Linux 常用命令
大约 1 分钟
创建用户和组
# 创建用户gremlins和对应的组,并创建用户家目录/home/gremlins
useradd -m gremlins
# 为用户gremlins设置登录密码
passwd gremlins
防火墙[CentOS7]
#查看防火墙状态
systemctl status firewalld.service
#运行上述命令后,如果看到有绿色字样标注的“active(running)”,说明防火墙是开启状态。
#开启防火墙
systemctl start firewalld.service
#关闭防火墙
systemctl stop firewalld.service
禁止 root 账号直接 ssh 登录
# 禁止root账号ssh登录
sed -i 's/#PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config && systemctl restart sshd
sed -i 's/PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config && systemctl restart sshd
# 禁用密码方式登录
sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config && systemctl restart sshd
# 开启公钥方式登录
sed -i 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/g' /etc/ssh/sshd_config && systemctl restart sshd
# 修改SSH端口号,请修改端口号1234为实际需要的端口
sed -i 's/#Port 22/Port 1234/g' /etc/ssh/sshd_config && systemctl restart sshd
给普通用户赋予 sudo 权限
tee /etc/sudoers.d/tmn <<< 'tmn ALL=(ALL) NOPASSWD: ALL'
chmod 440 /etc/sudoers.d/tmn
添加 LVM 分区
pvscan
pvcreate /dev/sdb
pvs
vgdisplay
vgextend centos /dev/sdb
vgs
lvcreate -L 1T -n data01 centos
lvscan
lvs
mkfs.xfs /dev/centos/data01
mkdir /data01
vim /etc/fstab
mount -a
SSH 公钥登录
sed -i 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/g' /etc/ssh/sshd_config && systemctl restart sshd
# 用户HOME目录权限为700
chmod 700 /home/tmn
chmod 700 /home/tmn/.ssh
chmod 644 /home/tmn/.ssh/authorized_keys
关闭 SELinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config