主页 > 创业  > 

小练习之配置本地yum源和ssh服务

小练习之配置本地yum源和ssh服务
配置本地yum源 ## 查看本地系统信息 [root@node ~]# cat /etc/os-release NAME="openEuler" VERSION="22.03 (LTS-SP3)" ID="openEuler" VERSION_ID="22.03" PRETTY_NAME="openEuler 22.03 (LTS-SP3)" ANSI_COLOR="0;31" ​ ​ ## 查看yum配置文件 [root@node yum.repos.d]# cat /etc/yum.repos.d/openEuler.repo #generic-repos is licensed under the Mulan PSL v2. #You can use this software according to the terms and conditions of the Mulan PSL v2. #You may obtain a copy of Mulan PSL v2 at: #   http://license.coscl.org /MulanPSL2 #THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR #IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR #PURPOSE. #See the Mulan PSL v2 for more details. ​ [OS] name=OS baseurl=http://repo.openeuler.org/openEuler-22.03-LTS-SP3/OS/$basearch/ metalink= mirrors.openeuler.org/metalink?repo=$releasever/OS&arch=$basearch metadata_expire=1h enabled=1 gpgcheck=1 gpgkey=http://repo.openeuler.org/openEuler-22.03-LTS-SP3/OS/$basearch/RPM-GPG-KEY-openEuler ​ [everything] name=everything baseurl=http://repo.openeuler.org/openEuler-22.03-LTS-SP3/everything/$basearch/ metalink= mirrors.openeuler.org/metalink?repo=$releasever/everything&arch=$basearch metadata_expire=1h enabled=1 gpgcheck=1 gpgkey=http://repo.openeuler.org/openEuler-22.03-LTS-SP3/everything/$basearch/RPM-GPG-KEY-openEuler ​ [EPOL] name=EPOL baseurl=http://repo.openeuler.org/openEuler-22.03-LTS-SP3/EPOL/main/$basearch/ metalink= mirrors.openeuler.org/metalink?repo=$releasever/EPOL/main&arch=$basearch metadata_expire=1h enabled=1 gpgcheck=1 gpgkey=http://repo.openeuler.org/openEuler-22.03-LTS-SP3/OS/$basearch/RPM-GPG-KEY-openEuler ​ [debuginfo] name=debuginfo baseurl=http://repo.openeuler.org/openEuler-22.03-LTS-SP3/debuginfo/$basearch/ metalink= mirrors.openeuler.org/metalink?repo=$releasever/debuginfo&arch=$basearch metadata_expire=1h enabled=1 gpgcheck=1 gpgkey=http://repo.openeuler.org/openEuler-22.03-LTS-SP3/debuginfo/$basearch/RPM-GPG-KEY-openEuler ​ [source] name=source baseurl=http://repo.openeuler.org/openEuler-22.03-LTS-SP3/source/ metalink= mirrors.openeuler.org/metalink?repo=$releasever&arch=source metadata_expire=1h enabled=1 gpgcheck=1 gpgkey=http://repo.openeuler.org/openEuler-22.03-LTS-SP3/source/RPM-GPG-KEY-openEuler ​ [update] name=update baseurl=http://repo.openeuler.org/openEuler-22.03-LTS-SP3/update/$basearch/ metalink= mirrors.openeuler.org/metalink?repo=$releasever/update&arch=$basearch metadata_expire=1h enabled=1 gpgcheck=1 gpgkey=http://repo.openeuler.org/openEuler-22.03-LTS-SP3/OS/$basearch/RPM-GPG-KEY-openEuler ​ [update-source] name=update-source baseurl=http://repo.openeuler.org/openEuler-22.03-LTS-SP3/update/source/ metalink= mirrors.openeuler.org/metalink?repo=$releasever/update&arch=source metadata_expire=1h enabled=1 gpgcheck=1 gpgkey=http://repo.openeuler.org/openEuler-22.03-LTS-SP3/source/RPM-GPG-KEY-openEuler [root@node yum.repos.d]# ​ ​ ## 备份yum源头 [root@node ~]# cp -r /etc/yum.repos.d/     /etc/yum.repos.d.bak ​ ## 删除目录下yum文件 [root@node ~]# rm -rf /etc/yum.repos.d/* ​ ## 使用cat直接写入 [root@node yum.repos.d]# cat > /etc/yum.repos.d/openEuler.repo <<EOF > [base] > name=openEuler Base > baseurl= mirrors.huaweicloud /openeuler/openEuler-22.03-LTS-SP3/OS/x86_64/ > enabled=1 > gpgcheck=0 > > [updates] > name=openEuler Updates >baseurl= mirrors.huaweicloud /openeuler/openEuler-22.03-LTS-SP3/update/x86_64/ > enabled=1 > gpgcheck=0 > EOF ​ (这里的EOF是标志符(分隔符),标志着多行输入的结束。它告诉 shell 停止读取输入。可以是任意字符)

ssh服务 1.修改ssh服务器端口号 [root@server ~]# vim /etc/ssh/sshd_config # 定位第21行,去掉# 后修改端口号   Port 2222 [root@server ~]# systemctl restart sshd # 注意:ssh的服务名位sshd   [root@node1 ~]# ssh root@192.168.48.130 # 尝试登录被拒绝,22端口已关闭 # 去用2222端口可以连接 ​ 2.拒绝root账户远程登录

方法:使用配置文件中的Permitrootlogin参数进行实现

[root@server ~]# yum install openssh-server #安装 ​ [root@server ~]# vim /etc/ssh/sshd_config   #修改 PermitRootLogin no # yes修改为no ​ [root@server ~]# systemctl restart sshd   #重启 3.允许特点账号ssh登录(默认拒绝策略) [root@server ~]# useradd test   #创建账号 [root@server ~]# passwd test ​ [root@server ~]# vim /etc/ssh/sshd_config AllowUsers test # 第一行添加 [root@server ~]# systemctl restart sshd

4.虚拟之间实现密钥的登录(免密登录)

免密登录需要双方都做这样的操作,假如只做客户端免密登录服务端 ssh-keygen是用于生成、管理、转换密钥的工具 ssh-keygen -t rsa   ssh-copy-id root@192.168.48.130 [root@node ~]# cat /root/.ssh/authorized_keys (客户端将公钥上传到服务器端后,这里放着服务器端公钥数据   采用RSA 加密算法 RSA 是一种非对称加密算法,其中使用一对密钥:一个公钥和一个私钥。公钥用于加密,私钥用于解密。通过这种方式,只有拥有对应私钥的人才能解密由公钥加密的信息。) ​ ​ ​ 客户端: ssh-keygen -t rsa (一路回车) ssh-copy-id root@192.168.133.20   (将公钥发给目标 ​ ssh root@192.168.133.20 ​ ​ 服务端: (修改 添加上去就行了) PubkeyAuthentication yes PasswordAuthentication no systemctl restart sshd  #重启命令 ​ ​

标签:

小练习之配置本地yum源和ssh服务由讯客互联创业栏目发布,感谢您对讯客互联的认可,以及对我们原创作品以及文章的青睐,非常欢迎各位朋友分享到个人网站或者朋友圈,但转载请说明文章出处“小练习之配置本地yum源和ssh服务

上一篇
解决:org.springframework.web.mul

下一篇
17.9LangSmithTracing深度实战:构建透明可

推荐文章