OS/Linux

·OS/Linux
sudo passwd ​ apt update && upgrade ​ vi /etc/ssh/sshd_config Port 2244 PasswordAuthentication yes ​ systemctl restart sshd ​ apt install nginx systemctl enable nginx ​ fallocate -l 2G /swapfile chmod 600 /swapfile mkswap /swapfile ​ vi /etc/fstab /swapfile swap swap defaults 0 0 추가 ​ ​ timedatectl set-timezone Asia/Seoul timedatectl ​ dpkg-reconfigure tzdata Asia - Seoul ​ dpkg-reconfigure loca..
·OS/Linux
A-M #cd /etc/ssl/ #openssl req –new –out vpn.req –newkey rsa:2048 –nodes –keyout vpn.key ※cn은 vpn.alpha.com #openssl ca –in vpn.req –out vpn.crt A-S #apt –y install openvpn #cd /etc/openvpn/ #scp 192.168.0.1:/etc/ssl/vpn.* ./ #scp 192.168.0.1:/etc/ssl/alpha/cacert.pem ./ #openssl dhparam –out dh2048.pem 2048 #cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz /etc/openvpn/ #gu..
·OS/Linux
A-Proxy #apt –y install haproxy #scp –r 192.168.0.2:/etc/apache2/intra.* /etc/ssl/ #scp 192.168.0.2:/etc/apache2/cacert.pem /etc/ssl/ #cat /etc/ssl/intra.crt /etc/ssl/intra.key > /etc/ssl/intra.pem #vim /etc/haproxy/haproxy.cfg #systemctl restart haproxy A-CLI ※alpha-CA 인증서를 Firefox에 설치
·OS/Linux
A-S, A-S2 #apt –y install apache2 php7.0 libapache2-mod-php7.3 ldap-utils #scp 192.168.0.4:/etc/ldap/ldap.conf /etc/ldap/ A-M #cd /etc/ssl #openssl req –new –out intra.req –newkey rsa:2048 –nodes –keyout intra.key ※CN은 intra.alpha.com #openssl ca –in intra.req –out intra.crt A-S #cd /etc/apache2/ #scp 192.168.0.1:/etc/ssl/intra.* /etc/apache2/ #scp 192.168.0.1:/etc/ssl/alpha/cacert.pem /etc/apac..
·OS/Linux
A-M #cd /etc/ssl/ #openssl req –new –out mail.req –newkey rsa:2048 –nodes –keyout mail.key *CN=mail.alpha.com #openssl ca –in mail.req –out mail.crt A-S #scp 192.168.0.1:/etc/ssl/mail.* /etc/ssl/ #scp 192.168.0.1:/etc/ssl/alpha/cacert.pem /etc/ssl/ #apt-get –y install postfix dovecot-imapd #vim /etc/postfix/main.cf #vim /etc/postfix/master.cf #vim /etc/dovecot/conf.d/10-auth.conf #vim /etc/dovec..
·OS/Linux
A-S #apt –y install krb5-user libpam-krb5 ldap-utils #scp 192.168.0.4:/etc/krb5.conf /etc #kadmin -p admin :addprinc -randkey host/a-s.alpha.com :ktadd host/a-s.alpha.com #chmod 777 /etc/krb5.keytab #apt -y install libnss-ldapd #echo ‘session optional pam_mkhomedir.so’ >> /etc/pam.d/common-session #reboot A-CLI #apt –y install krb5-user libpam-krb5 ldap-utils #scp 192.168.0.4:/etc/krb5.conf /etc..
·OS/Linux
A-S, A-S2, A-D, A-CLI, B-N, B-CLI #scp 192.168.0.1:/etc/ssl/alpha/cacert.pem /usr/local/share/ca-certificates/ca.crt #update-ca-certificates A-M #cd /etc/ssl #vim exts #openssl req –new –out ldap.req –newkey rsa:2048 –nodes –keyout ldap.key ※CN은 LDAP #openssl ca –in ldap.req –out ldap.crt –extfile exts A-D #scp 192.168.0.1:/etc/ssl/ldap.* /etc/ssl/ #scp 192.168.0.1:/etc/ssl/alpha/cacert.pem /etc..
·OS/Linux
A-M #apt –y install isc-dhcp-server #vim /etc/default/isc-dhcp-server #vim /etc/dhcp/dhcpd.conf #systemctl restart isc-dhcp-server B-M #apt –y install isc-dhcp-relay #vim /etc/default/isc-dhcp-relay #systemctl restart isc-dhcp-relay ISP #apt –y install isc-dhcp-server #vim /etc/default/isc-dhcp-server #vim /etc/dhcp/dhcpd.conf #systemctl restart isc-dhcp-server
·OS/Linux
A-EDGE #iptables –t nat –A PREROUTING –d 100.0.0.1 –p tcp --dport 53 –j DNAT --to 192.168.1.1 #iptables –t nat –A PREROUTING –d 100.0.0.1 –p udp --dport 53 –j DNAT --to 192.168.1.1 #iptables –t nat –A PREROUTING –d 100.0.0.1 –p udp --dport 1194 –j DNAT --to 192.168.0.2 #apt –y install iptables-persistent
·OS/Linux
A-EDGE, B-EDGE #apt –y install strongswan A-M #cd /etc/ssl #openssl req –new –out a.req –newkey rsa:2048 –nodes –keyout a.key ※CN은 100.0.0.1 #openssl ca –in a.req –out a.crt #openssl req –new –out b.req –newkey rsa:2048 –nodes –keyout b.key ※CN은 100.0.1.1 #openssl ca –in b.req –out b.crt A-EDGE #scp 192.168.0.1:/etc/ssl/alpha/cacert.pem /etc/ipsec.d/cacerts/ #scp 192.168.0.1:/etc/ssl/*.crt /etc/..
_눙이_
'OS/Linux' 카테고리의 글 목록