![]()
fw(skill39.net) #vi /etc/ssl/openssl.cnf #vi /usr/lib/ssl/misc/CA.pl #/usr/lib/ssl/misc/CA.pl -newca ※ CN=WSC2021-CA #cp /etc/ssl/CA/cacert.pem /usr/local/share/ca-certificates/ca.crt #update-ca-certificates ALL #scp 200.220.55.1:/usr/local/share/ca-certificates/ca.crt /usr/local/share/ca-certificates/ #update-ca-certificates
![]()
srvpv02 #mkdir -p /backup/private-skill39-net #vi /etc/default/rsync #mkdir /var/log/rsync #chmod 777 /var/log/rsync #cp /usr/share/doc/rsync/examples/rsyncd.conf /etc/ #vi /etc/rsyncd.conf private #mkdir /important-data #vi /usr/local/bin/backup.sh #chmod +x /usr/local/bin/backup.sh #vi /etc/crontab #systemctl restart cron
![]()
private #mkdir /root/.ssh client1 #login adam #ssh-keygen -t rsa ※ 모두 엔터로 넘김 #scp /data/home/adam/.ssh/id_rsa.pub root@private.skill39.net:/root/.ssh/authorized_keys #exit #ssh-keygen –t rsa ※ passphrase를 Passw0rd$로 넣는다 #touch /etc/profile.d/ssh.sh #chmod +x /etc/profile.d/ssh.sh #vi /etc/profile.d/ssh.sh #reboot ※ passphrase 입력 #scp /root/.ssh/id_rsa.pub private.skill39.net:/root/.ssh/ private ..
![]()
file #apt install samba -y #mkdir /data/public-files #chmod 777 /data/public-files #vi /etc/samba/smb.conf. #systemctl restart smbd nmbd public #mkdir -p /data/public-files #chmod 777 /data/public-files #apt install cifs-utils keyutils -y #vi /etc/fstab #mount -a
![]()
file #apt install slapd ldap-utils migrationtools -y #vi /etc/ldap/ldap.conf #systemctl restart slapd #cd /usr/share/migrationtools/ #vi migrate_common.ph #cp migrate_common.ph /usr/share/perl5/ #adduser --gecos ‘’ --uid 1001 --home /data/home/adam adam #adduser --gecos ‘’ --uid 1002 --home /data/home/jane jane #./migrate_passwd.pl /etc/passwd | grep –iv ‘objectclass: account’ > passwd.ldif #vi ..
![]()
file ※ 1GB 하드디스크 3개 추가 #apt install mdadm lvm2 nfs-kernel-server -y #mdadm –-create /dev/md0 –-level=5 –-raid-devices=3 /dev/sdb /dev/sdc /dev/sdd #update-initramfs -u #pvcreate /dev/md0 #vgcreate file /dev/md0 #lvcreate -l 100%FREE -n data file /dev/md0 #mkfs.ext4 /dev/file/data #mkdir /data #vim /etc/fstab . #mount -a #mkdir /data/documents #mkdir /data/home #chmod 777 /data/* #vi /etc/exports..
![]()
fw(worldskills.org) #apt install openvpn –y #openvpn --genkey --secret /etc/openvpn/s2s.key #vi /etc/openvpn/server.conf #chmod +x /etc/openvpn/server.conf cipher AES-256-CBC -> 암호화 방식 (Cipher Block Chaining) persist-key -> 재시작 후에도 Key 값 유지 (Persistent Key) persist-tun -> 재시작 후에도 터널 디바이스 유지 (Persistent Tunnel) status /etc/openvpn/openvpn.log -> 접속 상태 로그 verb 3 -> 로깅 수준 explicit-exit-notify 1 #ch..
![]()
fw(skill39.net) #apt install iptables-persistent -y #update-alternatives --set iptables /usr/sbin/iptables-legacy #iptables -P INPUT DROP #iptables -P FORWARD DROP #iptables -P OUTPUT DROP #touch /etc/rc.local #chmod +x /etc/rc.local #vi /etc/rc.local #systemctl restart rc.local.service fw(worldskills.org) #apt install iptables-persistent -y #update-alternatives --set iptables /usr/sbin/iptables..
![]()
file #apt install bind9 -y #mv /etc/bind/db.* /var/cache/bind/ #rm -f /etc/bind/named.conf.* #vi /etc/bind/named.conf #cp /var/cache/bind/db.empty /var/cache/bind/skill39.zone #cp /var/cache/bind/db.empty /var/cache/bind/skill39.zone.ext #cp /var/cache/bind/db.127 /var/cache/bind/1.rev #cp /var/cache/bind/db.127 /var/cache/bind/2.rev #chmod 777 -R /var/cache/bind/ #chown bind:bind -R /var/cache/..
프로그램의 IO 스케쥴링 클래스와 우선 순위를 확인 및 설정 실시간으로 주는 top과는 달리 체크하는 시간에 따른 상태량을 확인할 수 있었습니다. iostat [옵션] [갱신주기(초)] [리포트개수(숫자)] ionice [[-c class] [-n classdata] [-t]] -p PID [PID] ... ionice [-c class] [-n classdata] [-t] COMMAND [ARG] ... -c class : 스케쥴링 클래스(class)를 설정. 0은 값 없음, 1은 실시간으로, 2는 최우선적으로 실행, 3은 유휴상태 -n classdata : 스케쥴링 클래스 데이터(classdata)를 설정. 인자 값으로 0-7의 값을 지정할 수 있음. 낮은 숫자일수록 우선 순위가 높음 -p pid :..
