安全加固(Ubuntu22.04)
1.修改密码
sudo passwd
2.删除用户
主要包括adm,lp,sync,shutdown,halt,news,uucp,operator,games,ftp,postfix,dovecot
3.修改ssh端口
sudo vim /etc/ssh/sshd_config
#添加ssh为2222端口
Port 2222
“:wq”保存后重启ssh服务
sudo systemctl restart sshd/sshd
4.重启
reboot
5.禁ping
通过修改/etc/sysctl.conf文件即可实现,具体操作如下:
#cd /etc
#chmod +w sysctl.conf
#vi sysctl.conf
文件尾部追加
net.ipv4.icmp_echo_ignore_all = 1
保存退出
#chmod -w sysctl.conf
#sysctl -p
6.docker加速
配置加速地址
Ubuntu 16.04+、Debian 8+、CentOS 7+
创建或修改 /etc/docker/daemon.json:
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<EOF
{
"registry-mirrors": [
"https://hub.rat.dev",
"https://docker.1panel.live"
]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
7.docker/docker-compose调整版本
docker
>> curl -sSL https://get.docker.com/ | CHANNEL=stable sh
>> systemctl enable --now docker
docker-compose
>> curl -L "https://github.com/docker/compose/releases/download/v2.29.1/docker-compose-linux-x86_64" -o /usr/bin/docker-compose
>> chmod +x docker-compose
>> docker-compose --version
8.一键暂停/删除所有image
docker stop $(docker ps -q)
docker rm $(docker ps -a -q)
docker rmi $(docker images -q)
