- Install
fail2ban
. Info can be found here: http://amazonlinuxami.wordpress.com/2012/10/08/fail2ban/. In particular, this is slightly trickier than usual, since it's not the usual yum software set.
sudo yum --enablerepo=epel install fail2ban
- Some standard yum packages to install:
- gcc
- gcc-c++
- make
- git
- mysql-server
- Easiest way to format and partition a new EBS volume
fdisk -u -c /dev/xvdf
---- then, make a giant primary partition on the whole volume (using then
command), using defaults. Remember to write out with thew
command.mkfs.ext4 -Lmylabel /dev/xvdf1
--- then use that label in/etc/fstab
to identify the disk.
- There are a few notes here; in general the firewall stuff is taken care of at the AWS level, but the suggestions for SSH lock-down are good: http://plusbryan.com/my-first-5-minutes-on-a-server-or-essential-security-for-linux-servers
- When making new
authorized_keys
files, be sure to set itchmod 0600
, otherwise logging in with pubkey authorization will be disallowed by sshd.