Notes On Installing CentOS 7 Server

May 29, 2018 | linux |

I’ve been on a fedora kick lately, and naturally for my server needs I am using CentOS 7. I have never really used CentOS in production and there are a couple of gotchas that I ran into while getting everything set up that I wanted to jot down for future reference and also in case its useful to someone else.

Install Some Useful Packages

The default install of CentOS is pretty bare bones. I installed several packages to make it a bit more usable.

sudo yum install wget unzip git htop vim epel-release

I tried to get away without installing epel[3], but it’s too darn useful.

Enable SSH Login

I have no idea how or why this works (I think it might have something to do with SELinux), but in order to be able to SSH into your server you need to set up your authorized keys file like this[1]:

mkdir .ssh
chmod 755 .ssh/

# copy your id_rsa.pub file to .ssh/authorized_keys 
# you can do this with a text editor, or if its on github
# download it with wget https://github.com/$USER.keys and 
# rename it to be the .ssh/authorized_keys file 

chmod 600 .ssh/authorized_keys
sudo restorecon -R -v .ssh

After that be sure to set PasswordAuthentication no in /etc/ssh/sshd_config and restart the sshd service for this to take effect. sudo systemctl restart sshd.service.

Install Docker

I used a convenience script from the main docker docs [2], I also added myself to the docker user group in order be able to run docker commands without root.

curl -fsSL get.docker.com -o get-docker.sh
sudo sh get-docker.sh
sudo usermod -aG docker $USER

I am not using the root user to log in, I am using my own user.

If you want to use docker-compose, then (assuming you installed epel-release) you should install pip and docker-compose.

sudo yum install python34-pip
sudo pip3 install docker-compose

Allow outside connections

CentOS uses firewalld[4], it is a bit more complex than what I am used to with UFW, but certainly easier to use than iptables.

You can allow traffic on http and https with the following commands.

sudo firewall-cmd --zone=public --add-service=http
sudo firewall-cmd --zone=public --add-service=https

References [1]Creating .ssh folder [2]Install Docker on CentOS [3]Extra Packages for Enterprise Linux [4]DO firewalld guide

Thank you for reading! Share your thoughts with me on bluesky, mastodon, or via email.

Check out some more stuff to read down below.

Most popular posts this month

Recent Favorite Blog Posts

This is a collection of the last 8 posts that I bookmarked.

Rewrote my blog with Zine from Drew DeVault's blog
A eulogy for Vim from Drew DeVault's blog
Pluralistic: AI "journalists" prove that media bosses don't give a shit (11 Mar 2026) from Pluralistic: Daily links from Cory Doctorow
Avi Alkalay: Uniqlo T-Shirt Bash Script Easter Egg from Fedora People
Offline 23 hours a day from Derek Sivers blog
Pluralistic: California can stop Larry Ellison from buying Warners (28 Feb 2026) from Pluralistic: Daily links from Cory Doctorow
On Alliances from Smashing Frames
Acting ethically in an imperfect world from Smashing Frames

Articles from blogs I follow around the net

“The system is so twisted that even Apple itself begs for these reviews from its own apps.”

A good post by John Gruber on Daring Fireball investigating why apps pester you with the annoying “enjoying this app?” windows and attendant semi-shady practices (choose 5 stars and you get sent to App Store, but choose anything less, and your review will...

via Unsung April 20, 2026

Issue 104 – World Tyranny Financial

As the Trump family’s crypto dealings raise more alarms, crypto enforcement is falling to new lows

via Citation Needed April 20, 2026

Thank You For Being a Friend

It's been one of those months, and by that, I mean one of the 663 months since I was born. This won't be a long post, because I only have two things to say. First, I'm really glad we re-ordered the GMI (Guaranteed Minimum

via Coding Horror April 20, 2026

Generated by openring