Introduction
When it comes to setting up your Rocky Linux server, the first steps are often the most crucial. Ensuring your server is secure and functional from the get-go is essential for a smooth and productive server experience. In this comprehensive blog post, we'll walk you through the essential initial setup tasks to help you build a robust foundation for your server.
When you install Rocky Linux as a server, there are several initial setup tasks you should perform to ensure that your server is secure and functional. Here are the first steps you should take:
1. Update the System:
After the initial installation, it's essential to update your server's packages to ensure you have the latest security patches and updates. Run:
sudo yum update
2. Set Hostname:
Configure the hostname to match your server's purpose. Edit the /etc/hostname
file:
sudo nano /etc/hostname
Replace the current hostname with your desired one, save, and exit the editor.
3. Configure Network Settings:
Adjust network settings to ensure proper connectivity. Edit the network configuration file:
sudo nano /etc/sysconfig/network-scripts/ifcfg-eth0
Modify the settings (like IP address, subnet mask, gateway) according to your network environment. Save and exit.
4. Enable Firewall (firewalld):
Enable the firewall and configure rules to secure your server. Start firewalld:
sudo systemctl start firewalld
Enable it to start at boot:
sudo systemctl enable firewalld
You can then configure the firewall rules based on your server's services and requirements.
5. Create a Non-root User:
Avoid using the root account for everyday tasks. Create a new user with sudo privileges:
sudo useradd -m yourusername
sudo passwd yourusername
sudo usermod -aG wheel yourusername # Grant sudo privileges
Replace yourusername
with your desired username.
6. SSH Configuration:
Secure your SSH server by modifying its configuration. Edit the SSH configuration file:
sudo nano /etc/ssh/sshd_config
Some recommended settings:
Disable root login:
PermitRootLogin no
Disable password authentication (use SSH keys):
PasswordAuthentication no
After making changes, restart the SSH service:
sudo systemctl restart sshd
7. Timezone Configuration:
Set the server's timezone to match your location:
sudo timedatectl set-timezone your-timezone
Replace your-timezone
with the appropriate timezone (e.g., America/New_York
).
8. Install Useful Tools:
Install utilities and tools that you may need for server management:
sudo yum install wget curl vim nano
9. Optional: Install and Configure NTP:
To ensure accurate timekeeping, consider installing and configuring the Network Time Protocol (NTP):
sudo yum install ntp
sudo systemctl start ntpd
sudo systemctl enable ntpd
Adjust the NTP server configuration in /etc/ntp.conf
if necessary.
10. Optional: Install Fail2Ban (Security Enhancement):
For added security, consider installing Fail2Ban to protect against brute-force attacks:
sudo yum install fail2ban
sudo systemctl start fail2ban
sudo systemctl enable fail2ban
These initial setup steps will help ensure that your Rocky Linux server is secure and properly configured for your specific needs. Be sure to adapt these steps to match your server's role and requirements.