Notes
- Context here is installation of fedora on a Fujitsu Futro s940 to serve as an advanced router. OpenWRT would work well here, but i want to use containers for split vpn tunnels.
- Network should be set up during installation for each interface. LAN interface should be static while public interface should be using DHCP and all traffic should be NAT-ed.
SSHd
Login via ssh to the server was taking too long to be useful. This seems to be caused by gssapi.
To fix it, in /etc/ssh/sshd_config.d/50-redhat.conf
set the following:
GSSAPIAuthentication no
But also, since xorg is not used here, we can disable this as well:
X11Forwarding no
To increase security, ssh should only enable login with keys (not passwords). This has not been done yet. Please make sure that you have done this.
IP Forwarding
echo "net.ipv4.ip_forward = 1" > /etc/sysctl.d/ipv4.conf
sysctl -f
Additional packages
dnf install -y nmap dnsmasq
Enable services
systemctl enable --now sshd
systemctl enable --now dnsmasq
ls with an iso date
Edit /etc/profile.d/colorls.sh
and edit the last 3 lines by adding --time-style=long-iso
.
alias ll='ls -l --color=auto --time-style=long-iso' 2>/dev/null
alias l.='ls -d .* --color=auto --time-style=long-iso' 2>/dev/null
alias ls='ls --color=auto --time-style=long-iso' 2>/dev/null