Wiki

User Tools

Site Tools

Trace: using_incron install_sabnzbd using_iwatch install_netdata update_blocking_lists configure_pfblockerng
secure_ubuntu_system:initial_configuration

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
secure_ubuntu_system:initial_configuration [2016/12/07 16:39] petersecure_ubuntu_system:initial_configuration [2020/07/15 09:30] (current) – external edit 127.0.0.1
Line 22: Line 22:
 Go ahead and type **yes**, and then enter the password of the administrator, <color red>adminpass</color>. Go ahead and type **yes**, and then enter the password of the administrator, <color red>adminpass</color>.
  
 +----
  
 ===== Get root privileges (Optional) ===== ===== Get root privileges (Optional) =====
Line 58: Line 59:
 </code> </code>
 </WRAP> </WRAP>
 +
 +----
  
 ===== Update APT Sources ===== ===== Update APT Sources =====
Line 131: Line 134:
 </file> </file>
  
 +<WRAP info>
 **NOTE**:  The Ubuntu version and name may differ in the file, depending on what version of Ubuntu is being used. **NOTE**:  The Ubuntu version and name may differ in the file, depending on what version of Ubuntu is being used.
 +</WRAP>
 +
  
 Save the file, then issue the following command: Save the file, then issue the following command:
Line 162: Line 168:
   * http://wiki.debian.org/Aptitude    * http://wiki.debian.org/Aptitude 
 </WRAP> </WRAP>
 +
 +----
  
 ===== Enable Automatic Security Updates (optional) ===== ===== Enable Automatic Security Updates (optional) =====
Line 186: Line 194:
 </file> </file>
  
 +----
  
 ==== Customize automatic updates ==== ==== Customize automatic updates ====
Line 209: Line 218:
 </file> </file>
  
 +----
  
 ==== Reference ==== ==== Reference ====
Line 215: Line 225:
  
  
 +----
  
 ===== Upgrading Ubuntu Server to latest LTS version (optional) ===== ===== Upgrading Ubuntu Server to latest LTS version (optional) =====
Line 228: Line 239:
 This is a good option.  The important thing is knowing for certain that you can restore/recreate the server in case the upgraded server is not left in a bootable, usable condition. This is a good option.  The important thing is knowing for certain that you can restore/recreate the server in case the upgraded server is not left in a bootable, usable condition.
  
 +----
  
 ==== Install the Upgrade Manager ==== ==== Install the Upgrade Manager ====
Line 235: Line 247:
 </code> </code>
  
 +----
  
 ==== Double-check Configuration File ==== ==== Double-check Configuration File ====
Line 256: Line 269:
 </file> </file>
  
 +----
  
 ==== Run the Upgrade Manager ==== ==== Run the Upgrade Manager ====
Line 285: Line 299:
  
  
 +----
  
 ===== Update VIM ===== ===== Update VIM =====
Line 298: Line 312:
    
 To update to the full vim package, install **vim-nox**. Of course, different text editor such as joe or nano can be installed as well.  To update to the full vim package, install **vim-nox**. Of course, different text editor such as joe or nano can be installed as well. 
 +
 +----
  
  
Line 318: Line 334:
 </code> </code>
  
 +----
  
 ==== Create and Enable the Swap File ==== ==== Create and Enable the Swap File ====
Line 363: Line 380:
 |count=512k|Copy only 524288 BLOCKS input blocks.  This is the size of the swap file.| |count=512k|Copy only 524288 BLOCKS input blocks.  This is the size of the swap file.|
  
 +----
  
 ==== Prepare the swap file by creating a Linux swap area ==== ==== Prepare the swap file by creating a Linux swap area ====
Line 376: Line 394:
 no label, UUID=265d3e61-6e2b-4126-baba-6e6185e97b46 no label, UUID=265d3e61-6e2b-4126-baba-6e6185e97b46
 </code> </code>
 +
 +----
  
 ==== Activate the swap file ==== ==== Activate the swap file ====
Line 427: Line 447:
 |100|The kernel will swap aggressively.| |100|The kernel will swap aggressively.|
 </WRAP> </WRAP>
 +
 +----
  
 ==== Secure SWAP ==== ==== Secure SWAP ====
Line 440: Line 462:
  
  
 +----
  
 ===== Change the Default Shell ===== ===== Change the Default Shell =====
Line 457: Line 479:
  
  
 +----
  
 ===== Synchronize the System Clock ===== ===== Synchronize the System Clock =====
Line 581: Line 603:
 </WRAP> </WRAP>
  
 +----
  
 ==== Update crontab times ==== ==== Update crontab times ====
Line 621: Line 644:
 This also helps with log rotation, in that new daily logs are started at the beginning of each day instead of at 6am. This also helps with log rotation, in that new daily logs are started at the beginning of each day instead of at 6am.
  
-**NOTE**:  Slight differences between the minutes of each individual cron job could ensure that jobs run by different parts of cron don’t conflict. +<WRAP info> 
 +**NOTE**:  Slight differences between the minutes of each individual cron job could ensure that jobs run by different parts of cron don’t conflict. 
 +</WRAP> 
 + 
  
 +----
  
 ====== Add Global Aliases ====== ====== Add Global Aliases ======
Line 630: Line 657:
 Global Aliases would normally be added to the **/etc/profile** file, but it’s cleaner to have a separate file for the aliases. Global Aliases would normally be added to the **/etc/profile** file, but it’s cleaner to have a separate file for the aliases.
  
 +<WRAP info>
 **NOTE**:  A user can overwrite the global aliases if needed by defining their own aliases within their .bashrc,  .bash_aliases,  or .profile files within their own home directories. **NOTE**:  A user can overwrite the global aliases if needed by defining their own aliases within their .bashrc,  .bash_aliases,  or .profile files within their own home directories.
 +</WRAP>
 +
  
 To see what aliases are currently defined use the **alias** command.  To disable an alias in your current shell, use **unalias** name.  An alias can be temporarily disabled in the current command by prefixing the alias name with a \.  For example: \ls. To see what aliases are currently defined use the **alias** command.  To disable an alias in your current shell, use **unalias** name.  An alias can be temporarily disabled in the current command by prefixing the alias name with a \.  For example: \ls.
Line 641: Line 671:
  
 and add the following to the file: and add the following to the file:
- 
-# Instruct bash to expand the arguments to aliases. 
  
 <file bash /etc/profile.d/bash_aliases.sh> <file bash /etc/profile.d/bash_aliases.sh>
 +# Instruct bash to expand the arguments to aliases.
 shopt -s expand_aliases shopt -s expand_aliases
  
Line 885: Line 914:
 </code> </code>
  
 +----
  
 ===== Add Global Functions ===== ===== Add Global Functions =====
Line 894: Line 924:
 Global Functions would normally be added to the **/etc/profile** file, but it’s cleaner to have a separate file for the functions. Global Functions would normally be added to the **/etc/profile** file, but it’s cleaner to have a separate file for the functions.
  
 +<WRAP info>
 **NOTE**:  A user can overwrite the global functions if needed by define their own functions within their .bashrc,  .bash_aliases,  or .profile files within their own home directories. **NOTE**:  A user can overwrite the global functions if needed by define their own functions within their .bashrc,  .bash_aliases,  or .profile files within their own home directories.
 +</WRAP>
 +
  
 Issue the following command: Issue the following command:
Line 1589: Line 1622:
  
  
 +
 +----
  
 ===== Allow colour prompts for the administrator (highly recommended) ===== ===== Allow colour prompts for the administrator (highly recommended) =====
Line 1606: Line 1641:
 This functionality is not required, but does makes it a lot easier to see what’s going on, so recommended. This functionality is not required, but does makes it a lot easier to see what’s going on, so recommended.
  
 +----
  
 ===== Restart the System ===== ===== Restart the System =====
Line 1617: Line 1653:
 ...and log back in using a SSH client, such as Putty. ...and log back in using a SSH client, such as Putty.
  
 +----
  
 ===== Login using a SSH Client ===== ===== Login using a SSH Client =====
Line 1634: Line 1671:
 Go ahead and type **yes**, and then enter the password of the administrator, <color red>adminpass</color>. Go ahead and type **yes**, and then enter the password of the administrator, <color red>adminpass</color>.
  
 +----
  
 ===== Continue ===== ===== Continue =====
  
 Continue to [[Secure Ubuntu System:Base Security]] Continue to [[Secure Ubuntu System:Base Security]]
 +
secure_ubuntu_system/initial_configuration.1481128774.txt.gz · Last modified: 2020/07/15 09:30 (external edit)
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki