Change to rootUpdate and Install Packages Code Block |
---|
apt-get -y update
apt-get -y upgrade
apt-get -y install sudo vim unzip rsync sysstat cifs-utils nmap tcpdump tmux virt-what chrony smbclient ufw curl net-tools |
VIM detects the mouse, and copy pasting between two terminal windows is annoying because of this. Disable this as follows for root and jtel: Code Block |
---|
cat << EOFF >> ~/.vimrc
set mouse-=a
EOFF
cp ~/.vimrc /home/jtel
chown jtel:jtel /home/jtel/.vimrc |
The following command adds the jtel user to the sudo group: Code Block |
---|
adduser jtel sudo |
Setup the FirewallThe following commands enable the firewall and allow ssh. Code Block |
---|
ufw --force reset
ufw --force default deny incoming
ufw --force default allow outgoing
ufw allow ssh
ufw --force enable |
Setup chronyThe following commands install chrony and modify the basic chrony.conf file to remove usage of the default pool and any configured servers, and replace this with the 3 (very reliable) time servers from the German PTB. Code Block |
---|
# Replace all existing servers
sed -i -e "s/^server /# server /" /etc/chrony/chrony.conf
# Replace pool setting
sed -i -e "s/^pool /# pool /" /etc/chrony/chrony.conf
# Add PTB Servers
cat << EOFF >> /etc/chrony/chrony.conf
# Servers to use
server ptbtime1.ptb.de iburst
server ptbtime2.ptb.de iburst
server ptbtime3.ptb.de iburst
EOFF
# Enable Chrony
systemctl enable chrony
# Stop (just in case it was started), then start and get status
systemctl stop chrony
systemctl start chrony |
Check chrony Code Block |
---|
systemctl status chrony
chronyc sources |
Bash SettingsThe following script does the following: - Setup a warning when using git as root (on root only)
- Allow for less on zipped files
Code Block |
---|
# root user
cat <<'EOFF' >> ~/.bashrc
[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"
alias git='printf "It looks like you are trying to run GIT as ROOT.\nFor jtel installations, GIT should always be run from the jtel user.\nIf you really want to run git as root, you will need to access it directly, using /usr/bin/git for example.\n"'
EOFF
source ~/.bashrc
# jtel user
cat <<'EOFF' >> /home/jtel/.bashrc
[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"
EOFF |
Detect the HypervisorVMWareThe tools are installed as follows: Code Block |
---|
apt-get -y install open-vm-tools |
Hyper-V The tools are installed as follows: Code Block |
---|
apt-get -y install hyperv-daemons |
KVM The tools are installed as follows: Code Block |
---|
apt-get -y install qemu-guest-agent |
Other Hypervisors Consult the manufacturer for further detals. RebootReboot to load the new kernel if one was downloaded and make sure the guest tools are running OK. |