AlmaLinux 8 is a robust and enterprise-ready Linux distribution that serves as a great choice for setting up servers. Whether you are deploying a web server, database server, or any other type of server, ensuring a secure and functional initial setup is essential. In this guide, we will walk you through the crucial steps of the initial server setup on AlmaLinux 8.

Disable Root Access #

Disabling root access is one of the first steps to enhance the security of your server. The root user has elevated privileges, and allowing direct access to it can pose a significant security risk. To disable root access, follow these steps:

1. Log in as a user with sudo privileges: Initially, log in to your AlmaLinux 8 server as a user with sudo privileges. If you haven’t created such a user yet, we’ll explain how to do that in the next section.
2. Edit the SSH configuration file: Open the SSH configuration file using a text editor like Vim or Nano. For example:

   sudo nano /etc/ssh/sshd_config

3. Disable root login: Find the line that says PermitRootLogin yes and change it to PermitRootLogin no. This modification prevents the root user from logging in directly.
4. Save and exit: Save the changes and exit the text editor.
5. Restart SSH service: To apply the changes, restart the SSH service:

   sudo systemctl restart sshd

With root access disabled, it is essential to use a regular user account with sudo privileges for all administrative tasks.

Create a Regular User Account #

Creating a regular user account is essential for maintaining server security and efficient management. To create a new user with sudo privileges, follow these steps:

1. Create a new user: Replace <username> with your desired username:

   sudo adduser <username>

2. Set a password for the user: You’ll be prompted to set a password for the new user.
3. Grant sudo privileges: To give the new user administrative privileges, add them to the wheel group (which has sudo privileges):

   sudo usermod -aG wheel <username>

You now have a new user account with sudo privileges, which can be used for server administration tasks.

Install Utilities: Vim and Screen #

To improve the functionality and usability of your server, you may want to install additional utilities. Two commonly used tools are Vim (a text editor) and Screen (a terminal multiplexer). You can install them using the following commands:

1. Install Vim:

   sudo dnf install vim-enhanced

2. Install Screen:

   sudo dnf install screen

Vim is a powerful text editor, while Screen allows you to create and manage multiple terminal sessions, which is especially useful for remote server management.

Install a Firewall #

Firewalls play a critical role in server security by controlling incoming and outgoing network traffic. AlmaLinux 8 comes with firewalld pre-installed, a dynamic firewall management tool. To install and configure it, follow these steps:

1. Install firewalld:

   sudo dnf install firewalld

2. Enable and start the firewalld service:

   sudo systemctl enable firewalld
   sudo systemctl start firewalld

3. Allow essential services:

• Allow SSH for remote access: sudo firewall-cmd --permanent --add-service=ssh
• If your server hosts other services (e.g., web server), allow those ports as needed.

3. Reload firewalld:

   sudo firewall-cmd --reload

Your firewall is now active and configured to allow necessary traffic while blocking unauthorized access. Be sure to adjust the rules as per your specific server requirements.

In conclusion, setting up a new server with AlmaLinux 8 involves several crucial steps, including disabling root access, creating a regular user account with sudo privileges, installing essential utilities like Vim and Screen, and configuring a firewall to enhance security. Following these steps will help you establish a secure and functional server environment for your specific needs.