centOS 7 install log

Posted on by

after my last server install I realized a lot of things were improvised and broken, also there were no new binaries for owncloud on Ubuntu 12.02 and no disk encryption and no systemd and so on and as I want to learn something I wanted to match it with my new love for Fedora so it became a Centos7 server.

basic vmware install using vSphere I found the first bug: using full disk encryption I cannot boot anymore

reason is a known bug

At the GRUB boot menu, press e to edit the boot config and remove rhgb.
then disable it permanently by removing rhgb in /etc/default/grub and execute grub2-mkconfig -o /boot/grub2/grub.cfg to update your boot grub.cfg.

next thing was I could not enter the passphrase using the vSphere console as characters were autorepeated.

Solution via VMware

  1. Power off the virtual machine.
  2. Add a line, similar to this, at the end of your virtual machine’s configuration (.vmx) file:
    keyboard.typematicMinDelay = “2000000”
    The delay is specified in micro-seconds, so the line in the example above increases the repeat time to 2 seconds. This should ensure that you never get auto-repeat unless you intend it.
  3. Power on the virtual machine.

that out of the way I could boot up CentOS and update it and install vmware tools

yum install net-tools perl
mount /dev/cdrom /mnt/cdrom
cd /tmp
tar zxf /mnt/cdrom/VMwareTools-5.0.0-<xxxx>.tar.gz
umount /dev/cdrom
cd vmware-tools-distrib
./vmware-install.pl

Now, let’s get started.
First get EPEL started (Extra Packages for Enterprise Linux)
yum install epel-release

enable UTF-8 support
edit /etc/environment and add this:
LC_ALL=en_US.UTF-8
LANG=en_US.UTF-8

also use ‘localectl’ to show and set a different locale
like this:
localectl set-locale LANG=en_US.utf8

colorize bash:
add this to .bash_profile
export LS_OPTS='--color=auto'
export GREP_OPTIONS='--color=auto'
export TERM=xterm-color
#export GREP_OPTIONS='--color=auto' GREP_COLOR='1;32'
export CLICOLOR=1

install Mosh
yum install mosh htop
then allow UDP for ports 60001-60010
sudo iptables -I INPUT 1 -p udp --dport 60001:60010 -j ACCEPT
so in systemd this will be:
– create /etc/firewalld/services/mosh.xml

< ?xml version="1.0" encoding="utf-8"?>

MOSH
Mosh (mosh.mit.edu) is a free replacement for SSH that allows roaming and supports intermittent connectivity.
– firewall-cmd –add-service=mosh –permanent
– firewall-cmd –reload
Note: In Fedora21+ this is already present (the xml file for mosh)
this will open 10 ports but that should be more than enough for me.
and start mosh as a server using “mosh-server” – defaults should work fine!
I am not even sure this is needed.. as long as mosh is installed on the server it should connect via SSH and start mosh and hand over the connection!

htop
yum install htop

fail2ban
yum install fail2ban
then make a copy of /etc/fail2ban/jail.conf and save it as jail.local
there set at least this:
[sshd]
enabled = true

enable and start service
systemctl enable fail2ban
systemctl start fail2ban

check journalctl for selinux related issues but this should be fixed now
journalctl -lfu fail2ban

install basic developer tools (build-essentials)
yum groupinstall 'Development Tools'