Instalacia UBUNTU minimalna verzia

vytvorenie root hesla:

passwd root

Update systemu

apt update
apt upgrade

Nastavenie SSH

nano /etc/ssh/sshd_config

Zmena parametra:

PermitRootLogin yes

Instalacia open-vm-tools

wget https://blog.mhasin.eu/wp-content/uploads/2020/09/net-tools_1.60-26ubuntu1_amd64.zip
 apt install unzip
 unzip net-tools_1.60-26ubuntu1_amd64.zip
 apt install ./net-tools_1.60-26ubuntu1_amd64.deb
 rm -rf net-tools_1.60-26ubuntu1_amd64.*
apt-mark hold net-tools

Uprava bugu openp-vm-tools

mkdir /etc/dhcp3

zmazanie maschine ID

rm /var/lib/dbus/machine-id
ln -s /etc/machine-id /var/lib/dbus/machine-id
echo "" > /etc/machine-id

Zmazanie netplan

rm -rf /etc/netplan/*

Odstranenie cloud-init

sudo cloud-init clean --logs<br> sudo touch /etc/cloud/cloud-init.disabled
sudo rm -rf /etc/netplan/50-cloud-init.yaml
sudo apt purge cloud-init network-manager -y
sudo apt autoremove -y
sudo sed -i 's/Before=cloud-init-local.service/After=dbus.service/g' /lib/systemd/system/open-vm-tools.service
sudo sed -i 's/D /tmp 1777 root root -/#D /tmp 1777 root root -/g' /usr/lib/tmpfiles.d/tmp.conf 
apt install ifupdown

unlink /etc/resolv.conf
nano /etc/resolv.conf

nameserver 147.232.3.2
nameserver 147.232.16.16
nameserver 8.8.8.8

Odstránenie vytvorených ssh kľúčov

rm -rf /etc/ssh/ssh_host_*

Zabezpečenie automatického generovanie ssh kľúčov pri prvom štarte systému

sudo tee /etc/rc.local >/dev/null <<EOL
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#

# By default this script does nothing.
test -f /etc/ssh/ssh_host_dsa_key || dpkg-reconfigure openssh-server
exit 0
EOL

# make the script executable
sudo chmod +x /etc/rc.local
dpkg-reconfigure openssh-server

Aktivovane systemd služby rc.local

sudo nano /etc/systemd/system/rc-local.service

[Unit]
 Description=/etc/rc.local Compatibility
 ConditionPathExists=/etc/rc.local

[Service]
 Type=forking
 ExecStart=/etc/rc.local start
 TimeoutSec=0
 StandardOutput=tty
 RemainAfterExit=yes
 SysVStartPriority=99

[Install]
 WantedBy=multi-user.target

Povolenie spúšťania rc.local v systemd

sudo systemctl enable rc-local

Nastavenie ssh aby startovalo az po rc.local

nano /etc/systemd/system/sshd.service

After=network.target auditd.service rc-local.service

Restart systemd

systemctl daemon-reload

Definovanie DNS serverov v systemd resolver:

nano /etc/systemd/resolved.conf

[Resolve]
DNS=147.232.3.2 147.232.16.16

Nastavenie NTP klienta na lokálny NTP server

sudo apt-get install ntp

Pridanie vlastného NTP serveru sa vykonáva v konfiguračnom súbore:

sudo nano /etc/ntp.conf

Je potrebné pridať parameter určujúci náš NTP server do konfiguračného súboru.

server ntp.tuke.sk prefer iburst

Aktivovane systemd služby NTP:

sudo systemctl enable ntp

Bloknutie ssh na ucer vmware (iba pri server edicii)

nano /etc/ssh/sshd_config

Pridanie parametra:

DenyUsers vmware

Odstránenie APT cache

sudo apt clean

Zrušenie SWAP oddielu

sudo swapoff --all
sudo sed -ri '/\sswap\s/s/^#?/#/' /etc/fstab

Finálne vymazanie histórie terminálu a vypnutie operačného systému

rm -rf /tmp/*
history -c
history -w
sudo shutdown -h now