From 1ff159aca124435a993326c69d83f5b36e14ae8c Mon Sep 17 00:00:00 2001 From: X Date: Tue, 22 Apr 2025 07:29:42 +0000 Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=96=B0=20openEuler?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- openEuler.md | 130 --------------------------------------------------- 1 file changed, 130 deletions(-) diff --git a/openEuler.md b/openEuler.md index e7cc23f..ee7f5c0 100644 --- a/openEuler.md +++ b/openEuler.md @@ -24,133 +24,3 @@ nmcli connection down eth0 && nmcli connection up eth0 ``` -## 一、修改root密码 -``` -passwd root -``` - -## 二、添加可sudo的管理员用户并设置密码 -Redhat/CentOS系: -``` -useradd -m -g wheel -s /bin/bash "username" && passwd "username" -``` -Debian/ubuntu系: -``` -useradd -m -g sudo -s /bin/bash "username" && passwd "username" -``` - -## 三、清理无用账号(如有) - -- 进入指定账户home目录,备份文件至/tmp下 -``` -cd /home/"username" -mv * /tmp -``` -- 删除账号及目录 -``` -userdel -rf "username" -``` - - -## 四、修改SSH安全配置 - -编辑SSH配置文件: -``` -vi /etc/ssh/sshd.config -``` -将下列语句加入文件最后: -``` -PermitRootLogin no -Ciphers aes256-ctr,aes192-ctr,aes128-ctr -MACs hmac-sha2-512,hmac-sha2-256 -``` - -添加完成后重启ssh服务: -``` -systemctl restart sshd -``` - -## 五、添加软件源,更新所有应用程序 -阿里云服务器参考[深圳国家基因库开源镜像站](https://gitlab.genomics.cn/tianjing/faq/-/wikis/%E5%9B%BD%E5%AE%B6%E5%9F%BA%E5%9B%A0%E5%BA%93%E5%BC%80%E6%BA%90%E9%95%9C%E5%83%8F%E7%AB%99) -集团横岗&盐田虚拟化平台参考[华大集团开源镜像站](https://gitlab.genomics.cn/yangjiewei/platformops-faq/-/wikis/%E5%8D%8E%E5%A4%A7%E9%9B%86%E5%9B%A2%E5%BC%80%E6%BA%90%E9%95%9C%E5%83%8F%E7%AB%99) -其他地区参考华为云或阿里云软件源进行互联网更新。 - - -Redhat/CentOS系软件更新: -``` -sudo yum update -y -``` -Debian/ubuntu系软件更新: -``` -sudo apt update -sudo apt upgrade -``` -## 六、检查是否安装HIDS,如未安装先安装HIDS客户端 - -参考[HIDS安装指南](https://gitlab.genomics.cn/moshengan/issmkd/-/wikis/%E4%B8%BB%E6%9C%BA%E5%85%A5%E4%BE%B5%E6%A3%80%E6%B5%8B%E7%B3%BB%E7%BB%9F(HIDS)Agent%E5%AE%89%E8%A3%85%E6%8C%87%E5%8D%97) - -## 七、配置时区和时钟同步 - -设置时区: -``` -timedatectl set-timezone Asia/Shanghai -``` - -
RHEL9时钟同步服务: - -``` -#编辑配置文件,加上ntp server -sudo vim /etc/chrony.conf - -#时钟源 -server ntp.genomics.cn -server ntp.ntsc.ac.cn - -#重启服务 -systemctl restart chronyd - -#查看同步状态 -chronyc sources -``` -![image](uploads/4f7941a70aeaa8407c48052c0ab3ccfb/image.png) - - -
- -
Debian/ubuntu安装ntp服务: - -``` -sudo apt install ntpsec -y -``` -编辑ntp服务配置文件: -``` -vim /etc/ntpsec/ntp.conf -``` -#将原来的pool和server全部注释,然后增加内网NTP Server和中科院备用NTP Server -![image](uploads/e455867333b06263987263585df7536d/image.png) - -重启NTP服务: -``` -systemctl restart ntpsec -``` -查看服务状态: -``` -systemctl status ntpsec -``` -``` -#查看时钟同步状态 -ntpq -p -``` -![image](uploads/a19af8af82d7f1120b485a66a3385b0c/image.png) - - -
- - -## 八、配置日志传送 -[日志服务器配置](https://gitlab.genomics.cn/moshengan/issmkd/-/wikis/%E6%97%A5%E5%BF%97%E6%8E%A5%E5%85%A5%E6%97%A5%E5%BF%97%E5%AE%A1%E8%AE%A1%E7%B3%BB%E7%BB%9F%E9%85%8D%E7%BD%AE) - -## 九、配置服务器资源监控 - -**GUN/Linux** -[配置服务器性能资源监控](https://gitlab.genomics.cn/moshengan/secop/-/wikis/%E6%9C%8D%E5%8A%A1%E5%99%A8%E5%AE%89%E8%A3%85Categraf-Agent)