Initial Server Setup With CentOS 8

You are here:
← All Topics

Some of the commonly commands for Initial Server Setup with CentOS 8

Update System with DNF

Update the system with the latest kernel, system security patches, software repositories, and packages.

dnf check-update
dnf update

EPEL Stands for Extra Packages for Enterprise Linux, it is a free and opensource additional packages repository available for CentOS and RHEL servers.

dnf install -y epel-release

Delete all downloaded software packages with all cached repositories to free up some disk space

dnf clean all

Change Hostname

Check the hostname with hostnamectl

[[email protected] conf]# hostnamectl
   Static hostname: centos
         Icon name: computer-vm
           Chassis: vm
        Machine ID: 40eda33f2226462898345eb3f52057c2
           Boot ID: 0ec1a0f2a3344468a377a379a3fdf25b
    Virtualization: vmware
  Operating System: CentOS Linux 8 (Core)
       CPE OS Name: cpe:/o:centos:centos:8
            Kernel: Linux 4.18.0-147.8.1.el8_1.x86_64
      Architecture: x86-64

Change the hostname from prod-centos to centos

[[email protected] conf]# hostnamectl set-hostname centos

The new hostname is show when you login next time

[[email protected] ~]#

Static IP Address

Modify the /etc/sysconfig/network-scripts/ifcfg-ens192 with the following

  • BOOTPROTO = "none" – Default is DHCP
  • IPADDR = IP Address for host
  • PREFIX – IP Subnet
  • GATEWAYS – Default IP Address for default Gateway
  • DNS1 = IP Address of DNC server
vi /etc/sysconfig/network-scripts/ifcfg-ens192

Restart exit networking service or reboot the server for the new IP Address to take effective.

nmcli networking off
nmcli networking on

nmtui can be used change the Hostname & IP Address in GUI Mode

Cockpit – WebUI for Server Management

Install Cockpit

dnf -y install cockpit

Start Cockpit and enable it to start automatically when server boot up

systemctl start cockpit
systemctl enable cockpit.socket

Allow Cockpit (TCP 9090) in Firewall

firewall-cmd --zone=public --add-service=cockpit --permanent
firewall-cmd --reload

Verify Cockpit is listening on Port 9090 and

[[email protected] ~]# ss -tulpn | grep :9090
tcp     LISTEN   0        128                    *:9090                *:*       users:(("systemd",pid=1,fd=41))

[[email protected] ~]# systemctl status cockpit.socket
● cockpit.socket - Cockpit Web Service Socket
   Loaded: loaded (/usr/lib/systemd/system/cockpit.socket; enabled; vendor preset: disabled)
   Active: active (listening) since Wed 2020-08-12 18:15:02 +08; 2h 11min ago
     Docs: man:cockpit-ws(8)
   Listen: [::]:9090 (Stream)
  Process: 821 ExecStartPost=/bin/ln -snf active.motd /run/cockpit/motd (code=exited, status=0/SUCCESS)
  Process: 814 ExecStartPost=/usr/share/cockpit/motd/update-motd  localhost (code=exited, status=0/SUCCESS)
    Tasks: 0 (limit: 10987)
   Memory: 1.4M
   CGroup: /system.slice/cockpit.socket

Aug 12 18:15:02 systemd[1]: Starting Cockpit Web Service Socket.
Aug 12 18:15:02 systemd[1]: Listening on Cockpit Web Service Socket.

Login to Cockpit via https://IPADDRESS:9090

Initial Server Setup with CentOS 8

Replace the Default SSL Certificate for Cockpit

Convert the the AventisLab.pfx to Certificate & Key file following Replace ESXi Self-signed Certificate

#Extract the private key from PFX 
openssl pkcs12 -in AventisLab.pfx -nocerts -out AventisLab.pem
Enter Import Password:
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:

#Extract Cert from PFX 
openssl pkcs12 -in AventisLab.pfx -clcerts -nokeys -out AventisLab.cert
Enter Import Password:

#Remove the passphase 
openssl rsa -in AventisLab.pem -out AventisLab.key
Enter pass phrase for AventisLab.pem:
writing RSA key

Copy the content of AventisLAb.key file to the bottom of AventisLab.cert and save it

cat AventisLab.key


vi AventisLab.cert




Upload AventisLab.cert to CENTOS

# Upload to RHEL 
scp AventisLab.cert [email protected]:/tmp

# Copy to/etc/cockpit/ws-certs.d
cp /tmp/AventisLab.cert /etc/cockpit/ws-certs.d

# Restart Cockpit 
systemctl enable --now cockpit.socket

# Verify lab.cert is used for cockpit now
remotectl certificate
	certificate: /etc/cockpit/ws-certs.d/AventisLab.cert

No SSL Certificate error message prompted when you login to Cockpit

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to Top