VPS
をテンプレートにして作成
[
トップ
] [
新規
|
一覧
|
単語検索
|
最終更新
|
ヘルプ
]
開始行:
**CentOS6 [#v3834b48]
-アカウント設定
#pre{{
# adduser USER
# passwd PASS
# usermod -G wheel USER
# visudo
行頭のコメントをとる
%wheel ALL=(ALL) ALL
}}
-sshd設定
--/etc/ssh/sshd_config
#pre{{
--- /etc/ssh/sshd_config~ 2012-01-26 00:56:22.00000...
+++ /etc/ssh/sshd_config 2012-04-19 19:51:38.31097...
@@ -39,7 +39,7 @@ SyslogFacility AUTHPRIV
# Authentication:
#LoginGraceTime 2m
-#PermitRootLogin yes
+PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
@@ -62,8 +62,8 @@ SyslogFacility AUTHPRIV
# To disable tunneled clear text passwords, change to no...
#PasswordAuthentication yes
-#PermitEmptyPasswords no
-PasswordAuthentication yes
+PermitEmptyPasswords no
+PasswordAuthentication no
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
}}
--/home/USER/.ssh/authorized_keys を用意
--sshd 再起動
#pre{{
# /etc/init.d/sshd restart
}}
--別ターミナルから接続確認すること。
-iptables
--/etc/sysconfig/iptable
#pre{{
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251...
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELAT...
# SSH, HTTP
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp...
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp...
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-...
COMMIT
}}
--設定
#pre{{
# /etc/init.d/iptables start
}}
-yum
#pre{{
$ sudo yum install emacs-nox
$ sudo yum install mysql mysql-server phpmyadmin
}}
**ubuntu 10.04 [#tb8b3420]
-apt-get
#pre{{
$ sudo apt-get install build-essencial
$ sudo apt-get install emacs23-nox
$ sudo apt-get install mysql-server libmysqlclient16-dev ...
}}
-
-ufw
#pre{{
$ sudo ufw default DENY
$ sudo ufw allow ssh
$ sudo ufw limit ssh
$ sudo ufw allow 80
$ sudo ufw enable
}}
**centos 5 [#x5a0fb4d]
やっぱubuntuにする。~
-yum
#pre{{
yum install emacs-nox
yum install httpd
yum install mysql mysql-devel
yum install php php-mbstring php-mysql
}}
-/etc/my.cnf
#pre{{
[mysqld]
default-character-set = utf8
[mysql]
default-character-set = utf8
}}
-mysql
#pre{{
$ mysql -u root -p
mysql> create database testdb;
mysql> grant all on testdb.* to user@localhost identified...
mysql> flush privileges;
mysql> exit
$mysqlshow -uuser -ppasswd testdb
}}
-/etc/sysconfig/iptable
#pre{{
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251...
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELAT...
# SSH, HTTP
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp...
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp...
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-...
COMMIT
}}
終了行:
**CentOS6 [#v3834b48]
-アカウント設定
#pre{{
# adduser USER
# passwd PASS
# usermod -G wheel USER
# visudo
行頭のコメントをとる
%wheel ALL=(ALL) ALL
}}
-sshd設定
--/etc/ssh/sshd_config
#pre{{
--- /etc/ssh/sshd_config~ 2012-01-26 00:56:22.00000...
+++ /etc/ssh/sshd_config 2012-04-19 19:51:38.31097...
@@ -39,7 +39,7 @@ SyslogFacility AUTHPRIV
# Authentication:
#LoginGraceTime 2m
-#PermitRootLogin yes
+PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
@@ -62,8 +62,8 @@ SyslogFacility AUTHPRIV
# To disable tunneled clear text passwords, change to no...
#PasswordAuthentication yes
-#PermitEmptyPasswords no
-PasswordAuthentication yes
+PermitEmptyPasswords no
+PasswordAuthentication no
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
}}
--/home/USER/.ssh/authorized_keys を用意
--sshd 再起動
#pre{{
# /etc/init.d/sshd restart
}}
--別ターミナルから接続確認すること。
-iptables
--/etc/sysconfig/iptable
#pre{{
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251...
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELAT...
# SSH, HTTP
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp...
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp...
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-...
COMMIT
}}
--設定
#pre{{
# /etc/init.d/iptables start
}}
-yum
#pre{{
$ sudo yum install emacs-nox
$ sudo yum install mysql mysql-server phpmyadmin
}}
**ubuntu 10.04 [#tb8b3420]
-apt-get
#pre{{
$ sudo apt-get install build-essencial
$ sudo apt-get install emacs23-nox
$ sudo apt-get install mysql-server libmysqlclient16-dev ...
}}
-
-ufw
#pre{{
$ sudo ufw default DENY
$ sudo ufw allow ssh
$ sudo ufw limit ssh
$ sudo ufw allow 80
$ sudo ufw enable
}}
**centos 5 [#x5a0fb4d]
やっぱubuntuにする。~
-yum
#pre{{
yum install emacs-nox
yum install httpd
yum install mysql mysql-devel
yum install php php-mbstring php-mysql
}}
-/etc/my.cnf
#pre{{
[mysqld]
default-character-set = utf8
[mysql]
default-character-set = utf8
}}
-mysql
#pre{{
$ mysql -u root -p
mysql> create database testdb;
mysql> grant all on testdb.* to user@localhost identified...
mysql> flush privileges;
mysql> exit
$mysqlshow -uuser -ppasswd testdb
}}
-/etc/sysconfig/iptable
#pre{{
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251...
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELAT...
# SSH, HTTP
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp...
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp...
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-...
COMMIT
}}
ページ名:
![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
