Updated 20-Sep-2023
First steps after logging into an Amazon Linux box:
Set up the Name Services (DNS, Hostname) Properly
Note there are several places this needs to be set.
nano /etc/sysconfig/network-scripts/ifcfg-eth0
Make this look as follows:
DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
TYPE=Ethernet
USERCTL=yes
PEERDNS=no
DNS1=84.200.69.80
DNS2=84.200.70.40
DHCPV6C=yes
DHCPV6C_OPTIONS=-nw
PERSISTENT_DHCLIENT=yes
RES_OPTIONS="timeout:2 attempts:5"
DHCP_ARP_CHECK=no
Note that this fixes the general VPC settings issue especially for Lightsail.
Next, configure /etc/resolv.conf
nano /etc/resolv.conf
Use this file:
options timeout:2 attempts:5
; configured an override of dhcp-settings in
; /etc/sysconfig/network-scripts/ifcfg-eth0
nameserver 84.200.69.80
nameserver 84.200.70.40
Uninstall Amazon Crap
Get rid of the Amazon SSM Agent and HIB Agent
sudo yum erase amazon-ssm-agent –y
sudo yum erase hibagent -y
Uninstall other Stuff
sudo yum erase portreserve -y
Configure NTP
Time services as follows
sudo yum -y install ntp
sudo service ntpd start
sudo chkconfig ntpd on
Note that to run manually, it is important to turn off the service, as follows:
sudo service ntpd stop
sudo ntpd -gq
sudo service ntpd start
Install and Configure Chrontabs
yum -y install crontabs
chkconfig crond on
service crond start
service crond status
More detail on setting up chron jobs
Configure Sendmail
Sendmail is installed (and running) by default. This should be configured to limit its attack surface.
Install some Utilities
yum -y install htop
yum install -y psmisc
yum install -y iotop
yum install -y mlocate
yum install -y lsof
yum -y install ncdu
yum install -y s3cmd