.
tcpdump -i eno16777736 -w tcpdump.pcap
# usermod -s /bin/false username
# useradd -s /usr/sbin/nologin username
BANNER
=============
sudo vim /etc/sshbanner.txt
.----------------. .----------------. .----------------.
| .--------------. || .--------------. || .--------------. |
| | _______ | || | ______ | || | _____ | |
| | |_ __ \ | || | |_ _ \ | || | |_ _| | |
| | | |__) | | || | | |_) | | || | | | | |
| | | __ / | || | | __'. | || | | | _ | |
| | _| | \ \_ | || | _| |__) | | || | _| |__/ | | |
| | |____| |___| | || | |_______/ | || | |________| | |
| | | || | | || | | |
| '--------------' || '--------------' || '--------------' |
'----------------' '----------------' '----------------'
sudo vim /etc/ssh/sshd_config
banner=/etc/sshbanner.txt
sudo systemctl restart sshd
sudo vim /etc/motd
sudo systemctl restart sshd
#################################################################
# _ _ _ _ #
# / \ | | ___ _ __| |_| | #
# / _ \ | |/ _ \ '__| __| | #
# / ___ \| | __/ | | |_|_| #
# /_/ \_\_|\___|_| \__(_) #
# #
# You are entering into a secured area! Your IP, Login Time, #
# Username has been noted and has been sent to the server #
# administrator! #
# This service is restricted to authorized users only. All #
# activities on this system are logged. #
# Unauthorized access will be fully investigated and reported #
# to the appropriate law enforcement agencies. #
#################################################################
/etc/issue.net
/etc/motd
ALERT! You are entering a secured area! Your IP, Login Time, and Username have been noted and have been sent to the server administrator!
This service is restricted to authorized users only. All activities on this system are logged.
Unauthorized access will be fully investigated and reported to the appropriate law enforcement agencies.
open the /etc/ssh/sshd_config configuration file.
Banner /etc/issue.net
sudo systemctl restart sshd