学习笔记0314----linux安装
- 预习内容:
-
- 一、搭建LINUX学习环境必备软件
- 二、搭建linux系统
-
- 1.VM安装教程and创建虚拟机
- 2.虚拟机安装linux
- 3.给linux系统设置固定IP地址
- 4.xshel远程连接linux
- 5.单用户模式
- 6.linux-01使用密钥登陆linux-02
- 课后总结
-
- 一、常见linux操作系统
- 二、课中提到的知识点
-
- 1.selinux关闭
- 2.修改开机启动显示画面
- 3.系统运行级别
- 4. 密钥文件的配置
- 5.Centos7修改grub密码
- 6.查看系统信息
预习内容:
1.1 学习之初 1.2 约定 1.3 认识Linux 1.4 安装虚拟机 1.5 安装centos7 1.6/1.7 配置IP 1.8 网络问题排查 1.9 使用PuTTY远程连接Linux 1.10 使用xshell连接Linux 1.11 PuTTY密钥认证 1.12 xshell密钥认证 1.13 单用户模式 1.14 救援模式 1.15 克隆虚拟机 1.16 Linux机器相互登录
一、搭建LINUX学习环境必备软件
- VMware Workstation 虚拟机
- Centos 7.6 镜像
- xshell 软件(PuTTY等)
PS:如上软件可以使用地址下载获取,推荐一个下载软件Proxyee Down,也可以下载某盘得文件,目前个人在使用,配合Google chrome使用完美。
网站:https://github.com/aminglinux/linux201 资源网站:http://r.aminglinux.com
二、搭建linux系统
1.VM安装教程and创建虚拟机
超级地址
2.虚拟机安装linux
3.给linux系统设置固定IP地址
> vi /etc/sysconfig/network-scripts/ifcfg-eth33 #此文件是网卡的地址,vi编辑可以打开修改网卡信息#
> BOOTPROTO=static #设置为静态地址#
> ONBOOT=yes #设置开机启动#
> IPADDR=192.168.141.128 #设置网卡IP地址#
> NETMASK=255.255.255.0 #设置子网掩码#
> GATEWAY=192.168.141.2 #设置刚才查看net网关#
注:vi编辑完成之后需要按“:(英文状态)”,输入wq 保存。(linux是区分大小写的)
>service network restart #这个是重启网卡的命令
>systemctl restart network.service #这个是重启网卡的命
注:重启过网卡,即可用远程软件xshell远程连接咯。
#这个是xshell的一个配色方案,可以复制代码存入txt文件,保存重命名文件为:skycolor.xcs,导入xshell即可使用#
[skycolor]
text=00ff80
cyan(bold)=00ffff
text(bold)=e9e9e9
magenta=c000c0
green=80ff00
green(bold)=3c5a38
background=042028
cyan=00c0c0
red(bold)=ff0000
yellow=c0c000
magenta(bold)=ff00ff
yellow(bold)=ffff00
red=ff4500
white=c0c0c0
blue(bold)=1e90ff
white(bold)=fdf6e3
black=000000
blue=00bfff
black(bold)=808080
[Names]
name0=skycolor
count=14.xshel远程连接linux
下面的放法是使用root密码登陆linux系统
下面的方式是使用密钥登陆
mkdir /root/.ssh #在root目录下创建一个.ssh 的文件
ll -a #列出当前目录下的所有文件
chmod 700 .ssh #给.ssh文件夹设置权限为700 “rwx------”
把刚才创建的公钥输入复制进去
5.单用户模式
忘记root密码怎么办?在grub没有密码的情况下。
ro 代表readonly
rw 表示read write sysroot是系统所在目录
chroot /sysroot/ #代表切换到root用户目录
LANG=en #代表把模式改成英文,改root密码乱码更改成英文
passwd root #更改root密码
touch /.autorelabel #是和selinux有关的一个操作
exit #退出
reboot #重启
6.linux-01使用密钥登陆linux-02
代码语言:javascript复制##使用命令ssh-keygen 生成公钥#
[root@linux-01 .ssh]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:sxF1osdmG59Y5HD7YhH8Y71Vf40yZaC2a34qLsYWO3g root@linux-02
The key's randomart image is:
---[RSA 2048]----
| .*. |
| O.oo .|
| o O = o |
| * Bo = *|
| S = .. |
| . o . . |
| o o. o |
| . E .o . |
| ..oo |
----[SHA256]-----
##查看生成得公钥##
[root@linux-01 ~]# ls /root/.ssh/
authorized_keys id_rsa id_rsa.pub
[root@linux-01 ~]# cat /root/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCtLq7BON1b8vgicPTa5jl5tj/UGvlB/Rn42/Xl/IMZPuSoBpTL6VYtbvlV6NIXK1cRrseBU6hpCzKcUP/GvnKR4PODENkPKq 3KC4A/KSy49axovtr0/ISJV5wTWeH SO/XHtke8pg8lRtHHBek36gcEVbBGAVge93PVCkZPjFDzqYmMB1ND0xULzViFGOfx830TUINWV8eEWNRtqtdOzpB jSlqA84stLsiRqAzQLhVIdAcSLGqq rDnLEvzOcUxA9fZxt7qH7Kc0aFQOKsvzZZrUkldi n/Ny7bqxXhG9FyVXNzrcelfqtgCGL te2961kJtPmG9cNxfAvedC mb root@linux-01##把公钥放置到linux-02上##
[root@linux-02 .ssh]# vi authorized_keys ##把linux-01生成得公钥复制粘贴到此文件##在linux-01上免密登陆linux-02#
##linux-01电脑IP 192.168.141.128
##linux-02电脑IP 192.168.141.129
[root@linux-01 ~]# ssh 192.168.141.129
Last login: Fri Mar 15 01:39:16 2019 from 192.168.141.128
[root@linux-02 ~]# 课后总结
一、常见linux操作系统
之前已经了解了一些常用的linux操作系统:centos(rehl社区版)、rehl、ubuntu 、suse、debian。用过centos和ubuntu,其他的暂时还没有用过
linux发展史:https://commons.wikimedia.org/wiki/File:Linux_Distribution_Timeline.svg 内核官网 : https://www.kernel.org/ centos官网:https://www.centos.org/
二、课中提到的知识点
1.selinux关闭
代码语言:javascript复制#临时关闭selinux,下次开启还会启动#
[root@localhost ~]# getenforce ##查看sulinux的状态#
Enforcing ##代表开启##
[root@localhost ~]# setenforce 0 ##临时关闭selinux#
[root@localhost ~]# getenforce
Permissive ##代表关闭##
#永久关闭selinux#
[root@localhost ~]# vim /etc/sysconfig/selinux ##修改配置文件##
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing “此处修改为SELINUX=disable”
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted 2.修改开机启动显示画面
代码语言:javascript复制##修改开机启动画面##
[root@localhost ~]# vim /etc/motd
[root@localhost ~]# exit
登出
Connection closing...Socket close.
Connection closed by foreign host.
Disconnected from remote host(CentOS 7.6) at 23:43:21.
Type `help' to learn how to use Xshell prompt.
[C:~]$
Connecting to 192.168.241.88:22...
Connection established.
To escape to local shell, press 'Ctrl Alt ]'.
Last login: Thu Mar 14 23:32:04 2019 from 192.168.241.1
welcome to linux!
[root@localhost ~]# 3.系统运行级别
代码语言:javascript复制[root@localhost ~]# ll /usr/lib/systemd/system/runlevel*target
lrwxrwxrwx. 1 root root 15 2月 28 21:06 /usr/lib/systemd/system/runlevel0.target -> poweroff.target
lrwxrwxrwx. 1 root root 13 2月 28 21:06 /usr/lib/systemd/system/runlevel1.target -> rescue.target
lrwxrwxrwx. 1 root root 17 2月 28 21:06 /usr/lib/systemd/system/runlevel2.target -> multi-user.target
lrwxrwxrwx. 1 root root 17 2月 28 21:06 /usr/lib/systemd/system/runlevel3.target -> multi-user.target
lrwxrwxrwx. 1 root root 17 2月 28 21:06 /usr/lib/systemd/system/runlevel4.target -> multi-user.target
lrwxrwxrwx. 1 root root 16 2月 28 21:06 /usr/lib/systemd/system/runlevel5.target -> graphical.target
lrwxrwxrwx. 1 root root 13 2月 28 21:06 /usr/lib/systemd/system/runlevel6.target -> reboot.target
级别0代表关机
级别1代表单用户
级别2、3、4代表多用户,正常开机进入系统的是级别3
级别5代表是图形界面
级别6代表重启4. 密钥文件的配置
代码语言:javascript复制[root@localhost .ssh]# cat /etc/ssh/sshd_config
# $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/local/bin:/usr/bin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
# If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
# Ciphers and keying
#RekeyLimit default none
# Logging
#SyslogFacility AUTH
SyslogFacility AUTHPRIV
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys “此处设置了密钥的文件夹,密钥文件名”
#AuthorizedPrincipalsFile none
#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
PasswordAuthentication yes
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
#KerberosUseKuserok yes
# GSSAPI options
GSSAPIAuthentication yes
GSSAPICleanupCredentials no
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no
#GSSAPIEnablek5users no
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
# WARNING: 'UsePAM no' is not supported in Red Hat Enterprise Linux and may cause several
# problems.
UsePAM yes
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation sandbox
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#ShowPatchLevel no
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none
# no default banner path
#Banner none
# Accept locale-related environment variables
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS
# override default of no subsystems
Subsystem sftp /usr/libexec/openssh/sftp-server
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# PermitTTY no
# ForceCommand cvs server5.Centos7修改grub密码
代码语言:javascript复制##现在系统生成密码##
[root@localhost .ssh]# grub2-mkpasswd-pbkdf2
输入口令:
Reenter password:
PBKDF2 hash of your password is grub.pbkdf2.sha512.10000.971367C1E3C46E524C5706199FDF1F3E085D07CFA5A04E98124D358F4054CD7B8C5380684233860A8DE69440A8237EAE7A8571961573BDDF1694236E287C8A61.A3ADDD1AD834C0EDB5E09B2A89CA4D57620FB9C111434A0D597B450E8200CAC52102FA808939B3BB4A8D26B2C86B294E8A165B1D3F189EF13616958949FB49B6
[root@localhost .ssh]#
##找出grub配置文件##
[root@localhost .ssh]# cd /boot/grub2/
[root@localhost grub2]# ll
总用量 32
-rw-r--r--. 1 root root 84 3月 1 04:30 device.map
drwxr-xr-x. 2 root root 25 3月 1 04:30 fonts
-rw-r--r--. 1 root root 4235 3月 1 04:31 grub.cfg ##这个文件是配置文件##
-rw-r--r--. 1 root root 1024 3月 1 04:31 grubenv
drwxr-xr-x. 2 root root 8192 3月 1 04:30 i386-pc
drwxr-xr-x. 2 root root 4096 3月 1 04:30 locale
[root@localhost grub2]# cp grub.cfg grub.cfg.bak ##备份配置文件##
[root@localhost grub2]# vim grub.cfg
### BEGIN /etc/grub.d/00_header ### ##在此粗下插入以下内容##
set superusers="root"
export superusers
password_pbkdf2 root “注意此处是一行” grub.pbkdf2.sha512.10000.971367C1E3C46E524C5706199FDF1F3E085D07CFA5A04E98124D358F4054CD7B8C5380684233860A8DE69440A8237EAE7A8571961573BDDF1694236E287C8A61.A3ADDD1AD834C0EDB5E09B2A89CA4D57620FB9C111434A0D597B450E8200CAC52102FA808939B3BB4A8D26B2C86B294E8A165B1D3F189EF13616958949FB49B66.查看系统信息
代码语言:javascript复制##查看系统内核信息#
[root@linux-01 ~]# uname -r
3.10.0-957.el7.x86_64
[root@linux-01 ~]#
##查看系统版本信息##
[root@linux-01 ~]# cat /etc/centos-release
CentOS Linux release 7.6.1810 (Core)
##修改系统hostname#
[root@localhost ~]# hostnamectl set-hostname linux-01
