关于ubuntu操作系统的一些WIKI,希望本文对你有用
1.ubuntu相关网站地址
ubuntu版本下载: https://releases.ubuntu.com/
ubuntu包下载:https://packages.ubuntu.com/
apt-get源更新****编辑 /etc/apt/sources.listhttps://developer.aliyun.com/mirror/ubuntu
apt-get源更新ubuntu版本下载查看安装包版本
apt-get源更新****编辑 /etc/apt/sources.listhttps://developer.aliyun.com/mirror/ubuntu
apt-get update apt upgrade
查看安装包版本apt list |grep python
dpkg -i python.deb
2.系统软件版本更新安装查看
系统更新
apt-get源更新****编辑 /etc/apt/sources.listhttps://developer.aliyun.com/mirror/ubuntu
apt-get update 更新软件源中的所有软件列表。 apt-get upgrade 更新软件。 apt-get dist-upgrade 更新系统版本
系统加固
#! /bin/bash
# password policy
cp /etc/login.defs /etc/login.defs.$(date +"%Y%m%d%H%M") #backup config file
sed -i "/^PASS_MAX_DAYS/c\PASS_MAX_DAYS 60" /etc/login.defs #days for password using
sed -i "/^PASS_MIN_DAYS/c\PASS_MIN_DAYS 0" /etc/login.defs #min days for password using
sed -i "/^PASS_WARN_AGE/c\PASS_WARN_AGE 7" /etc/login.defs #warn days before password expired
#install password quality module
apt install libpam-pwquality -y
#backup config file
cp /etc/security/pwquality.conf /etc/security/pwquality.conf.$(date +"%Y%m%d%H%M")
cp /etc/pam.d/common-password /etc/pam.d/common-password.$(date +"%Y%m%d%H%M")
cp /etc/pam.d/common-auth /etc/pam.d/common-auth.$(date +"%Y%m%d%H%M")
cp /etc/pam.d/common-account /etc/pam.d/common-account.$(date +"%Y%m%d%H%M")
# password complexity
sed -i 's/^# dcredit.*/dcredit = -1/g' /etc/security/pwquality.conf
sed -i 's/^# ucredit.*/ucredit = -1/g' /etc/security/pwquality.conf
sed -i 's/^# ocredit.*/ocredit = -1/g' /etc/security/pwquality.conf
sed -i 's/^# lcredit.*/lcredit = -1/g' /etc/security/pwquality.conf
sed -i 's/^# minlen.*/minlen = 8/g' /etc/security/pwquality.conf
#password cannot be same to latest 4
echo "password required pam_pwhistory.so remember=5" >> /etc/pam.d/common-password
#3 times fail lock 5 minutes
#echo "auth required pam_tally2.so onerr=fail deny=3 unlock_time=600">>/etc/pam.d/common-auth
#echo "account required pam_tally.so" >> /etc/pam.d/common-account
echo "account required pam_faillock.so" >> /etc/pam.d/common-account
#forbid ssh login with empty password
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.$(date +"%Y%m%d%H%M")
sed -i 's/^#PermitEmptyPasswords.*/PermitEmptyPasswords no/g' /etc/ssh/sshd_config
#user shell timeout is 600
cp /etc/profile /etc/profile.$(date +"%Y%m%d%H%M")
cp /etc/bash.bashrc /etc/bash.bashrc.$(date +"%Y%m%d%H%M")
echo "TMOUT=600 ; export TMOUT" >> /etc/profile
echo "TMOUT=600 ; export TMOUT" >> /etc/bash.bashrc
#change default umask value
sed -i 's/^UMASK.*/UMASK 027/g' /etc/login.defs
#excute file
source /etc/profile>&/dev/null
echo -e '\033[32m profile excuted! \033[0m'
sleep 1
systemctl restart sshd
echo -e "\033[32m ssh restart! \033[0m"
系统软件版本查看
系统版本查看 1、cat /proc/version2、lsb_release -a3、uname -a
查看安装包版本apt list |grep python
网络IPDNS配置
1./etc/netplan/00-installer-config.yaml
# This is the network config written by 'subiquity'
network:
ethernets:
ens33:
addresses: [192.168.3.133/24]
gateway4: 192.168.3.1
nameservers:
addresses: [218.85.152.99,114.114.114.114]
dhcp4: false
version: 2
2.netplan apply
新用户新建修改:
useradd -m aoao
passwd aoao
usermod -s /bin/bash aoao
3.其它FAQ
1、修改时区
1)tzselect
- sudo cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
date -R
2、subnet 192.168.1.0/24
源更新报错
Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. Could not handshake: Error in the certificate verification. [IP: 111.170.130.231 443]
检查时区
检查时间
apt-get install ca-certificates
update-ca-certificates
重启
转载请注明来源,欢迎对文章中的引用来源进行考证,欢迎指出任何有错误或不够清晰的表达。可以在下面评论区评论,也可以邮件至 xieaoao@qq.com QQ:1296454177