Linux operating system base optimized configuration
when the installation is complete Linux system, we need to do some optimizations to make the operating system more secure, but also some of the necessary preparations (for future production environment)
1: Add action User for system
when the system is installed, try to avoid using The root user logs on to the user to operate, reducing unnecessary risk, so it is necessary to add the operation user according to the daily maintenance requirement.
2: Install the necessary packages for the system
After the system installation is complete, it is necessary to check whether the software is all installed after the actual use in the future.
This command is to view the list of package groups
Check if a software is installed
if not installed, you can use yum install httpd-y
3: Turn off SELinux
SElinux shutdown is a /etc/selinux/config that needs to modify its configuration file
will be selinux=enforcing modified into selinux=disalbed
4: Use sudo for rights management
In the actual production, it is necessary to carry out the relevant authority control management, in order to reduce unnecessary errors
Use the sudo command to configure the use command permissions for the associated user
User name can be logged in the terminal specific commands (using absolute path)
YUMW all= (All)/usr/sbin/useradd
The specific path to the command can be used
5: Modify the default configuration of the SSH service
in general production environment after the installation of the system, operators will use the client tools to log on the system for related operations, to facilitate the management and maintenance of the server, in order to increase security, so here need to modify the next Default configuration for SSH
SSH service configuration file /etc/ssh/sshd_config
Modify the configuration file under backup before configuring
Then modify the default configuration
Restart related services after modifications are completed
/etc/init.d/sshd restart
Linux Infrastructure Optimization Configuration