Wiki

User Tools

Site Tools

Trace:
secure_ubuntu_system:initial_setup

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
secure_ubuntu_system:initial_setup [2020/05/19 13:42] – [Enable packet forwarding by the kernel] petersecure_ubuntu_system:initial_setup [2022/07/19 10:21] (current) – [Configure the network] 85.203.36.242
Line 1: Line 1:
 ====== Secure Ubuntu System - First Configuration ====== ====== Secure Ubuntu System - First Configuration ======
 +
 +{{:secure_ubuntu_system:first_config.png?100|}}
  
 ===== Login ===== ===== Login =====
Line 5: Line 7:
 Login to the newly installed system with your previously created Administrator's username and password (e.g. <color red>administrator</color> and <color red>adminpass</color>). Login to the newly installed system with your previously created Administrator's username and password (e.g. <color red>administrator</color> and <color red>adminpass</color>).
  
 +----
  
 ===== Get root privileges (Optional) ===== ===== Get root privileges (Optional) =====
Line 57: Line 60:
 </code> </code>
  
-This is done for safety.  If the file becomes messed up the original can be restored.+<WRAP info> 
 +**NOTE:**  This is done for safety.  If the file becomes messed up the original can be restored. 
 +</WRAP> 
  
 ---- ----
Line 130: Line 136:
 Instead you need to specify your nameservers in your network configuration.  Use the command **man resolveconf** to find out more. Instead you need to specify your nameservers in your network configuration.  Use the command **man resolveconf** to find out more.
  
-  * Traditionally, the file /etc/resolv.conf was a static configuration file that rarely needed to be changed or automatically changed via DCHP client hooks.+  * Traditionally, the file **/etc/resolv.conf** was a static configuration file that rarely needed to be changed or automatically changed via DCHP client hooks.
   * Nowadays, a computer can switch from one network to another quite often and the resolvconf framework is now being used to track these changes and update the resolver's configuration automatically.   * Nowadays, a computer can switch from one network to another quite often and the resolvconf framework is now being used to track these changes and update the resolver's configuration automatically.
   * It acts as an intermediary between programs that supply nameserver information and applications that need nameserver information.   * It acts as an intermediary between programs that supply nameserver information and applications that need nameserver information.
Line 149: Line 155:
 Lines beginning with the word **auto** are used to identify the physical interfaces to be brought up when **ifup** is run with the **-a** option.  (This option is used by the system boot scripts.)  Physical interface names should follow the word **auto** on the same line. Lines beginning with the word **auto** are used to identify the physical interfaces to be brought up when **ifup** is run with the **-a** option.  (This option is used by the system boot scripts.)  Physical interface names should follow the word **auto** on the same line.
 </WRAP> </WRAP>
 +
 ---- ----
  
Line 171: Line 178:
 </file> </file>
  
-To uncomment the line, simply remove the hash mark # from the front of the line.+<WRAP info> 
 +**NOTE:**  To uncomment the line, simply remove the hash mark # from the front of the line. 
 +</WRAP> 
  
 IP forwarding essentially turns your server into a router, and can be used as the server has multiple Network Interfaces (NICs).  It allows traffic from the internal network to be routed through the external network and vice-versa.  If traffic comes in on one network interface that matches a subnet of another network interface, that traffic will be forwarded to the other network interface. IP forwarding essentially turns your server into a router, and can be used as the server has multiple Network Interfaces (NICs).  It allows traffic from the internal network to be routed through the external network and vice-versa.  If traffic comes in on one network interface that matches a subnet of another network interface, that traffic will be forwarded to the other network interface.
Line 182: Line 192:
  
 <WRAP safety> <WRAP safety>
-**SAFETY**:  When doing routing, security is a very important consideration.  It is essential that fire-walling and security measures are in place.  These requirements will be covered through instructions later on in this setup guide.+**SAFETY**:  When doing routing, security is a very important consideration. 
 + 
 +It is essential that fire-walling and security measures are in place. 
 + 
 +These requirements will be covered through instructions later on in this setup guide.
 </WRAP> </WRAP>
 +
 +----
  
 ===== Refresh sysctl ===== ===== Refresh sysctl =====
Line 195: Line 211:
 **sysctl** is used to modify kernel parameters at runtime. **sysctl** is used to modify kernel parameters at runtime.
  
 +----
  
 ===== Restart the Network ===== ===== Restart the Network =====
Line 236: Line 253:
 </code> </code>
 </WRAP> </WRAP>
 +
 +----
  
 ===== Check the network interfaces ===== ===== Check the network interfaces =====
Line 270: Line 289:
 eth1: no autonegotiation, 1000baseT-FD flow-control, link ok eth1: no autonegotiation, 1000baseT-FD flow-control, link ok
 </code> </code>
- 
-Ensure that all interfaces are shown.  If not, then revisit the above config changes around the network. 
  
 In the example output above, we can see that both eth0 and eth1 have been picked up, so all well. In the example output above, we can see that both eth0 and eth1 have been picked up, so all well.
  
 +<WRAP info>
 +**NOTE:**  Ensure that all interfaces are shown.  If not, then revisit the above config changes around the network.
 +</WRAP>
 +
 +
 +----
  
 ===== Setup the Network Hosts File ===== ===== Setup the Network Hosts File =====
Line 311: Line 334:
 One of the lines for each NIC should show **UP BROADCAST RUNNING MULTICAST**. One of the lines for each NIC should show **UP BROADCAST RUNNING MULTICAST**.
  
 +----
  
 ===== Check the network is working ===== ===== Check the network is working =====
Line 358: Line 382:
 </code> </code>
 </WRAP> </WRAP>
 +
 +----
 +
 ===== Set the hostname ===== ===== Set the hostname =====
  
Line 366: Line 393:
 </code> </code>
  
 +----
  
 ===== Restart the System ===== ===== Restart the System =====
Line 377: Line 405:
 Once the system is rebooted simply login again and issue the **sudo -i** command to continue implementing the system. Once the system is rebooted simply login again and issue the **sudo -i** command to continue implementing the system.
  
 +----
  
 ===== Check the Network Settings ===== ===== Check the Network Settings =====
Line 395: Line 424:
 Both should show <color red>server1.sharewiz.net</color> now. Both should show <color red>server1.sharewiz.net</color> now.
  
 +----
  
 ===== Use an SSH Client from now on ===== ===== Use an SSH Client from now on =====
Line 404: Line 434:
 Examples of SSH Clients include Putty. Examples of SSH Clients include Putty.
  
 +----
  
 ===== Login using a SSH Client ===== ===== Login using a SSH Client =====
Line 421: Line 452:
 Go ahead and type **yes**, and then enter the password of the administrator, <color red>adminpass</color>. Go ahead and type **yes**, and then enter the password of the administrator, <color red>adminpass</color>.
  
 +----
  
 ===== Continue ===== ===== Continue =====
secure_ubuntu_system/initial_setup.1589895720.txt.gz · Last modified: 2020/07/15 09:30 (external edit)
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki