During last summer I have written some notes about configuration of my server running Gentoo GNU/Linux operating system. Since they might be useful, they are published here with small changes.
Booting
On a server only one operating system will be used. Therefore there should be only one boot device, i.e. in most cases a hard disk. If a CD-ROM was before that, it would be simple to just put a bootable CD and reboot to control the machine. Also, checking if a CD is available would take some time for the BIOS.
Of course, a CD-ROM can be used to install the operating system. (After this process I remove the CD drive to use it to install Gentoo on another computer.)
Configuring kernel
Disable module support; it’s useless when all of the following occur:
- the hardware configuration is known at kernel configuration time
- all drivers are in the kernel
- software suspend is not used
All of these are true in my server configuration.
After installation of Gentoo GNU/Linux
Rebuilding toolkit might help improve its performance.
Becoming superuser
To became root, use su - instead of just su, since it will remove many useless and probably insecure things from the environment. It also improves the PATH variable.
Also, remember to not leave opened terminals. GNU Screen supports continuing a session without open terminal and connecting it to another terminal later.
It’s also safer to allow direct root login only from the first virtual terminal, see /etc/securetty for this. Disable it also from
SSH.
Using SSH
SSH is both more secure and easier to use with public key authentication. The ssh-keygen command generates a
key pair. (Update: I have written a more detailed post about this.)
Finding symbolic links to non-existent files
The find program is very helpful here. Just write
find -L / -xdev -type l
and it will do the job. The -xdev option is necessary to avoid detecting loops in /proc and /sys filesystems.
