maride
/
archaway
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Populate a fresh Arch system 👻
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5 Commits
1 Branch
60 KiB
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
 ZIP  TAR.GZ
maride cdd5edcf0a Well, add traceroute package... 3 years ago
README.md Well, add traceroute package... 3 years ago

README.md

Arch Away!

This project (or, to be clear, these few files which claim to be a project) aims to set up a given Arch system.

Initial Population task

  • pacman -Syu to update stuff
  • useradd -m $USER to create a non-root user to use
  • passwd $USER to set a password
  • ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime to set timezone correctly
  • Set SSH pubkey for $USER:
    • mkdir /home/$USER/.ssh
    • echo $PUBKEY >> /home/$USER/.ssh/authorized_keys
    • chmod -R 644 /home/$USER/.ssh/authorized_keys
    • chown -R $USER /home/$USER/.ssh/

SSH hardening

  • Modify /etc/ssh/sshd_config:
    • PermitRootLogin yes to PermitRootLogin no
    • #PubkeyAuthentication yes to PubkeyAuthentication yes
    • #PasswordAuthentication yes to PasswordAuthentication no
  • Run sudo systemctl daemon-reload and sudo systemctl restart sshd

Network interface setup

Check if this step is really necessary - some server providers share these information via DHCP or deliver correct netctl profiles

  • Create /etc/netctl/$IF with contents:
Description="$IF v4/v6 profile"
Interface=$IF
Connection=ethernet
IP=static
IP6=static
Address=( "$IP4/$IP4SUB" )
Routes=( "default dev $IF" )
Address6=( "$IP6/$IP6SUB" )
Routes6=( "default dev $IF" )
  • Run netctl enable $IF and netctl start $IF
  • You failed big-time if your connection drops now. \o/
  • Change hostname hostname $HOST

Install packages

Additional size means the Installation size as reported by pacman. May differ! Dependencies are not included!

Base

This base package is recommended in any case

Name Additional size Purpose
mosh 700 KiB ssh over UDP, allows roaming
vim 2.83 MiB edit files better
htop 170 KiB top replacement
sudo 3.81 MiB you fkn know it.

“I host shit”

Name Additional size Purpose
iftop 65 KiB bandwidth usage
net-tools 473 KiB netstat
bind-tools 5.85 MiB dnsutils: host, dig
speedtest-cli 202 KiB speedtest.net CLI
iperf 88 KiB TCP PTP bandwidth measurement
traceroute 89 KiB you really don’t know that?

“I wanna work”

Recommended to be installed along “I host shit”

Name Additional size Purpose
git 28 MiB this VCS everyone uses
lynx 4.46 MiB CLI browser
nmap 25.92 MiB portscan
zsh 5.17 MiB best shell ever

Post-install stuff

Base

sudo

These steps are necessary to enable $USER for sudo

  • Modify /etc/sudoers:

    • “# %sudo ALL=(ALL) ALL” to “%sudo ALL=(ALL) ALL”

  • Run groupadd sudo

  • Run usermod -a -G sudo $USER

“I wanna work”

zsh: oh-my-zsh

Don’t install if you lack disk I/O, e.g. Raspberry Pi + SD card

You likely want to su $USER else you’d install oh-my-zsh for root

  • Run sh -c "$(curl -fsSL https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh)"
  • Modify ~/.zshrc:
    • ‘ZSH_THEME="robbyrussell”’ to ‘ZSH_THEME="bureau”’
    • “plugins=(git)” to “plugins=(git sudo)”