阿里云服务器安装后-基础配置

01/11/2016

购买阿里云ECS服务器后,首先重置ROOT密码
QQ截图20160111151430
SSH远程登录服务器,创建一般操作用户
QQ截图20160111151514

root@iZ25tc8mln7Z:~#adduser tianyagntax
Adding user `tianyangtax`...
Adding new group `tianyangtax`(1000)...
Adding new user `tianyangtax`(1000) with group `tianyangtax`...
Creating home directory `/home/tianyangtax`...
Copy files from `/etc/skel`...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Chinging the user information for tianyangtax
Enter the new value, or press ENTER for the default
        Full Name []:
        Room Numer []:
        Work Phone []:
        Home Phone []: 
        Other []:
Is the information crrect? [Y/n] y
root@iZ25tc8mln7Z:~#

为用户 tianyangtax 赋予 sudo

root@iZ25tc8mln7Z:~#cd /etc/sudoers.d
root@iZ25tc8mln7Z:~#vim tianyangtax

tianyagntax    ALL=(ALL:ALL)    ALL

root@iZ25tc8mln7Z:~#

重启服务器,使用 tianyangtax 用户登录:

  • 编辑SSH配置文件增强安全性
  • 启用UFW防火墙

tianyangtax@iZ25tc8mln7Z:~$ cd /etc/ssh
tianyangtax@iZ25tc8mln7Z:/etc/ssh$ sudo cp sshd_config sshd_config.bak
tianyangtax@iZ25tc8mln7Z:/etc/ssh$ sudo vim sshd_config
...
Port    2002
PermitRootLogin no
...
tianyangtax@iZ25tc8mln7Z:/etc/ssh$ sudo ufw status
Status: inactive
tianyangtax@iZ25tc8mln7Z:/etc/ssh$ sudo ufw allow 2002
Rules updated
Rules updated (v6)
tianyangtax@iZ25tc8mln7Z:/etc/ssh$ sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup
tianyangtax@iZ25tc8mln7Z:/etc/ssh$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
2002                       ALLOW       Anywhere
2002 (v6)                  ALLOW       Anywhere (v6)

tianyangtax@iZ25tc8mln7Z:/etc/ssh$

更新系统,重启服务器

tianyangtax@iZ25tc8mln7Z:~$ sudo apt-get update
tianyangtax@iZ25tc8mln7Z:~$ sudo apt-get upgrade
tianyangtax@iZ25tc8mln7Z:~$ sudo apt-get dist-upgrade
tianyangtax@iZ25tc8mln7Z:~$ sudo reboot