CentOS7优化系统
yum install -y wget vim bash-completion lrzsz net-tools nfs-utils yum-utils rdate ntpdate
PS1="\[\e[1;32m\][\t \[\e[1;33m\]\u\[\e[35m\]@\h\[\e[1;31m\] \W\[\e[1;32m\]]\[\e[0m\]\\$"
echo 'PS1="\[\e[1;32m\][\t \[\e[1;33m\]\u\[\e[35m\]@\h\[\e[1;31m\] \W\[\e[1;32m\]]\[\e[0m\]\\$"' >>/etc/profile
echo 'export HISTTIMEFORMAT="%F %T `whoami` "' >>/etc/bashrc
echo -e "ClientAliveInterval 30 \nClientAliveCountMax 86400" >>/etc/ssh/sshd_config
#sed -i '/#Port 22/a Port 52113' /etc/ssh/sshd_config
service sshd restart
#rdate -s time.nist.gov
ntpdate 61.160.213.184
clock -w
echo "0 */1 * * * /usr/sbin/ntpdate 61.160.213.184 &> /dev/null" >> /var/spool/cron/root
#echo "0 */1 * * * /usr/bin/rdate -s time.nist.gov &> /dev/null" >> /var/spool/cron/root
mkdir /etc/yum.repos.d/bak
\mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
sed -ri 's@(.*aliyuncs)@#\1@g' /etc/yum.repos.d/CentOS-Base.repo
yum clean all
yum makecache
#yum update -y --exclude=kernel* --exclude=centos-release* --skip-broken
echo 'LANG="en_US.UTF-8"' >/etc/locale.conf
. /etc/locale.conf
echo "net.ipv4.ip_forward = 1" >>/etc/sysctl.conf
sysctl -p
sed -i '/UseDNS/a UseDNS no' /etc/ssh/sshd_config
systemctl restart sshd
systemctl stop firewalld.service
systemctl disable firewalld.service
sed -ri 's#^(SELINUX=).*$#\1disabled#g' /etc/selinux/config
setenforce 0
systemctl stop NetworkManager
systemctl disable NetworkManager提示符达到这个效果:
PS1="\[\e[1;32m\][\t \[\e[1;33m\]\u\[\e[35m\]@\h\[\e[1;31m\] \W\[\e[1;32m\]]\[\e[0m\]\\$" echo 'PS1="\[\e[1;32m\][\t \[\e[1;33m\]\u\[\e[35m\]@\h\[\e[1;31m\] \W\[\e[1;32m\]]\[\e[0m\]\\$"' >>/etc/profile
让历史记录显示操作时间及用户(需要注销重新登录)
echo 'export HISTTIMEFORMAT="%F %T `whoami` "' >>/etc/bashrc
镇江机房zkeys控制器的服务器优化:
yum install -y wget vim bash-completion lrzsz net-tools nfs-utils yum-utils rdate ntpdate
PS1="\[\e[1;32m\][\t \[\e[1;33m\]\u\[\e[35m\]@\h\[\e[1;31m\] \W\[\e[1;32m\]]\[\e[0m\]\\$"
echo 'PS1="\[\e[1;32m\][\t \[\e[1;33m\]\u\[\e[35m\]@\h\[\e[1;31m\] \W\[\e[1;32m\]]\[\e[0m\]\\$"' >>/etc/profile
echo 'export HISTTIMEFORMAT="%F %T `whoami` "' >>/etc/bashrc
echo -e "ClientAliveInterval 30 \nClientAliveCountMax 86400" >>/etc/ssh/sshd_config
sed -i '/Port 22/a Port 52113' /etc/ssh/sshd_config
service sshd restart
rdate -s time.nist.gov
clock -w
#echo "0 */1 * * * /usr/bin/rdate -s time.nist.gov &> /dev/null" >> /var/spool/cron/root
mkdir /etc/yum.repos.d/bak
\mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
sed -ri 's@(.*aliyuncs)@#\1@g' /etc/yum.repos.d/CentOS-Base.repo
yum clean all
yum makecache
echo 'LANG="en_US.UTF-8"' >/etc/locale.conf
. /etc/locale.conf
echo "net.ipv4.ip_forward = 1" >>/etc/sysctl.conf
sysctl -p
sed -i '/UseDNS/a UseDNS no' /etc/ssh/sshd_config
systemctl restart sshd
systemctl stop firewalld.service
systemctl disable firewalld.service
sed -ri 's#^(SELINUX=).*$#\1disabled#g' /etc/selinux/config
setenforce 0
systemctl stop NetworkManager
systemctl disable NetworkManager
#启用防火墙并限制只能办公室的IP地址能登录ssh
systemctl enable --now firewalld
firewall-cmd --zone=public --permanent --add-rich-rule='rule family=ipv4 source address=61.160.202.235 port port=52123 protocol=tcp accept'
firewall-cmd --reload
#设置服务器名称要修改
hostnamectl set-hostname zj135zkeys2条评论
添加新评论
- Pingback: 搭建机房KVM虚拟化 - 笔记本
- Pingback: KVM虚拟机安装及模板机制作(后端盘)(二) - 笔记本
