First steps after logging into an Amazon Linux box:
Set up the Name Services (DNS, Hostname) Properly
Note there are several places this needs to be set.
Make this look as follows:
DEVICE=eth0 BOOTPROTO=dhcp ONBOOT=yes TYPE=Ethernet USERCTL=yes PEERDNS=no DNS1=220.127.116.11 DNS2=18.104.22.168 DHCPV6C=yes DHCPV6C_OPTIONS=-nw PERSISTENT_DHCLIENT=yes RES_OPTIONS="timeout:2 attempts:5" DHCP_ARP_CHECK=no
Note that this fixes the general VPC settings issue especially for Lightsail.
Next, configure /etc/resolv.conf
Use this file:
options timeout:2 attempts:5 ; configured an override of dhcp-settings in ; /etc/sysconfig/network-scripts/ifcfg-eth0 nameserver 22.214.171.124 nameserver 126.96.36.199
Uninstall Amazon Crap
Get rid of the Amazon SSM Agent and HIB Agent
sudo yum erase amazon-ssm-agent –y sudo yum erase hibagent -y
Uninstall other Stuff
sudo yum erase portreserve -y
Time services as follows
sudo yum -y install ntp sudo service ntpd start sudo chkconfig ntpd on
Note that to run manually, it is important to turn off the service, as follows:
sudo service ntpd stop sudo ntpd -gq sudo service ntpd start
Install and Configure Chrontabs
yum -y install crontabs chkconfig crond on service crond start service crond status
Sendmail is installed (and running) by default. This should be configured to limit its attack surface.
Install some Utilities
yum -y install htop yum install -y psmisc yum install -y iotop yum install -y mlocate yum install -y lsof yum -y install ncdu yum install -y s3cmd