登录服务器#
-
登录服务器
ssh root@ip -p 22 -
输入密码
-
查看系统版本
lsb_release -a
# 1. 生成密钥
ssh-keygen -t rsa -b 4096 -C "your_email@domain.com"
# 2. 修改密钥文件权限
chmod 600 ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa.pub
# 3. 设置服务器授权 key 文件权限(没有的话创建文件)
chmod 644 ~/.ssh/authorized_keys
# 4. 上传公钥到服务器
ssh-copy-id -i key_file -p port user@host
# 5. 输入密码
# 6. ssh 登录
ssh 'user@ip'
- 配置本地 ssh 登录
# 1. 编辑文件
vim ~/.ssh/config
# 2. 配置 ssh
Host racknerd_root
HostName xxx.168.120.15
User root
IdentityFile ~/.ssh/id_rsa
Port 223
Host racknerd
HostName xxx.168.120.15
User subuser
IdentityFile ~/.ssh/id_rsa
Port 223安全设置#
禁用 root SSH 密码登陆#
# 1. 编辑文件
sudo vim /etc/ssh/sshd_config
# 2. 修改禁止远程密码登录
PermitRootLogin prohibit-password
# 3. 重启 ssh 服务
sudo systemctl restart ssh修改 ssh 端口号#
# 1. 编辑文件
sudo vim /etc/ssh/sshd_config
# 2. 修改端口号
Port 1024~65535
# 3. 重启 ssh 服务
sudo systemctl restart sshFail2ban 防暴力破解 SSH#
# 1. 更新仓库
sudo add-apt-repository universe
# 2. 安装软件
sudo apt install fail2ban
# 3. 编辑配置
sudo vim /etc/fail2ban/jail.local
[sshd]
ignoreip = 127.0.0.1/8 # 白名单
enabled = true
filter = sshd
port = 22 # 端口,改了的话这里也要改
maxretry = 5 # 最大尝试次数
findtime = 300 # 多少秒以内最大尝试次数规则生效
bantime = 600 # 封禁多少秒,-1是永久封禁(不建议永久封禁)
action = %(action_)s[port="%(port)s", protocol="%(protocol)s", logpath="%(logpath)s", chain="%(chain)s"] # 不需要发邮件通知就这样设置
banaction = iptables-multiport # 禁用方式
logpath = /var/log/auth.log # SSH 登陆日志位置启用 UFW 防火墙#
sudo ufw default allow outgoing # 默认允许所有数据出站
sudo ufw default deny incoming # 默认禁止所有数据入站
# 添加规则
sudo ufw allow 22 # 在未指定proto的情况下,默认为tcp和udp
sudo ufw deny 22 # 拒绝的话就把allow改成deny
sudo ufw allow port1,port2 # 允许复数个端口,以英文逗号分隔
sudo ufw allow from ip/cidr to any proto tcp port 22 # 允许来自于特定ip或cidr段端口22的tcp协议的流量
# 删除规则
sudo ufw delete allow 22 # 在规则前面加个delete
sudo ufw delete 1 # 按照numbered的编号删除也行
# 开启/禁止防火墙
sudo ufw enable|disable|reload
# 记录日志
ufw allow log 22/tcp日常更新系统#
sudo apt update && sudo apt upgrade创建子用户#
useradd -m -G sudo -s /bin/bash solejaypasswd solejay
软件安装#
ZSH#
# 1. 安装
sudo apt-get install zsh
# 2. 使用 zsh
cat /etc/shells # 查看 shell 列表
chsh -s /bin/zsh # 切换为 zsh
echo $SHELL # 查看当前 shell
# 3. 安装 oh my zsh
wget https://github.com/robbyrussell/oh-my-zsh/raw/master/tools/install.sh -O - | sh
# 4. 下载 powerlevel10k 主题
git clone --depth=1 https://github.com/romkatv/powerlevel10k.git ${ZSH_CUSTOM:-$HOME/.oh-my-zsh/custom}/themes/powerlevel10k
# 5. 配置主题样式
source ~/.zshrc
# 6. 配置插件
# 安装语法高亮 zsh-syntax-highlighting
git clone https://github.com/zsh-users/zsh-syntax-highlighting.git ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting
# 安装自动建议 zsh-autosuggestions
git clone https://github.com/zsh-users/zsh-autosuggestions ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-autosuggestions
# autojump
git clone git://github.com/wting/autojump.git & cd autojump & ./install.py
# 7. 编辑 zshrc 文件
plugins=(git autojump macos zsh-syntax-highlighting zsh-autosuggestions)
export ZSH_AUTOSUGGEST_STRATEGY=(history completion)
# 8. 别名配置
# git command alias
alias gst='git status'
alias gaa='git add --all'
alias gcmsg='git commit -m'
alias gpom='git push origin master'
alias gbr='git branch'
alias gco='git checkout'
alias glg="git log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit"Git#
$ git config --global user.name "John Doe"
$ git config --global user.email johndoe@example.comDocker#
# 1. 卸载冲突包
for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done
# 2. 设置 apt 存储库
# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
# Add the repository to Apt sources:
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
# 3. 安装 docker 包
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
# 4. 校验安装
docker --version1Panel ↗#
curl -sSL https://resource.fit2cloud.com/1panel/package/quick_start.sh -o quick_start.sh && sudo bash quick_start.shGolang ↗#
# 1. 下载
wget https://go.dev/dl/go1.23.1.linux-amd64.tar.gz
# 2. 解压
tar -C /home/solejay/software/ -zxf go1.23.1.linux-amd64.tar.gz
# 3. 配置环境变量
echo 'export PATH=$PATH:/home/solejay/software/go/bin' >> ~/.bashrc
# 4. 刷新 bashrc
source ~/.bashrcNVM ↗#
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bashMiniconda#
# 1. 下载安装脚本
wget https://mirrors.tuna.tsinghua.edu.cn/anaconda/miniconda/Miniconda3-latest-Linux-x86_64.sh
# 2. 配置权限
chmod +x Miniconda3-latest-Linux-x86_64.sh
# 3. 安装
./Miniconda3-latest-Linux-x86_64.sh其他配置#
Github 配置 SSH 连接#
# 1. 生成密钥
cd ~
ssh-keygen -t rsa -C "prj960827@gmail.com"
cat ~/.ssh/id_rsa.pub
# 2. github 添加 sshkey
# 3. 验证
ssh -T git@github.comGit 快捷键#
# git command alias
alias gst='git status'
alias gaa='git add --all'
alias gcmsg='git commit -m'
alias gpom='git push origin master'
alias gbr='git branch'
alias gco='git checkout'
alias glg="git log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit"