- Data Structure
- Networking
- RDBMS
- Operating System
- Java
- MS Excel
- iOS
- HTML
- CSS
- Android
- Python
- C Programming
- C++
- C#
- MongoDB
- MySQL
- Javascript
- PHP
- Physics
- Chemistry
- Biology
- Mathematics
- English
- Economics
- Psychology
- Social Studies
- Fashion Studies
- Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
Initial Server Setup and Configurations on RHEL 7
Red Hat Enterprise Linux (RHEL) is a Linux-based operating system from Red Hat designed for businesses. This article is a practical guide on how to carry out the initial server setup and configurations on RHEL 7. In this tutorial, we will walk you through the essential first steps to prepare a RHEL 7 server for use.
Section 1: Logging in as Root
After your server boots, you will be able to log in as the root user. The root user is the administrative user in a Linux environment with very broad privileges.
Example −
ssh root@your_server_ip
Section 2: Creating a New User
After logging in as root, it's recommended to create an alternate user account with superuser privileges for everyday use.
Example −
adduser username
Once you have the user set up, give it superuser privileges by typing −
Example −
usermod -aG wheel username
Section 3: Setting up a Basic Firewall
RHEL 7 servers can use the firewall-cmd tool to set up a basic firewall. Before that, we need to install the firewalld software.
Example −
yum install firewalld
Output −
Loaded plugins: langpacks, ulninfo Resolving Dependencies --> Running transaction check ---> Package firewalld.noarch 0:0.8.4-1.el7 will be installed --> Processing Dependency: python3-firewall = 0.8.4-1.el7 for package: firewalld-0.8.4-1.el7.noarch --> Processing Dependency: firewalld-filesystem = 0.8.4-1.el7 for package: firewalld-0.8.4-1.el7.noarch --> Processing Dependency: iptables-services >= 1.4.21-28 for package: firewalld-0.8.4-1.el7.noarch --> Processing Dependency: ipset >= 6.29 for package: firewalld-0.8.4-1.el7.noarch --> Running transaction check ...
Start the firewalld service with the following command −
Example −
systemctl start firewalld
To ensure the firewall is active at boot, enable it −
Example −
systemctl enable firewalld
Section 4: Enabling External Access for Your Regular User
Now we have a new user account with regular account privileges. However, we may sometimes need to do administrative tasks. To avoid logging out of our normal user and logging back in as the root account, we can set up what is known as "superuser" or root privileges for our normal account.
Example −
visudo
Search for the line that looks like this −
root ALL=(ALL:ALL) ALL
Right below this line, copy the format you see here, changing only the word "root" to reference the new user that you would like to give superuser privileges to −
username ALL=(ALL:ALL) ALL
Section 5: Enable SSH Key-Based Authentication
For additional security, it is a good idea to enable SSH key-based authentication and disable password-based authentication.
First, generate a pair of SSH keys on your local machine −
Example −
ssh-keygen
Output −
Generating public/private rsa key pair. Enter file in which to save the key (/home/user/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/user/.ssh/id_rsa. Your public key has been saved in /home/user/.ssh/id_rsa.pub. The key fingerprint is: SHA256:abcdefghijklmnopqrstuvwxyz user@hostname The key's randomart image is: +---[RSA 2048]----+ | ..o . | | . + o | | . * + o | | . B + o o | | o = S . | | . = = o | | . o o o | | . . . | | | +----[SHA256]-----+
You can then copy the public key to your RHEL 7 server −
Example −
ssh-copy-id username@your_server_ip
Then, to disable password authentication, open the SSH configuration file using the following command −
Example −
sudo vi /etc/ssh/sshd_config
Find the line that contains PasswordAuthentication, uncomment it by deleting the '#' at the beginning, and change its value to 'no'. It should look like this −
PasswordAuthentication no
Save and close the file, then restart the SSH service −
Example −
systemctl restart sshd
Section 6: Update Your Server
Keeping your server updated is crucial for security and stability. Run the following command to update the system to the latest packages −
Example −
yum update
Section 7: Setting Up Network Time Protocol (NTP)
Another crucial server setup step is ensuring that your server's clock stays accurate. It helps in log file analysis and coordinating tasks with other servers. You can do this by setting up the Network Time Protocol (NTP).
First, install the chrony package using yum.
Example −
sudo yum install chrony
Once installed, start the chronyd service and enable it to start at boot −
Example −
sudo systemctl start chronyd sudo systemctl enable chronyd
You can verify that everything is working by querying the chronyd service −
Example −
chronyc sources -v
Section 8: Setting up SELinux
Security-Enhanced Linux (SELinux) is a security feature of RHEL that provides the mechanism for supporting access control security policies. It is enabled by default, and it's recommended to keep it enabled.
Check the status of SELinux using −
Example −
sestatus
If it's not enabled, you can enable it by editing the /etc/selinux/config file −
sudo vi /etc/selinux/config
Change SELINUX= line to −
SELINUX=enforcing
Restart your server for the changes to take effect.
Example −
sudo reboot
Section 9: Install and Configure a Web Server (Apache)
Many servers are used to host websites. Apache is a popular choice for this purpose.
Install Apache using yum −
Example −
sudo yum install httpd
Once installed, you can start and enable Apache −
Example −
sudo systemctl start httpd sudo systemctl enable httpd
To test if the server is running, enter the server's IP address into a web browser −
http://your_server_ip/
You should see the default Apache test page.
Section 10: Install and Set Up a Database Server (MariaDB)
A database server is required for most web applications. MariaDB is a popular and open-source database server.
Install MariaDB using yum −
Example −
sudo yum install mariadb-server
Start and enable MariaDB −
Example −
sudo systemctl start mariadb sudo systemctl enable mariadb
Secure your MariaDB installation −
Example −
sudo mysql_secure_installation
This will guide you through several questions where you can set a root password and make your database server more secure.
Conclusion
You should now have a solid foundation for your RHEL 7 server. This doesn't end here, though. Depending on what you're planning to do with your server, you might also need to install additional software and configure it to suit your needs. Remember to always keep security in mind when setting up and configuring your server.
To Continue Learning Please Login
Login with Google