Fedora Server setup notes (39)

Notes

  • Context here is installation of fedora on a Fujitsu Futro s940 to serve as an advanced router. OpenWRT would work well here, but i want to use containers for split vpn tunnels.
  • Network should be set up during installation for each interface. LAN interface should be static while public interface should be using DHCP and all traffic should be NAT-ed.

SSHd

Login via ssh to the server was taking too long to be useful. This seems to be caused by gssapi.

To fix it, in /etc/ssh/sshd_config.d/50-redhat.conf set the following:

GSSAPIAuthentication no

But also, since xorg is not used here, we can disable this as well:

X11Forwarding no

To increase security, ssh should only enable login with keys (not passwords). This has not been done yet. Please make sure that you have done this.

IP Forwarding

echo "net.ipv4.ip_forward = 1" > /etc/sysctl.d/ipv4.conf
sysctl -f

Additional packages

dnf install -y nmap dnsmasq

Enable services

systemctl enable --now sshd
systemctl enable --now dnsmasq

ls with an iso date

Edit /etc/profile.d/colorls.sh and edit the last 3 lines by adding --time-style=long-iso.

alias ll='ls -l --color=auto --time-style=long-iso' 2>/dev/null
alias l.='ls -d .* --color=auto --time-style=long-iso' 2>/dev/null
alias ls='ls --color=auto --time-style=long-iso' 2>/dev/null