Onbarding AlmaLinux 9.4 VPS

Hello everyone,

I am a beginner with AlmaLinux and have very little experience with Linux in general. Nevertheless, I really enjoy working in the terminal.

I want to install a Counter-Strike 2 Dedicated Server. After days of research in various forums, I have come across many bad or incorrect solutions.

Here is my situation:

  • My server PC is running AlmaLinux OS 9.4 (from a DVD ISO).
  • My home PC is running Windows 11 Pro.

Most forums do not explain how to set up the server PC (VPS) so that all settings are retained after a restart and an IP address is assigned to connect to the server.

Additionally, I have a separate internet connection for the server PC, which means the server PC is in a different network and location than my home PC.

Here are my questions:

  1. Which ports do I need to open with the network provider? (Counter-Strike port: 27015 to 27020, IP address: ???, SSH connection port: ???)
  2. How can I establish an SSH connection from my home PC to the server PC to manage the server PC from outside, without being in the same network as the server PC?
  3. Should I assign an IP address statically or dynamically?
  4. How do I configure the firewall correctly?
  5. The installation and configuration of Counter-Strike should not be a problem for me.
  6. Which IP address do I need to enter in the game to connect to the server?

Thank you very much for your help!

Hey fOrceTea,

I think you should consider using a VPS (Virtual Private Server) instead of your own server in another network as this complicates things a lot.

Here are my answers to your questions:

  1. I’m not sure what the network provider has to do with this but I’ll assume you are talking about a firewall of sorts, from what you are saying you should open ports 27015 to 27020 and 22, SSH is port 22 by default.

  2. This might be a bit of a hassle to fix but I have 2 solutions:

    • Use a VPN to be on the same network as the server. (It would only be accessible for those using the VPN)
    • On the router in the server’s network port forward all requests towards ports 27015 - 27020 and 22 to the server via a configuration on the router. (I think this video can be helpful)
  3. As this is a server, it is recommended to assign an IP address statically.

  4. This depends on your needs, I would recommend that the inbound configuration only allow ports 27015 - 27020 and 22. (although if you are using port forwarding it would only allow access to the ports that have been forwarded)

  5. This is not a question :slight_smile:.

  6. This depends on how you approach the networking issue on question 2.

Onboarding AlmaLinux9

1. Gain Root Privileges

su -

2. Install Necessary Packages

dnf install -y kmod epel-release htop lm_sensors

3. Update the System

dnf update -y

4. Adjust SSH Configuration

sudo -s << EOF
cat > /etc/ssh/sshd_config.d/99-local.conf << _EOF
PermitRootLogin without-password
PasswordAuthentication no
Match User username
PasswordAuthentication yes

5. Display Network Interfaces & Public IP Address

ip a sh && curl ifconfig.me

6. Add Static Route

ip route add VPS.IP.ADDRESS.HERE via 192.168.XXX.XXX dev eth0

7. Save Static Route Permanently

echo "VPS.IP.ADDRESS.HERE via 192.168.XXX.XXX" >> /etc/sysconfig/network-scripts/route-eth0

8. Restart Network Service

systemctl restart network

9. Display Routing Table

ip route

10. Open Firewall Ports (ssh 22 tcp & udp, counter strike 27015 - 27020 tcp & udp)

Switch to Home-PC

11. Establish SSH Connection

ssh username@VPS.IP.ADDRESS.HERE

12. Switch User

sudo -U username -i

13. Generate SSH Keys

ssh-keygen -t rsa -b 4096

14. Copy SSH Key to the Server

ssh-copy-id -i ~/.ssh/id_rsa.pub username@your_vps_ip

15. Create SSH Configuration File

cat << EOF > ~/.ssh/config
Host server
HostName your_vps_ip
User username
IdentityFile ~/.ssh/id_rsa

16. Restart SSH Service

systemctl restart sshd

17. Restart Network Service

systemctl restart network

18. Display Firewall Configuration

firewall-cmd --list-all

19. Add Firewall Ports

firewall-cmd --zone=public --add-port=27015-27020/tcp --permanent
firewall-cmd --zone=public --add-port=27015-27020/udp --permanent
firewall-cmd --zone=public --add-port=22/tcp --permanent

20. Reload Firewall

firewall-cmd --reload

21. Display Open Firewall Ports

firewall-cmd --list-ports

22. Update the System

dnf update -y

23. Display SSH Service Status

systemctl status sshd

24. Display Network Service Status

systemctl status network

25. Display Firewall Status

firewall-cmd --state

26. Display Network Interfaces

ip a sh

27. Display Public IP Address

curl ifconfig.me

28. Display Routing Table

ip route