CentOS6 Edit

  • アカウント設定 
    # adduser USER
# passwd PASS
# usermod -G wheel USER
# visudo
行頭のコメントをとる
%wheel        ALL=(ALL)       ALL
  • sshd設定
    • /etc/ssh/sshd_config 
      --- /etc/ssh/sshd_config~       2012-01-26 00:56:22.000000000 +0900
+++ /etc/ssh/sshd_config        2012-04-19 19:51:38.310979457 +0900
@@ -39,7 +39,7 @@ SyslogFacility AUTHPRIV
 # Authentication:

 #LoginGraceTime 2m
-#PermitRootLogin yes
+PermitRootLogin no
 #StrictModes yes
 #MaxAuthTries 6
 #MaxSessions 10
@@ -62,8 +62,8 @@ SyslogFacility AUTHPRIV

 # To disable tunneled clear text passwords, change to no here!
 #PasswordAuthentication yes
-#PermitEmptyPasswords no
-PasswordAuthentication yes
+PermitEmptyPasswords no
+PasswordAuthentication no

 # Change to no to disable s/key passwords
 #ChallengeResponseAuthentication yes
    • /home/USER/.ssh/authorized_keys を用意
    • sshd 再起動 
      # /etc/init.d/sshd restart
    • 別ターミナルから接続確認すること。
  • iptables
    • /etc/sysconfig/iptable 
      *filter
:INPUT   ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT  ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]

-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# SSH, HTTP
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22    -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80    -j ACCEPT

-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited

COMMIT
    • 設定 
      # /etc/init.d/iptables start
  • yum 
    $ sudo yum install emacs-nox
$ sudo yum install mysql mysql-server phpmyadmin

ubuntu 10.04 Edit

  • apt-get 
    $ sudo apt-get install build-essencial
$ sudo apt-get install emacs23-nox
$ sudo apt-get install mysql-server libmysqlclient16-dev phpmyadmin
  • ufw 
    $ sudo ufw default DENY
$ sudo ufw allow ssh
$ sudo ufw limit ssh
$ sudo ufw allow 80
$ sudo ufw enable

centos 5 Edit

やっぱubuntuにする。

  • yum 
    yum install emacs-nox
yum install httpd
yum install mysql mysql-devel
yum install php php-mbstring php-mysql
  • /etc/my.cnf 
    [mysqld]
default-character-set = utf8
[mysql]
default-character-set = utf8
  • mysql 
    $ mysql -u root -p
mysql> create database testdb;
mysql> grant all on testdb.* to user@localhost identified by "passwd";
mysql> flush privileges;
mysql> exit
$mysqlshow -uuser -ppasswd testdb
  • /etc/sysconfig/iptable 
    *filter
:INPUT   ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT  ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]

-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# SSH, HTTP
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22    -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80    -j ACCEPT

-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited

COMMIT
トップ   編集 凍結 差分 バックアップ 添付 複製 名前変更 リロード   新規 一覧 単語検索 最終更新   ヘルプ   最終更新のRSS
Last-modified: 2012-04-19 (木) 20:34:59 (4395d)