记录:一次数据库被恶意修改配置文件的问题

一.使用密钥登录

 

1.先sudo su -s 切换到root

 

2.生成秘钥对

root@ubuntu:~# ssh-keygen   命令

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa): <== 按 Enter

Created directory '/root/.ssh'.

Enter passphrase (empty for no passphrase): 直接按 Enter 留空

Enter same passphrase again: <== 回车

Your identification has been saved in /root/.ssh/id_rsa. <== 私钥

Your public key has been saved in /root/.ssh/id_rsa.pub. <== 公钥

The key fingerprint is:

0f:d3:e7:1a:1c:bd:5c:03:f1:19:f1:22:df:9b:cc:08 root@host

 

cd  /root/.ssh/导出id_rsa   一定先导入密钥再执行下面操作

 

3.服务器安装公钥

cd /root/.ssh/ 

cat id_rsa.pub >> authorized_keys

chmod 600 authorized_keys

chmod 700 /root/.ssh/

 

4.设置ssh,密钥登录

vim /etc/ssh/sshd_config  修改下面配置

PermitRootLogin yes

PasswordAuthentication no

 

重启sshd

service ssh restart

 

退出shell,使用root加密钥登录

 

二.设置数据库配置文件权限

chattr +i /var/spool/cron/crontabs/root   #禁止任何人修改计划任务

chattr +i /etc/postgresql/9.6/main/pg_hba.conf  #禁止任何人修改数据库配置文件

chattr +a  /data/postgresql   #禁止任何人修改数据目录权限