notes blog about

New Linux Server

Things I do after installing a fresh Linux machine.

Mandatory

  1. Upgrade all packages. Ex. pacman -Syu.

  2. Disable root logging in with password, allow only login with ssh key (so scripts using ssh keys can still login). Set PermitRootLogin prohibit-password (or PermitRootLogin without-password) in /etc/ssh/sshd_config and restart sshd. PermitRootLogin prohibit-password is default in newest versions of OpenSSH.

  3. Make sure no unnecessary services are running, ex.:

    service nfs-common stop
    service portmap stop
    update-rc.d nfs-common remove
    update-rc.d portmap remove
    
  4. Make sure your system keeps exact time. Ex. aptitude install ntp. To check the time is synchronized on Arch Linux: timedatectl status.

Optional

Perl stuff

More