While the earlier tutorial in this series covered the core useradd, usermod, and userdel tools for user lifecycle management, this guide goes deeper into the full toolkit for managing users and groups at scale on RHEL 9: bulk creation, password management with chpasswd, group administration with gpasswd, per-user resource limits with ulimit and /etc/security/limits.conf, user […]
The sudo (superuser do) tool allows designated users to run commands with elevated privileges without sharing the root password. This is fundamental to the principle of least privilege: each administrator gets exactly the access they need for their role, no more. When access is misconfigured — for example with blanket ALL=(ALL) ALL entries or unsafe […]
Terminal multiplexing solves one of the most common problems in server administration: when your SSH connection drops mid-task, any running process in that session is killed. With tmux, your terminal sessions run inside a server-side process that persists independently of your SSH connection. You can detach from a session, disconnect, reconnect hours later from a […]
Log files are the primary diagnostic tool for server administrators — but without rotation they become a problem in their own right. An unrotated /var/log/nginx/access.log on a busy server can grow to tens of gigabytes within weeks, filling the filesystem, crashing the logging application, and making the log itself unusable because no tool can efficiently […]
Red Hat Enterprise Linux 9 (RHEL 9, codenamed “Plow”) is the most significant release of RHEL in years, built on Linux kernel 5.14, OpenSSL 3.0, and shipped with a hardened-by-default security posture including SELinux enforcing mode, nftables as the default firewall backend, and full support for the latest POWER, ARM, and x86_64 architectures. Whether you […]
User account management is one of the most fundamental administrative tasks on any Linux server. On Red Hat Enterprise Linux 9, every process, file, and network socket is owned by a user and group, making correct account hygiene essential for both security and auditability. Understanding the full lifecycle — creation, modification, and removal — and […]
Red Hat Enterprise Linux 9 uses firewalld as its default firewall management daemon, backed by nftables as the kernel netfilter framework (replacing iptables which was the default in RHEL 7 and earlier). firewalld provides a zone-based model where each network interface is assigned to a trust zone — public, internal, dmz, trusted, and more — […]
SSH key-based authentication is the gold standard for remote server access. Unlike passwords, SSH keys cannot be guessed by brute-force attacks. An Ed25519 private key is a 256-bit secret that would take longer than the age of the universe to crack by exhaustive search. When combined with a key passphrase, you have two-factor authentication: something […]
Even with SSH key authentication enabled, a badly configured or temporarily accessible server with password auth still faces a constant barrage of brute-force login attempts. Fail2ban monitors log files for authentication failures, counts them per source IP, and when a configured threshold is crossed it issues a temporary ban by injecting a drop rule via […]
A server’s hostname is its identity on the network. The fully qualified domain name (FQDN) combines the short hostname with the DNS domain, forming an address like web01.example.com. Many services depend on a correctly configured hostname and FQDN to function properly: email servers use the FQDN in SMTP HELO greetings (incorrect values cause delivery rejections), […]
Progressive Robot: Your Gateway to Comprehensive IT Solutions — Specializing in Web Development, Mobile App Development, and Expert IT Services.
© All Copyright by Progressiverobot.com
VAT Number ( 506152326 )
