Quote:
Originally Posted by jmc1987
Very true he should atleast get a book on linux. I started out with The complete Reference Linux sixth Edition.
|
Good! That could address the "complete newbie" part. (Often people also point to Rute or the Fedora Wiki.) Still missing two key topics though.
Quote:
Originally Posted by jmc1987
if you start at the right level.
|
Yes, it will be. But with all due respect "the right level" isn't installing the "AMP" part in LAMP. True, that may be the most straightforward and direct answer to the OP's questions but more experienced LQ members please look beyond that for the bigger picture. Newbies are prone to making all the wrong decisions because they often will focus on what they want
instead of what they need.
* Everyone knows Fedora is on a very short release cycle (
http://fedoraproject.org/wiki/LifeCycle/EOL). That is important to know for the OP because running a EOL'ed (meaning: unmaintained, unsupported, vulnerable) release means more (unnecessary) risks and more maintenance. Knowing this the OP has the choice to opt for another release or distribution (or provider). Not knowing it means having yet another easy target on the 'net which affects all of us.
** More importantly the OP indicates logging in as root over SSH. If you have any practical experience at all you will know configuring/hardening the server is the first issue to address, not running services. As part of that the OP should:
- not mess with configuration without understanding the implications,
- not disable SELinux,
- add an unprivileged user account, set a strong password (and change it regularly), and properly chage the account,
- review and configure other accounts in use,
- install Sudo and configure it to allow the unprivileged user to perform tasks requiring root privileges,
- configure the unprivileged user to use SSH with pubkey auth instead of passwords,
- configure /etc/hosts.deny and /etc/hosts.allow to only accept SSH connections from his management IP or range,
- configure the firewall do the same or install fail2ban or equivalent (see
http://www.linuxquestions.org/questi...tempts-340366/),
- configure /etc/ssh/sshd_config to deny root logins (and see
http://www.linuxquestions.org/questi...51#post3710051 and down),
- install and configure a filesystem integrity checker,
- install Logwatch
and actually read emailed reports to keep tabs on things.
(Also see:
http://rkhunter.wiki.sourceforge.net/SECREF)
In short GNU/Linux is all about performance, versatility and providing services in a continuous, stable and secure way. A GNU/Linux machine is coveted by many because of its power. Especially with newbies we should help OP's ensure the power remains theirs. And that requires looking at the bigger picture. I hope by now you understand what I mean.