Amazon Linux First Steps

Updated 28-Jun-2024

First steps after logging into an Amazon Linux box:

Set up the Name Services (DNS, Hostname) Properly

Note there are several places this needs to be set.

nano /etc/sysconfig/network-scripts/ifcfg-eth0

Make this look as follows:

DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
TYPE=Ethernet
USERCTL=yes
PEERDNS=no
DNS1=84.200.69.80
DNS2=84.200.70.40
DHCPV6C=yes
DHCPV6C_OPTIONS=-nw
PERSISTENT_DHCLIENT=yes
RES_OPTIONS="timeout:2 attempts:5"
DHCP_ARP_CHECK=no

Note that this fixes the general VPC settings issue especially for Lightsail.

Next, configure /etc/resolv.conf

nano /etc/resolv.conf

Use this file:

options timeout:2 attempts:5
; configured an override of dhcp-settings in
; /etc/sysconfig/network-scripts/ifcfg-eth0
nameserver 84.200.69.80
nameserver 84.200.70.40

Uninstall Amazon Crap

Get rid of the Amazon SSM Agent and HIB Agent

sudo yum erase amazon-ssm-agent –y
sudo yum erase hibagent -y

Uninstall other Stuff

sudo yum erase portreserve -y

Configure NTP

Time services as follows

sudo yum -y install ntp
sudo service ntpd start
sudo chkconfig ntpd on

Note that to run manually, it is important to turn off the service, as follows:

sudo service ntpd stop
sudo ntpd -gq
sudo service ntpd start

Install and Configure Chrontabs

yum -y install crontabs
chkconfig crond on
service crond start
service crond status

More detail on setting up chron jobs

Configure Sendmail

Sendmail is installed (and running) by default. This should be configured to limit its attack surface.

Install some Utilities

yum -y install htop
yum install -y psmisc
yum install -y iotop
yum install -y mlocate
yum install -y lsof
yum -y install ncdu
yum install -y s3cmd