1、查看文件内容
(1)查看/est/passwd文件第六行
[root@localhost ~]# head -6 /etc/passwd | tail -1 #显示该文件前六行,管道连接前6行显示其最后一行#
sync:x:5:0:sync:/sbin:/bin/sync #第六行内容#
(2)查看/etc/selinux/config 以SELINUX开头的行
[root@localhost ~]# grep ^[SELINUX] /etc/selinux/config
SELINUX=enforcing
SELINUXTYPE=targeted
(3)查看/etc/ssh/sshd_config 以no结尾的行
[root@localhost ~]# grep no$ /etc/ssh/sshd_config
#HostbasedAuthentication no
#IgnoreUserKnownHosts no
#PermitEmptyPasswords no
ChallengeResponseAuthentication no
#KerberosAuthentication no
#KerberosGetAFSToken no
GSSAPICleanupCredentials no
#GSSAPIKeyExchange no
#GSSAPIEnablek5users no
#GatewayPorts no
PrintMotd no
#PermitUserEnvironment no
#UseDNS no
#PermitTunnel no
# X11Forwarding no
# AllowTcpForwarding no
# PermitTTY no
(4)过滤/etc/ssh/sshd_config含数字的行
[root@localhost ~]# grep -v [0-9] /etc/ssh/sshd_config
# This is the sshd server system-wide configuration file. See
# This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.# If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
#AddressFamily any
#ListenAddress ::HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key# Ciphers and keying
#RekeyLimit default none# This system is following system-wide crypto policy. The changes to
# crypto properties (Ciphers, MACs, ...) will not have any effect here.
# They will be overridden by command-line options passed to the server
# on command line.# Logging
#SyslogFacility AUTH
SyslogFacility AUTHPRIV
#LogLevel INFO# Authentication:
PermitRootLogin yes
#StrictModes yes#PubkeyAuthentication yes
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys#AuthorizedPrincipalsFile none
#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
PasswordAuthentication yes# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
ChallengeResponseAuthentication no# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
#KerberosUseKuserok yes# GSSAPI options
GSSAPIAuthentication yes
GSSAPICleanupCredentials no
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
# WARNING: 'UsePAM no' is not supported in Fedora and may cause several
# problems.
UsePAM yes#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#PermitTTY yes# It is recommended to use pam_motd in /etc/pam.d/sshd instead of PrintMotd,
# as it is more configurable and versatile than the built-in version.
PrintMotd no#PrintLastLog yes
#TCPKeepAlive yes
#PermitUserEnvironment no
#Compression delayed
#UseDNS no
#PidFile /var/run/sshd.pid
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none# no default banner path
#Banner none# Accept locale-related environment variables
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS# override default of no subsystems
Subsystem sftp /usr/libexec/openssh/sftp-server# Example of overriding settings on a per-user basis
#Match User anoncvs
# AllowTcpForwarding no
# PermitTTY no
# ForceCommand cvs server
2.文本处理
查看etc/passwd文件以":"为分隔符的第一列内容,并按字母逆序写入/username文件 统计/etc/passwd文件有几行,只把行数显示出来
[root@localhost ~]# cut -d ':' -f 1 /etc/passwd |sort -r > /username #截取etc/passwd文件以":"为分隔符的第一列内容 | 以字母逆序显示 》 写入uesrmane文件#
[root@localhost ~]# cat /username #查看username文件内容#
usbmuxd
unbound
tss
tcpdump
systemd-resolve
systemd-coredump
sync
sssd
sshd
shutdown
setroubleshoot
saslauth
rtkit
rpcuser
rpc
root
radvd
qemu
pulse
polkitd
pipewire
operator
nobody
lp
libstoragemgmt
halt
guest
gnome-initial-setup
gluster
geoclue
gdm
games
ftp
flatpak
dnsmasq
dbus
daemon
colord
cockpit-wsinstance
cockpit-ws
clevis
chrony
bin
avahi
adm[root@localhost ~]# wc -l /etc/passwd | cut -d ' ' -f 1 #统计/etc/passwd/的行数 | 分割空格第一段字符#
46
3.统计系统命令执行频率最高的前十个命令
[root@localhost ~]# echo 执行频率最高的十个命令 ` history | tr -s ' ' ' ' | cut -d ' ' -f 3 | sort | uniq -c | tr -s ' ' ' ' | sort -n | tail -10 | cut -d ' ' -f 3 `
执行频率最高的十个命令 ifconfig ll cat cut ls echo man wc grep history
[root@localhost ~]#