CentOS 7 Server Deployment Cookbook

CentOS 7 Server Deployment Cookbook

By : Timothy Boronczyk, IRAKLI NADAREISHVILI

Buy this Book

CentOS 7 Server Deployment Cookbook

By: Timothy Boronczyk, IRAKLI NADAREISHVILI

Buy this Book

Overview of this book

CentOS is derived from Red Hat Enterprise Linux (RHEL) sources and is widely used as a Linux server. This book will help you to better configure and manage Linux servers in varying scenarios and business requirements. Starting with installing CentOS, this book will walk you through the networking aspects of CentOS. You will then learn how to manage users and their permissions, software installs, disks, filesystems, and so on. You’ll then see how to secure connection to remotely access a desktop and work with databases. Toward the end, you will find out how to manage DNS, e-mails, web servers, and more. You will also learn to detect threats by monitoring network intrusion. Finally, the book will cover virtualization techniques that will help you make the most of CentOS.

CentOS 7 Server Deployment Cookbook

Credits

About the Author

About the Reviewer

www.PacktPub.com

Preface

Free Chapter

Getting Started with CentOS

Introduction

Installing CentOS using Anaconda in graphics mode

Installing CentOS using Anaconda in text mode

Coordinating multiple installations using Kickstart

Running a cloud image with Amazon Web Services' EC2

Installing a container image from the Docker Registry

Installing the GNOME desktop

Installing the KDE Plasma desktop

Networking

Introduction

Setting a static IP address

Binding multiple addresses to a single Ethernet device

Bonding two Ethernet devices

Configuring the network firewall with FirewallD

Configuring the network firewall using iptables

Installing a DHCP server

Configuring an NFS server to share a filesystem

Configuring an NFS client to use a shared filesystem

Serving Windows shares with Samba

User and Permission Management

Introduction

Escalating privileges with sudo

Enforcing password restrictions

Setting default permissions for new files and directories

Running binaries as a different user

Working with SELinux for greater security

Software Installation Management

Introduction

Registering the EPEL and Remi repositories

Prioritizing repositories using the Priorities plugin

Automating software updates with yum-cron

Verifying installed RPM packages

Compiling a program from source

Managing Filesystems and Storage

Introduction

Viewing the size of files and available storage

Setting storage limits for users and groups

Creating a RAM disk

Creating a RAID

Replacing a device in a RAID

Creating a new LVM volume

Removing an existing LVM volume

Adding storage and growing an LVM volume

Working with LVM snapshots

Allowing Remote Access

Introduction

Running commands remotely through SSH

Configuring a more secure SSH login

Securely connecting to SSH without a password

Restricting SSH access by user or group

Protecting SSH with Fail2ban

Confining sessions to a chroot jail

Configuring TigerVNC

Tunneling VNC connections through SSH

Working with Databases

Introduction

Setting up a MySQL database

Backing up and restoring a MySQL database

Configuring MySQL replication

Standing up a MySQL cluster

Setting up a MongoDB database

Backing up and restoring a MongoDB database

Configuring a MongoDB replica set

Setting up an OpenLDAP directory

Backing up and restoring an OpenLDAP database

Managing Domains and DNS

Introduction

Setting up BIND as a resolving DNS server

Configuring BIND as an authoritative DNS server

Writing a reverse lookup zone file

Setting up a slave DNS server

Configuring rndc to control BIND

Managing E-mails

Introduction

Configuring Postfix to provide SMTP services

Adding SASL to Postfix with Dovecot

Configuring Postfix to use TLS

Configuring Dovecot for secure POP3 and IMAP access

Targeting spam with SpamAssassin

Routing messages with Procmail

Managing Web Servers

Introduction

Installing Apache HTTP Server and PHP

Configuring name-based virtual hosting

Configuring Apache to serve pages over HTTPS

Enabling overrides and performing URL rewriting

Installing NGINX as a load balancer

Safeguarding Against Threats

Introduction

Sending messages to Syslog

Rotating log files with logrotate

Using Tripwire to detect modified files

Using ClamAV to fight viruses

Checking for rootkits with chkrootkit

Using Bacula for network backups

Virtualization

Introduction

Creating a new virtual machine

Cloning a virtual machine

Adding storage to a virtual machine

Connecting USB peripherals to a guest system

Configuring a guest's network interface

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Tunneling VNC connections through SSH

The previous recipe showed you how to give remote access to the user's desktop through VNC. However, there are clearly some security concerns if the service is running on an untrusted network. Only the display number and password are required to connect, and the password can be relatively easy for a malicious user to crack given that only the first eight characters are significant. Moreover, the traffic is unencrypted and it may be snooped. To help mitigate these risks, this recipe teaches you how to route the VNC connection through an encrypted SSH tunnel.

Getting ready

This recipe requires two systems, a CentOS system hosting the VNC server (remote system) and a local computer with a VNC client to connect to it. It assumes that the remote system is running the OpenSSH SSH server and TigerVNC server and is configured with the IP address 192.168.56.100. It also assumes that you have administrative privileges. The VNC server should be configured as described...

CentOS 7 Server Deployment Cookbook

By : Timothy Boronczyk, IRAKLI NADAREISHVILI

CentOS 7 Server Deployment Cookbook

By: Timothy Boronczyk, IRAKLI NADAREISHVILI

Overview of this book

Related Content you might be interested in

Current Title:

CentOS 7 Server Deployment Cookbook

Tunneling VNC connections through SSH

Getting ready