2. 句子
  3. 分类 后端

分类 后端

zydadmin  40

0311lc说:

[root@oldboy6666 ~]# cat /etc/redhat-release

CentOS Linux release 7.6.1810 (Core)

[root@oldboy6666 ~]#

[root@oldboy6666 ~]# uname -r

3.10.0-957.el7.x86_64

[root@oldboy6666 ~]# uname -m

x86_64

[root@oldboy6666 ~]# uname -s

Linux

[root@oldboy6666 ~]#

[root@oldboy6666 ~]# uname -a

Linux oldboy6666 3.10.0-957.el7.x86_64 #1 SMP Thu Nov 8 23:39:32 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

[root@oldboy6666 ~]# uname -n

oldboy6666

[root@oldboy6666 ~]# useradd oldboy101

[root@oldboy6666 ~]#

10.2.2.1 root用户修改密码(密码可以随便写)

[root@oldboy6666 ~]# passwd

Changing password for user root.

New password:

BAD PASSWORD: The password is shorter than 8 characters

Retype new password:

passwd: all authentication tokens updated successfully.

[root@oldboy6666 ~]#

10.2.2.2 普通用户修改密码

[oldboy101@oldboy6666 ~] $ passwd

Changing password for user oldboy101.

Changing password for oldboy101.

(current) UNIX password:

New password:

BAD PASSWORD: The password is too similar to the old one?这个密码和旧密码太相似

New password:

[oldboy101@oldboy6666 ~] $ passwd

Changing password for user oldboy101.

Changing password for oldboy101.

(current) UNIX password:

New password:

BAD PASSWORD: The password is shorter than 8 characters?这个密码少于8个字符

New password:

Retype new password:

Sorry, passwords do not match.

New password:

Retype new password:

passwd: all authentication tokens updated successfully.

[oldboy101@oldboy6666 ~] $

10.2.2.3 普通用户修改密码注意事项

(1).普通用户修改密码不可以过于简单,且必须大于等于8位字符

(2).普通用户修改密码必须有数字字母特殊字符组成

(3).普通用户修改密码必须有大小写字母

[root@oldboy6666 ~]# echo “123456” | passwd –stdin oldboy101

Changing password for user oldboy101.

10.2.4.1 root用户往普通用户切换(不需要密码)

su – oldboy101:切换到oldboy101:

[root@oldboy6666 ~]# su – oldboy101

Last login: Wed Sep 11 15:51:15 CST 2019 on pts/4

[oldboy101@oldboy6666 ~] $

10.2.4.2 普通用户往root用户切换

[root@oldboy6666 ~]# su – oldboy101

Last login: Wed Sep 11 15:51:15 CST 2019 on pts/4

[oldboy101@oldboy6666 ~] $ su – root

Password:

Last login: Wed Sep 11 15:11:23 CST 2019 from 10.0.0.1 on pts/3

[root@oldboy6666 ~] $

10.2.4.3 图示切换用户

[root@oldboy6666 ~] $ id

uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

[root@oldboy6666 ~] $

[root@oldboy6666 ~] $ whoami?直接查看当前登陆的用户

root

[root@oldboy6666 ~] $

[oldboy101@oldboy6666 ~] $ su – root?切换成功,则证明有这个用户

Password:

Last login: Wed Sep 11 15:11:23 CST 2019 from 10.0.0.1 on pts/3

[root@oldboy6666 ~] $

10.3.1.1 提示信息的字符介绍

\u 显示当前登陆的系统用户

\h 显示系统的主机名(简写)

\W 显示当前所在的系统路径(简写)

\H 显示系统的主机名(详细的)

\w 显示绝对路径

\d 代表日期

显示时间,24小时格式的

\T 显示时间,12小时格式的

\v 显示版本的信息

\$ 提示字符(如果是root,则为#,如果是其他,则为$)

10.3.1.2 临时修改

[root@oldboyedu ~]# echo $PS1

[\u@\h \W]\$

[root@oldboyedu ~]#

[root@oldboyedu ~]#

[root@oldboyedu ~]#

[root@oldboyedu ~]# PS1='[\u@\H \w]\$’

[root@oldboyedu ~]#echo $PS1

[\u@\H \w]\$

[root@oldboyedu ~]#

10.3.1.3 永久修改

[root@oldboyedu ~]#echo “export PS1='[\u@\H \w]\$'” >> /etc/profile

[root@oldboyedu ~]#

echo -e “\033[字体颜色;背景颜色m 输入的内容 \033[0m”

export PS1=’\[\e[30;1m\][\u@\h \W]\\$ \[\e[0m\]’ 灰色

export PS1=’\[\e[31;1m\][\u@\h \W]\\$ \[\e[0m\]’ 红色

export PS1=’\[\e[32;1m\][\u@\h \W]\\$ \[\e[0m\]’ 绿色

export PS1=’\[\e[33;1m\][\u@\h \W]\\$ \[\e[0m\]’ 黄色

export PS1=’\[\e[34;1m\][\u@\h \W]\\$ \[\e[0m\]’ 蓝色

export PS1=’\[\e[35;1m\][\u@\h \W]\\$ \[\e[0m\]’ 紫色

export PS1=’\[\e[36;1m\][\u@\h \W]\\$ \[\e[0m\]’ 浅蓝色

export PS1=’\[\e[37;1m\][\u@\h \W]\\$ \[\e[0m\]’ 白色

可以方便的查看文件内容较多的文本

10.4.1.1 访问阿里云网站

网址为:mirrors.aliyun

10.4.1.2 查找你需要的源(centos)

点击centos后面的帮助,将centos7的软件下载路径复制出来

更新阿里云的下载路径

curl -o /etc/yum.repos.d/CentOS-Base.repo

查看文件(cat /etc/yum.repos.d/CentOS-Base.repo)——————–base源

[base]

name=CentOS-$releasever – Base – mirrors.aliyun

failovermethod=priority

baseurl=

gpgcheck=1

gpgkey=

$releasever(/etc/redhat)?代表查看的版本

$basearch(uname -m)?架构(x86_64)

查找epel源

点击帮助,将路径复制出来进行更新

更新阿里云(epel)的路径

curl -o /etc/yum.repos.d/epel.repo?

查看文件(cat /etc/yum.repos.d/ epel.repo)

[epel]

name=Extra Packages for Enterprise Linux 7 – $basearch

baseurl=

failovermethod=priority

enabled=1

gpgcheck=0

gpgkey=

$basearch:查看系统的架构(X86_64)

10.4.1.3 安装软件

yum install -y vim wget net-tools telnet sl cowsay bash-completion tree lrzsz

vim?— vi命令升级版, 编辑文件信息

wget?— 用于下载文件或者软件信息 下载工具

net-tools?— 网络相关工具包

telnet?— 测试网络服务端口是否正常

bash-completion?— 让systemctl后面参数信息具有补全功能

lrzsz?— 将windows主机数据可以上传到linux系统中 rz -y

— 将linux主机数据可以下载到windows系统中 sz -y

点击centos后面的帮助,将centos7的软件下载路径复制出来

更新阿里云的下载路径

curl -o /etc/yum.repos.d/CentOS-Base.repo

查看文件(cat /etc/yum.repos.d/CentOS-Base.repo)——————–base源

[base]

name=CentOS-$releasever – Base – mirrors.aliyun

failovermethod=priority

baseurl=

gpgcheck=1

gpgkey=

$releasever(/etc/redhat):代表查看的版本

$basearch(uname -m):架构(x86_64)

查找epel源

点击帮助,将路径复制出来进行更新

更新阿里云(epel)的路径

curl -o /etc/yum.repos.d/epel.repo?

查看文件(cat /etc/yum.repos.d/ epel.repo)

[epel]

name=Extra Packages for Enterprise Linux 7 – $basearch

baseurl=

failovermethod=priority

enabled=1

gpgcheck=0

gpgkey=

$basearch:查看系统的架构(X86_64)

10.5.1.1 临时配置

(1).查看防火墙当前的状态(正在运行)

[root@oldboy6666 scripts] # systemctl status firewalld.service

● firewalld.service – firewalld – dynamic firewall daemon

Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)

Active:?active (running)?since Thu 2019-09-12 15:25:50 CST; 2s ago

Docs: man:firewalld(1)

Main PID: 7839 (firewalld)

CGroup: /system.slice/firewalld.service

└─7839 /usr/bin/python -Es /usr/sbin/firewalld –nofork –nopid

Sep 12 15:25:49 oldboy6666 systemd[1]: Starting firewalld – dynamic firewall daemon…

Sep 12 15:25:50 oldboy6666 systemd[1]: Started firewalld – dynamic firewall daemon.

[root@oldboy6666 scripts] #

(2).关闭防火墙,并且查看防火墙的状态

[root@oldboy6666 scripts] #?systemctl stop firewalld.service?关闭防火墙

[root@oldboy6666 scripts] #?systemctl status firewalld.service?查看防火墙的状态

● firewalld.service – firewalld – dynamic firewall daemon

Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)

Active:?inactive (dead)

Docs: man:firewalld(1)

Sep 12 15:25:49 oldboy6666 systemd[1]: Starting firewalld – dynamic firewall daemon…

Sep 12 15:25:50 oldboy6666 systemd[1]: Started firewalld – dynamic firewall daemon.

Sep 12 15:27:35 oldboy6666 systemd[1]: Stopping firewalld – dynamic firewall daemon…

Sep 12 15:27:36 oldboy6666 systemd[1]: Stopped firewalld – dynamic firewall daemon.

[root@oldboy6666 scripts] #

10.5.2.2 永久配置

[root@oldboy6666 scripts] # systemctl status firewalld

● firewalld.service – firewalld – dynamic firewall daemon

Loaded: loaded (/usr/lib/systemd/system/firewalld.service;?disabled; vendor preset: enabled)

Active: inactive (dead)

Docs: man:firewalld(1)

Sep 12 15:25:49 oldboy6666 systemd[1]: Starting firewalld – dynamic firewall daemon…

Sep 12 15:25:50 oldboy6666 systemd[1]: Started firewalld – dynamic firewall daemon.

Sep 12 15:27:35 oldboy6666 systemd[1]: Stopping firewalld – dynamic firewall daemon…

Sep 12 15:27:36 oldboy6666 systemd[1]: Stopped firewalld – dynamic firewall daemon.

[root@oldboy6666 scripts] #

10.5.2.1 临时配置

(1).查看防火墙的状态(防火墙是开启的)

[root@oldboyedu ~] # /etc/init.d/iptables status

Table: filter

Chain INPUT (policy ACCEPT)

num target prot opt source destination

1 ACCEPT all — 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED

2 ACCEPT icmp — 0.0.0.0/0 0.0.0.0/0

3 ACCEPT all — 0.0.0.0/0 0.0.0.0/0

4 ACCEPT tcp — 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22

5 REJECT all — 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)

num target prot opt source destination

1 REJECT all — 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)

num target prot opt source destination

[root@oldboyedu ~] #

(2).关闭防火墙

[root@oldboyedu ~] # /etc/init.d/iptables stop

iptables: Setting chains to policy ACCEPT: filter [ OK ]

iptables: Flushing firewall rules: [ OK ]

iptables: Unloading modules: [ OK ]

[root@oldboyedu ~] # /etc/init.d/iptables status

iptables: Firewall is not running.

10.5.2.2 永久配置

[root@oldboyedu?~]#chkconfig?–list?|?grep?iptables?查看当前防火墙的状态

iptables? 0:off 1:off 2:on 3:on 4:on 5:on 6:off

[root@oldboyedu?~]#chkconfig?iptables?off?关闭防火墙

[root@oldboyedu?~]#chkconfig?–list?|?grep?iptables?再次查看防火墙

iptables? 0:off 1:off 2:off 3:off 4:off 5:off 6:off

[root@oldboyedu?~]#

10.5.3.1 selinux安全优化的好处

selinux开启是为了限制root用户的权限,可以让root在使用的时候权力受到限制

由于在公司root用户一般是经理或者更高级别的人才可以拥有,导致selinux虽然可以限制,但是为了操作更加方便,一般都是关闭

10.5.3.2 selinux临时配置

(1).查看selinux的状态(现在是开启的)

[root@oldboy6666 scripts] # getenforce

Enforcing

[root@oldboy6666 scripts] #

(2).关闭selinux

[root@oldboy6666 scripts] # setenforce 0

[root@oldboy6666 scripts] # getenforce

Permissive

[root@oldboy6666 scripts] #

10.5.3.3 selinux永久配置

(1).修改配置文件

[root@oldboy6666 scripts] # cat /etc/selinux/config?配置文件路径

# This file controls the state of SELinux on the system.

# SELINUX=can take one of these three values:

# enforcing – SELinux security policy is enforced.?selinux安全策略是开启的

# permissive – SELinux prints warnings instead of enforcing.?selinux打印警告信息代替开启

# disabled – No SELinux policy is loaded.?没有selinux策略的加载

SELINUX=enforcing?要改成disabled

# SELINUXTYPE=can take one of three values:

# targeted – Targeted processes are protected,

# minimum – Modification of targeted policy. Only selected processes are protected.

# mls – Multi Level Security protection.

SELINUXTYPE=targeted

(2).利用sed命令来进行修改

[root@oldboy6666 scripts] # sed -i ‘s#SELINUX=enforcing#SELINUX=disabled#g’ /etc/selinux/config

[root@oldboy6666 scripts] # cat /etc/selinux/config

# This file controls the state of SELinux on the system.

# SELINUX=can take one of these three values:

# enforcing – SELinux security policy is enforced.

# permissive – SELinux prints warnings instead of enforcing.

# disabled – No SELinux policy is loaded.

SELINUX=disabled?已经关闭

# SELINUXTYPE=can take one of three values:

# targeted – Targeted processes are protected,

# minimum – Modification of targeted policy. Only selected processes are protected.

# mls – Multi Level Security protection.

SELINUXTYPE=targeted

[root@oldboy6666 scripts] #

优化字符集可以防止在输入命令或者文件信息的时候出现乱码

可以显示中文信息

[root@oldboy6666 scripts] # LANG=”en_US.GBK”

[root@oldboy6666 scripts] # echo $LANG

en_US.GBK

[root@oldboy6666 scripts] #

(1).配置文件的修改

[root@oldboy6666 scripts] # cat /etc/locale.conf

LANG=en_US.UTF-8

[root@oldboy6666 scripts] #

(2).命令的修改

[root@oldboy6666 ~] # localectl set-locale ‘LANG=zh_CN.UTF-8’?命令

[root@oldboy6666 ~] # echo $LANG

zh_CN.UTF-8

[root@oldboy6666 ~] #

[root@oldboyedu ~] # cat /etc/sysconfig/i18n

LANG=”en_US.UTF-8″

SYSFONT=”latarcyrheb-sun16″

[root@oldboyedu ~] #

[root@oldboy6666?~]?#?date

Thu Sep 12 16:55:49 CST 2019

[root@oldboy6666?~]?#

[root@oldboy6666 ~] # ntpdate ntp1.aliyun

12 Sep 16:57:03 ntpdate[8479]: adjust time server 120.25.115.20 offset 0.000488 sec

[root@oldboy6666 ~] #

10.7.3.1 自动更新时间常用的参数

[root@oldboy6666 ~] # timedatectl

list-timezones?显示所有时区(timedatectl list-timezones)

set-local-rtc?更新硬件(bios)时间(timedatectl set-local-rtc 1)

1:代表开启?0代表关闭

set-ntp?ntp服务器时间的更新(timedatectl set-ntp 1)

1:代表开启?0代表关闭

set-time?更新时间(timedatectl set-time 20190528)

set-timezone?设置时区(timedatectl set-timezone +时区)

[root@oldboy6666 ~] # timedatectl

10.7.3.2 ntp服务器的讲解

(1).ntp服务器的作用

ntp服务器用于在时间服务器和客户端进行同步的操作

(2).ntp服务器同步操作

[root@oldboy6666 ~] # timedatectl set-ntp 1?设置1为同步开启

[root@oldboy6666 ~] # timedatectl

Local time: Thu 2019-09-12 17:25:22 CST

Universal time: Thu 2019-09-12 09:25:22 UTC

RTC time: Thu 2019-09-12 09:25:22

Time zone: Asia/Shanghai (CST, +0800)

NTP enabled: yes

NTP synchronized: yes

RTC in local TZ: yes

DST active: n/a

Warning: The system is configured to read the RTC time in the local time zone.

This mode can not be fully supported. It will create various problems

with time zone changes and daylight saving time adjustments. The RTC

time is never updated, it relies on external facilities to maintain it.

If at all possible, use RTC in UTC by calling

‘timedatectl set-local-rtc 0’.

[root@oldboy6666 ~] #

[root@oldboy6666 ~] # timedatectl set-ntp 0?ntp服务器同步关闭

[root@oldboy6666 ~] # timedatectl

Local time: Thu 2019-09-12 17:27:28 CST

Universal time: Thu 2019-09-12 09:27:28 UTC

RTC time: Thu 2019-09-12 09:27:28

Time zone: Asia/Shanghai (CST, +0800)

NTP enabled: no

NTP synchronized: yes

RTC in local TZ: yes

DST active: n/a

Warning: The system is configured to read the RTC time in the local time zone.

This mode can not be fully supported. It will create various problems

with time zone changes and daylight saving time adjustments. The RTC

time is never updated, it relies on external facilities to maintain it.

If at all possible, use RTC in UTC by calling

‘timedatectl set-local-rtc 0’.

[root@oldboy6666 ~] #

10.7.3.3 硬件时间的讲解

硬件时间简称(bios),由于服务器断电,但是bios电池有电,还会继续的更新时间,这也就是为啥偶尔关机服务器的时间开机以后也可以是正确的原因

打开:vim /etc/ssh/sshd_config

79 GSSAPIAuthentication yes 改为 no

115 UseDNS yes 改为 no

重启sshd服务

systemctl restart sshd

转载请注明原文地址:http://www.lzdww.com/read-38857.html
上一篇下一篇

in

me

is

ing

for

随机主题
(2025-2-11热点)-高圆圆和赵又廷带5岁女儿迪士尼玩耍,一家三口颜值爆表,太甜了(2025-2-11热点)-无量仙翁配音是89岁东北大爷,曾光膀子走T台,超硬核(2025-2-11热点)-高圆圆和女儿拉手小跑,温馨母女情深画面引爆网络热点(2025-2-11热点)-《哪吒2》导演饺子能挣多少钱 国漫之光改写影史纪录(2025-2-11热点)-章子怡女儿醒醒9岁啦,母女同框庆生展现高颜值基因爱情宋词中最唯美的句子(邂逅最美爱情古诗词)(2025-2-10热点)-哪吒2进入全球影史单一市场票房榜前二(2025-2-10热点)-看完再买!买黄金去金店还是银行(2025-2-10热点)-购买黄金的5种途径:如何选择最合适的黄金购买渠道?(2025-2-10热点)-UFC312张伟丽跟苏亚雷斯的比赛,张伟丽将会收获270万美元的奖金到底造句子一年级简单(用到底说一句话一年级)到处造句子一年级(小兔子那么可爱那么什么造句)到底才写仿句一年级(到底什么才什么写句子)(2025-2-9热点)-原创“老好人”何炅五十岁无妻无子,节目停播后逐渐淡出,现状如何?(2025-2-9热点)-成都可可豆成为新晋打卡地(2025-2-8热点)-《哪吒》热映引爆“全藕宴”,电影票根享特别折扣!(2025-2-8热点)-《熊出没:重启未来》躺平摆烂,拱手让出超十亿的票房市场(2025-2-8热点)-北京一菜馆推出全藕宴哪吒套餐 借热映电影吸睛!(2025-2-6热点)-《哪吒2》一部观众比导演都担心票房的电影!关于时间的句子一年级简短(简短美句)(2025-2-5热点)-哪吒投资方光线传媒赢麻了 票房大爆发带动股价涨停关于友情的唯美句子排比句(关于相遇的唯美句子友情)(2025-2-4热点)-大S最后签名曝光,朋友圈深情寄语引发热议!(2025-2-4热点)-关于龙的传说,你了解多少(2025-2-4热点)-大S最后1条发文内容令人唏嘘!她曾这样谈生死家长配合老师的句子(高情商的家长感谢老师语言)(2025-2-3热点)-霰茨奈浜呵榛常捍和砩弦痪洹肮旰脝~!”唤起了多少共鸣?夸睫毛美的用语(表达睫毛美的句子)夸老师讲课好的句子短(夸奖一个人讲课讲得好)(2025-2-2热点)-《哪吒2》:三大细节升级,如何成就票房口碑双冠王?(2025-2-2热点)-《哪吒2》让人又爱又恨的五年等待(2025-2-2热点)-所有女生都应该学习庆奶这句叫什么阿姨,叫姐姐!励志高燃热血文案(小众高级励志句子)
最新回复(0)