这个是Ubuntu18.04系统的优化脚本
#!/bin/bash
system_check(){
SYSVER=`cat /etc/issue | awk '{print $1}'`
while [ $SYSVER != Ubuntu ];do
echo "---------ERROR:Please confirm whether it is a Ubuntu system!!!------------"
break
done
}
user_check(){
if [ $(id -u) != 0 ];then
echo "-------------ERROT:Please use root to execute the script!!!---------------"
sudo su -
fi
}
apt_install(){
apt update && apt upgrade
apt install gcc g++ make vim wget curl net-tools lrzsz openssh-server ntpdate curl -y
if [ $? != 0 ];then
exit
echo "--------------Apt installation error!!!---------------"
fi
apt clean && apt autoremove
}
crontab(){
DATE=`date +"%Z %z"`
if [ "$DATE" != "CST +0800" ];then
tzselect
dpkg-reconfigure tzdata
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
fi
find / -name "cron.log"
if [ $? != 0 ];then
sed -i "s/#cron.*/cron.*/g" /etc/rsyslog.d/50-default.conf
systemctl restart cron
systemctl restart rsyslog
fi
echo "0 0 * * * /usr/sbin/ntpdate 0.asia.pool.ntp.org" >>/var/spool/cron/crontabs/root
hwclock --systohc
}
echo 'export HISTTIMEFORMAT="%F `whoami` "'>>/etc/profile
echo TMOUT=3600 >> /etc/profile
. /etc/profile
echo DefaultLimitNOFILE=65535 >> /etc/systemd/user.conf
cat >> /etc/security/limits.conf << END
soft nofile 32768
hard nofile 65536
END
#sudo chattr +i /etc/passwd /etc/shadow /etc/group /etc/gshadow
#chattr -i /etc/passwd /etc/shadow /etc/group /etc/gshadow
jdk_install(){
java -version
JDK=jdk-8u91-linux-x64.tar.gz
if [ ! -f $JDK ];then
echo "----------------------------Please confirm that the MYSQLfile exists!!!----------------------------"
exit
else
tar zxf jdk-8u91-linux-x64.tar.gz
mv jdk1.8.0_91/ /usr/local/java
cat >> /etc/profile << END
export JAVA_HOME=/usr/local/java
export PATH=$PATH:$JAVA_HOME/bin
END
source /etc/profile
java -version
if [ $? != 0 ];then
echo "----------------------"
fi
}
alter_ssh(){
SSHFile="/etc/ssh/sshd_config"
if [ ! -x "$SSHFile" ];then
read -p "Please enter new user name:" username
useradd -r -m -s /bin/bash $username
passwd $username
chmod u+w /etc/sudoers
echo "$username ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
cd /home/$username
mkdir -p .ssh/
chown $username:$username .ssh/
touch .ssh/authorized_keys
chown $username:$username .ssh/authorized_key
cd -
# 下面的这部分是密钥,需要自己准备一对密钥,公钥放在这个文件内
echo "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2/pjYzP7iH8P6I4x65vfSBMvuYVcgWDrb4G13SDiXG3a0GYUa8ZfcMiD6OND2/l+WuL0OJa1mFgBwweM/kNjdOOGUz/ELMJjh1PvJPVAPOM8XoSAuGHBwoiieclc9XfXAt3bZydijfOAX9bl9GX7HMLkroOE3VIJ3mrXMX1txD4Ihg5CyvsFCB6sf7Sfg67We8D5RWwOb7AyJeWhkpVA+wOlyflemON2L3VrEuxnNYOty1jbed9xpotPBOb+I23xHkMKvfSkU+UwMCoYtdnc94r5lnTLhzILJ41xXX4Y49qs6v5Avj3PEH4HJuoleAFCLWBz96dfj9Li9z2yVtgYQ==" >>/home/$username/.ssh/authorized_keys
chmod 0600 /home/$username/.ssh/authorized_keys
chmod 755 /home/$username/.ssh
sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin no/g' /etc/ssh/sshd_config
#sudo sed -i 's/PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config
sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
sed -i 's/PubkeyAuthentication no/PubkeyAuthentication yes/g' /etc/ssh/sshd_config
sed -i 's/#Port 22/Port 3600/g' /etc/ssh/sshd_config
bash -c "echo AllowUsers $username>> /etc/ssh/sshd_config"
#echo DenyUsers $username>> /etc/ssh/sshd_config
/etc/init.d/ssh restart
netstat -anpt | grep 3600
if [ $? = 1 ];then
echo "-----------SSH startup fail-----------"
fi
fi
}
system_check
user_check
apt_install
#jdk_install
crontab
alter_ssh
#reboot
新手一枚,请多多指教。