LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-14-2013, 12:14 PM   #1
jonathanh54
LQ Newbie
 
Registered: Jul 2013
Posts: 2

Rep: Reputation: Disabled
Fedora Security Minded Install


How would you automate a Fedora install geared for security?
 
Old 07-14-2013, 12:38 PM   #2
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,107

Rep: Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478
just install the current version
 
Old 07-14-2013, 01:59 PM   #3
scottro11
Member
 
Registered: Jun 2009
Location: NYC
Posts: 260

Rep: Reputation: 59
What sort of Fedora installation? A default installation allows root access to SSH, and also allows (or used to--I haven't done a default installation in awhile), any user to update a signed package without authentication.

A minimal installation still has root access to ssh, but doesn't have PackageKit, eliminating that updating thing I mentioned. For general security though, you are usually alright if you have a reasonably strong password. If you're running servers that are reachable through the Internet, you should take further precautions.
 
Old 07-14-2013, 02:58 PM   #4
lleb
Senior Member
 
Registered: Dec 2005
Location: Florida
Distribution: CentOS/Fedora
Posts: 2,630

Rep: Reputation: 495Reputation: 495Reputation: 495Reputation: 495Reputation: 495
Quote:
Originally Posted by jonathanh54 View Post
How would you automate a Fedora install geared for security?
invest in the RedHat Satellite service.

https://www.redhat.com/products/ente...rhn-satellite/
 
Old 07-14-2013, 03:32 PM   #5
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,107

Rep: Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478
well on a server YES invest in RHEL
fedora has no business being installed on a production server
home use
the fedora default is fine for most

the fedora docs
http://docs.fedoraproject.org/en-US/...ide/index.html
and
http://docs.fedoraproject.org/en-US/...icy/index.html

slightly old
http://www.techradar.com/us/news/sof...-system-915651

Last edited by John VV; 07-14-2013 at 03:34 PM.
 
Old 07-14-2013, 05:21 PM   #6
lleb
Senior Member
 
Registered: Dec 2005
Location: Florida
Distribution: CentOS/Fedora
Posts: 2,630

Rep: Reputation: 495Reputation: 495Reputation: 495Reputation: 495Reputation: 495
who said anything about putting fedora as a server? the OP asked about
Quote:
automate a Fedora install geared for security?
To automate such a feature one of the easiest way to accomplish this is via RedHat Satellite service.

There are free, as in beer, clones of Satellite that could be used too.
 
Old 07-14-2013, 09:18 PM   #7
Janus_Hyperion
Member
 
Registered: Mar 2011
Location: /
Distribution: Fedora (typically latest release or development release)
Posts: 372

Rep: Reputation: Disabled
I have an idea that might work - kickstart. There is an option to add a post install script in a set environment. You can use bash interpreter and make required security changes as needed (disable root access, change port number, pubkey auth only, etc for ssh, for example) using this script.

This would make it convenient to install many different machines with identical security profiles. I have never tried this - just an idea!

Hope this helps.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] windows minded mental block voidspirit Linux - Newbie 11 07-10-2013 10:11 PM
Whats up my like minded people? kwhit LinuxQuestions.org Member Intro 0 04-14-2010 11:57 PM
Closed Minded Zvezda General 22 08-22-2002 01:07 PM
Business minded yes...Linux minded no acid_byte Linux - Newbie 2 09-24-2001 01:56 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 06:51 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration