CentOS 7 VirtualBox Guest

Last updated 2018-03-02

VirtualBox guest machine setup §

OS installation §

  1. Install from minimal installation disk (1708)
  2. Set disk partitioning to Standard Partitions and automatically create partitions, then change swap and /boot to 512 MB each and set / as large as possible
  3. Set hostname , turn on networking
  4. Set root password
  5. Create user, with administrator privileges
  6. Reboot, log in as “stick”, sudo yum update, reboot

Security §

Secure SSH §

sudo vim /etc/ssh/sshd_config

  1. Optionally, set SSH to listen on IPv4 only.
AddressFamily inet
  1. Use only secure ciphers and macs.
# Ciphers and keying
#RekeyLimit default none
  1. Disallow root login, and make it harder to brute force guesses.
LoginGraceTime 30
PermitRootLogin no
#StrictModes yes
MaxAuthTries 2
MaxSessions 2
  1. Optinally, set SSH to use pubkey login only. Ensure you set up public key authentication for you user before you do this.
#PubkeyAuthentication yes
PasswordAuthentication no

Disable IPv6 and set other networking options §

  1. sudo nmtui
    • Edit a connection -> eth0 -> Edit… -> IPv6 CONFIGURATION <Ignore> -> OK
  2. sudo curl -L -o /etc/sysctl.d/51-net.conf
  3. sudo reboot

You can use ip addr to check that IPv6 really is turned off.. The various options specified in 51-net.conf are mostly from the ArchWiki.

Optional: Remove unwanted network listeners: §

  1. sudo yum remove chrony postfix

Set up firewall §

  1. curl -o
  2. sudo ./
  3. rm

Disable root account §

  1. sudo usermod -p '!' root
  2. sudo passwd -l root.

Skip the grub timeout on boot §

  1. sudo vim /etc/default/grub
  1. sudo grub2-mkconfig -o /boot/grub2/grub.cfg

Install additional software §

Install VirtualBox Guest Additions §

See CentOS wiki.

  1. sudo yum install bzip2 dkms gcc kernel-devel make
  2. “Devices -> Insert Guest Additions CD image”
  3. sudo mount /dev/sr0 /mnt && sudo /mnt/
  4. Reboot and remove the Guest Additions CD image (or remove optical device entirely)

Install Vim (version 8) §

Thanks to SysTutorials QA.

  1. sudo curl -L -o /etc/yum.repos.d/mcepl-vim8-epel-7.repo
  2. sudo yum update
  3. sudo yum install vim

Optional: Install the EPEL repo §

The EPEL repository contains a large number of extra packages for Enterprise Linux (and by extension CentOS).

Install other useful packages §

The dig and nslookup commands on CentOS 7 are in the bind-utils package. You should know what git is. The mlocate package is a way to find files across your entire system.

If you installed the EPEL repo above, you can also install ag, the silver searcher.

Configure the system §

Optional: Install dotfiles §

  1. cd ~ && git clone && ./dotfiles/
  2. Refresh bash session (logout/login, etc)

Optional: Create a snapshot §

  1. history -c
  2. Close -> ACPI Shutdown
  3. Snapshots -> Take