Debian10Standard无网络安装后,设置静态IP,安装openssh-server 221024记录

Debain各版本 bd cd dvd iso 归档下载地址 — Debian CDs/DVDs archive — http://cdimage.debian.org/cdimage/archive/

安装环境是 Win10下 的 VMware16.2

本次安装用的是从
http://cdimage.debian.org/cdimage/archive/10.12.0-live/amd64/iso-hybrid/
页面下载的
debian-live-10.12.0-amd64-standard.iso

开启网卡时,安装会比较慢, 所以禁用了网卡

或者点右下角网络图标,断开连接

选择语言, 中文在本地控制台无法显示, 选其它语言又不好选时区, 所以可以选择第一个, no localization 无定位

让后选 Asia 亚洲

Debian10Standard的iso镜像没有apt仓库功能, 无网安装后, 没法使用 apt update

sudo vi /etc/apt/sources.list

sudo nano /etc/apt/sources.list

查看此时的apt镜像配置文件

# 

# deb cdrom:[Official Debian GNU/Linux Live 10.12.0 standard 2022-03-26T18:50]/ buster main

deb cdrom:[Official Debian GNU/Linux Live 10.12.0 standard 2022-03-26T18:50]/ buster main

# Line commented out by installer because it failed to verify:
#deb http://security.debian.org/debian-security buster/updates main
# Line commented out by installer because it failed to verify:
#deb-src http://security.debian.org/debian-security buster/updates main

# buster-updates, previously known as 'volatile'
# A network mirror was not selected during install.  The following entries
# are provided as examples, but you should amend them as appropriate
# for your mirror of choice.
#
# deb http://deb.debian.org/debian/ buster-updates main
# deb-src http://deb.debian.org/debian/ buster-updates main

启用虚拟机的网络连接, ip addr没有地址, 需要手动配置网络

Debian10.12Standard自带两种网络服务 networking 和 systemd-networkd , 没带 NetworkManager

默认启用了networking 没有启用 systemd-networkd

分别查看状态

查看 systemd-networkd.service

sudo systemctl status systemd-networkd

说明有systemd-networkd.service这项服务,但没有启用, 所以没有启动

查看 networking.service

sudo systemctl status networking

networking启用了,但没启动成功
没有启动成功的原因是 /etc/network/interfaces.d/setup 这个文件的设置.

将两个eth0改为 ens33 (刚开始时,vim不好用, 可以用nano编辑文档)

sudo nano /etc/network/interfaces.d/setup

也可以用 sed 命令修改

sudo sed -ie 's/eth0/ens33/g' /etc/network/interfaces.d/setup

/etc/network/interfaces.d/setup 是由 /etc/network/interfaces 调用的, 并不是每个版本都有这个文件
也可以删掉/etc/network/interfaces.d/setup , 直接修改 /etc/network/interfaces

修改后 systemctl restart networking , networking可以启动了

可以自动获取ip了

为方便复制粘贴, 须开启ssh远程控制台, 须安装openssh-server , 但这张光盘iso却没有自带, 有些麻烦
一种方法是加载有openssh-server的光盘iso, 比如http://cdimage.debian.org/cdimage/archive/10.12.0/amd64/iso-cd/debian-10.12.0-amd64-xfce-CD-1.iso , 然后执行 apt-cdrom add命令, 然后执行 apt install openssh-server命令
另一种方法是编辑/etc/apt/sources.list, 添加好用的源, 然后执行 apt install openssh-server命令

默认的vim有问题, 编辑模式下,上下左右和退格键都不好用
用 nano 打开 /etc/vim/vimrc.tiny

sudo nano /etc/vim/vimrc.tiny

将 set compatible 改为 set nocompatible
再加一行 set backspace=2
ctrl+o回车保存, ctrl+x退出

原先的 /etc/vim/vimrc.tiny

" Vim configuration file, in effect when invoked as "vi". The aim of this
" configuration file is to provide a Vim environment as compatible with the
" original vi as possible. Note that ~/.vimrc configuration files as other
" configuration files in the runtimepath are still sourced.
" When Vim is invoked differently ("vim", "view", "evim", ...) this file is
" _not_ sourced; /etc/vim/vimrc and/or /etc/vim/gvimrc are.

" Debian system-wide default configuration Vim
set runtimepath=~/.vim,/var/lib/vim/addons,/usr/share/vim/vimfiles,/usr/share/vim/vim81,/usr/share/vim/vimfiles/after,/$

set compatible

" vim: set ft=vim:

修改后的 /etc/vim/vimrc.tiny

" Vim configuration file, in effect when invoked as "vi". The aim of this
" configuration file is to provide a Vim environment as compatible with the
" original vi as possible. Note that ~/.vimrc configuration files as other
" configuration files in the runtimepath are still sourced.
" When Vim is invoked differently ("vim", "view", "evim", ...) this file is
" _not_ sourced; /etc/vim/vimrc and/or /etc/vim/gvimrc are.

" Debian system-wide default configuration Vim
set runtimepath=~/.vim,/var/lib/vim/addons,/usr/share/vim/vimfiles,/usr/share/vim/vim81,/usr/share/vim/vimfiles/after,/$

set nocompatible
set backspace=2

" vim: set ft=vim:

这下上下左右退格就正常了 ,
但远程连接时发现,这个版本的vim会捕获鼠标, 导致没办法复制粘贴 !!!

• 解决方法1 :

sudo vi /usr/share/vim/vim81/defaults.vim

找到 /usr/share/vim/vim81/defaults.vim 的

if has('mouse')
  set mouse=a
endif

修改为 mouse-=a 或 mouse=r 或者干脆去掉这句

用脚本修改

sudo sed -ie 's/set mouse=a/set mouse-=a/g' /usr/share/vim/vim81/defaults.vim

• 解决方法2:

sudo /etc/vim/vimrc

在末尾加上

let skip_defaults_vim = 1 " 跳过default.vim
if has('mouse')
  set mouse=r
endif

或只加上第一句

let skip_defaults_vim = 1

跳过那个默认配置文件的设置

Debian10Standard 自带 networking和systemd-networkd两种服务可配置网络

• networking的配置文件是 /etc/network/interfaces
networking 可搭配 resolvconf 配置DNS
  或者用/etc/network/interfaces 和 /etc/resolv.conf实体文件 分别配置 IP 和 DNS
• systemd-networkd的配置文件是 /etc/systemd/network/*.network
systemd-networkd 可搭配 systemd-resolved 配置DNS
  也可搭配 /etc/resolv.conf实体文件 分别配置 IP 和 DNS

用 /etc/network/interfaces 设置静态Ip

sudo vi /etc/network/interfaces

无网络安装的初始的 /etc/network/interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

有网络安装的初始的 /etc/network/interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug ens33
iface ens33 inet dhcp

可以看到 source /etc/network/interfaces.d/* 这句会执行 /etc/network/interfaces.d/ 下的所有脚本
/etc/network/interfaces.d/ 里一开始有个 setup 文件

sudo vi /etc/network/interfaces.d/setup

无网络安装的初始 /etc/network/interfaces.d/setup

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

有网络安装的初始 /etc/network/interfaces.d/setup

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

可看出 /etc/network/interfaces.d/setup 有网无网安装都没区别.
而且其中eth0并不存在, 会使networking 报错 , 还有与/etc/network/interfaces重复的部分
可以删除这个setup文件, 直接在上级目录的 interfaces 文件中配置
也可以把 setup 改成

auto ens33
iface ens33 inet static
address 192.168.168.10/24
gateway 192.168.168.2

或

auto ens33
iface ens33 inet static
address 192.168.168.10
netmark 255.255.255.0
gateway 192.168.168.2

最好是删除setup,避免和interfaces内容冲突

也可参考官方版本 https://wiki.debian.org/NetworkConfiguration
的
/etc/network/interfaces

# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto bond0
iface bond0 inet manual
        up ifconfig bond0 0.0.0.0 up
        slaves eth1 eth0
auto vlan10
iface vlan10 inet static
        address 10.10.10.12/24
        vlan-raw-device bond0
        gateway 10.10.0.1
        dns-search hup.hu
        dns-nameservers 10.10.0.2
auto vlan20
iface vlan20 inet static
        address 10.20.10.12/24
        vlan-raw-device bond0
auto vlan30
iface vlan30 inet static
        address 10.30.10.12/24
        vlan-raw-device bond0

经测试, 默认情况下, 通过设置 dns-nameservers 来设置DNS没用,
默认也没有安装resolvconf这个程序
官方文档说,如果安装了resolvconf这个程序, 就不要修改 /etc/resolv.conf ,

sudo apt install resolvconf

而用dns-nameservers 来设置DNS
安装了 resolvconf 后, 就会有 resolvconf.service 服务, 默认没有启动

sudo systemctl enable resolvconf
sudo systemctl start resolvconf

安装了 resolvconf 后, /etc/resolv.conf 变成一个符号链接(软链接) ,不要直接修改它

sudo vi /etc/resolv.conf

无网络安装时, 没有 /etc/resolv.conf

有网络安装的初始 /etc/resolv.conf

domain localdomain
search localdomain
nameserver 192.168.168.2

如果没有安装resolvconf这个程序 , 可以自己创建一个 /etc/resolv.conf

nameserver 192.168.168.2
search baidu.com

或

nameserver 192.168.168.2
domain baidu.com

search是搜索域, 作用如:设置baidu.com后, ping www 就能达到 ping www.baidu.com的效果
它在域名没解析到时起作用, 追加设置的后缀再请求DNS解析一遍
search是domain的替代,效果一样,

• search可以设置多个值,用空格分隔 ,
• domain只能设置一个值

如果安装了resolvconf这个程序, /etc/resolv.conf 变成一个符号链接(软链接) ,不要直接修改它

root@ds10:~# ls -l /etc/resolv.conf
lrwxrwxrwx 1 root root 31 Oct 24 02:22 /etc/resolv.conf -> /etc/resolvconf/run/resolv.conf

一个resolvconf的例子
编辑/etc/network/interfaces

sudo vi /etc/network/interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug ens33

auto ens33
iface ens33 inet static
address 192.168.168.9/24
gateway 192.168.168.2
dns-nameservers 223.6.6.6 180.76.76.76
dns-search baidu.com

sudo systemctl restart networking
sudo nano /etc/resolv.conf

最好是重启系统, 光重启networking的话, 有时会很怪异
/etc/resolv.conf 变成了

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 223.6.6.6
nameserver 180.76.76.76
search baidu.com

用 systemd-networkd 配置静态Ip

systemd-networkd 搭配 systemd-resolved

官方参考—The modern network configuration without GUI

archlinux systemd.network(5)
archlinux systemd.network(5) — [NETWORK] SECTION OPTIONS
man7.org systemd.network(5)
man7.org systemd.network(5)—[NETWORK] SECTION OPTIONS
systemd.network 中文手册 译者：金步国
systemd-resolved.service 中文手册 译者：金步国

查看手册

man systemd-networkd
man systemd-resolved
man systemd.network

在 /etc/systemd/network/ 下创建以 .network 结尾的文件

sudo nano /etc/systemd/network/ens33.network

编辑内容为

[Match]
Name=ens33
[Network]
Address=192.168.168.8/24
Gateway=192.168.168.2
DNS=8.8.8.8
DNS=1.1.1.1

要使DNS起作用, 还要启用 systemd-resolved

sudo systemctl stop networking
sudo systemctl disable networking
sudo systemctl stop resolvconf
sudo systemctl disable resolvconf
sudo systemctl enable systemd-networkd
sudo systemctl start systemd-networkd
sudo systemctl restart systemd-networkd
sudo systemctl status systemd-resolved
sudo systemctl enable systemd-resolved
sudo systemctl start systemd-resolved

/etc/resolv.conf 变成

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.53

但也不一定, 也出现过/etc/resolv.conf 消失, 不知怎得又以实体文件出现的情况
没那么多精力研究清楚
已知的设置ip工具有: network , networking , NetworkManager , systemd-networkd , netplan

用 network-manager(NetworkManager) 配置静态Ip

一般图形界面的Linux本身就带NetworkManager, 命令行界面的可能不带
debian10Standard用apt安装NetworkManager要用network-manager

sudo apt install network-manager

sudo systemctl enable NetworkManager
sudo systemctl start NetworkManager

安装好后, systemctl status NetworkManager和systemctl status network-manager 效果是一样的

安装好NetworkManager后就能使用nmtui和nmcli命令配置网络
nmtui可以使用命令行的图形界面来配置网络

用 NetworkManager 的 nmtui 配置网络

也可以用 nmcli 命令行语句配置网络

用 NetworkManager 的 nmcli 配置网络

• nmcli connection add 可以创建一个新连接配置
• nmcli connection modify 可以修改现有连接

nmcli connection 的 add和modify 的 ipv4 选项

• ipv4. 可以接 [method, dns, dns-search, dns-options, dns-priority, addresses, gateway, routes, route-metric, route-table, routing-rules, ignore-auto-routes, ignore-auto-dns, dhcp-client-id, dhcp-iaid, dhcp-timeout, dhcp-send-hostname, dhcp-hostname, dhcp-fqdn, dhcp-hostname-flags, never-default, may-fail, required-timeout, dad-timeout, dhcp-vendor-class-identifier, dhcp-reject-servers] 。
• • ipv4.method的可选]值有 [auto, link-local, manual, shared, disabled] , ipv4.method最简可写成ipv.me
• • ipv4.addresses 设置IP地址, 最简可写成 ipv4.a, 可设置多个地址,以逗号分隔, 也可多次用 +ipv4.a
ipv4.a(ipv4.addresses)可以设置多个(,逗号分隔,可以有空格),但只能出现一次, +ipv4.a(+ipv4.addresses)可以设置多个(,逗号分隔)可以出现多次
• • 网关ipv4.g(ipv4.gateway)只能有一个, (在图形界面也只能设置一个), 如果没设置网关就不能上网,但只要有ip地址,就能让网段内其它主机访问,比如ssh连接,没有网关就是能进不能出
• • ipv4.dns不能简写,可一次设置多个, +ipv4.dns可多次设置多个
• • ipv4.dns-search可简写为ipv4.dns-s , 搜索域
• • ipv4.ignore-auto-dns 取值 true|fasle 是否跳过自动域名 , 最简只能写成ipv4.ignore-auto-d

nmcli connection add 可以创建一个新连接配置

nmcli connection add 可以简写为 nmcli c a

sudo nmcli c a con-name 'Test001' ifname 'ens33' type ethernet ipv4.method 'manual' ipv4.addresses "192.168.168.8/24 , 192.168.168.225/24,192.168.168.226/24"  +ipv4.address '192.168.168.227/24' +ipv4.a '192.168.168.228/24' +ipv4.addre '192.168.168.229/24 , 192.168.168.230/24   ,     192.168.168.231/24'    +ipv4.addr "192.168.168.232/24" +ipv4.ad '192.168.168.233/24'  +ipv4.a 192.168.168.234/24,192.168.168.235/24 ipv4.gate 192.168.168.2  ipv4.dns 192.168.168.2,119.29.29.29,180.76.76.76,223.6.6.6,8.8.4.4,114.114.115.115 +ipv4.dns '223.5.5.5 , 8.8.8.8 , 1.1.1.1 , 114.114.114.114' +ipv4.dns 101.226.4.6,123.125.81.6 ipv4.ignore-auto-dns true ipv4.dns-search baidu.com,aliyun.com,taobao.com,qq.com,google.cn

上面的命令会生成 /etc/NetworkManager/system-connections/Test001.nmconnection

root@ds10:~# sudo nmcli c a con-name 'Test001' ifname 'ens33' type ethernet ipv4.method 'manual' ipv4.addresses "192.168.168.8/24 , 192.168.168.225/24,192.168.168.226/24"  +ipv4.address '192.168.168.227/24' +ipv4.a '192.168.168.228/24' +ipv4.addre '192.168.168.229/24 , 192.168.168.230/24   ,     192.168.168.231/24'    +ipv4.addr "192.168.168.232/24" +ipv4.ad '192.168.168.233/24'  +ipv4.a 192.168.168.234/24,192.168.168.235/24 ipv4.gate 192.168.168.2  ipv4.dns 192.168.168.2,119.29.29.29,180.76.76.76,223.6.6.6,8.8.4.4,114.114.115.115 +ipv4.dns '223.5.5.5 , 8.8.8.8 , 1.1.1.1 , 114.114.114.114' +ipv4.dns 101.226.4.6,123.125.81.6 ipv4.ignore-auto-dns true ipv4.dns-search baidu.com,aliyun.com,taobao.com,qq.com,google.cn
Connection 'Test001' (209bded9-ab56-4377-a39b-34722a1db9a4) successfully added.
root@ds10:~# cd /etc/NetworkManager/system-connections/
root@ds10:/etc/NetworkManager/system-connections# ls
Test001.nmconnection  ip8.nmconnection
root@ds10:/etc/NetworkManager/system-connections# cat Test001.nmconnection
[connection]
id=Test001
uuid=209bded9-ab56-4377-a39b-34722a1db9a4
type=ethernet
interface-name=ens33
permissions=

[ethernet]
mac-address-blacklist=

[ipv4]
address1=192.168.168.8/24,192.168.168.2
address2=192.168.168.225/24
address3=192.168.168.226/24
address4=192.168.168.227/24
address5=192.168.168.228/24
address6=192.168.168.229/24
address7=192.168.168.230/24
address8=192.168.168.231/24
address9=192.168.168.232/24
address10=192.168.168.233/24
address11=192.168.168.234/24
address12=192.168.168.235/24
dns=192.168.168.2;119.29.29.29;180.76.76.76;223.6.6.6;8.8.4.4;114.114.115.115;223.5.5.5;8.8.8.8;1.1.1.1;114.114.114.114;101.226.4.6;123.125.81.6;
dns-search=baidu.com;aliyun.com;taobao.com;qq.com;google.cn;
ignore-auto-dns=true
method=manual

[ipv6]
addr-gen-mode=stable-privacy
dns-search=
method=auto
root@ds10:/etc/NetworkManager/system-connections#

sudo vi /etc/NetworkManager/system-connections/Test001.nmconnection

可看到, 生成的 Test001.nmconnection 的内容为

[connection]
id=Test001
uuid=209bded9-ab56-4377-a39b-34722a1db9a4
type=ethernet
interface-name=ens33
permissions=

[ethernet]
mac-address-blacklist=

[ipv4]
address1=192.168.168.8/24,192.168.168.2
address2=192.168.168.225/24
address3=192.168.168.226/24
address4=192.168.168.227/24
address5=192.168.168.228/24
address6=192.168.168.229/24
address7=192.168.168.230/24
address8=192.168.168.231/24
address9=192.168.168.232/24
address10=192.168.168.233/24
address11=192.168.168.234/24
address12=192.168.168.235/24
dns=192.168.168.2;119.29.29.29;180.76.76.76;223.6.6.6;8.8.4.4;114.114.115.115;223.5.5.5;8.8.8.8;1.1.1.1;114.114.114.114;101.226.4.6;123.125.81.6;
dns-search=baidu.com;aliyun.com;taobao.com;qq.com;google.cn;
ignore-auto-dns=true
method=manual

[ipv6]
addr-gen-mode=stable-privacy
dns-search=
method=auto

此时配置还没有生效 , 用 ip address 查看

ip address
ip addres
ip addre
ip addr
ip add
ip ad
ip a

root@ds10:/etc/NetworkManager/system-connections# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:7e:5a:68 brd ff:ff:ff:ff:ff:ff
    inet 192.168.168.8/24 brd 192.168.168.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::1276:d3c4:b8cf:b2ff/64 scope link noprefixroute
       valid_lft forever preferred_lft forever

可以用 nmtui 的方式使其生效 👇

也可以用 nmcli connection reload ; nmcli connection up Test001 使其生效

sudo nmcli connection reload ; sudo nmcli connection up Test001

sudo nmcli c r ; sudo nmcli c u Test001

root@ds10:/etc/NetworkManager/system-connections# nmcli c u Test001
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)
root@ds10:/etc/NetworkManager/system-connections# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:7e:5a:68 brd ff:ff:ff:ff:ff:ff
    inet 192.168.168.8/24 brd 192.168.168.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet 192.168.168.225/24 brd 192.168.168.255 scope global secondary noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet 192.168.168.226/24 brd 192.168.168.255 scope global secondary noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet 192.168.168.227/24 brd 192.168.168.255 scope global secondary noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet 192.168.168.228/24 brd 192.168.168.255 scope global secondary noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet 192.168.168.229/24 brd 192.168.168.255 scope global secondary noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet 192.168.168.230/24 brd 192.168.168.255 scope global secondary noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet 192.168.168.231/24 brd 192.168.168.255 scope global secondary noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet 192.168.168.232/24 brd 192.168.168.255 scope global secondary noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet 192.168.168.233/24 brd 192.168.168.255 scope global secondary noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet 192.168.168.234/24 brd 192.168.168.255 scope global secondary noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet 192.168.168.235/24 brd 192.168.168.255 scope global secondary noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::ccce:8620:e852:5296/64 scope link noprefixroute
       valid_lft forever preferred_lft forever

NetworkManager会修改/etc/resolv.conf

sudo vi /etc/resolv.conf

/etc/resolv.conf 的内容为

# Generated by NetworkManager
search baidu.com aliyun.com taobao.com qq.com google.cn
nameserver 192.168.168.2
nameserver 119.29.29.29
nameserver 180.76.76.76
# NOTE: the libc resolver may not support more than 3 nameservers.
# The nameservers listed below may not be recognized.
nameserver 223.6.6.6
nameserver 8.8.4.4
nameserver 114.114.115.115
nameserver 223.5.5.5
nameserver 8.8.8.8
nameserver 1.1.1.1
nameserver 114.114.114.114
nameserver 101.226.4.6
nameserver 123.125.81.6

可能只有前3个DNS会生效

如果使配置生效过程中出现 device is strictly unmanaged 而没法生效
可查看/etc/NetworkManager/NetworkManager.conf

sudo cat /etc/NetworkManager/NetworkManager.conf

[main]
plugins=ifupdown,keyfile

[ifupdown]
managed=false

将 managed=false 改为 managed=true

sudo vi /etc/NetworkManager/NetworkManager.conf

[main]
plugins=ifupdown,keyfile

[ifupdown]
managed=false
managed=true

👆可以直接将 managed=true 加在 managed=false 下面
重启 NetworkManager

sudo systemctl restart NetworkManager

添加一个简洁的,可当基础模板

sudo nmcli connection add con-name 'Concise' ifname 'ens33' type 'ethernet' ipv4.method 'manual' ipv4.addresses "192.168.168.224/24" ipv4.gateway '192.168.168.2' ipv4.dns '192.168.168.2' ipv4.ignore-auto-dns false ipv4.dns-search google.cn

con-name, ifname , type 没法简写 , 区分大小写

可以添加几个连接可用于做试验,或者方便快速切换

sudo nmcli c a con-name 'con-name' ifname 'ens33' type 'EtherneT' ipv4.me 'manual' ipv4.a 192.168.168.224/24 ipv4.g 192.168.168.2

EtHeRnEt 不区分大小写 , 到配置文件会变为小写 ethernet

sudo nmcli c a con-name 'ens33自动获取IP' ifname 'ens33' type EtHeRnEt ipv4.me auto

ipv4.xxx 也不区分大小写, 到配置文件都变小写

sudo nmcli c a con-name '阿里dns' ifname ens33 type ethernet IpV4.me ManuaL iPV4.A 192.168.168.224/24 IPv4.g 192.168.168.2 ipv4.ignore-auto-dns true ipv4.dns 223.6.6.6,223.5.5.5

sudo nmcli c m '阿里dns' iPv4.iGnore-aUto-dNs true Ipv4.dnS 223.6.6.6,223.5.5.5 iPv4.dNs-SeArCh alibaba.com,aliyun.com,taobao.com

con-name, ifname , type 没法简写 , 而且区分大小写

sudo nmcli c a con-name '谷歌dns' ifname ens33 type ETHERnet iPV4.mE mANuAl IpV4.aDDr 192.168.168.224/24 ipV4.GAte 192.168.168.2 IpV4.IgNorE-AUto-DnS TruE ipV4.dNS 8.8.4.4,8.8.8.8 ipV4.DnS-sEaRcH google.cn

sudo nmcli c a con-name 百度dns ifname ens33 type ethernet ipv4.me manual ipv4.a 192.168.168.224/24 ipv4.g 192.168.168.2 ipv4.ignore-auto-dns true ipv4.dns 180.76.76.76 ipv4.dns-search baidu.com

单引号

sudo nmcli c a con-name '腾讯dns' ifname 'ens33' type 'ethernet' ipv4.me 'manual' ipv4.a '192.168.168.224/24' ipv4.g '192.168.168.2' ipv4.ignore-auto-dns 'true' ipv4.dns '119.29.29.29' ipv4.dns-search 'qq.com'

双引号

sudo nmcli c a con-name "114dns" ifname "ens33" type "ethernet" ipv4.me "manual" ipv4.a "192.168.168.224/24" ipv4.g "192.168.168.2" ipv4.ignore-auto-dns "true" ipv4.dns "114.114.114.114,114.114.115.115"

大写

sudo nmcli c a con-name 'IBMdns' ifname 'ens33' type 'ethernet' IPV4.ME manual IPV4.A 192.168.168.224/24 IPV4.G 192.168.168.2 IPV4.IGNORE-AUTO-DNS true IPV4.DNS '9.9.9.9'

全名大写

sudo nmcli c a con-name 'CNNICdns' ifname 'ens33' type 'ethernet' IPV4.METHOD 'manual' IPV4.ADDRESSES 192.168.168.224/24 IPV4.GATEWAY 192.168.168.2 IPV4.IGNORE-AUTO-DNS 'true' IPV4.DNS '1.2.4.8,210.2.4.8' IPV4.DNS-SEARCH 'baidu.com,google.cn'

全名小写

sudo nmcli c a con-name 'CloudflareDNS' ifname 'ens33' type 'ethernet' ipv4.method 'manual' ipv4.addresses '192.168.168.224/24' ipv4.gateway '192.168.168.2' ipv4.ignore-auto-dns 'true' ipv4.dns '1.1.1.1,1.0.0.1' ipv4.dns-search 'baidu.com,google.cn'

sudo nmcli c a con-name "360电信移动铁通dns" ifname "ens33" type "ethernet" ipv4.method "manual" ipv4.addresses "192.168.168.224/24" ipv4.gateway "192.168.168.2" ipv4.ignore-auto-dns "true" ipv4.dns "101.226.4.6 , 218.30.118.6" ipv4.dns-search "360.com"

sudo nmcli c a con-name 360联通dns ifname ens33 type ethernet ipv4.method manual ipv4.addresses 192.168.168.224/24 ipv4.gateway 192.168.168.2 ipv4.ignore-auto-dns true ipv4.dns 123.125.81.6,140.207.198.6 ipv4.dns-search "360.com"

sudo nmcli c a con-name 微软dns ifname ens33 type ethernet ipv4.me manual ipv4.a 192.168.168.224/24 ipv4.g 192.168.168.2 ipv4.ignore-auto-dns true ipv4.dns 4.2.2.1,4.2.2.2 ipv4.dns-s bing.com

sudo nmcli c a con-name OpenDNS ifname ens33 type ethernet ipv4.me manual ipv4.a 192.168.168.224/24 ipv4.g 192.168.168.2 ipv4.ignore-auto-dns true ipv4.dns 208.67.222.222,208.67.220.220 ipv4.dns-s bing.com

nmcli connection reload 可以从新配置文件生成新连接

nmcli connection reload 会扫描加载所有/etc/NetworkManager/system-connections/ 目录下(不包括子目录) .nmconnection 结尾的配置文件, 然后用 nmcli connection up 连接名 激活连接

*.nmconnection 必须符合 chmod 600 权限 -rw-------

root@ud224:/etc/NetworkManager/system-connections# ls -l /etc/NetworkManager/system-connections/
总用量 80
drwxr-xr-x 1 root root  940 10月 27 07:48  ./
drwxr-xr-x 1 root root  194 10月 27 07:35  ../
-rw------- 1 root root  344 10月 26 05:56  360电信移动铁通dns.nmconnection
-rw------- 1 root root  313 10月 26 05:58  360联通dns.nmconnection
-rw------- 1 root root  350 10月 26 04:10  阿里dns.nmconnection
-rw------- 1 root root  298 10月 26 04:34  百度dns.nmconnection
-rw------- 1 root root  301 10月 26 04:25  谷歌dns.nmconnection
-rw------- 1 root root  315 10月 26 06:13  四川联通dns.nmconnection
-rw------- 1 root root  295 10月 26 04:53  腾讯dns.nmconnection
-rw------- 1 root root  300 10月 26 06:06  微软dns.nmconnection
-rw------- 1 root root  427 10月 26 00:39 '有线连接 1.nmconnection'
-rw------- 1 root root  315 10月 26 05:37  CloudflareDNS.nmconnection
-rw------- 1 root root  311 10月 26 05:26  CNNICdns.nmconnection
-rw------- 1 root root  276 10月 26 02:14  Concise.nmconnection
-rw------- 1 root root  236 10月 26 03:42  con-name.nmconnection
-rw------- 1 root root  203 10月 26 03:45  ens33自动获取IP.nmconnection
-rw------- 1 root root  741 10月 26 01:55  ens33ConnTest001.nmconnection
-rw------- 1 root root  268 10月 26 05:01  IBMdns.nmconnection
-rw------- 1 root root  312 10月 26 06:16  OpenDNS.nmconnection
-rw------- 1 root root 1069 10月 27 07:48  t001.nmconnection
-rw------- 1 root root  729 10月 27 07:43  t002.nmconnection
-rw------- 1 root root  345 10月 27 07:33  t003.nmconnection
drwxr-xr-x 1 root root   34 10月 27 07:27  test/

nmcli connection modify 可以修改现有连接

• connection 可以写成 c 到 connection 之间的字段
• modify 可以写成 m 到 modify 之间的字段

  nmcli connection modify
  nmcli connec modify
  nmcli conne modif
  nmcii conn modi
  nmcli con mod
  nmcli co mo
  nmcli c m
  nmcli c modify
  nmcli connection m
  

自动获取ip

sudo nmcli co mo "Test001" ipv4.method 'auto'

手动指定ip地址和网关,静态IP

sudo nmcli co mo "Test001" ipv4.method 'manual' ipv4.addresses "192.168.168.10/24" ipv4.gateway "192.168.168.2"

手动指定的dns, 跳过自动获取dns

sudo nmcli co mo "Test001" ipv4.ignore-auto-d 'true'

设置修改dns , 相同的dns不会重复

sudo nmcli co mo "Test001" ipv4.dns "192.168.168.2 , 8.8.4.4 , 223.6.6.6 , 180.76.76.76"
sudo nmcli co mo "Test001" +ipv4.dns "123.125.81.6 ,1.1.1.1,8.8.8.8,114.114.114.114"
sudo nmcli co mo "Test001" +ipv4.dns "192.168.168.2 , 6.6.6.6" # 不会重复
sudo nmcli co mo "Test001" -ipv4.dns "6.6.6.6"

设置搜索域

sudo nmcli co mo "Test001" ipv4.dns-search 'baidu.com , google.cn , qq.com'

一句修改 method , addresses , gateway , dns , 跳过自动DNS , search

sudo nmcli c m "Test001" ipv4.method 'manual' ipv4.addresses "192.168.168.10/24" ipv4.gateway "192.168.168.2" ipv4.dns "192.168.168.2 , 8.8.4.4 , 223.6.6.6 , 180.76.76.76, 123.125.81.6, 1.1.1.1,8.8.8.8,114.114.114.114" ipv4.ignore-auto-dns 'true' ipv4.dns-search 'baidu.com' ; sudo systemctl restart NetworkManager

method可写成me , addresses可写成a , gateway可写成g , dns不能简写 , dns-serarch可写成dns-s

sudo nmcli c m "Test001" ipv4.me manual ipv4.a "192.168.168.10/24" ipv4.g "192.168.168.1" ipv4.dns "192.168.168.2 , 223.6.6.6 , 180.76.76.76, 123.125.81.6, 1.1.1.1,8.8.8.8,114.114.114.114,8.8.4.4" ipv4.ignore-auto-d 'true' ipv4.dns-s 'baidu.com' ; sudo systemctl restart NetworkManager

没有空格等一些特殊字符的话, 也可以不加引号, 点号不影响

sudo nmcli c m "Test001" ipv4.me manual ipv4.a 192.168.168.10/24 ipv4.g 192.168.168.2 ipv4.dns 192.168.168.2,223.6.6.6,180.76.76.76,123.125.81.6,1.1.1.1,8.8.8.8,114.114.114.114,8.8.4.4 ipv4.ignore-auto-d true ipv4.dns-s baidu.com ; sudo systemctl restart NetworkManager

重新加载配置文件

sudo nmcli connection reload

使配置生效

sudo nmcli connection up Test001

安装openssh-server , 更换apt源

一种方法是加载有openssh-server的光盘iso, 比如http://cdimage.debian.org/cdimage/archive/10.12.0/amd64/iso-cd/debian-10.12.0-amd64-xfce-CD-1.iso , 然后执行 apt-cdrom add命令, 然后执行 apt install openssh-server命令
另一种方法是编辑/etc/apt/sources.list, 添加好用的源, 然后执行 apt install openssh-server命令

sudo vi /etc/apt/sources.list

无网安装的初始 /etc/apt/sources.list

# 

# deb cdrom:[Official Debian GNU/Linux Live 10.12.0 standard 2022-03-26T18:50]/ buster main

deb cdrom:[Official Debian GNU/Linux Live 10.12.0 standard 2022-03-26T18:50]/ buster main

# Line commented out by installer because it failed to verify:
#deb http://security.debian.org/debian-security buster/updates main
# Line commented out by installer because it failed to verify:
#deb-src http://security.debian.org/debian-security buster/updates main

# buster-updates, previously known as 'volatile'
# A network mirror was not selected during install.  The following entries
# are provided as examples, but you should amend them as appropriate
# for your mirror of choice.
#
# deb http://deb.debian.org/debian/ buster-updates main
# deb-src http://deb.debian.org/debian/ buster-updates main

有网安装时选163源的初始 /etc/apt/sources.list

# 

# deb cdrom:[Official Debian GNU/Linux Live 10.12.0 standard 2022-03-26T18:50]/ buster main

#deb cdrom:[Official Debian GNU/Linux Live 10.12.0 standard 2022-03-26T18:50]/ buster main

deb http://mirrors.163.com/debian/ buster main
deb-src http://mirrors.163.com/debian/ buster main

deb http://security.debian.org/debian-security buster/updates main
deb-src http://security.debian.org/debian-security buster/updates main

# buster-updates, previously known as 'volatile'
deb http://mirrors.163.com/debian/ buster-updates main
deb-src http://mirrors.163.com/debian/ buster-updates main

# This system was installed using small removable media
# (e.g. netinst, live or single CD). The matching "deb cdrom"
# entries were disabled at the end of the installation process.
# For information about how to configure apt package sources,
# see the sources.list(5) manual.

有网安装时选华为源的初始 /etc/apt/sources.list

# 

# deb cdrom:[Official Debian GNU/Linux Live 10.12.0 standard 2022-03-26T18:50]/ buster main

#deb cdrom:[Official Debian GNU/Linux Live 10.12.0 standard 2022-03-26T18:50]/ buster main

deb http://mirrors.huaweicloud.com/debian/ buster main
deb-src http://mirrors.huaweicloud.com/debian/ buster main

deb http://security.debian.org/debian-security buster/updates main
deb-src http://security.debian.org/debian-security buster/updates main

# buster-updates, previously known as 'volatile'
deb http://mirrors.huaweicloud.com/debian/ buster-updates main
deb-src http://mirrors.huaweicloud.com/debian/ buster-updates main

# This system was installed using small removable media
# (e.g. netinst, live or single CD). The matching "deb cdrom"
# entries were disabled at the end of the installation process.
# For information about how to configure apt package sources,
# see the sources.list(5) manual.

阿里 Debian security镜像

deb http://mirrors.aliyun.com/debian-security/ squeeze/updates main non-free contrib
deb-src http://mirrors.aliyun.com/debian-security/ squeeze/updates main non-free contrib

阿里巴巴开源镜像站
阿里巴巴开源镜像站—Debian 镜像
阿里巴巴开源镜像站—Debian security镜像