Book Image

Red Hat Enterprise Linux Server Cookbook

By : Jakub Gaj, Leemans
5 (1)
Book Image

Red Hat Enterprise Linux Server Cookbook

5 (1)
By: Jakub Gaj, Leemans

Overview of this book

Dominating the server market, the Red Hat Enterprise Linux operating system gives you the support you need to modernize your infrastructure and boost your organization’s efficiency. Combining both stability and flexibility, RHEL helps you meet the challenges of today and adapt to the demands of tomorrow. This practical Cookbook guide will help you get to grips with RHEL 7 Server and automating its installation. Designed to provide targeted assistance through hands-on recipe guidance, it will introduce you to everything you need to know about KVM guests and deploying multiple standardized RHEL systems effortlessly. Get practical reference advice that will make complex networks setups look like child’s play, and dive into in-depth coverage of configuring a RHEL system. Also including full recipe coverage of how to set up, configuring, and troubleshoot SELinux, you’ll also discover how secure your operating system, as well as how to monitor it.
Table of Contents (12 chapters)
11
Index

Securing the system login


The default settings applied to system login are based on what Red Hat deems basic security. If, for some reason, you want to change this, this recipe will show you a couple of examples. Authconfig has two tools that you can use to configure authentication: authconfig and authconfig-tui.

These two tools configure pam for you in such a way that the changes are consistent throughout rpm updates.

The authconfig-tui tool is not as feature-rich as the plan authconfig tool, which I personally recommend you to use as it allows you to do more.

You can manually edit the files located in /etc/pam.d if and when you know what you're doing, but this is not recommended.

How to do it…

Perform the following steps:

First, change the hash encryption of the passwords stored in /etc/shadow to sha512, as follows:

~]# authconfig --passalgo=sha512 --update

Enable NIS authentication through the following command:

~]# authconfig --enablenis –nisdomain=NISDOMAIN --nisserver=nisserver.example.com...