WorldDrknss/Guide-to-AlmaLinux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Polishing

Browse Source
This commit is contained in:
Charles Showalter 2023-01-28 22:31:45 +00:00
parent 6c0c3448d5
commit 65367fa6bf
1 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
README.md
View File

@ -186,6 +186,8 @@ Coming Soons
```sh ```sh
echo "$SSH" >> ~/.ssh/authorized_keys echo "$SSH" >> ~/.ssh/authorized_keys
``` ```
<p align="right">(<a href="#top">back to top</a>)</p>
### SSH Permissions ### SSH Permissions
```sh ```sh
mkdir -p ~/.ssh mkdir -p ~/.ssh
@ -193,22 +195,38 @@ Coming Soons
chmod 700 ~/.ssh chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys chmod 600 ~/.ssh/authorized_keys
``` ```
<p align="right">(<a href="#top">back to top</a>)</p>
### Disabling password based SSH ### Disabling password based SSH
```sh ```sh
cd /etc/ssh cd /etc/ssh
sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' sshd_config sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' sshd_config
systemctl restart sshd systemctl restart sshd
``` ```
<p align="right">(<a href="#top">back to top</a>)</p>
### Allow user to SUDO without password ### Allow user to SUDO without password
```sh ```sh
sudo su - sudo su -
visudo visudo
``` ```
Press `Insert` on keyboard, substitute `$USER` with the user you created during installation. Press `Insert` on keyboard, substitute `$USER` with the user you created during installation.
```sh ```sh
$USER ALL=(ALL) NOPASSWD: ALL $USER ALL=(ALL) NOPASSWD: ALL
``` ```
Press `esc` then type
```sh
:wq
```
This will save and close the terminal.
<p align="right">(<a href="#top">back to top</a>)</p>
### Working with fapolicyd ### Working with fapolicyd
fapolicyd starts in protection mode. We need to set fapolicyd to permissive mode to allow us to build the necessary rule sets for our individual systems. fapolicyd starts in protection mode. We need to set fapolicyd to permissive mode to allow us to build the necessary rule sets for our individual systems.
```sh ```sh
@ -218,6 +236,8 @@ Coming Soons
``` ```
See <a href="https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/assembly_blocking-and-allowing-applications-using-fapolicyd_security-hardening">RHEL: Blocking and Allowing applications with fapolicyd</a> for more information on building rules. See <a href="https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/assembly_blocking-and-allowing-applications-using-fapolicyd_security-hardening">RHEL: Blocking and Allowing applications with fapolicyd</a> for more information on building rules.
<p align="right">(<a href="#top">back to top</a>)</p>
### Fixing wget ### Fixing wget
As of current GnuTLS is not properly working with FIPS. To correct this we tell GnuTLS to disable health checks. As of current GnuTLS is not properly working with FIPS. To correct this we tell GnuTLS to disable health checks.
@ -230,6 +250,7 @@ Coming Soons
echo "export GNUTLS_SKIP_FIPS_INTEGRITY_CHECKS=1" > gnutls.sh echo "export GNUTLS_SKIP_FIPS_INTEGRITY_CHECKS=1" > gnutls.sh
``` ```
`wget` will now function as intended. `wget` will now function as intended.
<p align="right">(<a href="#top">back to top</a>)</p> <p align="right">(<a href="#top">back to top</a>)</p>
<!-- CLOUD --> <!-- CLOUD -->