Set hostname:
hostnamectl set-hostname myhostname
Get:
hostnamectl
Furthermore you have to edit
/etc/cloud/cloud.cfg
from
preserve_hostname: false
to
preserve_hostname: true
You have to edit
/etc/netplan/*.yaml
Example:
01-netcfg.yaml # This file describes the network interfaces available on your system # For more information, see netplan(5). network: version: 2 renderer: networkd ethernets: enp0s3: dhcp4: no dhcp6: no addresses: [192.168.178.10/24] gateway4: 192.168.178.1 nameservers: addresses: [192.168.1.1,8.8.8.8,8.8.4.4] search: [home.com, lab.com]
Another example:
# This file describes the network interfaces available on your system # For more information, see netplan(5). network: version: 2 renderer: networkd ethernets: enp4s0: dhcp4: no dhcp6: no addresses: [192.168.1.100/24] gateway4: 192.168.1.1 mtu: 1500 nameservers: addresses: [192.168.1.1] search: [local] eno1: dhcp4: no dhcp6: no bridges: vmbr0: dhcp4: no dhcp6: no interfaces: [eno1] addresses: [10.0.0.100/24] gateway4: 10.0.0.1 mtu: 1500 #nameservers: # addresses: [8.8.8.8,8.8.4.4] #parameters: # stp: true # forward-delay: 4
2 Interfaces:
network: version: 2 renderer: networkd ethernets: ens3: dhcp4: no dhcp6: no addresses: [10.0.0.100/24] gateway4: 10.0.0.1 mtu: 1500 nameservers: addresses: [10.0.0.1] search: [home] ens9: dhcp4: no dhcp6: no addresses: [192.168.30.100/24]
sudo netplan try sudo netplan apply #apply config sudo netplan --debug apply #in case you run into some problems
systemctl status systemd-resolved.service systemd-resolve --status resolvectl status #to check which upstream nameservers your local resolver use resolvectl flush-caches /etc/systemd/resolved.conf /etc/nsswitch.conf #change to: "hosts: files dns mdns4_minimal [NOTFOUND=return]"
Set dns suffix:
resolvectl domain ens9 local #set dns suffix/ domain for interface "ens9" to "local" resolvectl domain eth0 mydomain.local
systemctl status ufw.service
System wide proxy:
sudo vi /etc/environment
http_proxy="http://my.proxyserver.net:8080/" https_proxy="http://my.proxyserver.net:8080/" ftp_proxy="http://my.proxyserver.net:8080/" no_proxy="localhost,127.0.0.1,::1"
http_proxy="http://<username>:<password>@<hostname>:<port>/" https_proxy="http://<username>:<password>@<hostname>:<port>/" ftp_proxy="http://<username>:<password>@<hostname>:<port>/" no_proxy="<pattern>,<pattern>"
Just for apt/ apt-get:
vi /etc/apt/apt.conf
Acquire::http::Proxy "http://PROXY_FQDN_or_IP:8080"; Acquire::https::Proxy "https://PROXY_FQDN_or_IP:8080"; Acquire::ftp::proxy "ftp://PROXY_FQDN_or_IP:8080";
timedatectl status timedatectl set-timezone UTC #set to UTC timedatectl set-timezone CET #set to CEST
systemctl status systemd-timesyncd.service /etc/systemd/timesyncd.conf apt install chrony /etc/chrony/chrony.conf systemctl status chrony.service systemctl restart chrony.service systemctl is-enabled chrony.service chronyc sourcestats chronyc tracking
/etc/chrony/chrony.conf:
pool 0.ubuntu.pool.ntp.org iburst pool 1.ubuntu.pool.ntp.org iburst pool 2.ubuntu.pool.ntp.org iburst
# echo "alias ll='ls -l'" >> /etc/bash.bashrc Make sure that this file is executed whenever an user enters a shell by adding the following in ~/.bashrc: # Source global definitions if [ -f /etc/bash.bashrc ]; then . /etc/bash.bashrc fi
Delete History:
history -d linenumber #linenumber history -c #all history
https://ubuntu.com/server/docs/security-trust-store
To install a selfsigned certificate:
sudo apt-get install -y ca-certificates sudo cp local-ca.crt /usr/local/share/ca-certificates sudo update-ca-certificates
Note: It is important to have the “.crt” extension on the file, otherwise it will not be processed.
admin ALL = NOPASSWD: ALL
arp -a #show all arp entries arp -d entry #delete entry ip -s -s neigh flush all #
To add a key on the old apt-key way:
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 5072E1F5
or
apt-key adv --keyserver http-proxy=http://my-proxy:8080 hkp://keyserver.ubuntu.com:80 --recv 5072E1F5
Note: The ID “5072E1F5” you are getting by running previously “apt-get update”!
To solve “apt-key” Deprecation on Ubuntu, if you get a message like
http://de.archive.ubuntu.com/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details
Execute
apt-key list
Example output:
apt-key list Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)). /etc/apt/trusted.gpg -------------------- pub rsa4096 2023-01-21 [SC] [expires: 2031-01-19] B8B8 0B5B 623E AB6A D877 5C45 B7C5 D7D6 3509 47F8 uid [ unknown] Debian Archive Automatic Signing Key (12/bookworm) <ftpmaster@debian.org> sub rsa4096 2023-01-21 [S] [expires: 2031-01-19]
Run
sudo apt-key export 350947F8 | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/debian.gpg
Note:
You get the id “350947F8” from the last 8 digits of “3509 47F8”. When running “apt-key list” there may be several results and not just one like in the example. So just have a look on the domain names to identify the key you want to export.
On debian systems you have to export to
/usr/share/keyrings/
and not to
/etc/apt/trusted.gpg.d/ #works on ubuntu 22.04
!