Ensure system updated, then:
apt install qemu-kvm libvirt-clients qemu-utils libvirt-daemon-system
# adduser <youruser> libvirt # adduser <youruser> libvirt-qemu
# apt install virt-manager
Next install some necessary tools, if this is a fresh hypervisor installation:
apt install ufw net-tools host nmap htop git gcc iptraf-ng traceroute bash-completion resolvconf fail2ban ethtool screen rsync
Harden server to allow key-based access only, etc.:
nano /etc/ssh/sshd_config.d/100-hard.conf
port 546361 # (e.g.)
PasswordAuthentication no
PermitEmptyPasswords no
TCPKeepAlive yes
ClientAliveInterval 300
# Allow 'user' to login from 'host' only
Match Host 10.10.10.10 # (e.g.)
AllowUsers user
ufw allow (ports)
ufw enable
# Check and ensure fail2ban is running, else:
systemctl enable fail2ban
systemctl start fail2ban
- Log in to post comments
Category