Take it easy, sit back and relax
This is my first personal note. As the title suggests, these are my own personal notes (from a personal perspective) used to record some knowledge points I encounter in daily life that are worth noting down.
I think there's no better place to write than in a blog (actually there's just nowhere else to write). Feel free to read if needed.
The content in personal notes is generally quite fragmented and messy. Please bear with me.
For machines within mainland China:
Debian13
Ubuntu 22.04
CentOS 9 stream
Windows 11 Pro for Workstations
Windows 10 LTSC
Windows Server 2022
Windows Server 2012 R2
Default username and password:
Linux: root LeitboGi0ro
Windows: Administrator Teddysun.com
Default port:
Linux: 22
Windows: 3389
Modify hostname
Modify hosts
Some cloud providers will reset the hosts file upon reboot. You can make the hosts file immutable.
Revert
Then reboot and you're done.
Generate an ED25519 key pair
Find the key pair under ~/.ssh/, download it, and delete the files on the server.
Next, add the public key content to authorized_keys
and set the correct permissions.
Configure sshd_config
Make sure PubkeyAuthentication yes
If you want to disable password login and only allow key-based authentication (recommended)
Find #PasswordAuthentication yes, uncomment it, and change yes to no.
Restart SSH
First switch to root
Enter the root password.
Find PermitRootLogin no and change it to PermitRootLogin yes
Sometimes it's PermitRootLogin prohibit-password, which means password login is disabled. Just change it to yes.
Restart the SSH service.
Open gdm-password
Comment out the following line and reboot.
We use the CERNET (Campus Network) mirror source Debian , Ubuntu
Clear the contents and replace them with the mirror source.
Older systems like Debian 10 may be missing some files.
Here we recommend using Alibaba Cloud mirror source Debian , Ubuntu
Note! The Alibaba Cloud mirror is relatively slow (usually around 500KB/s). It is only recommended for Alibaba Cloud servers or systems not supported by campus network mirrors (e.g., Debian 9 and below).
Check the current system language
LANG should be changed to zh_CN.UTF-8
Configure locales
Find and install zh_CN.UTF-8 in the list.
Select zh_CN.UTF-8 and install Chinese fonts.
After rebooting, run locale and verify it shows zh_CN.UTF-8.
Check bashrc and profile to see if the language is locked to "C"
If there is code that locks the locale to "C", comment it out.
Install UFW
Add basic rules
Add source IP rules (Allow access from the 10.x.x.x IP range)
Add multi-IP rules (For machines with multiple public IPs)
Enable UFW firewall
View firewall rules
Delete firewall rules (View firewall rule numbers, then delete the rule numbered 1)
Reload firewall
Add 2001:67c:2960::64 or 2a00:1098:2b::1
First install 4. Install WireGuard related components
Then install 5. Automatically configure WARP WireGuard IPv4 network
wget --no-check-certificate -qO InstallNET.sh 'https://raw.githubusercontent.com/leitbogioro/Tools/master/Linux_reinstall/InstallNET.sh' && chmod a+x InstallNET.sh
wget --no-check-certificate -qO InstallNET.sh 'https://gitee.com/mb9e8j2/Tools/raw/master/Linux_reinstall/InstallNET.sh' && chmod a+x InstallNET.sh
bash InstallNET.sh -debian
bash InstallNET.sh -ubuntu
bash InstallNET.sh -centos
bash InstallNET.sh -windows
bash InstallNET.sh -windows10
bash InstallNET.sh -windows2022
bash InstallNET.sh -windows2012
nano /etc/hostname
nano /etc/hosts
sudo chattr +i /etc/hosts
sudo chattr -i /etc/hosts
ssh-keygen -t ed25519
nano ~/.ssh/authorized_keys
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
nano /etc/ssh/sshd_config
sudo systemctl restart ssh
su -
nano /etc/ssh/sshd_config
sudo systemctl restart ssh
nano /etc/pam.d/gdm-password
auth required pam_succeed_if.so user != root quiet_success
nano /etc/apt/sources.list
locale
sudo apt-get update
sudo apt-get install locales
sudo dpkg-reconfigure locales
sudo update-locale LANG=zh_CN.UTF-8
sudo apt-get install fonts-wqy-zenhei
nano ~/.bashrc
nano ~/.profile
rm ~/.bashrc
nano ~/.bashrc
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples
# If not running interactively, don't do anything
case $- in
*i*) ;;
*) return;;
esac
# don't put duplicate lines or lines starting with space in the history.
# See bash(1) for more options
HISTCONTROL=ignoreboth
# append to the history file, don't overwrite it
shopt -s histappend
# for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
HISTSIZE=1000
HISTFILESIZE=2000
# check the window size after each command and, if necessary,
# update the values of LINES and COLUMNS.
shopt -s checkwinsize
# If set, the pattern "**" used in a pathname expansion context will
# match all files and zero or more directories and subdirectories.
#shopt -s globstar
# make less more friendly for non-text input files, see lesspipe(1)
#[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"
# set variable identifying the chroot you work in (used in the prompt below)
if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then
debian_chroot=$(cat /etc/debian_chroot)
fi
# set a fancy prompt (non-color, unless we know we "want" color)
case "$TERM" in
xterm-color|*-256color) color_prompt=yes;;
esac
# uncomment for a colored prompt, if the terminal has the capability; turned
# off by default to not distract the user: the focus in a terminal window
# should be on the output of commands, not on the prompt
#force_color_prompt=yes
if [ -n "$force_color_prompt" ]; then
if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
# We have color support; assume it's compliant with Ecma-48
# (ISO/IEC-6429). (Lack of such support is extremely rare, and such
# a case would tend to support setf rather than setaf.)
color_prompt=yes
else
color_prompt=
fi
fi
if [ "$color_prompt" = yes ]; then
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
else
PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
fi
unset color_prompt force_color_prompt
# If this is an xterm set the title to user@host:dir
case "$TERM" in
xterm*|rxvt*)
PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
;;
*)
;;
esac
# enable color support of ls and also add handy aliases
if [ -x /usr/bin/dircolors ]; then
test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
alias ls='ls --color=auto'
#alias dir='dir --color=auto'
#alias vdir='vdir --color=auto'
#alias grep='grep --color=auto'
#alias fgrep='fgrep --color=auto'
#alias egrep='egrep --color=auto'
fi
# colored GCC warnings and errors
#export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01'
# some more ls aliases
#alias ll='ls -l'
#alias la='ls -A'
#alias l='ls -CF'
# Alias definitions.
# You may want to put all your additions into a separate file like
# ~/.bash_aliases, instead of adding them here directly.
# See /usr/share/doc/bash-doc/examples in the bash-doc package.
if [ -f ~/.bash_aliases ]; then
. ~/.bash_aliases
fi
# enable programmable completion features (you don't need to enable
# this, if it's already enabled in /etc/bash.bashrc and /etc/profile
# sources /etc/bash.bashrc).
if ! shopt -oq posix; then
if [ -f /usr/share/bash-completion/bash_completion ]; then
. /usr/share/bash-completion/bash_completion
elif [ -f /etc/bash_completion ]; then
. /etc/bash_completion
fi
fi
sudo apt-get update
sudo apt-get install ufw
sudo ufw allow 22
sudo ufw allow 22/tcp
sudo ufw allow 22/udp
sudo ufw allow from 10.0.0.0/8 to any port 22
sudo ufw allow from 10.0.0.0/8 to any port 22/tcp
sudo ufw allow from 10.0.0.0/8 to any port 22/udp
sudo ufw allow from any to {server IP} port 22
sudo ufw allow proto tcp from any to {server IP} port 22
sudo ufw allow proto udp from any to {server IP} port 22
sudo ufw enable
sudo ufw status
sudo ufw status numbered
sudo ufw delete 1
sudo ufw reload
nano /etc/resolv.conf
bash <(curl -fsSL git.io/warp.sh) menu