- 追加された行はこの色です。
- 削除された行はこの色です。
- VPS へ行く。
**CentOS6 [#v3834b48]
-アカウント設定
#pre{{
# adduser USER
# passwd PASS
# usermod -G wheel USER
# visudo
行頭のコメントをとる
%wheel ALL=(ALL) ALL
}}
-sshd設定
--/etc/ssh/sshd_config
#pre{{
--- /etc/ssh/sshd_config~ 2012-01-26 00:56:22.000000000 +0900
+++ /etc/ssh/sshd_config 2012-04-19 19:51:38.310979457 +0900
@@ -39,7 +39,7 @@ SyslogFacility AUTHPRIV
# Authentication:
#LoginGraceTime 2m
-#PermitRootLogin yes
+PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
@@ -62,8 +62,8 @@ SyslogFacility AUTHPRIV
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
-#PermitEmptyPasswords no
-PasswordAuthentication yes
+PermitEmptyPasswords no
+PasswordAuthentication no
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
}}
--/home/USER/.ssh/authorized_keys を用意
--sshd 再起動
#pre{{
# /etc/init.d/sshd restart
}}
--別ターミナルから接続確認すること。
-iptables
--/etc/sysconfig/iptable
#pre{{
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# SSH, HTTP
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
}}
--設定
#pre{{
# /etc/init.d/iptables start
}}
-yum
#pre{{
$ sudo yum install emacs-nox
$ sudo yum install mysql mysql-server phpmyadmin
}}
**ubuntu 10.04 [#tb8b3420]
-apt-get
#pre{{
$ sudo apt-get install build-essencial
$ sudo apt-get install emacs23-nox
$ sudo apt-get install mysql-server libmysqlclient16-dev phpmyadmin
}}
-
-ufw
#pre{{
$ sudo ufw default DENY
$ sudo ufw allow ssh
$ sudo ufw limit ssh
$ sudo ufw allow 80
$ sudo ufw enable
}}
**centos 5 [#x5a0fb4d]
やっぱubuntuにする。~
-yum
#pre{{
yum install emacs-nox
yum install httpd
yum install mysql mysql-devel
yum install php php-mbstring php-mysql
}}
-/etc/my.cnf
#pre{{
[mysqld]
default-character-set = utf8
[mysql]
default-character-set = utf8
}}
-mysql
#pre{{
$ mysql -u root -p
mysql> create database testdb;
mysql> grant all on testdb.* to user@localhost identified by "passwd";
mysql> flush privileges;
mysql> exit
$mysqlshow -uuser -ppasswd testdb
}}
-/etc/sysconfig/iptable
#pre{{
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# SSH, HTTP
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
}}
![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
