Configuring vsFTPd on CentOS with different port

February 27th, 2012 by GadElKareem

Check Installing CentOS 6.2 on VMware post.

- make sure SELINUX is disabled and iptables is configured for FTP

- add ftp user

adduser ftpuser -g ftp -s /sbin/nologin -d /server
#set password
passwd ftpuser

- configuration, more info
more.. »

Read More      2 Comments »

synchronize clock on CentOS server

February 26th, 2012 by GadElKareem

Check Installing CentOS 6.2 on VMware post.

chkconfig --levels 235 ntpd on
/etc/init.d/ntpd restart
ntpdate 0.pool.ntp.org

- using dateconfig

yum groupinstall 'X Window System'
dateconfig

Read More      1 Comment »

disable root login

February 26th, 2012 by GadElKareem

Check Installing CentOS 6.2 on VMware post.

This should make the server more secure, review creating admin users post

- this will disable logging in ssh as root

vi /etc/ssh/sshd_config 
#add
PermitRootLogin no
#restart ssh
/etc/init.d/sshd restart

Read More      No Comments »

Adding new users and admins to Linux server

February 26th, 2012 by GadElKareem

Check Installing CentOS 6.2 on VMware post.

Using admin user avoids common mistakes done when logging as root, instead use sudo to run root commands.

mkdir /server
 
#adding web-server user www
adduser www -d /server -s /sbin/nologin
 
#adding admins group to use instead of root
groupadd admins
visudo
#add
%admins ALL=(ALL)       NOPASSWD: ALL
 
#add new admin 
adduser admin -g admins
#set password
passwd admin
 
#add email for user admin
vi /etc/aliases
#add
admin: admin@example.com
#rebuild data
newaliases

Read More      2 Comments »

Disabling unneeded services on CentOS

February 26th, 2012 by GadElKareem

Check Installing CentOS 6.2 on VMware post.

More information about each service can be found here

chkconfig setroubleshoot --levels 345 off;service setroubleshoot stop
chkconfig portmap --levels 345 off;service portmap stop
chkconfig rpcidmapd --levels 345 off;service rpcidmapd stop
chkconfig restorecond --levels 345 off;service restorecond stop
chkconfig pcscd --levels 345 off;service pcscd stop
chkconfig nfslock --levels 345 off;service nfslock stop
chkconfig nfs --levels 345 off;service nfs stop
chkconfig netfs --levels 345 off;service netfs stop
chkconfig mdmonitor --levels 345 off;service mdmonitor stop
chkconfig hidd --levels 345 off;service hidd stop
chkconfig cpuspeed --levels 345 off;service cpuspeed stop
chkconfig cups --levels 345 off;service cups stop
chkconfig cpuspeed --levels 345 off;service cpuspeed stop
chkconfig apmd --levels 345 off;service apmd stop
chkconfig autofs --levels 345 off;service autofs stop
chkconfig atd --levels 345 off;service atd stop
chkconfig apf --levels 345 off;service apf stop
chkconfig yum-updatesd  --levels 345 off;service yum-updatesd  stop
 
#disable apache if not needed
chkconfig httpd  --levels 345 off;service httpd  stop

Read More      1 Comment »

increase linux file descriptors

February 25th, 2012 by GadElKareem

Check Installing CentOS 6.2 on VMware and mounting partitions with noatime posts.

This is very important performance tuning for any web server more information here

#adduser www first http://gadelkareem.com/2012/02/26/adding-new-users-and-admins-to-linux-server/
ulimit -n unlimited - www
#check default number of concurrently open file descriptors 
cat /proc/sys/fs/file-max
#set the number to high value depending on server config
echo '1773914' > /proc/sys/fs/file-max
echo 'fs.file-max=1773914' >> /etc/sysctl.conf
/sbin/sysctl -w fs.file-max=1773914

more.. »

Read More      3 Comments »

mounting partitions with noatime

February 25th, 2012 by GadElKareem

Check Installing CentOS 6.2 on VMware and increase linux file descriptors posts.

This should help reduce disk IO by telling the system not to update inode access times. more here

vi /etc/fstab
#add noatime to the options of the / file system ex:
/dev/mapper/vg_centos6-lv_root /                       ext4    defaults,noatime         1 1

- remount file system

mount -o remount /
#check
cat /proc/mounts | grep noatime

Read More      1 Comment »

Change ssh port and enable X11 forwarding

February 25th, 2012 by GadElKareem

Check Installing CentOS 6.2 on VMware post.

- configure ssh port

cp /etc/ssh/sshd_config /etc/ssh/sshd_config.old
vi /etc/ssh/sshd_config
#uncomment port 22 and change to
port 4568

- enable X11 forwarding

#install needed libraries
yum -y install xorg-x11-xauth xorg-x11-fonts-base liberation-fonts
 
vi /etc/ssh/sshd_config
#add
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes

- restart sshd

 /etc/init.d/sshd restart

Now you should connect to 192.168.126.128:4568

Read More      2 Comments »

Configuring iptables on CentOS

February 25th, 2012 by GadElKareem

- disable SELINUX

vi /etc/selinux/config
#change
SELINUX=disabled

- reboot or run

 setenforce 0

- add iptables rules more.. »

Read More      3 Comments »

Change server hostname

February 25th, 2012 by GadElKareem

Check Installing CentOS 6.2 on VMware post.

Adding Hostname to Linux server

vi /etc/hosts
# add
127.0.0.1  localhost.localdomain localhost
192.168.126.128 centos6.vmware.local
vi /etc/sysconfig/network
#change
HOSTNAME=centos6.vmware.local
hostname centos6.vmware.local

Read More      1 Comment »

« Previous Entries
Next Entries »

 Top