Guides/AddHostChecklist

From FGWiki
Jump to: navigation, search
Important: The content of this page is outdated. If you have checked or updated this page and found the content to be suitable, please remove this notice.


Adding a New Host

Ubuntu 10.04/Debian Squeeze

  • Assign IP/Hostname, physical devices named for tree species, virtual for elements.
  • Add host to wiki page Hosts
  • Write wiki page at Hosts/<hostname>
  • Install puppet apt-get install puppet
  • Run puppet once puppetd --onetime --no-daemonize
  • Sign new certificate
    • ssh puppet.shop.lan
    • sudo puppetca -s <host>.shop.lan
    • exit
  • Run puppet again 'puppetd --onetime --no-daemonize'
  • Add host to [1], our monitoring server
  • Update maple to allow backups

Other OS

@include common-password

auth sufficient /lib/security/pam_ldap.so

auth required /lib/security/pam_pwdb.so shadow nullok


account sufficient /lib/security/pam_ldap.so

account required /lib/security/pam_pwdb.so


password required /lib/security/pam_cracklib.so retry=3 type=aerospace

password sufficient /lib/security/pam_ldap.so authtok use_first_pass

password required /lib/security/pam_pwdb.so authtok use_first_pass md5 shadow

  • Modify '/etc/pam.d/common-password' with the following

password sufficient pam_unix.so nullok obscure md5

  • run 'nss_updatedb ldap'
  • test with 'id jordan' should return UID 1000
  • add to wiki host pages at wiki.freegeekvancouver.org/article/Hosts/<hostname> (please use this template)
  • add to Backup system
  • Finally restrict ssh-access to only those users in the ssh-access group
  • Edit /etc/ssh/sshd_config
  • Add AllowGroups ssh-access to the top of the file
  • Restart sshd