linux初始化布局(Debian 12 bookworm)

创建工作用户

  • 首先创建一个新的用户
    adduser {用户名}
  • 将该用户名纳入sudo名单内
    nano /etc/sudoers,并在root下方一行编辑{用户名} ALL=(ALL) ALL

换源(有魔法就尽量使用默认的)

  1. 换源第一步
    nano /etc/apt/sources.list并且将其替换为以下内容
# 默认注释了源码镜像以提高 apt update 速度,如有需要可自行取消注释
deb https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm main contrib non-free non-free-firmware
# deb-src https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm main contrib non-free non-free-firmware

deb https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm-updates main contrib non-free non-free-firmware
# deb-src https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm-updates main contrib non-free non-free-firmware

deb https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm-backports main contrib non-free non-free-firmware
# deb-src https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm-backports main contrib non-free non-free-firmware

# 以下安全更新软件源包含了官方源与镜像站配置,如有需要可自行修改注释切换
deb https://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
# deb-src https://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
  1. 换源第二步
    nano /etc/apt/sources.list.d/debian.sources替换为以下内容
Types: deb
URIs: https://mirrors.tuna.tsinghua.edu.cn/debian
Suites: bookworm bookworm-updates bookworm-backports
Components: main contrib non-free non-free-firmware
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg

# 默认注释了源码镜像以提高 apt update 速度,如有需要可自行取消注释
# Types: deb-src
# URIs: https://mirrors.tuna.tsinghua.edu.cn/debian
# Suites: bookworm bookworm-updates bookworm-backports
# Components: main contrib non-free non-free-firmware
# Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg

# 以下安全更新软件源包含了官方源与镜像站配置,如有需要可自行修改注释切换
Types: deb
URIs: https://security.debian.org/debian-security
Suites: bookworm-security
Components: main contrib non-free non-free-firmware
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg

# Types: deb-src
# URIs: https://security.debian.org/debian-security
# Suites: bookworm-security
# Components: main contrib non-free non-free-firmware
# Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg

注意:先不要更新软件

安装常用软件

  • 切换用户su - {用户名}
  • 更新软件列表sudo apt update
  • 安装系统必备软件
    sudo apt install net-tools openssh-server sudo curl wget tar unzip zip htop coreutils telnet tar iptables procps man-db -y

一些配置

  • 修改ll为ls -al
    cd ~ && echo "alias ll='ls -al'" >> .bashrc
  • ssh配置并禁止密码登录
    1. 客户端配置(需要与服务端在同一局域网)
# 安装ssh客户端软件
sudo apt install openssh-client -y

# 生成ssh公钥和私钥
ssh-keygen -t rsa -f ~/.ssh/id_rsa

# 将生成的ssh公钥配置到服务端的'~/.ssh/authorized_keys'文件中
ssh-copy-id {服务端用户名}@{服务端IP}


以下是便捷登录配置(使用别名登录服务端,这样登录服务端就不用输入主机名与地址了)

# 编辑.ssh下的config文件,没有就生成新文件
nano ~/.ssh/config

# 编辑内容如下
Host [服务端别名]
Hostname [服务器ip]
Port [ssh端口]
User [登录用户名]

# 还不知道写? 那我给个具体的例子,如下
Host hahaha
Hostname 192.168.1.10
Port 22
User Nanoric

编辑好以后(再配置好服务端)就能直接ssh [服务端别名]登录服务端了

  1. 服务端
    请手动编辑sshd_config文件,命令行输入nano /etc/ssh/sshd_config,修改以下内容(注意去除井号#), 最好在root用户下修改,否则提示无权限修改
Port 22
PubkeyAuthentication yes
PasswordAuthentication no
PermitRootLogin no

正确设置目录/.ssh的权限以及文件/.ssh/authorized_key的权限,确保没有错误
chmod 700 ~/.ssh && chmod 600 ~/.ssh/authorized_keys
设置ssh开机启动(服务端),并查看运行状态
systemctl restart ssh & systemctl enable ssh & systemctl status ssh

⭐注意

  • 私钥名称要规范化为id_rsa
  • Windows的.ssh目录在C:\Users\{用户名}\下,文件结构与linux完全一致。其中用户名可以通过cmd的命令echo %username%查看
待完善
posted @ 2025-03-15 20:59  Nanoric  阅读(52)  评论(0)    收藏  举报