aoaoubuntu

发布于 2024年04月05日

关于ubuntu操作系统的一些WIKI,希望本文对你有用

1.ubuntu相关网站地址

ubuntu版本下载https://releases.ubuntu.com/
ubuntu包下载https://packages.ubuntu.com/

apt-get源更新****编辑 /etc/apt/sources.listhttps://developer.aliyun.com/mirror/ubuntu


apt-get源更新ubuntu版本下载查看安装包版本
apt-get源更新****编辑 /etc/apt/sources.listhttps://developer.aliyun.com/mirror/ubuntu
apt-get update apt upgrade

查看安装包版本apt list |grep python
dpkg -i python.deb

2.系统软件版本更新安装查看

系统更新

apt-get源更新****编辑 /etc/apt/sources.listhttps://developer.aliyun.com/mirror/ubuntu
apt-get update 更新软件源中的所有软件列表。 apt-get upgrade 更新软件。 apt-get dist-upgrade 更新系统版本

仅下载更新

apt-get update -d

系统加固

#! /bin/bash
# password policy
cp /etc/login.defs /etc/login.defs.$(date +"%Y%m%d%H%M")  #backup config file

sed -i "/^PASS_MAX_DAYS/c\PASS_MAX_DAYS    60" /etc/login.defs    #days for password using
sed -i "/^PASS_MIN_DAYS/c\PASS_MIN_DAYS   0" /etc/login.defs #min days for password using 
sed -i "/^PASS_WARN_AGE/c\PASS_WARN_AGE  7" /etc/login.defs #warn days before password expired

#install password quality module
apt install libpam-pwquality -y
#backup config file
cp /etc/security/pwquality.conf /etc/security/pwquality.conf.$(date +"%Y%m%d%H%M") 
cp /etc/pam.d/common-password /etc/pam.d/common-password.$(date +"%Y%m%d%H%M") 
cp /etc/pam.d/common-auth /etc/pam.d/common-auth.$(date +"%Y%m%d%H%M") 
cp /etc/pam.d/common-account /etc/pam.d/common-account.$(date +"%Y%m%d%H%M") 

# password complexity
sed -i 's/^# dcredit.*/dcredit = -1/g' /etc/security/pwquality.conf
sed -i 's/^# ucredit.*/ucredit = -1/g' /etc/security/pwquality.conf
sed -i 's/^# ocredit.*/ocredit = -1/g' /etc/security/pwquality.conf
sed -i 's/^# lcredit.*/lcredit = -1/g' /etc/security/pwquality.conf
sed -i 's/^# minlen.*/minlen = 8/g' /etc/security/pwquality.conf

#password cannot be same to latest 4
echo "password required pam_pwhistory.so remember=5" >> /etc/pam.d/common-password 

#3 times fail lock 5 minutes
#echo "auth required pam_tally2.so onerr=fail  deny=3 unlock_time=600">>/etc/pam.d/common-auth 
#echo "account required pam_tally.so" >> /etc/pam.d/common-account
echo "account required pam_faillock.so" >> /etc/pam.d/common-account

#forbid ssh login with empty password
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.$(date +"%Y%m%d%H%M") 
sed -i 's/^#PermitEmptyPasswords.*/PermitEmptyPasswords no/g' /etc/ssh/sshd_config

#user shell timeout is 600
cp /etc/profile /etc/profile.$(date +"%Y%m%d%H%M")
cp /etc/bash.bashrc /etc/bash.bashrc.$(date +"%Y%m%d%H%M")
echo "TMOUT=600 ; export TMOUT" >> /etc/profile
echo "TMOUT=600 ; export TMOUT" >> /etc/bash.bashrc

#change default umask value
sed -i 's/^UMASK.*/UMASK   027/g' /etc/login.defs

#excute file
source /etc/profile>&/dev/null
echo -e '\033[32m profile excuted! \033[0m'
sleep 1
systemctl restart sshd
echo -e "\033[32m ssh restart! \033[0m"

系统软件版本查看

系统版本查看 1、cat /proc/version2、lsb_release -a3、uname -a

查看安装包版本apt list |grep python

网络IPDNS配置

1./etc/netplan/00-installer-config.yaml

# This is the network config written by 'subiquity'
network:
  ethernets:
    ens33:
      addresses: [192.168.3.133/24]
      gateway4: 192.168.3.1
      nameservers:
          addresses: [218.85.152.99,114.114.114.114]
      dhcp4: false
  version: 2

2.netplan apply

新用户新建修改:

useradd -m aoao

passwd aoao

usermod -s /bin/bash aoao

3.其它FAQ

1、修改时区

1)tzselect

  1. sudo cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

​ date -R

2、subnet 192.168.1.0/24


源更新报错

Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. Could not handshake: Error in the certificate verification. [IP: 111.170.130.231 443]

检查时区

检查时间

apt-get install ca-certificates

update-ca-certificates

重启

xieaoao@qq.com



评论