菜单
一、centos系统初始化
1.1 设置IP
####1、查看ip
[root@rancher ~]# ip addr
根据显示的网卡,我们需要修改ens33的网卡信息
#####2、修改网卡信息
[root@rancher ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=00617e9f-0fd8-4bfc-8b97-5166b8b33fe7
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.8.21
GATEWAY=192.168.8.2
NETMASK=255.255.255.0
DNS1=223.5.5.5
DNS2=223.6.6.6
####3、重新network服务
[root@rancher ~]# systemctl restart network.service
[root@rancher ~]# systemctl status network.service1.2 设置主机名
###1、查看当前hostname
[root@rancher ~]# hostname
rancher
###2、用命令修改
[root@rancher ~]# hostnamectl set-hostname recketmq
###3、设置hosts。根据上文的ip和hostname如下设置
[root@rancher ~]# vim /etc/hosts
192.168.8.21 rocketmq
###4、重启主机
[root@rancher ~]# reboot
###5、检查是否设置成功
[root@rocketmq ~]# hostname
rocketmq
[root@rocketmq ~]#
[root@rocketmq ~]# ping rocketmq
PING rocketmq (192.168.8.21) 56(84) bytes of data.
64 bytes from rocketmq (192.168.8.21): icmp_seq=1 ttl=64 time=0.063 ms1.3 关闭防火墙
####1、查看防火墙状态
[root@rocketmq ~]# systemctl status firewalld.service
####2、关闭防火墙
[root@rocketmq ~]# systemctl stop firewalld.service
####3、关闭防火墙开机自启动
[root@rocketmq ~]# systemctl disable firewalld.service
####4、查看防火墙状态
[root@rocketmq ~]# systemctl status firewalld.service1.3.2 设置防火墙端口
1.4 关闭selinux
###1、查看状态
[root@rocketmq ~]# getenforce
Disabled
###2、设置禁用
[root@rocketmq ~]# vim /etc/sysconfig/selinux
selinux=disabled
####3、查看状态
[root@rocketmq ~]# getenforce1.5 主机时间同步及安装常用工具
###1、切换到阿里云yum源
[root@rocketmq ~]# mkdir /etc/yum.repos.d/repo_bak && mv /etc/yum.repos.d/CentOS* /etc/yum.repos.d/repo_bak
[root@rocketmq ~]# curl -o /etc/yum.repos.d/CentOS-7-ali.repo http://mirrors.aliyun.com/repo/Centos-7.repo
[root@rocketmq ~]# yum clean cache
[root@rocketmq ~]# yum makecache
[root@rocketmq ~]# yum repolist
###2、安装常用的软件
[root@rocketmq ~]# yum install vim iotop bc gcc gcc-c++ glibc glibc-devel pcre \
pcre-devel openssl openssl-devel zip unzip zlib-devel net-tools \
lrzsz tree ntpdate telnet lsof tcpdump wget libevent libevent-devel \
bc systemd-devel bash-completion traceroute \
bridge-utils -y
###3、时钟同步
[root@rocketmq ~]# ntpdate ntp1.aliyun.com
9 Aug 09:48:33 ntpdate[1734]: step time server 120.25.115.20 offset -86399.130435 sec1.6 配置免密
1.6.1 新建root权限用户
[root@rocketmq ~]# adduser fox
[root@rocketmq ~]# passwd fox
1.6.2 授权
####1、编辑文件:/ 进行vim 搜索
[root@rocketmq ~]# sudo vim /etc/sudoers
#修改文件内容
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
fox ALL=(ALL) ALL #将新用户添加再这里
###2、保存,退出1.6.3 修改配置文件
[root@rocketmq ~]# vim /etc/ssh/sshd_config
####1、禁止root登录
PermitRootLogin yes
#修改为
PermitRootLogin no
###2、禁止使用密码登录,注释掉下面这行,或者将yes改为no
#PasswordAuthentication yes
PasswordAuthentication no
###3、在文件末尾新增
RSAAuthentication yes
PubkeyAuthentication yes!!!不要关闭这个页面,新开一个ssh连接,使用新用户登录。!!!
####1、切换用户
[fox@rocketmq ~]$ su - fox
Password:
Last login: Tue Aug 9 11:13:18 CST 2022 on pts/0
[fox@rocketmq ~]$ 1.6.4 生成证书并配置
####生成证书
[fox@rocketmq ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/fox/.ssh/id_rsa):
Created directory '/home/fox/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/fox/.ssh/id_rsa.
Your public key has been saved in /home/fox/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:bC3/tDUS9qbDwT+pvY9myq9L/rvEYKuDbY30XzDfBCI fox@rocketmq
The key's randomart image is:
+---[RSA 2048]----+
| |
| |
| E . . |
| . . . . . |
| S ..= o .|
| . o.oo* =.|
| +.==oB.+|
| . =B=O*+ |
| ...@%X*.|
+----[SHA256]-----+
[fox@rocketmq ~]$
###把id_rsa导出
[fox@rocketmq .ssh]$ ls
authorized_keys id_rsa id_rsa.pub
1.6.5 服务安装公钥
[fox@rocketmq ~]$ cd /home/fox/.ssh/
[fox@rocketmq .ssh]$ cat id_rsa.pub >> authorized_keys
[fox@rocketmq .ssh]$ chmod 600 authorized_keys
###只要700的时候,sshd才能读到
[fox@rocketmq .ssh]$ chmod 700 ~/.ssh
1.6.6 重启SSH服务
[fox@rocketmq .ssh]$ service sshd restart1.6.7使用Xshell登录验证
然后选择用户密钥登录
