Centos7 配置

参考文章:

http://www.hksilicon.com/kb/articles/594621/CentOS-7

 

1. 查看时区是否正确timedatectl,若不正确则设置时区 timedatectl set-timezone Asia/Shanghai

2. 更改root用户密码,输入passwd,数字、大小写、标点符号,15位以上

3. 增加一个普通用户"adduser username",设置密码"passwd username"

4. 禁止root ssh登陆"vim /etc/ssh/sshd_config","#PermitRootLogin yes"改为"PermitRootLogin no",重启ssh服务"systemctl restart sshd.service"

5. 修改ssh端口"vim /etc/ssh/sshd_config","#Port 22"改为"Port xxxx"(xxxx为1024 – 65535中的数字),重启ssh服务"systemctl restart sshd.service"。启动自带防火墙"systemctl start firewalld",修改防火墙ssh端口"cp /usr/lib/firewalld/services/ssh.xml /etc/firewalld/services/","vim /etc/firewalld/services/ssh.xml",查找port="22",改为设定的端口,保存,重启防火墙"firewall-cmd --reload"。

6. 启用公钥验证登入ssh,提交本机id_rsa.pub到服务器的.ssh/authorized_keys。开启双重验证,"vim /etc/ssh/sshd_config",末尾添加"AuthenticationMethods publickey,password",重启ssh服务"systemctl restart sshd.service"

7. 自动更新软件"yum -y update"更新一下软件,安装"yum -y install cronie yum-cron",修改配置文件"vim /etc/yum/yum-cron.conf",改为"apply_updates = yes",开启自动更新服务"systemctl start crond","systemctl start yum-cron"

8. 配置防火墙,"yum install firewalld","firewall-cmd --list-all"

 


posted @ 2015-10-06 21:27  chemandy  阅读(219)  评论(0编辑  收藏  举报