跳到主要內容

CentOS環境設定

修改開機為文字模式

vi /etc/inittab
id:3:initdefault:

更改hostname

vi /etc/hosts
vi /etc/sysconfig/network
hostname fw

限制root不能用ssh登入

vi /etc/ssh/sshd_config
PermitRootLogin no
最後一行加入
AllowUsers username
重新啟動sshd
service sshd restart

限制來源IP使用ssh


vi /etc/hosts.deny
sshd: ALL
僅允許 192.168.1.* 與 1.2.3.4 連線
vi /etc/hosts.allow
sshd: 192.168.1 1.2.3.4

限制只有特定user可以su

vi /etc/pam.d/su
把以下此行前面的#號刪掉
auth required pam_wheel.so use_uid
把想要可以su的帳號加入wheel群組
usermod -G wheel username
標籤:

這個網誌中的熱門文章

CactiEZ Default Login Information

To login to the OS (you will want to change this) user: root pass: CactiEZ To login to cacti (it prompts to change this) user: admin pass: admin Get to webmin at (requires the root user / pass) https://serverip:10000/ To configure ntop (you will want to change this) user: admin pass: CactiEZ To configure nagios user: nagiosadmin pass: CactiEZ #vi /etc/sysconfig/clock # 修改 ZONE="Asia/Taipei"
閱讀完整內容

CentOS 7 firewall nat

開啟ip forward vi /etc/sysctl.conf net.ipv4.ip_forward = 1 sysctl -p 增加firewall policy firewall-cmd --direct --add-rule ipv4 nat POSTROUTING 0 -o eth_ext -j MASQUERADE firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i eth_int -o eth_ext -j ACCEPT firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i eth_ext -o eth_int -m state --state RELATED,ESTABLISHED -j ACCEPT firewall-cmd --runtime-to-permanent
閱讀完整內容

解決在Hyper-V安裝CentOS5.4遠端桌面滑鼠不能動的問題

01# 設定網路(在Hyper-V設定用"傳統網路介面卡") 02# yum install kernel-devel gcc 03# rm /lib/modules/2.6.18-164.el5/build (目錄有可能會不一樣) 04# ln -s /usr/src/kernels/2.6.18-164.15.1.el5-x86_64/ /lib/modules/2.6.18-164.el5/build 05# 放光碟 06# cp -rp /media/driver /opt (目錄不一定是"/media/driver",可用mount指令查) 07# cd /opt/driver/LinuxICv2 08# ./setup.pl drivers 09# cd /opt/driver/inputvsc 10# ./setup.pl inputdriver
閱讀完整內容