Translate

Security of server (ssh and sudo)

 1. How to change the port of ssh:

(default port: 22)

1. vim /etc/ssh/sshd_config

2. 


3. systemctl restart sshd

* Port can change to the number close to 65535.



2. How to manage the accounts of server system:

2.1 How to use root account

    1) how to change the password of root

            sudo passwd root

    2) how to change to root

            su root

    3) create user

            adduser test                  (better)

            useradd -m test            (-m: create user folder /home/test)

    4) delete user

            userdel -r test               (-r: also delete folder /home/test)

    5) change password of user

            passwd test


2.2 How to add sudoer

    1)  "su root"

    2)  "visudo" (open /etc/sudoers)

    3)  add "user ALL=(ALL) ALL"


2.3 How to check which user has sudo right

            usermod -aG sudo test (add 'test' into sudo group)  

            getent group sudo


* 通常root账号就只通过密钥登陆,只有一人掌握密钥;

开通1-2个sudo账号,用于管理权限;

开通若干普通账号,用于部署等操作。




at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
  • Kafka - Failed with result 'exit-code'
    Error:      Failed with result 'exit-code' Solution:    1)  Open the file   meta.properties .          In my case, it was located at...
  • Dynamic routes in next.js
    1. Dynamic Segment A Dynamic Segment can be created by wrapping a folder's name in square brackets: [folderName]. For example, [id] or [...
  • Zephyr - Study: JavaScript (2)
    1. 内建对象:          包括 object function array 等 2. 数组 Array            也是一个对象          1)创建数组对象:var arr = new Array();          2)添加元素:数组[索引] =...