---------------------------------------------------------------------
Create an admin user
[root@dlp ~]# useradd centos
[root@dlp ~]# passwd centos
Changing password for user cent.
New UNIX password: # set password
Retype new UNIX password: # Confirm
passwd: all authentication tokens updated successfully.
[root@dlp ~]# exit # logout
---------------------------------------------------------------------
Try to switch to a user that was added above
dlp login: cent # input user name
password: # password
[cent@dlp ~]$ su - # switch to root
Password: # root password
[root@dlp ~]# # just switched to root
---------------------------------------------------------------------
Make user 'centos' be the only user who can switch to root as an administration user
[root@dlp ~]# usermod -G wheel centos
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
# uncomment the following line
#auth required pam_wheel.so use_uid
auth include system-auth
account sufficient pam_succeed_if.so uid = 0 use_uid quiet
account include system-auth
password include system-auth
session include system-auth
session optional pam_xauth.so
To:
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
# uncomment the following line
auth required pam_wheel.so use_uid
auth include system-auth
account sufficient pam_succeed_if.so uid = 0 use_uid quiet
account include system-auth
password include system-auth
session include system-auth
session optional pam_xauth.so
---------------------------------------------------------------------
Install Webmin using Yum and allow it on iptables
Create an admin user
[root@dlp ~]# useradd centos
[root@dlp ~]# passwd centos
Changing password for user cent.
New UNIX password: # set password
Retype new UNIX password: # Confirm
passwd: all authentication tokens updated successfully.
[root@dlp ~]# exit # logout
---------------------------------------------------------------------
Try to switch to a user that was added above
dlp login: cent # input user name
password: # password
[cent@dlp ~]$ su - # switch to root
Password: # root password
[root@dlp ~]# # just switched to root
---------------------------------------------------------------------
Make user 'centos' be the only user who can switch to root as an administration user
[root@dlp ~]# usermod -G wheel centos
[root@dlp ~]# nano /etc/pam.d/su
change:
#%PAM-1.0
auth sufficient pam_rootok.so# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
# uncomment the following line
#auth required pam_wheel.so use_uid
auth include system-auth
account sufficient pam_succeed_if.so uid = 0 use_uid quiet
account include system-auth
password include system-auth
session include system-auth
session optional pam_xauth.so
To:
#%PAM-1.0
auth sufficient pam_rootok.so# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
# uncomment the following line
auth required pam_wheel.so use_uid
auth include system-auth
account sufficient pam_succeed_if.so uid = 0 use_uid quiet
account include system-auth
password include system-auth
session include system-auth
session optional pam_xauth.so
---------------------------------------------------------------------
Install Webmin using Yum and allow it on iptables
1.create the webmin.repo file using the command below.
nano /etc/yum.repos.d/webmin.repo
Paste the following text inside.
[Webmin]
name=Webmin Distribution Neutral
enabled=1
2.Install the GPG key by running the following commands.
rpm --import jcameron-key.asc
3.Install webmin using yum.
yum install webmin
4.Allow port 10000 using iptables
4.Allow port 10000 using iptables
iptables -A INPUT -p tcp --dport 10000 -j ACCEPT
-A: append this rule to the input chain (-A INPUT) so we look at incoming traffic
-p: protocol (tcp)
--dport: destination port
-j: Jump to the specified target. By default, iptables allows four targets:
- ACCEPT - Accept the packet and stop processing rules in this chain.
- REJECT - Reject the packet and notify the sender that we did so, and stop processing rules in this chain.
- DROP - Silently ignore the packet, and stop processing rules in this chain.
- LOG - Log the packet, and continue processing more rules in this chain. Allows the use of the --log-prefix and --log-level options
service iptables save
6.Once Webmin has finished installing you should be load the following address in your browser.
---------------------------------------------------------------------
Install Webmin using Yum