新的ubuntu服务器配置脚本
执行脚本前手动执行
# 1. 配置IP和路由
sudo nano /etc/netplan/00-installer-config.yaml
network:
ethernets:
ens33:
dhcp4: true # 动态IP,静态则改为 false
addresses:
- 192.168.1.100/24
gateway4: 192.168.1.1
nameservers:
addresses: [8.8.8.8, 114.114.114.114]
version: 2
sudo netplan apply
echo "✅ 网卡已清空并启用"
# 2. 安装并启动SSH服务
apt update -y
apt install -y openssh-server net-tools &>/dev/null
vim /etc/ssh/sshd_config
PermitRootLogin yes # 允许root登录
PasswordAuthentication yes # 允许密码认证
# 3. 关闭AppArmor
systemctl stop apparmor 2>/dev/null
systemctl disable apparmor 2>/dev/null
#!/bin/bash
# 静态IP + DNS + SSH + 关闭防火墙/SELinux 一键脚本
echo "===== 开始配置环境 ====="
# 1. 安装并启动SSH服务
SSH_PORT="899" # ssh端口
SSHD_CONFIG="/etc/ssh/sshd_config"
# 修改端口
sed -i "s/^#Port .*/Port $SSH_PORT/" "$SSHD_CONFIG"
sed -i "s/^Port .*/Port $SSH_PORT/" "$SSHD_CONFIG"
# 禁止root登录
sed -i 's/^#PermitRootLogin .*/PermitRootLogin no/' "$SSHD_CONFIG"
sed -i 's/^PermitRootLogin .*/PermitRootLogin no/' "$SSHD_CONFIG"
# 禁止密码登录,只允许密钥
sed -i 's/^#PasswordAuthentication .*/PasswordAuthentication no/' "$SSHD_CONFIG"
sed -i 's/^PasswordAuthentication .*/PasswordAuthentication no/' "$SSHD_CONFIG"
echo "ChallengeResponseAuthentication no" >> "$SSHD_CONFIG"
echo "PubkeyAuthentication yes" >> "$SSHD_CONFIG"
systemctl restart sshd
systemctl enable sshd
echo "✅ SSH服务已安装并开机自启"
# 2. 写入你的公钥 + 权限加固
mkdir -p ~/.ssh
chmod 700 ~/.ssh
# 写入你提供的公钥
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB/DXqyjFHdX/EhOgC4fl6sF2v0/J86Ji3h9rN6nclQC root@ubuntuEOF" >> ~/.ssh/authorized_keys
# 关键权限(必须)
chmod 600 ~/.ssh/authorized_keys
# ====================== 配置完成,显示信息 ======================
echo "✅ 配置完成"
echo "SSH端口:${SSH_PORT}"
echo "限制:禁止root登录、禁止密码登录、仅密钥登录"
echo "连接命令:ssh -p 899 普通用户名@IP"
echo "========================================"
本文是原创文章,采用 CC BY-NC-ND 4.0 协议,完整转载请注明来自 程序员fancy
评论
匿名评论
隐私政策
你无需删除空行,直接评论以获取最佳展示效果
