Linux_11/ firewalld-config, SSH, bounding
_________________________________________________________________________________________________________________________________________________
- firewall-config,是Firewalls-cmd的图形化,功能对等。
_________________________________________________________________________________________________________________________________________________
- nmcli
_________________________________________________________________________________________________________________________________________________
| 命令 | 解释 | |
| 1 | nmcli connection show | 显示网络信息 |
| 2 | nmcli connection add con-name DH ifname eno16777736 autoconnect no type ethernet ip4 192.168.0.77/24 gw4 192.168.0.1 | 创建网络会话 |
| 3 | nmcli connection add con-name house ifname eno16777736 type ethernet | |
| 4 | nmcli connection up house | 启用网络会话house |
1,显示网络信息
[root@linuxprobe ~]# nmcli connection show NAME UUID TYPE DEVICE eno16777736 ec77579b-2ced-481f-9c09-f562b321e268 802-3-ethernet eno16777736
2,新建网络会话
[root@linuxprobe ~]# nmcli connection add con-name company ifname eno16777736 autoconnect no type ethernet ip4 192.168.10.10/24 gw4 192.168.10.1 Connection 'company' (86c71220-0057-419e-b615-38f4014cfdee) successfully added
[root@linuxprobe ~]# nmcli connection add con-name house type ethernet ifname eno16777736 Connection 'house' (44acf0a7-07e2-40b4-94ba-69ea973090fb) successfully added
显示网络信息
[root@linuxprobe ~]# nmcli connection show NAME UUID TYPE DEVICE house 44acf0a7-07e2-40b4-94ba-69ea973090fb 802-3-ethernet -- company 86c71220-0057-419e-b615-38f4014cfdee 802-3-ethernet -- eno16777736 ec77579b-2ced-481f-9c09-f562b321e268 802-3-ethernet eno16777736
3,启用house网络会话,且是永久生效的。
[root@linuxprobe ~]# nmcli connection up house
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)
[root@linuxprobe ~]# ifconfig
eno1677773628: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.128 netmask 255.255.255.0 broadcast 192.168.100.255
......
......
_________________________________________________________________________________________________________________________________________________
- bonding 网卡绑定
_________________________________________________________________________________________________________________________________________________
|
命令 |
备注 |
|
| 1 |
vim /etc/sysconfig/network-scripts/ifcfg-eno16777736
|
TYPE=Ethernet BOOTPROTO=none ONBOOT=yes USERCTL=no DEVICE=eno16777736 MASTER=bond0 SLAVE=yes |
| 2 |
cat ifcfg-eno16777736 > ifcfg-eno33554992 |
|
| 3 | vim /etc/sysconfig/network-scripts/ifcfg-bond0 |
TYPE=Ethernet BOOTPROTO=none ONBOOT=yes USERCTL=no DEVICE=bond0 IPADDR=192.168.10.10 PREFIX=24 DNS=192.168.10.1 NM_CONTROLLED=no |
| 4 |
vim /etc/modprobe.d/bond.conf |
alias bond0 bonding options bond0 miimon=100 mode=6 |
| 5 |
systemctl restart network
|
|
| 6 | ifconfig |
1,编辑网卡
1.1,编辑网卡1
[root@linuxprobe ~]# vim /etc/sysconfig/network-scripts/ifcfg-eno16777736
TYPE=Ethernet
BOOTPROTO=none
ONBOOT=yes
USERCTL=no
DEVICE=eno16777736
MASTER=bond0
SLAVE=yes1.2,ifconfig查看通过虚拟机设置新加的网卡2:eno33554992
1.3,编辑网卡2
cat ifcfg-eno16777736 > ifcfg-eno33554992
vim ifcfg-eno33554992,修改DEVICE名字
1.4,将绑定后的设备命名为bond0并把IP地址等信息填写进去,这样当用户访问相应服务的时候,实际上就是由这两块网卡设备在共同提供服务。
[root@linuxprobe ~]# vim /etc/sysconfig/network-scripts/ifcfg-bond0
TYPE=Ethernet
BOOTPROTO=none
ONBOOT=yes
USERCTL=no
DEVICE=bond0
IPADDR=192.168.10.10
PREFIX=24
DNS=192.168.10.1
NM_CONTROLLED=no
2,网卡绑定
[root@linuxprobe ~]# vim /etc/modprobe.d/bond.conf
alias bond0 bonding
options bond0 miimon=100 mode=6
3,重启网络服务即可,通常只显示bond0的IP地址
[root@linuxprobe ~]# systemctl restart network [root@linuxprobe ~]# ifconfig bond0: flags=5187<UP,BROADCAST,RUNNING,MASTER,MULTICAST> mtu 1500 inet 192.168.10.10 netmask 255.255.255.0 broadcast 192.168.10.255 inet6 fe80::20c:29ff:fe9c:637d prefixlen 64 scopeid 0x20<link> ether 00:0c:29:9c:63:7d txqueuelen 0 (Ethernet) RX packets 700 bytes 82899 (80.9 KiB) RX errors 0 dropped 6 overruns 0 frame 0 TX packets 588 bytes 40260 (39.3 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eno16777736: flags=6211<UP,BROADCAST,RUNNING,SLAVE,MULTICAST> mtu 1500 ether 00:0c:29:9c:63:73 txqueuelen 1000 (Ethernet) RX packets 347 bytes 40112 (39.1 KiB) RX errors 0 dropped 6 overruns 0 frame 0 TX packets 263 bytes 20682 (20.1 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eno33554968: flags=6211<UP,BROADCAST,RUNNING,SLAVE,MULTICAST> mtu 1500 ether 00:0c:29:9c:63:7d txqueuelen 1000 (Ethernet) RX packets 353 bytes 42787 (41.7 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 325 bytes 19578 (19.1 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
_________________________________________________________________________________________________________________________________________________
- sshd远程控制服务
_________________________________________________________________________________________________________________________________________________
sshd服务的配置信息保存在/etc/ssh/sshd_config文件中。
| 1 | vim /etc/ssh/sshd_config | |
| 2 | PermitRootLogin no | 禁止root远程登录 |
| 3 | ssh-keygen | |
| 4 | ||
| 5 | ||
| 6 | systemctl restart sshd | 重启sshd服务 |
| 7 | systemctl enable sshd | sshd开机启动 |
[root@localhost ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
c3:8a:9a:f5:ea:dc:1d:0d:c0:df:77:dc:75:b3:a7:c4 root@localhost.localdomain
The key's randomart image is:
+--[ RSA 2048]----+
| |
| . |
| o .o|
| + . o .=|
| S . . E.o|
| . . + . o ..|
| o . . . . |
| = o . . |
| o.+.o . |
+-----------------+
[root@localhost ~]# ssh-copy-id 192.168.10.77
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.10.77's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.10.77'"
and check to make sure that only the key(s) you wanted were added.
_________________________________________________________________________________________________________________________________________________
scp
_________________________________________________________________________________________________________________________________________________
[root@localhost ~]# scp -rv zhxu@localhost:/home/zhxu/Documents/ Doc
_________________________________________________________________________________________________________________________________________________
不间断会话 screen
_________________________________________________________________________________________________________________________________________________
| 命令 | ||
| 1 | screen -S linuxtest | 创建一个名字为linuxtest的回话 |
| 2 | screen -ls | 查看 |
| 3 |
screen -r 31441 或者 screen -r linuxtext |
恢复回话 |
| 4 | exit | 退出会话 |
| 5 | screen -x | 终端B执行后,可以实现与终端A的共享。 |
