Configure new RHEL-5.5 VM on IBM cloud
From Notes_Wiki
<yambe:breadcrumb>New machine configuration</yambe:breadcrumb>
Configuring new RHEL-5.5 VM on IBM cloud
Converting private key to ppk file using puttygen
- Download puttygen application from Internet
- Run puttygen and use 'Load' option to load supplied private key file.
- Then use 'Save private key' file to save private key in some safe location.
Note that by default IBM cloud images have root account disabled and allow only key based authentication for user named 'idcuser'. Hence we have to use the key file provided during VM creation to create PPK file and then use the PPK file to log into server using user 'idcuser'.
Logging into server with help of PPK file
- Start putty
- Type the VM IP address in the host name box.
- Go to 'Connection -> Data'. Type Auto-login username as 'idcsser'
- Go to 'Connection -> SSH -> Auth'. Select 'Allow attempted changes of username in SSH-2' Also use Browse button and select PPK file generated using puttygen in above steps.
- Again go to Session and type some descriptive name for VM in 'Saved Sessions' box. Click on 'Save' to save current session settings.
- Click on 'open' to connect to VM using idcuser.
Enabling login as root user
- Change root shell to using 'sudo /usr/sbin/usermod -s /bin/bash root' command.
- Try logging into root user using 'sudo su -' command.
- Install vim using 'yum install vim-enhanced' command.
- Edit '/etc/ssh/sshd_config' file and make following changes:
- PermitRootLogin yes
- PasswordAuthentication yes
- Comment line 'Allowedusers idcuser'
- Use 'passwd' command to set new root password.
- Use 'service sshd restart' to allow root login using password through ssh
- Change putty profile and change Auto-login username to 'root' and use 'cp /home/idcuser/.ssh/authorized_keys /root/.ssh/authroized_keys'
Configuring bash profile to keep command history with timestamps
- Go to folder '/etc/profile.d'.
- Create file named 'history.sh' with following contents
- #!/bin/sh
- HISTTIMEFORMAT="%y %m %d %T "
- HISTSIZE=100000
- HISTFILESIZE=100000
- export HISTTIMEFORMAT HISTSIZE HISTFILESIZE
- chmod +x history.sh
- Use '<tt. ./history.sh'
- Type 'history' command and verify that command history is being stored with timestamps.
Changing VM hostname to something meaningful
- Use 'hostname <new_hostname>' command to change machine hostname.
- Edit file '/etc/sysconfig/network' and type same hostname in the file.
- Edit file '/etc/hosts' and type same hostname for 127.0.0.1. You can ensure that entries for old hostnames are removed.
- Exit from vm and connect back to it to verify that hostname has been changed.
Configure denyhosts to prevent ssh bruteforce attempts
Follow steps mentioned on Configuring new denyhosts server from source
Allow ICMP echo packets using firewall
- Edit file '/etc/sysconfig/iptables'
- Add line '-A INPUT -p icmp --icmp-type echo-request -j ACCEPT'
- service iptables restart
Configuring rpmfusion repository
- Use 'rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm' to enable epel on system
- Then download latest RHEL configuration file from http://www.rpmfusion.org/
- Install downloaded rpm using 'rpm -ivh <rpm_file>' command
<yambe:breadcrumb>New machine configuration</yambe:breadcrumb>