每次我设置新服务器时,我都会在每台服务器上执行一系列步骤以获取更新,设置passwd,通过root用户删除登录,自定义熟悉的环境(bashrc)并保护服务器.
是否可以使用脚本完成所有操作?设置可能包括:
>发行版升级和更新
apt-get update
adduser deployer
adduser deployer sudo
mkdir /home/deployer/.ssh
chmod 700 /home/deployer/.ssh
触摸/home/deployer/.ssh/authorization_keys
deployer passwd
su deployer
cd到/home/deployer/.ssh/
sudo chown deployer .ssh /
>在本地计算机上执行命令:
ssh-copy-id root@hostname.com
ssh-copy-id deployer@hostname.com
>重新登录到服务器:
chmod 400 /home/deployer/.ssh/authorized_keys
chown deployer:deployer / home / deployer -R
5..6 … 7 ..自定义bashrc,编辑sshd_config,安装ufw& logwatch