本地連到 server_hostname(如 10.123.123.11) ssh-keygen -t rsa 或 ssh-keygen -d (dsa) => 產生出 id_rsa, id_rsa.pub chmod 0600 id_rsa scp -P 22 id_rsa.pub user@server_hostname:~/.ssh/authorized_keys ssh -P user@server_hostname ls 注意: remote(hostname) 端如 /home/user/.ssh不存在 mkdir -p /home/user/.ssh 後, 記得執行 chmod 700 /home/user/.ssh chmod 600 /home/user/authorized_keys chmod 755 /home/user chown user:user -R /home/user authorized_keys 文件必须是600权限(也就是-rw——-)或者644 .ssh目录必须是700权限(也就是drwx——) /home/work目录 必须是 755权限 即drwxr-xr-x
2019年6月12日 星期三
ssh with ssh-keygen
2019年6月9日 星期日
nginx revere proxy mssql 1433
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
stream {
server {
listen 1433;
proxy_pass mssql:1433;
}
}
Centos 7 SELinux 只允許 HTTP
查看模組(例如apache) # semanage module -l 該模組的設定會放在 /etc/selinux/targeted/active/modules 查看埠號類型 # semanage port -l 和http有關的埠號 # semanage port -l | grep 'http' 把5353埠加入http_port_t的type中 # semanage port -a -t http_port_t -p tcp 5353
Docker nginx
docker exec -it proxy /bin/sh -c "[ -e /bin/bash ] && /bin/bash || /bin/sh" #cd /etc/nginx/conf.d #cat default.conf #cd /usr/share/nginx/html/ #ls -l #cd /var/log/nginx #ls access.log #ls error.log
Linux net tools
apt update apt upgrade apt install -y net-tools ifconfig apt install -y iputils-ping apt install -y telnet
訂閱:
意見 (Atom)