public #apt install proftpd fail2ban -y #cd /etc/ssl/ #scp 200.220.55.1:/etc/ssl/ftp.* ./ #chmod 777 -R /var/www/ #vi /etc/proftpd/proftpd.conf #vi /etc/proftpd/proftpd.conf #cd /etc/proftpd/ #touch ftpd.passwd #touch ftpd.group #chown proftpd:nogroup ftpd.* #chmod 400 ftpd.* #ftpasswd -file /etc/proftpd/ftpd.passwd -uid 33 -gid 33 -name webmaster -shell /bin/false -home /home/webmaster -passwd ..
분류 전체보기
fw(skill39.net) #openssl req -new -out www.req -newkey rsa:2048 -keyout www.key -nodes ※ CN = www.worldskills.org #openssl req -new -out public.req -newkey rsa:2048 -keyout public.key -nodes ※ CN = public.worldskills.org #openssl ca -in www.req -out www.crt #openssl ca -in public.req -out public.crt fw(worldskills.org) #apt install nginx -y #cd /etc/ssl #scp 200.220.55.1:/etc/ssl/*.crt ./ #scp 2..
private #apt install apache2 -y #vi /etc/apache2/sites-enabled/000-default.conf #a2enmod authnz_ldap #a2ensite 000-default.conf #systemctl restart apache2 public #apt install apache2 -y #cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/www.conf #cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/public.conf #vi /etc/apache2/sites-available/..
fw(skill39.net) #vi /etc/ssl/openssl.cnf #vi /usr/lib/ssl/misc/CA.pl #/usr/lib/ssl/misc/CA.pl -newca ※ CN=WSC2021-CA #cp /etc/ssl/CA/cacert.pem /usr/local/share/ca-certificates/ca.crt #update-ca-certificates ALL #scp 200.220.55.1:/usr/local/share/ca-certificates/ca.crt /usr/local/share/ca-certificates/ #update-ca-certificates
srvpv02 #mkdir -p /backup/private-skill39-net #vi /etc/default/rsync #mkdir /var/log/rsync #chmod 777 /var/log/rsync #cp /usr/share/doc/rsync/examples/rsyncd.conf /etc/ #vi /etc/rsyncd.conf private #mkdir /important-data #vi /usr/local/bin/backup.sh #chmod +x /usr/local/bin/backup.sh #vi /etc/crontab #systemctl restart cron
private #mkdir /root/.ssh client1 #login adam #ssh-keygen -t rsa ※ 모두 엔터로 넘김 #scp /data/home/adam/.ssh/id_rsa.pub root@private.skill39.net:/root/.ssh/authorized_keys #exit #ssh-keygen –t rsa ※ passphrase를 Passw0rd$로 넣는다 #touch /etc/profile.d/ssh.sh #chmod +x /etc/profile.d/ssh.sh #vi /etc/profile.d/ssh.sh #reboot ※ passphrase 입력 #scp /root/.ssh/id_rsa.pub private.skill39.net:/root/.ssh/ private ..
file #apt install samba -y #mkdir /data/public-files #chmod 777 /data/public-files #vi /etc/samba/smb.conf. #systemctl restart smbd nmbd public #mkdir -p /data/public-files #chmod 777 /data/public-files #apt install cifs-utils keyutils -y #vi /etc/fstab #mount -a
file #apt install slapd ldap-utils migrationtools -y #vi /etc/ldap/ldap.conf #systemctl restart slapd #cd /usr/share/migrationtools/ #vi migrate_common.ph #cp migrate_common.ph /usr/share/perl5/ #adduser --gecos ‘’ --uid 1001 --home /data/home/adam adam #adduser --gecos ‘’ --uid 1002 --home /data/home/jane jane #./migrate_passwd.pl /etc/passwd | grep –iv ‘objectclass: account’ > passwd.ldif #vi ..
file ※ 1GB 하드디스크 3개 추가 #apt install mdadm lvm2 nfs-kernel-server -y #mdadm –-create /dev/md0 –-level=5 –-raid-devices=3 /dev/sdb /dev/sdc /dev/sdd #update-initramfs -u #pvcreate /dev/md0 #vgcreate file /dev/md0 #lvcreate -l 100%FREE -n data file /dev/md0 #mkfs.ext4 /dev/file/data #mkdir /data #vim /etc/fstab . #mount -a #mkdir /data/documents #mkdir /data/home #chmod 777 /data/* #vi /etc/exports..
fw(worldskills.org) #apt install openvpn –y #openvpn --genkey --secret /etc/openvpn/s2s.key #vi /etc/openvpn/server.conf #chmod +x /etc/openvpn/server.conf cipher AES-256-CBC -> 암호화 방식 (Cipher Block Chaining) persist-key -> 재시작 후에도 Key 값 유지 (Persistent Key) persist-tun -> 재시작 후에도 터널 디바이스 유지 (Persistent Tunnel) status /etc/openvpn/openvpn.log -> 접속 상태 로그 verb 3 -> 로깅 수준 explicit-exit-notify 1 #ch..