页面“Debian利用shadowsocks和polipo终端代理翻墙”与“Debian服务器初始化”之间的差异
(页面间的差异)
跳到导航
跳到搜索
(→启动服务) |
(→常用软件) |
||
第1行: | 第1行: | ||
− | |||
− | + | [[Salt-ssh批量初始化机器]] | |
+ | = os init= | ||
+ | == change sources == | ||
+ | ===10源=== | ||
+ | <pre> | ||
− | + | deb http://mirrors.aliyun.com/debian/ buster main non-free contrib | |
− | + | deb-src http://mirrors.aliyun.com/debian/ buster main non-free contrib | |
− | + | deb http://mirrors.aliyun.com/debian-security buster/updates main | |
+ | deb-src http://mirrors.aliyun.com/debian-security buster/updates main | ||
+ | deb http://mirrors.aliyun.com/debian/ buster-updates main non-free contrib | ||
+ | deb-src http://mirrors.aliyun.com/debian/ buster-updates main non-free contrib | ||
+ | deb http://mirrors.aliyun.com/debian/ buster-backports main non-free contrib | ||
+ | deb-src http://mirrors.aliyun.com/debian/ buster-backports main non-free contrib | ||
− | === | + | </pre> |
− | <pre> | + | ===9 源=== |
− | + | <pre> | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
+ | echo 'deb http://mirrors.aliyun.com/debian/ stretch main non-free contrib | ||
+ | deb-src http://mirrors.aliyun.com/debian/ stretch main non-free contrib | ||
+ | deb http://mirrors.aliyun.com/debian-security stretch/updates main | ||
+ | deb-src http://mirrors.aliyun.com/debian-security stretch/updates main | ||
+ | deb http://mirrors.aliyun.com/debian/ stretch-updates main non-free contrib | ||
+ | deb-src http://mirrors.aliyun.com/debian/ stretch-updates main non-free contrib | ||
+ | deb http://mirrors.aliyun.com/debian/ stretch-backports main non-free contrib | ||
+ | deb-src http://mirrors.aliyun.com/debian/ stretch-backports main non-free contrib ' >sources.list | ||
</pre> | </pre> | ||
− | == | + | == ssh config== |
<pre> | <pre> | ||
− | + | echo "ssh-rsa AAAAB3NzaC you_prk_key root@ops | |
− | + | " >> /root/.ssh/authorized_keys | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | sed -i "s/#PubkeyAuthentication yes/PubkeyAuthentication yes/g" /etc/ssh/sshd_config | |
− | + | sed -i "s/^PasswordAuthentication yes/PasswordAuthentication no/g" /etc/ssh/sshd_config | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | systemctl restart sshd | |
+ | #service sshd restart | ||
− | + | </pre> | |
− | + | ==常用软件== | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | == | ||
<pre> | <pre> | ||
− | + | useradd -d /data/evan -s /bin/bash -m evan | |
− | + | 数m表示如果该目录不存在,则创建该目录 | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | apt install net-tools procps rsync wget w3m vim build-essential dnsutils screen curl sudo lsb-release iotop software-properties-common -y #dig dnsutils firewalld | |
− | # | + | #全面的开发工具 |
− | + | sudo apt install git golang build-essential gcc g++ gdb libboost-dev make automake autogen autoconf cscope global cmake cmake-gui astyle clang-format clang llvm lldb libsqlite3-dev sqlite3 bison flex ruby-dev linux-headers-`uname -r` | |
+ | #ps | ||
+ | apt install procps | ||
− | + | 安装Fail2Ban | |
+ | </pre> | ||
− | + | [https://www.debian.cn/archives/2880 Debian 安装 fail2ban 方式SSH爆破攻击] | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | [[Debian配置iptables]] | |
− | = | + | =时间同步= |
<pre> | <pre> | ||
+ | UTC时区切换到CST 时区 | ||
− | # | + | #用这个啦 |
− | + | # 设置亚洲时区 tzselect 有时不准 | |
− | + | timedatectl set-timezone Asia/Shanghai | |
+ | # 启用NTP同步 #关闭是 false | ||
+ | timedatectl set-ntp yes | ||
− | + | echo "export TZ='Asia/Shanghai'" >> /etc/profile | |
− | + | cat /etc/profile |grep TZ | |
− | / | + | source /etc/profile |
− | + | date -R #时区查看 | |
+ | date | ||
+ | Sat Aug 19 17:03:17 CST 2017 | ||
</pre> | </pre> | ||
− | |||
− | = | + | =security= |
+ | ==ufw== | ||
− | + | ==firewalld== | |
− | + | 这个放弃了 | |
− | |||
− | |||
− | + | 详情可见 [[Centos7 firewalld防火墙基础]] | |
− | [ | ||
− | + | [https://computingforgeeks.com/how-to-install-and-configure-firewalld-on-debian/ How To Install and Configure Firewalld on Debian 10] | |
− | + | [https://ywnz.com/linuxaq/5495.html 在Debian 10(Buster)上安装和配置Firewalld] | |
− | [https:// | ||
− | + | =参考= | |
− | |||
− | |||
− | |||
− | = | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | [https://blog.51cto.com/wzlinux/2043586 Ubuntu 新装服务器部署流程] | |
− | [https://www. | + | [https://www.howtoing.com/install-java-in-debian-and-ubuntu 如何在Debian和Ubuntu系统中安装Java 9] |
− | [ | + | [http://www.ruanyifeng.com/blog/2014/03/server_setup.html Linux服务器的初步配置流程] |
− | [http:// | + | [http://spenserj.com/blog/2013/07/15/securing-a-linux-server/ Securing a Linux Server] |
+ | [http://blog.51cto.com/feihan21/1060365 Linux服务器初始化配置脚本] | ||
− | [https://blog. | + | [https://blog.imdst.com/linux-fu-wu-qi-chu-shi-hua-an-quan-jia-gu/ Linux服务器初始化调优及安全加固] |
− | [ | + | [https://linux.cn/article-5067-1.html 如何使用 fail2ban 防御 SSH 服务器的暴力破解攻击] |
+ | [https://blog.csdn.net/developerinit/article/details/73065229?utm_source=blogxgwz7 Debian的一些常用命令] | ||
− | |||
− | [[category: | + | [https://www.cnblogs.com/yoyotl/p/8151409.html Debian 8 设置时区和时间配置] |
+ | [[category:ops]] [[category:debian]] |
2020年2月29日 (六) 03:52的版本
目录
os init
change sources
10源
deb http://mirrors.aliyun.com/debian/ buster main non-free contrib deb-src http://mirrors.aliyun.com/debian/ buster main non-free contrib deb http://mirrors.aliyun.com/debian-security buster/updates main deb-src http://mirrors.aliyun.com/debian-security buster/updates main deb http://mirrors.aliyun.com/debian/ buster-updates main non-free contrib deb-src http://mirrors.aliyun.com/debian/ buster-updates main non-free contrib deb http://mirrors.aliyun.com/debian/ buster-backports main non-free contrib deb-src http://mirrors.aliyun.com/debian/ buster-backports main non-free contrib
9 源
echo 'deb http://mirrors.aliyun.com/debian/ stretch main non-free contrib deb-src http://mirrors.aliyun.com/debian/ stretch main non-free contrib deb http://mirrors.aliyun.com/debian-security stretch/updates main deb-src http://mirrors.aliyun.com/debian-security stretch/updates main deb http://mirrors.aliyun.com/debian/ stretch-updates main non-free contrib deb-src http://mirrors.aliyun.com/debian/ stretch-updates main non-free contrib deb http://mirrors.aliyun.com/debian/ stretch-backports main non-free contrib deb-src http://mirrors.aliyun.com/debian/ stretch-backports main non-free contrib ' >sources.list
ssh config
echo "ssh-rsa AAAAB3NzaC you_prk_key root@ops " >> /root/.ssh/authorized_keys sed -i "s/#PubkeyAuthentication yes/PubkeyAuthentication yes/g" /etc/ssh/sshd_config sed -i "s/^PasswordAuthentication yes/PasswordAuthentication no/g" /etc/ssh/sshd_config systemctl restart sshd #service sshd restart
常用软件
useradd -d /data/evan -s /bin/bash -m evan 数m表示如果该目录不存在,则创建该目录 apt install net-tools procps rsync wget w3m vim build-essential dnsutils screen curl sudo lsb-release iotop software-properties-common -y #dig dnsutils firewalld #全面的开发工具 sudo apt install git golang build-essential gcc g++ gdb libboost-dev make automake autogen autoconf cscope global cmake cmake-gui astyle clang-format clang llvm lldb libsqlite3-dev sqlite3 bison flex ruby-dev linux-headers-`uname -r` #ps apt install procps 安装Fail2Ban
时间同步
UTC时区切换到CST 时区 #用这个啦 # 设置亚洲时区 tzselect 有时不准 timedatectl set-timezone Asia/Shanghai # 启用NTP同步 #关闭是 false timedatectl set-ntp yes echo "export TZ='Asia/Shanghai'" >> /etc/profile cat /etc/profile |grep TZ source /etc/profile date -R #时区查看 date Sat Aug 19 17:03:17 CST 2017
security
ufw
firewalld
这个放弃了
How To Install and Configure Firewalld on Debian 10
在Debian 10(Buster)上安装和配置Firewalld