The new version of CentOs has been released recently. For the first time CentOs will be using the Linux Kernel version 4.
New version of CentOs brings several updates that will boost the performance of a TeamSpeak server such as a network interface upgrade (now, version 4.18), various security component improvement (such as OpenSSL and replacing iptables by nftables). However, I will not talk about all the new features of CentOs8 but rather on the installation of TeamSpeak on the new OS.
Still, I’m going to take a few lines to extol the merits of TeamSpeak for all those who doesn’t know the application very well. TeamSpeak is a software that allows multiple people to talk to each other in real time using VOIP (Voice Over Internet Protocol).
TeamSpeak mainly targets the gamer clientele, but given its great flexibility, it has also managed to penetrate other markets, even taking a small share of the Skype market.
We believe that the number one benefit of a system like TeamSpeak is that we can all have our own TeamSpeak server and thus ensure that our communications are not automatically filtered or verified by a third party (such as Skype).
For this tutorial, I’ll assume that you already have a CentOs8 server in hand with the necessary access to login the command line interface (CLI). If you do not already have one, we offer virtual servers that can handle TeamSpeak right here. As with any server, the first step is to make sure you have the latest updates installed. To install updates, type this command :
Once the server is up to date, you must apply a minimum of security. The following section is optional, but highly recommended.
First, we’ll deactivate “SELinux” in the server and install a security software. Open the “SELinux” configuration file then change the line “SELINUX=enforcing” to “SELINUX = disabled” and save.
Note: If you have never used the “VI” file editor in a Linux server, here are the basics. To modify a file, start by typing the “i” character (the text “- INSERT -” will appear at the bottom of the screen). Then make the desired changes. In this case, change the port number. When the changes are complete, press the “ESC” key to stop the edit mode. To save, enter the character “:”, this one allows you to enter a command. Then type the letters “wq” and the enter key (the “w” means “write” and the “q” “quit”).
For the change to take effect, you have to restart the server.
Once the server restart is complete, we’ll change the SSH connection port.
Lets protect our TeamSpeak Installation
By default, the SSH service of a server is on port number 22. Therefore, most hackers will try to exploit this port. Fortunately, it is very easy to change the default port on a Linux server. Start by opening the SSH service configuration file (located at: /etc/ssh sshd_config)
You should see the contents of the file as follows:
You need to replace the port number on the line below the cursor, shown in the image above. For this tutorial, I’ll change port 22 to port 22322. Important: do not forget to remove the pound symbol at the beginning of the line, otherwise the change will not take effect.
Adding a Firewall
Every server should have a firewall to protect it from various attacks. We’ll install the ConfigServer firewall. It is a flexible firewall and the configuration is quite easy to modify. Before proceeding with the installation, some dependencies (Perl, tar and wget) must be installed in the server. You can do so with the following command:
dnf -y install wget tar perl perl-libwww-perl net-tools perl-LWP-Protocol-https sendmail bind-utils bzip2
Now we can install the firewall with the following commands:
cd /usr/src rm -fv csf.tgz wget https://download.configserver.com/csf.tgz tar -xzf csf.tgz cd csf sh install.sh cd ~ rm -rf /usr/src/csf
The firewall will install itself in the “/etc/csf/” directory. This is where we’ll be able to change its configuration.
Let’s start by opening the configuration file.
Setting up the firewall
The configuration file is relatively large, but very well documented. I will describe the options that I recommend changing. To simplify the search, I’ll indicate on which line the setting to change is located (in the “vi” tool, we can display the line numbers with the command “:set number”).
- Change the value of TESTING from 1 to 0.
- Modify the value of RESTRICT_SYSLOG from 0 to 30.
- Line 139: It is here that we define the TCP ports available to access the server, we’ll add the TeamSpeak ports as well as the new SSH port (important to place the same port you have chosen in the configuration of the SSH service). So change the value of TCP_IN to “20,21,53,80,443,9987,10011,22322,30033”.
- Line 142: Now we can change the outgoing TCP ports of the server (TCP_OUT). Place the following ports: “20,21,53,80,443,9987,10011,22322,30033”.
- Line 145: For incoming UDP ports (UDP_IN), we need to add the TeamSpeak port (9987). Place the following ports: “20,21,53,9987”.
- Line 149: For outgoing UDP ports (UDP_OUT), we will also add the TeamSpeak ports. Place the following ports: “20,21,53,113,123,9987”.
Once the changes have been made, we’ll restart the SSH service in order for it to takes into account the new port, then activate and restart the firewall so that the new rules are effective.
systemctl restart sshd csf -e csf -r
At this point, you will be disconnected from the server because the port 22 is probably the one you used to connect to the server but is now disabled by the firewall. You will have to reconnect with the new port. (in this tutorial I’m using the port 22322).
Now we have a slightly more secure server ready to install TeamSpeak. For even more security, I recommend disabling password connections to the server and use an SSH key.
We are now ready to proceed with the installation of TeamSpeak on CentOs8.
TeamSpeak requires some dependency like Perl, net-tools, etc. Those were all already installed when we installed the firewall, so we can already go to the next step. We are going to create a user in CentOs8 for the TeamSpeak application.
adduser teamspeak -d /opt/teamspeak
Now we are going to download, extract and move the TeamSpeak application into the server.
wget https://files.teamspeak-services.com/releases/server/3.10.2/teamspeak3-server_linux_amd64-3.10.2.tar.bz2 tar xvf teamspeak3-server_linux_amd64-3.10.2.tar.bz2 mv teamspeak3-server_linux_amd64/* /opt/teamspeak/
Now that our TeamSpeak files are in the right place on the server, we can delete the downloaded installation files.
rm -rf /root/teamspeak3-server_linux_amd64*
To use TeamSpeak, the licence agreement must be accepted. Read the licence carefully before accepting it.
Then create an empty file to confirm that you accept the licence terms.
Finally, we have to change the ownership of the TeamSpeak files to the user we created earlier on.
chown -R teamspeak: /opt/teamspeak
To facilitate TeamSpeak usage, we are going to create a service in CentOs8 with the use of “systemd”. The service is a simple text file that will tell the system how to start and stop TeamSpeak. So, let’s start by creating a file for the service.
In the file, copy and paste the following instructions:
[Unit] Description=Team Speak 3 Server After=network.target [Service] WorkingDirectory=/opt/teamspeak/ User=teamspeak Group=teamspeak Type=forking ExecStart=/opt/teamspeak/ts3server_startscript.sh start inifile=ts3server.ini ExecStop=/opt/teamspeak/ts3server_startscript.sh stop PIDFile=/opt/teamspeak/ts3server.pid RestartSec=15 Restart=always [Install] WantedBy=multi-user.target
Now we have to ask CentOs8 to look for new services in the system so that it can take the one we’ve just created into consideration.
systemctl --system daemon-reload
Finally, we’ll start the TeamSpeak server and make sure that it will starts automatically each time we’ll reboot the server.
systemctl start teamspeak systemctl enable teamspeak
To ensure that TeamSpeak is well started, we can check the status of the service we’ve created.
systemctl status teamspeak
A functional service should look like this:
The last step is to find the privilege key in order to connect to our TeamSpeak server from the TeamSpeak application. By looking at the latest entries in the log files, we can easily recover the key. The following command displays the contents of the log files on the screen.
You should see a result like this one:
In the last lines we can easily see the privilege key which will allow you to connect to your TeamSpeak server.
I hope you have found this tutorial useful! Now, the only thing left is to download the TeamSpeak client app to connect with friends and family.