Note 本编中所有的系统都是ubuntu 12.04, 其他操作系统,请略过。

修改root密码

passwd

SSH 配置

vi /etc/ssh/sshd_config
修改Port = 65513

service ssh restart

用户设置

groupadd admin
useradd -m -s /bin/bash -g admin rocky

cd /home/rocky
mkdir .ssh
touch .ssh/authorized_keys
chmod 700 .ssh
chmod 600 .ssh/authorized_keys
chown -R rocky:admin .ssh
vi .ssh/authorized_keys


passwd rocky

默认程序设置

update-alternatives --config editor

修改Host名称

  1. 修改/etc/hostname文件

    sudo vi /etc/hostname
    

    里面就一行,直接改称你要改的名字就可以了。

    YOUR_HOST_NAME
    
  2. 修改/etc/hosts文件

    sudo vi /etc/hosts
    

    查找10.开始的ip行, 例如:

    10.xxx.xxx.xxx        YOUR_HOST_NAME
    
  3. 重新加载hostname

    sudo hostname YOUR_HOST_NAME
    
  4. 重新登录后,测试是否成功

    ping YOUR_HOST_NAME
    

配置NTP服务器

sudo vi /etc/ntp.conf

server 10.143.0.44
server 10.143.0.45
server 10.143.0.46
server 10.143.33.50
server 10.143.33.51
server 10.143.33.49

配置apt 更新服务器, 并更新

sudo cp /etc/apt/sources.list /etc/apt/sources.list~
sudo vi /etc/apt/sources.list


deb http://mirrors.aliyun.com/ubuntu/ precise main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ precise-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ precise-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ precise-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ precise-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ precise main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ precise-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ precise-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ precise-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ precise-backports main restricted universe multiverse


sudo apt-get update
sudo apt-get dist-upgrade
sudo apt-get autoremove
sudo apt-get autoclean
sudo reboot

配置swap

sudo apt-get install zip unzip git
wget -O add_swap.zip "http://bbs.aliyun.com/job.php?spm=0.0.0.0.uKygEm&action=download&aid=35099"
unzip add_swap.zip
sudo -s
bash add_swap.sh
rm -rf add_swap.*
reboot

加密磁盘

sudo apt-get install cryptsetup
sudo fdisk /dev/xvdb


Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel
Building a new DOS disklabel with disk identifier 0xc85718c0.
Changes will remain in memory only, until you decide to write them.
After that, of course, the previous content won't be recoverable.

Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)

Command (m for help): n
Partition type:
   p   primary (0 primary, 0 extended, 4 free)
   e   extended
Select (default p): p
Partition number (1-4, default 1):
Using default value 1
First sector (2048-10485759, default 2048):
Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-10485759, default 10485759):
Using default value 10485759

Command (m for help): t
Selected partition 1
Hex code (type L to list codes): 8e
Changed system type of partition 1 to 8e (Linux LVM)

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.

LVM配置

sudo apt-get install lvm2
sudo pvcreate /dev/xvdb1
sudo vgcreate vg01 /dev/xvdb1
sudo lvcreate -L 8G -n lv_backup vg01
sudo cryptsetup luksFormat -c aes -h sha256 /dev/mapper/vg01-lv_backup
sudo cryptsetup luksOpen /dev/mapper/vg01-lv_backup encrypted_backup
sudo mkfs -t ext4 /dev/mapper/encrypted_backup