Take it easy, sit back and relax
This is my first personal note. As the title says, this is my own personal note (personal-use oriented) for recording some knowledge points I come across in daily life that are worth writing down
I feel there's no better place to write this than in my blog (actually it's just that I don't have anywhere else to write), so read it if you need it
The content in personal notes is generally fragmented and messy, so please excuse that
For machines in mainland China:
Debian13
Ubuntu 22.04
CentOS 9 stream
Windows 11 Pro for Workstations
Windows 10 LTSC
Windows Server 2022
Windows Server 2012 R2
Default username and password:
Linux: root LeitboGi0ro
Windows: Administrator Teddysun.com
Default ports:
Linux: 22
Windows: 3389
Modify hostname
Modify hosts
Some cloud providers reset the hosts file on reboot, so you can make hosts immutable
Restore
Then just reboot.
Generate an ED25519 key pair
Find the key pair under ~/.ssh/, download it, and delete the files on the server
Next, put the public key content into authorized_keys
And set the permissions correctly
Configure sshd_config
Ensure PubkeyAuthentication yes
If you want to disable password login and allow key-based login only (recommended)
Find #PasswordAuthentication yes, uncomment it, and change yes to no
Restart ssh
First switch to root
Just enter the root password
Find PermitRootLogin no and change it to PermitRootLogin yes
Sometimes it is PermitRootLogin prohibit-password, which means password login is disabled; just change it to yes
Just restart the SSH service
Open gdm-password
Comment out the following line and reboot
We use the CERNET joint mirrors Debian , Ubuntu
Clear the contents and replace them with the mirror source entries
Older systems such as debian10 may be missing files
Here I recommend using the Alibaba Cloud mirror sources Debian , Ubuntu
Note! Alibaba mirrors are slower (usually around 500KB/s), and are only recommended for Alibaba Cloud servers or systems not supported by university mirrors (such as debian9 and below)
Check the current system language
Change LANG to zh_CN.UTF-8
Configure locales
Find and install zh_CN.UTF-8
Select zh_CN.UTF-8 and install Chinese fonts
After rebooting, run locale and make sure it shows zh_CN.UTF-8
Check whether bashrc and profile lock the language to "C"
If there is code that locks it to "C", just comment it out
Install UFW
Add basic rules
Add source IP rules (Allow access from IPs in the 10.x.x.x range)
Add multi-IP rules (For machines with multiple public IPs)
Enable the UFW firewall
View firewall rules
Delete firewall rules (Check the firewall rule numbers and delete rule number 1)
Reload the firewall
Add 2001:67c:2960::64 or 2a00:1098:2b::1
First install 4. 安装 WireGuard 相关组件
Then install 5. 自动配置 WARP WireGuard IPv4 网络
This note is finished. Next:
wget --no-check-certificate -qO InstallNET.sh 'https://raw.githubusercontent.com/leitbogioro/Tools/master/Linux_reinstall/InstallNET.sh' && chmod a+x InstallNET.sh
wget --no-check-certificate -qO InstallNET.sh 'https://gitee.com/mb9e8j2/Tools/raw/master/Linux_reinstall/InstallNET.sh' && chmod a+x InstallNET.sh
bash InstallNET.sh -debian
bash InstallNET.sh -ubuntu
bash InstallNET.sh -centos
bash InstallNET.sh -windows
bash InstallNET.sh -windows10
bash InstallNET.sh -windows2022
bash InstallNET.sh -windows2012
nano /etc/hostname
nano /etc/hosts
sudo chattr +i /etc/hosts
sudo chattr -i /etc/hosts
ssh-keygen -t ed25519
nano ~/.ssh/authorized_keys
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
nano /etc/ssh/sshd_config
sudo systemctl restart ssh
su -
nano /etc/ssh/sshd_config
sudo systemctl restart ssh
nano /etc/pam.d/gdm-password
auth required pam_succeed_if.so user != root quiet_success
nano /etc/apt/sources.list
locale
sudo apt-get update
sudo apt-get install locales
sudo dpkg-reconfigure locales
sudo update-locale LANG=zh_CN.UTF-8
sudo apt-get install fonts-wqy-zenhei
nano ~/.bashrc
nano ~/.profile
rm ~/.bashrc
nano ~/.bashrc
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples
# If not running interactively, don't do anything
case $- in
*i*) ;;
*) return;;
esac
# don't put duplicate lines or lines starting with space in the history.
# See bash(1) for more options
HISTCONTROL=ignoreboth
# append to the history file, don't overwrite it
shopt -s histappend
# for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
HISTSIZE=1000
HISTFILESIZE=2000
# check the window size after each command and, if necessary,
# update the values of LINES and COLUMNS.
shopt -s checkwinsize
# If set, the pattern "**" used in a pathname expansion context will
# match all files and zero or more directories and subdirectories.
#shopt -s globstar
# make less more friendly for non-text input files, see lesspipe(1)
#[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"
# set variable identifying the chroot you work in (used in the prompt below)
if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then
debian_chroot=$(cat /etc/debian_chroot)
fi
# set a fancy prompt (non-color, unless we know we "want" color)
case "$TERM" in
xterm-color|*-256color) color_prompt=yes;;
esac
# uncomment for a colored prompt, if the terminal has the capability; turned
# off by default to not distract the user: the focus in a terminal window
# should be on the output of commands, not on the prompt
#force_color_prompt=yes
if [ -n "$force_color_prompt" ]; then
if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
# We have color support; assume it's compliant with Ecma-48
# (ISO/IEC-6429). (Lack of such support is extremely rare, and such
# a case would tend to support setf rather than setaf.)
color_prompt=yes
else
color_prompt=
fi
fi
if [ "$color_prompt" = yes ]; then
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
else
PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
fi
unset color_prompt force_color_prompt
# If this is an xterm set the title to user@host:dir
case "$TERM" in
xterm*|rxvt*)
PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
;;
*)
;;
esac
# enable color support of ls and also add handy aliases
if [ -x /usr/bin/dircolors ]; then
test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
alias ls='ls --color=auto'
#alias dir='dir --color=auto'
#alias vdir='vdir --color=auto'
#alias grep='grep --color=auto'
#alias fgrep='fgrep --color=auto'
#alias egrep='egrep --color=auto'
fi
# colored GCC warnings and errors
#export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01'
# some more ls aliases
#alias ll='ls -l'
#alias la='ls -A'
#alias l='ls -CF'
# Alias definitions.
# You may want to put all your additions into a separate file like
# ~/.bash_aliases, instead of adding them here directly.
# See /usr/share/doc/bash-doc/examples in the bash-doc package.
if [ -f ~/.bash_aliases ]; then
. ~/.bash_aliases
fi
# enable programmable completion features (you don't need to enable
# this, if it's already enabled in /etc/bash.bashrc and /etc/profile
# sources /etc/bash.bashrc).
if ! shopt -oq posix; then
if [ -f /usr/share/bash-completion/bash_completion ]; then
. /usr/share/bash-completion/bash_completion
elif [ -f /etc/bash_completion ]; then
. /etc/bash_completion
fi
fi
sudo apt-get update
sudo apt-get install ufw
sudo ufw allow 22
sudo ufw allow 22/tcp
sudo ufw allow 22/udp
sudo ufw allow from 10.0.0.0/8 to any port 22
sudo ufw allow from 10.0.0.0/8 to any port 22/tcp
sudo ufw allow from 10.0.0.0/8 to any port 22/udp
sudo ufw allow from any to {服务器IP} port 22
sudo ufw allow proto tcp from any to {服务器IP} port 22
sudo ufw allow proto udp from any to {服务器IP} port 22
sudo ufw enable
sudo ufw status
sudo ufw status numbered
sudo ufw delete 1
sudo ufw reload
nano /etc/resolv.conf
bash <(curl -fsSL git.io/warp.sh) menu