返回首页

张小三资源网
    佛系AFFman ╭∩╮(︶︿︶)╭∩╮!随缘记录常用运维技巧
12月052019

centos7 常规操作

Posted by 张小三资源网 2019年12月5日 Tags:
使用ROOT登陆
echo root:zxsdw.com |sudo chpasswd root
sudo sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config;
sudo sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config;
sudo service sshd restart

1.添加swap
dd if=/dev/zero of=/mnt/swapfile bs=1024 count=1048576
chmod 0600 /mnt/swapfile
mkswap /mnt/swapfile
swapon /mnt/swapfile

vi /etc/fstab
/mnt/swapfile swap swap defaults 0 0

vi /etc/sysctl.conf
vm.swappiness=10

2.优化启动项
systemctl list-unit-files | grep enable

systemctl stop irqbalance.service #虚拟机关闭
systemctl stop kdump.service
systemctl stop firewalld.service

systemctl disable irqbalance.service
systemctl disable kdump.service
systemctl disable firewalld.service

3.更新系统
yum makecache
yum upgrade

4.修改密码端口及登陆IP
passwd

vi /etc/ssh/sshd_config
service sshd restart

vi /etc/hosts.allow
sshd:xx.xx.0.0/16:allow
vi /etc/hosts.deny
sshd:ALL


5.编辑iptables规则
yum -y install iptables
yum -y install iptables-services

vi /etc/sysconfig/iptables

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -i lo -j ACCEPT
#-A INPUT -p icmp -j ACCEPT
#-A INPUT -p icmp --icmp-type 8 -s 0/0 -j DROP
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

开启systemctl restart iptables.service
自启systemctl enable iptables.services

6.reboot 脚本
老外vps无特别说明(即使用优惠码)都按优惠后的价格续费。此vps无爱可看之前其它文章
发现Out of Stock说明缺货中,可考虑购买其它VPS。自备谷歌浏览器有简单的翻译功能。

买老外的域名、vps都需美元。有信用卡可直接购买。无卡无美元的注册Paypal到淘宝找人充美元即可。老外VPS购买教程参考:http://www.zxsdw.com/index.php/archives/259/

添加新评论 »

张小三资源网 is powered by Typecho))) 网站地图