ホスト名
ホスト名の確認
# cat /etc/hostnameホスト名の変更
# vi /etc/hostnameネットワーク情報
ネットワークデバイス名の確認
# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether ??:??:??:??:??:?? brd ff:ff:ff:ff:ff:ff
altname enp2s0
altname enx????????????
3: enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether ??:??:??:??:??:?? brd ff:ff:ff:ff:ff:ff
altname enx????????????
inet 192.168.103.213/24 brd 192.168.103.255 scope global dynamic noprefixroute enp4s0
valid_lft 85836sec preferred_lft 75036sec
inet6 240d:1a:3ce:ba00:4943:9310:ce3f:d58d/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 86341sec preferred_lft 86341sec
inet6 fe80::12b:5152:6c1e:fc50/64 scope link
valid_lft forever preferred_lft forever
4: wlp3s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether ??:??:??:??:??:?? brd ff:ff:ff:ff:ff:ff
altname wlx????????????ネットワークのハードウェア情報の確認
ネットワークデバイスが何のハードウェアかは、以下のコマンで確認できます(ログは一部抜粋したもの)
# lshw -C network
*-network DISABLED
description: Ethernet interface
product: RTL8111/8168/8211/8411 PCI Express Gigabit Ethernet Controller
vendor: Realtek Semiconductor Co., Ltd.
logical name: eno1
*-network DISABLED
description: Wireless interface
product: Wi-Fi 6 AX200
vendor: Intel Corporation
logical name: wlp3s0
*-network
description: Ethernet interface
product: Ethernet Controller I226-V
vendor: Intel Corporation
logical name: enp4s0固定IP設定
現在のネットワーク設定確認
inet dhcp なら DHCP、inet static なら固定IPです
# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug enp4s0
iface enp4s0 inet dhcp固定IP設定
各値は自分の環境に合わせ設定すること
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug enp4s0
iface enp4s0 inet static
address 192.168.103.103
netmask 255.255.255.0
network 192.168.103.0
broadcast 192.168.103.255
gateway 192.168.103.1
dns-nameservers 192.168.103.1設定が終わったら、設定を反映
# systemctl restart ifup@enp4s0SSH設定
設定ファイルのバックアップ
# cp /etc/ssh/sshd_config /etc/ssh/sshd_config.org使用済みポートの確認
# ss -atnu
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
tcp ESTAB 0 52 192.168.103.103:22 192.168.103.126:61628
tcp LISTEN 0 128 [::]:22 [::]:* 設定を検討する項目
| ポート番号の変更 | デフォルトの22を使う | XXXXXを使う |
| #Port 22 | Port XXXXX | |
| root ログイン | 許可 | 禁止 |
| PermitRootLogin yes | PermitRootLogin no | |
| 公開鍵認証 | 禁止 | 許可 |
| #PubkeyAuthentication yes | PubkeyAuthentication yes | |
| パスワード認証 | 許可 | 禁止 |
| #PasswordAuthentication yes | PasswordAuthentication no |
鍵の作成
$ ssh-keygen
Generating public/private ed25519 key pair.
Enter file in which to save the key (/home/hoge/.ssh/id_ed25519):
Enter passphrase for "/home/hoge/.ssh/id_ed25519" (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/hoge/.ssh/id_ed25519
Your public key has been saved in /home/hoge/.ssh/id_ed25519.pub
The key fingerprint is:
SHA256:mmhImSeMBGgMLZSzXxm0tO12/aaOgY38qwUWBENo6Ug hoge@ylocalhost
The key's randomart image is:
+--[ED25519 256]--+
|Bo. =*.. |
|+E.+..* |
|oo* ooo |
|.= + o. . . |
|. B o =S. . |
| . = .+o* . |
| . o o+ + o |
| . o o o |
| ..+oo |
+----[SHA256]-----+プライベートキーを取り出したらサーバーからは削除
パブリックキーは authorized_keys にリネーム
$ rm .ssh/id_ed25519
$ mv .ssh/id_ed25519.pub .ssh/authorized_keys
コメント