二、基础配置操作
1、网络管理(配置静态地址并进行ssh远程连接)
(1.)静态地址配置
ip地址的配置文件存于etc/sysconfig/network-scripts/下
[root@centos /]# cd /etc/sysconfig/network-scripts/
[root@centos network-scripts]# ls
ifcfg-eth0 ifdown-post ifup-aliases ifup-post init.ipv6-global
ifcfg-lo ifdown-ppp ifup-bnep ifup-ppp network-functions
ifdown ifdown-routes ifup-eth ifup-routes network-functions-ipv6
ifdown-bnep ifdown-sit ifup-ippp ifup-sit test.txt
ifdown-eth ifdown-Team ifup-ipv6 ifup-Team
ifdown-ippp ifdown-TeamPort ifup-isdn ifup-TeamPort
ifdown-ipv6 ifdown-tunnel ifup-plip ifup-tunnel
ifdown-isdn ifup ifup-plusb ifup-wireless
查看一下ip地址的网口,然后查看一下配置
[root@centos network-scripts]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:16:3e:0c:2c:e6 brd ff:ff:ff:ff:ff:ff
inet 172.31.79.129/20 brd 172.31.79.255 scope global dynamic eth0
valid_lft 315005508sec preferred_lft 315005508sec
inet6 fe80::216:3eff:fe0c:2ce6/64 scope link
valid_lft forever preferred_lft forever
[root@centos network-scripts]# cat ifcfg-eth0
# Created by cloud-init on instance boot automatically, do not edit.
# If you don't want cloud-init genrated automatically,you can disable it in /etc/cloud/cloud.cfg
# For more information, please refer to: https://help.aliyun.com/document\_detail/57803.html
#
BOOTPROTO=dhcp
DEVICE=eth0
ONBOOT=yes
STARTMODE=auto
TYPE=Ethernet
USERCTL=no
# 注释:
# ip a:用于显示当前系统中所有网络接口的详细信息,包括每个接口的IP地址、MAC地址、状态、以及其他配置参数
进行修改静态IP地址(可以参考我另一篇:centos-静态ip及修改主机名)
[root@centos network-scripts]# vi ifcfg-eth0
[root@centos network-scripts]# systemctl restart network
[root@centos network-scripts]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:16:3e:0c:2c:e6 brd ff:ff:ff:ff:ff:ff
inet 172.31.79.129/24 brd 172.31.79.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::216:3eff:fe0c:2ce6/64 scope link
valid_lft forever preferred_lft forever
[root@centos network-scripts]# cat ifcfg-eth0
# Created by cloud-init on instance boot automatically, do not edit.
# If you don't want cloud-init genrated automatically,you can disable it in /etc/cloud/cloud.cfg
# For more information, please refer to: https://help.aliyun.com/document\_detail/57803.html
#
BOOTPROTO=static
DEVICE=eth0
ONBOOT=yes
STARTMODE=auto
TYPE=Ethernet
USERCTL=no
IPADDR=172.31.79.129
NETMASK=255.255.255.0
GATEWAY=172.31.79.1
DNS1=202.102.227.68
DNS2=202.102.224.68
到此,静态IP配置完成
(2.)IP配置注释
以下是在物理机上的IP配置中的参数注释,上面的是在阿里云ECS中配置的
参数 | 注释 |
---|---|
TYPE=“Ethernet” | 表示这是一个使用以太网协议的网络接口 |
PROXY_METHOD =“none” | 指定不使用代理 |
BROWSER_ONLY=“no” | 表示不仅限于浏览器使用 |
BOOTPROTO=“static” | 指定使用静态 IP 地址配置 |
DEFROUTE=“yes” | 指定设置默认路由 |
IPV4_FAILURE_FATAL=“no” | 指定 IPv4 连接失败不会导致致命错误 |
IPV6INIT=“yes” | 启用 IPv6 |
IPV6_AUTOCONF=“yes” | 启用 IPv6 自动配置 |
IPV6_DEFROUTE=“yes” | 指定设置 IPv6 默认路由 |
IPV6_FAILURE_FATAL=“no” | 指定 IPv6 连接失败不会导致致命错误 |
IPV6_ADDR_GEN_MODE=“stable-privacy” | 指定使用稳定的隐私地址生成模式 |
NAME=“ens33” | 指定接口的名称 |
UUID=“3d078699-517f-44e9-a42c-fc38144e522d” | 接口的唯一标识符 |
DEVICE=“ens33” | 指定设备的名称 |
ONBOOT=“yes” | 指定在启动时激活该接口 |
IPADDR=192.168.101.101 | 指定 IP 地址为 192.168.101.101 |
NETMASK=255.255.255.0 | 指定网络子网掩码为 255.255.255.0 |
GATEWAY=192.168.101.1 | 指定网关的 IP 地址为 192.168.101.1 |
DNS1=192.168.101.1 | 指定首选 DNS 服务器的 IP 地址为 192.168.101.1 |
DNS2=8.8.8.8 | 指定备用 DNS 服务器的 IP 地址为 8.8.8.8 |
(3.)配置SSH远程连接
SSH,全称为Secure Shell,即安全外壳协议,是一种用于在不安全的网络中提供安全通信的网络协议。
它的主要功能包括:
加密传输:SSH通过加密客户端和服务器之间的通信来保证数据的安全性,防止数据在传输过程中被截获或篡改。
身份认证:SSH允许用户通过密码或者密钥对进行身份验证,确保只有授权的用户才能访问系统。
远程登录:SSH最常见的用途之一是作为远程登录工具,用户可以通过SSH从本地计算机登录到远程服务器上进行操作和管理。
端口转发:SSH还支持端口转发,这允许用户将本地端口上的连接转发到远程服务器的端口,从而在需要时绕过防火墙的限制。
CentOS系统默认已经安装了SSH服务,当你安装CentOS时,系统会自动安装好所有必要的服务和依赖包,以便用户能够进行远程登录和管理
有些特殊情况是需要安装openssh-server的
OpenSSH-server是OpenSSH项目的一部分,而OpenSSH是SSH协议的免费开源实现,它包括客户端和服务器两部分
查看SSH版本
[root@centos /]# rpm -qa | grep ssh
libssh2-1.8.0-3.el7.x86_64
openssh-clients-7.4p1-21.el7.x86_64
openssh-7.4p1-21.el7.x86_64
openssh-server-7.4p1-21.el7.x86_64
# 注释:
#rpm:PM代表"Red Hat Package Manager",它是一种软件包管理工具。RPM文件通常包含了软件的预编译二进制程序、配置文件、文档等,用于在CentOS系统上安装、升级或删除软件
# rpm -qa:rpm -qa用于列出系统上已安装的所有软件包的名称,qa代表查询
# grep:用于在文本文件中搜索指定的模式(字符串)
关闭防火墙或者方通SSH协议的22端口
# 永久关闭防火墙
[root@centos /]# systemctl stop firewalld
[root@centos /]# systemctl disable firewalld
# 开启防火墙
[root@centos /]# systemctl start firewalld
[root@centos /]# systemctl enable firewalld
# 放通22端口
[root@centos /]# firewall-cmd --zone=public --add-port=22/tcp --permanent
success
[root@centos /]# firewall-cmd --reload
success
# 查看防火墙方通的端口
[root@centos /]# firewall-cmd --list-ports
22/tcp
当然,SElinux也是需要关闭的
SELinux(Security-Enhanced Linux)是一个安全子系统,它为Linux操作系统提供了额外的安全性层,通过强制访问控制 (MAC) 来限制进程的能力,以减少系统遭受内核级攻击的风险
[root@centos /]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
查看SSH服务状态(开启和关闭状态)
[root@centos /]# systemctl status sshd
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: active **(running)** since Mon 2024-03-25 12:30:46 CST; 4 days ago
Docs: man:sshd(8)
man:sshd_config(5)
Main PID: 1193 (sshd)
CGroup: /system.slice/sshd.service
└─1193 /usr/sbin/sshd -D
Mar 29 15:12:45 centos sshd[18243]: Accepted password for root from 118.31.243.250 por...sh2
Mar 29 15:12:46 centos sshd[18251]: Accepted password for root from 118.31.243.110 por...sh2
Mar 29 15:13:17 centos sshd[18315]: Accepted password for root from 118.31.243.243 por...sh2
Mar 29 15:13:18 centos sshd[18683]: Accepted password for root from 118.31.243.122 por...sh2
Mar 29 15:13:21 centos sshd[18694]: Accepted password for root from 118.31.243.252 por...sh2
Mar 29 15:13:22 centos sshd[18703]: Accepted password for root from 118.31.243.78 port...sh2
Mar 29 15:13:23 centos sshd[18712]: Accepted password for root from 118.31.243.153 por...sh2
Mar 29 15:13:26 centos sshd[18722]: Accepted password for root from 118.31.243.235 por...sh2
Mar 29 15:13:27 centos sshd[18731]: Accepted password for root from 118.31.243.19 port...sh2
Mar 29 15:13:28 centos sshd[18740]: Accepted password for root from 118.31.243.197 por...sh2
Hint: Some lines were ellipsized, use -l to show in full.
# 注释:
# systemctl status:用于显示系统的状态信息,包括当前正在运行的服务的状态
[root@centos /]# systemctl status sshd
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: inactive **(dead)** since Fri 2024-03-29 15:38:12 CST; 4s ago
Docs: man:sshd(8)
man:sshd_config(5)
Process: 1193 ExecStart=/usr/sbin/sshd -D $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 1193 (code=exited, status=0/SUCCESS)
Mar 29 15:27:24 centos sshd[19433]: Accepted password for root from 118.31.243.108 port 62066 ssh2
Mar 29 15:27:25 centos sshd[19441]: Accepted password for root from 118.31.243.180 port 42932 ssh2
Mar 29 15:28:14 centos sshd[19491]: Accepted password for root from 118.31.243.212 port 20182 ssh2
Mar 29 15:28:16 centos sshd[19500]: Accepted password for root from 118.31.243.55 port 49097 ssh2
Mar 29 15:28:17 centos sshd[19509]: Accepted password for root from 118.31.243.119 port 44536 ssh2
Mar 29 15:28:19 centos sshd[19520]: Accepted password for root from 118.31.243.3 port 47648 ssh2
Mar 29 15:28:20 centos sshd[19530]: Accepted password for root from 118.31.243.154 port 2575 ssh2
Mar 29 15:28:21 centos sshd[19539]: Accepted password for root from 118.31.243.35 port 49280 ssh2
Mar 29 15:38:12 centos systemd[1]: Stopping OpenSSH server daemon...
Mar 29 15:38:12 centos systemd[1]: Stopped OpenSSH server daemon.
需要修改SSH配置的可以在/etc/sysconfig/sshd下修改
[root@centos /]# cat /etc/sysconfig/sshd
# Configuration file for the sshd service.
# The server keys are automatically generated if they are missing.
# To change the automatic creation uncomment and change the appropriate
# line. Accepted key types are: DSA RSA ECDSA ED25519.
# The default is "RSA ECDSA ED25519"
# AUTOCREATE\_SERVER\_KEYS=""
# AUTOCREATE\_SERVER\_KEYS="RSA ECDSA ED25519"
# Do not change this option unless you have hardware random
# generator and you REALLY know what you are doing
SSH\_USE\_STRONG\_RNG=0
# SSH\_USE\_STRONG\_RNG=1
阿里云ECS和物理机的配置是不一样的,还是要看现场实际情况的
2、包管理
(1.)yum软件包管理器
在CentOS中,"yum"是一个软件包管理器,用于安装、升级、删除和管理系统中的软件包
它可以从预配置的软件存储库中获取软件包,并自动解决依赖关系
"yum"还可以快速、方便地安装所需的软件、更新系统以及管理软件包
在CentOS 8及更新版本中,“dnf” 已经成为了"yum"的替代者,但是在很多系统中"yum"命令仍然可用
1. yum clean all - 清理YUM缓存和临时文件
[root@centos /]# yum clean all
Loaded plugins: fastestmirror
Cleaning repos: base epel extras updates
2. yum install - 安装指定的软件包及其依赖项
这里以ntp时间同步服务举例
(从安装到启动)
# yum安装ntp服务
[root@centos /]# yum install -y ntp
Loaded plugins: fastestmirror
Determining fastest mirrors
base | 3.6 kB 00:00:00
epel | 4.7 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/7): epel/x86_64/updateinfo | 1.0 MB 00:00:00
(2/7): base/7/x86_64/primary_db | 6.1 MB 00:00:00
(3/7): base/7/x86_64/group_gz | 153 kB 00:00:00
(4/7): epel/x86_64/group_gz | 100 kB 00:00:00
(5/7): epel/x86_64/primary_db | 7.0 MB 00:00:00
(6/7): extras/7/x86_64/primary_db | 254 kB 00:00:00
(7/7): updates/7/x86_64/primary_db | 26 MB 00:00:00
Resolving Dependencies
--> Running transaction check
---> Package ntp.x86_64 0:4.2.6p5-29.el7.centos.2 will be installed
--> Processing Dependency: ntpdate = 4.2.6p5-29.el7.centos.2 for package: ntp-4.2.6p5-29.el7.centos.2.x86_64
--> Processing Dependency: libopts.so.25()(64bit) for package: ntp-4.2.6p5-29.el7.centos.2.x86_64
--> Running transaction check
---> Package autogen-libopts.x86_64 0:5.18-5.el7 will be installed
---> Package ntpdate.x86_64 0:4.2.6p5-29.el7.centos.2 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
============================================================================================
Package Arch Version Repository Size
============================================================================================
Installing:
ntp x86_64 4.2.6p5-29.el7.centos.2 base 549 k
Installing for dependencies:
autogen-libopts x86_64 5.18-5.el7 base 66 k
ntpdate x86_64 4.2.6p5-29.el7.centos.2 base 87 k
Transaction Summary
============================================================================================
Install 1 Package (+2 Dependent packages)
Total download size: 701 k
Installed size: 1.6 M
Downloading packages:
(1/3): ntp-4.2.6p5-29.el7.centos.2.x86_64.rpm | 549 kB 00:00:00
(2/3): ntpdate-4.2.6p5-29.el7.centos.2.x86_64.rpm | 87 kB 00:00:00
(3/3): autogen-libopts-5.18-5.el7.x86_64.rpm | 66 kB 00:00:00
--------------------------------------------------------------------------------------------
Total 3.9 MB/s | 701 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : autogen-libopts-5.18-5.el7.x86_64 1/3
Installing : ntpdate-4.2.6p5-29.el7.centos.2.x86_64 2/3
Installing : ntp-4.2.6p5-29.el7.centos.2.x86_64 3/3
warning: /etc/ntp.conf created as /etc/ntp.conf.rpmnew
Verifying : ntpdate-4.2.6p5-29.el7.centos.2.x86_64 1/3
Verifying : ntp-4.2.6p5-29.el7.centos.2.x86_64 2/3
Verifying : autogen-libopts-5.18-5.el7.x86_64 3/3
Installed:
ntp.x86_64 0:4.2.6p5-29.el7.centos.2
Dependency Installed:
autogen-libopts.x86_64 0:5.18-5.el7 ntpdate.x86_64 0:4.2.6p5-29.el7.centos.2
Complete!
# systemctl三连,启动,开机自启,查看状态
[root@centos /]# systemctl start ntpd
[root@centos /]# systemctl enable ntpd
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
[root@centos /]# systemctl status ntpd
● ntpd.service - Network Time Service
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2024-03-29 16:16:45 CST; 13s ago
Main PID: 22650 (ntpd)
CGroup: /system.slice/ntpd.service
└─22650 /usr/sbin/ntpd -u ntp:ntp -g
Mar 29 16:16:45 centos systemd[1]: Starting Network Time Service...
Mar 29 16:16:45 centos systemd[1]: Started Network Time Service.
Mar 29 16:16:45 centos ntpd[22650]: proto: precision = 0.044 usec
Mar 29 16:16:45 centos ntpd[22650]: 0.0.0.0 c01d 0d kern kernel time sync enabled
3. yum search - 搜索指定名称或关键字的软件包,列出所有相关软件包的详细信息
这里以sshd服务为例
[root@centos /]# yum search sshd
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
====================================== Matched: sshd =======================================
fail2ban.noarch : Daemon to ban hosts that cause multiple authentication errors
gsi-openssh-server.x86_64 : SSH server daemon with GSI authentication
jsch.noarch : Pure Java implementation of SSH2
libnss-mysql.x86_64 : NSS library for MySQL
openssh-server.x86_64 : An open source SSH server daemon
4. yum update - 更新指定的软件包及其依赖项到最新版本
# 查看可用于更新的软件包
[root@centos /]# yum check-update
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
NetworkManager.x86_64 1:1.18.8-2.el7_9 updates
NetworkManager-libnm.x86_64 1:1.18.8-2.el7_9 updates
NetworkManager-team.x86_64 1:1.18.8-2.el7_9 updates
NetworkManager-tui.x86_64 1:1.18.8-2.el7_9 updates
# 更新zlib到最新版本
[root@centos /]# yum update zlib
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package zlib.x86_64 0:1.2.7-18.el7 will be updated
---> Package zlib.x86_64 0:1.2.7-21.el7_9 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
============================================================================================
Package Arch Version Repository Size
============================================================================================
Updating:
zlib x86_64 1.2.7-21.el7_9 updates 90 k
Transaction Summary
============================================================================================
Upgrade 1 Package
Total download size: 90 k
Is this ok [y/d/N]: y
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
zlib-1.2.7-21.el7_9.x86_64.rpm | 90 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : zlib-1.2.7-21.el7_9.x86_64 1/2
Cleanup : zlib-1.2.7-18.el7.x86_64 2/2
Verifying : zlib-1.2.7-21.el7_9.x86_64 1/2
Verifying : zlib-1.2.7-18.el7.x86_64 2/2
Updated:
zlib.x86_64 0:1.2.7-21.el7_9
Complete!
5. yum remove - 卸载指定的软件包及其依赖项
这里还是以ntp为例
[root@centos /]# yum remove ntp
Loaded plugins: fastestmirror
Resolving Dependencies
--> Running transaction check
---> Package ntp.x86_64 0:4.2.6p5-29.el7.centos.2 will be erased
--> Finished Dependency Resolution
Dependencies Resolved
============================================================================================
Package Arch Version Repository Size
============================================================================================
Removing:
ntp x86_64 4.2.6p5-29.el7.centos.2 @base 1.4 M
Transaction Summary
============================================================================================
Remove 1 Package
Installed size: 1.4 M
Is this ok [y/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Erasing : ntp-4.2.6p5-29.el7.centos.2.x86_64 1/1
warning: /etc/ntp.conf saved as /etc/ntp.conf.rpmsave
Verifying : ntp-4.2.6p5-29.el7.centos.2.x86_64 1/1
Removed:
ntp.x86_64 0:4.2.6p5-29.el7.centos.2
Complete!
(2.)rpm软件包管理
最后的话
最近很多小伙伴找我要Linux学习资料,于是我翻箱倒柜,整理了一些优质资源,涵盖视频、电子书、PPT等共享给大家!
资料预览
给大家整理的视频资料:
给大家整理的电子书资料:
如果本文对你有帮助,欢迎点赞、收藏、转发给朋友,让我有持续创作的动力!
网上学习资料一大堆,但如果学到的知识不成体系,遇到问题时只是浅尝辄止,不再深入研究,那么很难做到真正的技术提升。
一个人可以走的很快,但一群人才能走的更远!不论你是正从事IT行业的老鸟或是对IT行业感兴趣的新人,都欢迎加入我们的的圈子(技术交流、学习资源、职场吐槽、大厂内推、面试辅导),让我们一起学习成长!
Complete!
#### (2.)rpm软件包管理
### 最后的话
最近很多小伙伴找我要Linux学习资料,于是我翻箱倒柜,整理了一些优质资源,涵盖视频、电子书、PPT等共享给大家!
### 资料预览
给大家整理的视频资料:
[外链图片转存中...(img-5owpnXxg-1714472824319)]
给大家整理的电子书资料:
[外链图片转存中...(img-Eo0WsCAW-1714472824320)]
**如果本文对你有帮助,欢迎点赞、收藏、转发给朋友,让我有持续创作的动力!**
**网上学习资料一大堆,但如果学到的知识不成体系,遇到问题时只是浅尝辄止,不再深入研究,那么很难做到真正的技术提升。**
**[需要这份系统化的资料的朋友,可以点击这里获取!](https://bbs.csdn.net/topics/618542503)**
**一个人可以走的很快,但一群人才能走的更远!不论你是正从事IT行业的老鸟或是对IT行业感兴趣的新人,都欢迎加入我们的的圈子(技术交流、学习资源、职场吐槽、大厂内推、面试辅导),让我们一起学习成长!**