作者:roy9494
转自:http://blog.csdn.net/roy9494/article/details/6647629
http://www.hostloc.com/thread-75145-1-1.html
debian 6(squeeze)+vpn基本安装
------------------------------------------------------------------------------------------------------
基本设置
------------------------------------------------------------------------------------------------------
0设置固定ip,以便SSH管理
http://apps.hi.baidu.com/share/detail/20704503
/etc/network/interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.0.42
network 192.168.0.0
netmask 255.255.255.0
broadcast 192.168.0.255
gateway 192.168.0.1
1一般使用国内的源,速度也可以
http://coolwinding.blog.163.com/blog/static/112240939201011294543291/
# 163的源
deb http://mirrors.163.com/debian/ squeeze main non-free contrib
deb http://mirrors.163.com/debian/ squeeze-proposed-updates main non-free contrib
deb http://mirrors.163.com/debian-security/ squeeze/updates main non-free contrib
apt-get update
如果是美国的机子
deb http://mirror.peer1.net/debian/ stable main #contrib non-free
deb-src http://mirror.peer1.net/debian/ stable main #contrib non-free
deb http://security.debian.org/ stable/updates main
2按大师们讲法,VI太鬼异,还是安装vim习惯些
apt-get install vim
3看不惯单色的LS,就改为显示颜色
vim .bashrc
4修改ssh端口
vim /etc/ssh/sshd_config
5修改密码
passwd user
6查看用户组
http://hi.baidu.com/nfubuntu/blog/item/f910a26489e612f1f63654c3.html
vim /etc/passwd
vim /etc/shadow
vim /etc/group
vim /etc/gshadow
7如果是租VPS的,可以查看一下硬件
http://hi.baidu.com/tonyty163/blog/item/0f3f325125d8136a85352448.html
dmesg
lspci -v
lsusb
dmidecode
cpu信息
cat /proc/cpuinfo
内存信息
free -m
硬盘信息
df -h
硬盘牌子
http://bbs.chinaunix.net/thread-2212807-1-1.html
hdparm -i /dev/disk/by-id/XXX
7查看软件
http://www.rei3.com/archives/2259.html
dpkg -l
删除
dpkg -P 软件名
rcconf
11修改时区
tzselect
方法二:
http://hi.baidu.com/sgnkdomnrrejowr/item/a1b76cdf1485694efb57689a
$sudo dpkg-reconfigure tzdata
12修改时间
#date -s 07/26/2005
#date -s 11:12:00
同步时间
http://blog.chinaunix.net/uid-20411155-id-1685010.html
apt-get install ntpdate
ntpdate-debian
or
ntpdate time.cuit.edu.cn
国外的票机子,可以用这个
http://www.im87.net/topics/debian-server-ntp/
ntpdate ntp.api.bz
13,如果是图开界面,可能会出现方块字体无法显示中文
http://yiranwuqing.iteye.com/blog/1136878
http://www.cnblogs.com/wbbice/archive/2012/01/15/2323052.htmlhttp://blog.csdn.net/laichao1112/article/details/6320067
1)安装字库
apt-get install ttf-arphic-ukai
2)安装输入法
apt-get install ibus-pinyin ibus-table-wubi #安装IBUS五笔和拼音
3)允许root用户登录
http://www.litvip.com/127/
修改/etc/pam.d/gdm3文件
4)远程桌面
apt-get install tsclient
apt-get install xrdp
5)网络管理
http://hi.baidu.com/xyhouse/item/f66366f9d6caf8ef1b111f87
http://gm100861.blog.51cto.com/1930562/895579
apt-get install network-manager network-manager-gnome network-manager-pptp network-manager-pptp-gnome
apt-get install network-manager-kde
vim /etc/NetworkManager/NetworkManager.conf
[ifupdown]
managed=true
配置拨号
http://blog.tangjianwei.com/2010/04/05/connect-to-a-pptp-server-in-ubntu-with-network-manager/
1))要取消PAP
2))勾上MPPE
-----------------------------------------------------------------------------------------------------------------
以下是安装lamp步骤
-----------------------------------------------------------------------------------------------------------------
lamp还是习惯了自己安装
1基本应用
apt-get install apache2
apt-get install php5 mysql-server php5-mysql
2测试
w3m localhost
3只做一些简单的应用,也可以安装轻量级数据库
apt-get install sqlite
4做图片验证码的话,还要补充个GD库(我还真不知道除了GD库外,怎样做图片验证码,感觉做出来的效果也不怎样)
apt-get install php5-gd
4出于安全起见,可以装上个https
debian安装https
http://www.kdolphin.com/1113
1
自签证书
a2enmod ssl
mkdir /etc/apache2/ssl
openssl req -new -x509 -days 365 -nodes -out /etc/apache2/ssl/apache.pem -keyout /etc/apache2/ssl/apache.key
第一行用来启用Apache2的ssl模块,第三行用来生成一个自签名证书。
2
配置Apache2使用自签证书
编辑”/etc/apache2/ports.conf”,确保有ip:443这样的设置,默认启用ssl模块后系统会自动添加。
NameVirtualHost 12.34.56.78:443
3
编辑VirtualHost文件:
<VirtualHost 12.34.56.78:443>
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
……
</VirtualHost>
前三行是设置启用SSL和设置证书位置,接下来按照正常的站点设置就可以了,可以参考《VPS建站LAMP 101》。
最后重启Apache就可以了。
-------------------------------------------------------------
也可以用APACHE强制使用HTTPS,以加强安全
这里会用到mod_rewrite
http://blog.tangjianwei.com/2011/11/02/apache-force-to-https-ssl/
RewriteCond %{HTTPS} !^on$ [NC]
RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI} [L]
5,加速php
http://www.pc-freak.net/blog/installing-eaccelerator-for-php5-on-debian-lenny-5-04/
http://wangye.org/blog/archives/241/
http://www.sitebuddy.com/php/accelerators/eaccelerator-windows-binaries
http://www.ali727.com/1145.html
1,下载
wget -c http://soft.vpser.net/web/eaccelerator/eaccelerator-0.9.6.1.tar.bz2
2,安装
# apt-get install make php5-dev bzip2
tar jxvf eaccelerator-0.9.6.1.tar.bz2 #解压
3,编译
cd eaccelerator-0.9.6.1 /usr/bin/phpize ./configure -enable-eaccelerator=shared -with-php-config=/usr/bin/php-config make make install
4,设置
mkdir /tmp/eaccelerator chmod 777 /tmp/eaccelerator
vim /etc/php5/conf.d/eaccelerator.ini
extension="eaccelerator.so"
eaccelerator.shm_size="16"
eaccelerator.cache_dir="/tmp/eaccelerator"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="0"
eaccelerator.shm_prune_period="0"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
5,管理
cp control.php /home/wwwroot/ #复制eaccelerator的管理文件到网站目录
admin
eAccelerator
顺便也记下win版的文件网址
http://dev.freshsite.pl/nc/php-accelerators/eaccelerator/sorting/by-crdate-desc.html
6,加密
http://www.lt163.com/blog/space-1-do-blog-id-800.html
1,下载
http://www.zend.com/en/products/guard/downloads
ZendGuardLoader-php-5.3-linux-glibc23-i386.tar.gz文件
2,复制
mkdir -p /usr/local/zend
3,设置
php.ini
zend_extension= /usr /local /zend /ZendGuardLoader.so
7,
apt-get install rcconf删除多余程序