Accelerate SSH Connections

To reduce SSH connection latency, adjust the server-side configuration in /etc/ssh/sshd_config. First, back up the original file:

cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak

Edit the configuration file and apply these changes:

• Set GSSAPIAuthentication to no (typically around line 79).
• Uncomment and set UseDNS to no (usually near line 115).

After saving the changes, restart the SSH daemon:

systemctl restart sshd

Disable SELinux

SELinux enhances security but can complicate system administration. For a permanent disable, edit /etc/selinux/config and change:

SELINUX=enforcing

to

SELINUX=disabled

This requires a reboot to take full effect. In environments where rebooting isn't feasible, temporarily switch to permissive mode:

setenforce 0

Verify the current state with:

sestatus

Deactivate firewalld

For simplified network management during development or testing, stop and disable the firewall:

systemctl stop firewalld
systemctl disable firewalld

Install Common Utilities

Install frequently used tools via yum:

yum install -y lrzsz vim tree wget net-tools screen tcpdump bash-completion

• lrzsz: Enables file transfers over ZMODEM (e.g., sz filename to send files to the client).
• vim: Enhanced text editor.
• tree: Visualizes directory hierarchies.
• wget: Downloads files from the web.
• net-tools: Includes legacy networking commands like ifconfig and netstat.
• screen: Maintains persistent terminal sessions across disconnections.
• tcpdump: Captures and analyzes network traffic.
• bash-completion: Improves tab-based command and argument completion.

Using screen

Start a new session:

screen

List detached sessions:

screen -ls

Reattach to a session (replace 2002 with the actual PID):

screen -r 2002

Exit the session normally with exit.

Network Analysis with tcpdump

Identify active interfaces using ifconfig or ip addr. Capture HTTP traffic on interafce ens33:

tcpdump -i ens33 port 80 -nn

Key options:

• -nn: Display IP addresses and ports numerically.
• -w file.pcap: Save packets to a file for analysis in Wireshark.
• -c N: Limit capture to N packets.
• -S: Show absolute TCP sequence numbers instead of relative ones.

Example: Capture 20 HTTP packets and save to a file:

tcpdump -i ens33 port 80 -nn -c 20 -w http_traffic.pcap

Transfer the capture file to your local machine using sz http_traffic.pcap if lrzsz is installed.

Audit Installed Packages

Count the number of installed RPM packages:

rpm -qa | wc -l

Replace NetworkManager with Legacy Networking

On CentOS systems, conflicts may arise when both NetworkManager and the traditional network service run simultaneously. Disable NetworkManager:

systemctl stop NetworkManager
systemctl disable NetworkManager

Ensure the network service is enabled and managing interfaces instead.