资讯专栏INFORMATION COLUMN

阿里云centos6.8 服务器安全服务配置

pinecone / 1022人阅读

摘要:公钥登录开启防火墙新端口号在这个范围内即可,如先查看下服务器端口号范围修改端口重启阿里云安装组里面设置入网可访问端口安装下载本质上和是一个公司的解压按顺序安装不需要全部安装

SSH公钥登录
leishendeMBP:www leishen$ ssh-keygen -t rsa
leishendeMBP:www leishen$ cat ~/.ssh/id_rsa.pub | ssh root@39.106.74.195 "cat - >> ~/.ssh/authorized_keys"
开启防火墙
[root@lei ~]# ls /etc/sysconfig/iptables*
/etc/sysconfig/iptables-config
[root@lei ~]# iptables -F
[root@lei ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
[root@lei ~]# ls /etc/sysconfig/iptables*
/etc/sysconfig/iptables  /etc/sysconfig/iptables-config
新ssh端口号在这个范围内即可,如422
先查看下服务器端口号范围:
[root@lei ~]# sysctl -a|grep ip_local_port_range
net.ipv4.ip_local_port_range = 32768    60999
修改端口重启
vim /etc/ssh/sshd_config
service sshd restart
阿里云安装组里面设置入网可访问端口
mysql安装
下载

https://dev.mysql.com/downloa...
centos本质上和red hat是一个公司的

解压

tar -xvf mysql-5.7.20-1.el6.x86_64.rpm-bundle.tar

按顺序安装(不需要全部安装)
[root@ lei xx]# rpm -ivh mysql-community-common-5.7.20-1.el6.x86_64.rpm
warning: mysql-community-common-5.7.20-1.el6.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 5072e1f5: NOKEY
Preparing...                ########################################### [100%]
   1:mysql-community-common ########################################### [100%]
[root@ lei xx]# rpm -ivh mysql-community-libs-5.7.20-1.el6.x86_64.rpm
warning: mysql-community-libs-5.7.20-1.el6.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 5072e1f5: NOKEY
Preparing...                ########################################### [100%]
   1:mysql-community-libs   ########################################### [100%]
[root@ lei xx]# rpm -ivh mysql-community-client-5.7.20-1.el6.x86_64.rpm
warning: mysql-community-client-5.7.20-1.el6.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 5072e1f5: NOKEY
Preparing...                ########################################### [100%]
   1:mysql-community-client ########################################### [100%]
[root@ lei xx]# rpm -ivh mysql-community-server-5.7.20-1.el6.x86_64.rpm
warning: mysql-community-server-5.7.20-1.el6.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 5072e1f5: NOKEY
Preparing...                ########################################### [100%]
   1:mysql-community-server ########################################### [100%]
[root@ lei xx]# rpm -ivh mysql-community-devel-5.7.20-1.el6.x86_64.rpm
warning: mysql-community-devel-5.7.20-1.el6.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 5072e1f5: NOKEY
Preparing...                ########################################### [100%]
   1:mysql-community-devel  ########################################### [100%]
启动Mysql服务
[root@lei xx]# /usr/bin/mysqld --initialize --user=mysql
-bash: /usr/bin/mysqld: No such file or directory
[root@lei xx]# service mysqld start
Initializing MySQL database:                               [  OK  ]
Starting mysqld:                                           [  OK  ]
修改管理员密码

查看安装日志中分配的密码

[root@lei xx]# grep "temporary password" /var/log/mysqld.log
2017-11-09T10:59:41.877594Z 1 [Note] A temporary password is generated for root@localhost: fKrsw2Xh
[root@lei xx]# mysql -uroot -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or g.
Your MySQL connection id is 4
Server version: 5.7.20

Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type "help;" or "h" for help. Type "c" to clear the current input statement.

mysql>
修改密码
ALTER USER "root"@"localhost" IDENTIFIED BY "1234560";  

密码必须包含大写字母小写字母数字和符号,不然会提示:ERROR 1819 (HY000): Your password does not satisfy the current policy requirements(您的密码不符合当前的安全策略要求)

mysql> ALTER USER "root"@"localhost" IDENTIFIED BY "qvWjYnE8";
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
mysql>

修改成功

mysql> ALTER USER "root"@"localhost" IDENTIFIED BY "L)2X4r4B2iz4";
Query OK, 0 rows affected (0.00 sec)
开启远程登录,授权远程登录用户

grant all privileges on . to "用户名"@"%" identified by "密码" withg rant option;

mysql -uroot -proot -e "grant all privileges on . to "root"@"%" identified by "1334676" with grant option;"

开机启动
[root@lei ~]# chkconfig --list | grep mysqld
mysqld             0:off    1:off    2:off    3:on    4:on    5:on    6:off
[root@lei ~]# chkconfig mysqld on
[root@lei ~]# chkconfig --list | grep mysqld
mysqld             0:off    1:off    2:on    3:on    4:on    5:on    6:off
设置编码

vim /etc/my.cnf
在[mysqld]下新增一行,添加character-set-server= utf8mb4,保存

查看字符集

show variables like "%character%";

character_set_client    utf8
character_set_connection    utf8
character_set_database    utf8mb4
character_set_filesystem    binary
character_set_results    utf8
character_set_server    utf8mb4
character_set_system    utf8
character_sets_dir    /usr/share/mysql/charsets/
Nginx安装
[root@aider soft]# rpm -ivh http://nginx.org/packages/centos/6/x86_64/RPMS/nginx-1.10.1-1.el6.ngx.x86_64.rpm
Retrieving http://nginx.org/packages/centos/6/x86_64/RPMS/nginx-1.10.1-1.el6.ngx.x86_64.rpm
warning: /var/tmp/rpm-tmp.gnEGo7: Header V4 RSA/SHA1 Signature, key ID 7bd9bf62: NOKEY
Preparing...                ########################################### [100%]
   1:nginx                  ########################################### [100%]
----------------------------------------------------------------------

Thanks for using nginx!

Please find the official documentation for nginx here:
* http://nginx.org/en/docs/

Commercial subscriptions for nginx are available on:
* http://nginx.com/products/

----------------------------------------------------------------------
安装
[root@aider soft]# yum -y install nginx
Loaded plugins: fastestmirror
Setting up Install Process
Loading mirror speeds from cached hostfile
....
Updated:
  nginx.x86_64 0:1.10.2-1.el6

Complete!
目录
[root@aider conf.d]# cd /etc/nginx/
[root@aider nginx]# ls
conf.d     fastcgi.conf          fastcgi_params          koi-utf  mime.types          nginx.conf          scgi_params          uwsgi_params          win-utf
default.d  fastcgi.conf.default  fastcgi_params.default  koi-win  mime.types.default  nginx.conf.default  scgi_params.default  uwsgi_params.default
启动
[root@aider nginx]# service nginx start
Starting nginx: nginx: [emerg] socket() [::]:80 failed (97: Address family not supported by protocol)
                                                           [FAILED
[root@aider nginx]# cd conf.d/
[root@aider conf.d]# ls
default.conf  ssl.conf  virtual.conf
[root@aider conf.d]# mv default.conf default
[root@aider conf.d]# service nginx start
Starting nginx:                                            [  OK  ]
[root@aider conf.d]#

文章版权归作者所有,未经允许请勿转载,若此文章存在违规行为,您可以联系管理员删除。

转载请注明本文地址:https://www.ucloud.cn/yun/39700.html

相关文章

  • Java 实战开发之环境安装(一)

    摘要:一软件资源配置操作系统使用阿里镜像下载我们将下载下来的系统安装在虚拟机中。安装默认安装路径例如配置环境变量编辑文件在最下方增加使配置生效验证执行命令,看到如图所示代表安装成功。 本实战项目,将会从Linux服务器的搭建开始,直到电商项目的基本功能完成。 一、Linux软件资源配置 1、操作系统 Linux:centos6.8 64bit 使用阿里镜像下载:https://mirror...

    abson 评论0 收藏0

发表评论

0条评论

最新活动
阅读需要支付1元查看
<