1. To install the Centos system is to select the commonly used software packages:
@base ,@Compatibility libraries,@debuggingtools
@Development tools
2. Start the self-start of many services in batches:
for name in `chkconfig --list|awk '{print $1}'|grep -Ev "rsync|tftp"`;do chkconfig $name on;done
Turn on autostart for all services except rsync and tftp.
chkconfig --list|awk '{print $1}'|grep -E 'sshd|sss'|sed -r 's#(.*)#chkconfig \1 off#g'|grep bash
The same effect as above, without the for loop.
3. Print lines 10 to 25 of the file.
awk '{if(NR>10&& NR<25) print $0}' passwd
4. sshd_config configuration file optimization.
PermitRootLogin no #Prohibit root users from logging in directly
UseDNS no #Turn off DNS judgment
ListenAddress 0.0.0.0 #It is best to only listen to the intranet IP
GSSAPIAuthentication no #Speed up ssh connection
5.ssh timeout setting:
export TMOUT=20
6. Increase the file descriptor:
echo "* - nofile 65535" >>/etc/security/limits.conf
7. Kernel parameter optimization:
http://yangrong.blog.51cto.com/6945369/1321594
8. Lock important files:
chattr +i /etc/passwd /etc/shadow /etc/group /etc/gshadow /etc/inittab
chattr -i can unlock
9. Check the disk inode and block size:
dumpe2fs /dev/sda1|grep -Ei "block size|inode count|block count"
10. View all command files with SETUID permissions:
find / -perm 4755 -type f -exec ls -l {} \; #Consider removing it to prevent privilege escalation.
11. Synchronize time every 5 minutes:
*/5 * * * * ntpdate 192.168.2.1
12. Synchronize once a day at 17,18,19:00:
00 17-19 * * * ntpdate 192.168.2.1
00 17,18,19 * * * ntpdate 192.168.2.1
13. Execute the synchronization time every 2 hours at 30:00 between 8:00 am and 16:00 pm:
30 8-16/2 * * * ntpdate 192.168.2.1
14. Pack files by time:
tar -czvf /tmp/service_$(date +%F-%H).gz ./services
15. View the detailed status of port 22, who is linking and which process is occupied:
lsof -i:22
16. Open source monitoring software for web page traffic: PIWIK
17. A good tool for monitoring network status - Smokeping
18. Command to view file details: stat /etc/hosts
19. Regular expression to take ip address:
ifconfig eth0|awk -F "[: ]+" ' NR==2 {print $4}'
20. Replace wmj in all *.log files with www:
find /tmp/ -type f -name "*.log" |xargs sed -i 's#wmj#www#g'
find /tmp/ -type f -name "*.log" |x sed -i 's#wmj#www#g'
21.显示2天以后的时间:date +%F -d "-2day"
22.使用useradd添加用户时home文件夹自动生成的文件来自:“/etc/skel/”
23.控制useradd创建用户的配置文件:/etc/default/useradd