preface
I recently decided to move to Linux servers in preparation for the subsequent Docker containerization and K8S service choreography. In my daily development, I use Windows Server server most, and Linux server has used some common commands. Recently evening xiuxian watch video and online information, is a bit familiar with Linux.
This article mainly deals with content
- Log in to the server without a password over SSH
- Linux user and user group management
- RPM package installation, local YUM source build, Ali yum source use
- Install Mysql, change the root password, forget the root password
Content practice environment
- Cenos 7
- MacOs Catalina 10.15.2
- The terminal uses iterm2
SSH Connection server
When you get tired of entering your account and password again and again, try SHH public and private key login.
Enter the following command to connect to the remote server
ssh mflyyou
Copy the code1. Generate public and private keys
ssh-keygen -o -t rsa -b 4096
Copy the code
2. Copy the public key remote server
The public key ends with.pub.
# ssh-copy-id -i {public key absolute path} {remote server username}@{remote server IP address}SSH - copy - id - I/Users/zhangpanqin /. SSH/test_local_server pub [email protected]Copy the codeThis command copies the contents of the specified public key to the specified user (Parallels) on the remote server. This allows the user to log in later without entering a password.
Run the above command, equivalent to copy the public key content to/home/parallels /. SSH/authorized_keys.
Windows system without SSH – copy – id, you can manually copy the contents of the public key to the/home/parallels /. SSH/authorized_keys
3. Configure private key authentication on the local PC
SSH /config on the local PC add the following information.
Host mflyyou.com
HostName 10.211.55.8
AddKeysToAgent yes
UseKeychain yes
User parallels
IdentityFile /Users/zhangpanqin/.ssh/test_local_server
Copy the code
Manage users and user groups
Linux manages the system with files. Good user management facilitates server security. This piece I saw the video and materials are recommended for different applications using different users. The user who installed the program does not have administrator privileges. When administrator privileges are required, use sudo to enhance access.
The user to create
# create mflyyou user and create mflyyou group adduser mflyyou Copy the code
# Change the password of mflyYou, command will prompt you to enter the password passwd mflyyou
The user created above does not have the ability to upgrade sudo, so you need to modify /etc/sudoers to take effect.
Change the writability of the file by running it under root chmod 700 /etc/sudoers# /etc/sudoers: mflyYou ALL=(ALL) PASSWD:ALL root ALL=(ALL) ALL mflyyou ALL=(ALL) PASSWD:ALL
Copy the code
Change the file /etc/sudoers to read-only after granting permissions chmod 400 /etc/sudoers
Assign read/write execution permissions to files (folders)
To prevent other users from modifying the current user’s file content, for security purposes.
You need to assign permissions to the folder or file of the installed program. 4 read r, 2 edit W,1 execute x
chmod 754 /opt/config
Copy the codeExample Modify the read, edit, and execute permissions of users, user groups, and others to which /opt/config belongs. Owning user: Read, Edit, execute, 7 Owning group: Read, execute, 5 Others: Read, 4
Modify the owning user and user group of a folder or file
/opt/config = admin; /opt/config = admin
chonw -R admin:admin /opt/config
Copy the code
The RPM package
Linux is divided into source packages and RPM packages. Source code package we need to compile, and then install, relatively high degree of freedom. The RPM package is a binary package compiled by the manufacturer. It is similar to the Windows. exe package. However, dependencies need to be handled during RPM package installation. Hence, the YUM management RPM package was born. Yum usually needs to be connected to the Internet. Sometimes, the deployed server does not have a network. We can mount a CD or A USB disk to build a local YUM source.
One of the benefits of RPM package installation is that we do not need to configure environment variables. Packages are already built in.
For example, we install the JDK and download the JDK RPM package from the official website.
Install the RPM package
Install the RPM packageRPM -IVh Full name of the packageCopy the code
Example Query the installed RPM package
The RPM - qa | grep package nameCopy the codeUninstall the RPM package
The RPM -e package nameCopy the codeQuery the RPM package to which the file belongs
RPM also provides the query file to which package, we can judge whether the file is a Trojan.
RPM -qf Specifies the name of the system fileCopy the code
Verify the changes made after the RPM package is installed
Sometimes after we install packages, we want to know which modification files have changed. RPM also provides capability queries.
The RPM -v package nameCopy the codeWhere will query resources in RPM packages be installed
Sometimes, we want to know where RPM will install packages
# query the package installation locationThe RPM - ql package nameCopy the code
Extract files from RPM
There could be a situation where we delete the Java executable file. But you don’t want to reinstall the JDK. We can export specific execution files from the corresponding RPM packages. Or the corresponding system command ll.
Extract missing files from RPM packagesRpm2cpio JDK - 13.0.1 _linux - x64_bin. RPM | cpio - idv. / usr/Java/JDK - 13.0.1 / bin/JavaCopy the codeThe preceding command is equivalent to decompressing the RPM package when cPIo-idv and a file path. That is to extract the formulated document.
Decompress the RPM package to the current relative pathRpm2cpio JDK - 13.0.1 _linux - x64_bin. RPM | cpio - idvCopy the codeIf you install mysql-server, the mysql-server depends on the client package, and the client package depends on the common package and the lib package. Keep getting errors when you RPM install, and then you keep installing dependencies that don’t exist. It’s annoying to think about it, so YUM has freed our hands.
Yum install
The speed of the foreign yum source is relatively slow, using Ali cloud to provide a mirror of the yum source, the speed is very fast, give Ali praise.
Change the yum source to Ali mirror
# backup the yum configuration file so that it can be recovered after errors mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup# download ali yum source wget - O/etc/yum repos. D/CentOS - Base. Repo mirrors.aliyun.com/repo/Centos...
Copy the code
Clear the package cache and load the Ali mirror package cache yum clean all yum makecache
Just download the configuration for the specified system, which Ali has already done for us.
Yum install
# list all packages yum list# yum Search
Yum -y install yum -y install
Yum -y update yum -y update yum -y update
Copy the code
# Uninstall packages, try not to uninstallYum -y remove The package name
Set up a local YUM source and install a source for a program. Save for installing mysql.
Mysql installation
Centos 7 does not provide Mysql as the database by default.
1, download the official Mysql yum source.
On the downside, RPM packages downloaded from this yum source are slow.
# Install yum Repositoty
sudo yum localinstall https://repo.mysql.com//mysql80-community-release-el7-3.noarch.rpm
Copy the codeMysql yum Reposity not installed
After executing the command, add mysql yum source, but these resources are foreign, download a little slow
Clear the old package cache and load the new yum source cache
yum clean all
yum makecache
Copy the codeQuery mysql – community – server
yum list | grep "mysql.*-community.*server"
Copy the code
Then install mysql-community-server
# It's a little slow
yum install mysql-community-server
Copy the codeMysql > install Mysql
The server downloads all dependency packages for Mysql
create/mnt/local/packages
Unzip the downloaded packages under/MNT /local/packages.
Generate yum source information
cd /mnt/local
createrepo .
Copy the codeRun the following command to generate yum source information
Configure the YUM source on the server
# Generate yum configuration file sudo touch /etc/yum.repos.d/CentOS-local.repo# centos-local. repo
# local_mysql_diy # local_mysql_diy # local_mysql_diy # local_mysql_diy # local_mysql_diy # local_mysql_diy # local_mysql_diy # local_mysql_diy
Baseurl =file:///mnt/local/
Gpgcheck =0
# enable local_mysql enabled=1
Copy the code
# Key location gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Refresh the yum source
yum clean all
yum makecache
Copy the codeMysql installation
yum install mysql-community-server
Copy the codeStart the Mysql
# start mysql sudo systemctl enable mysqld sudo systemctl start mysqldSudo systemctl status mysqld
Copy the code
Query the initial password sudo grep 'temporary password' /var/log/mysqld.log
/etc/my.cnf /my.cnf /etc/my.cnf
[mysqld]
default-authentication-plugin=mysql_native_password
Copy the codeChange the password
# login mysql
mysql -u root -p123456
# change password
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'Root@2020';
Copy the codeMysql > create user
# create user CREATE USER 'username'@'host' IDENTIFIED BY 'password';Sonar CHARACTER SET 'SONAR ';
Copy the code
# authorization # the select, insert, update, delete the table data operation Alter table create alter table drop grant select.insert.update.delete.create.alter.drop on sonar.* to 'sonar'@The '%';
Mysql 8.0 forgot password
# edit config file, vim /etc/my.cnfAdd skip-grant-tables under # [mysqld
Mysql systemctl restart mysqld
# password-free mysql
Copy the code
Select * from mysql; Select host, user, authentication_string, plugin from user; Update user set authentication_string= "where user='root';Copy the code# exit mysql
/etc/my.cnf [mysqld] skip-grant-tables
# restart mysql
systemctl restart mysqld
# login mysql
In case navicat fails to connect
ALTER USER 'sonar'@The '%' IDENTIFIED WITH mysql_native_password BY 'Sonar@2020';
Copy the codeOther commands
Checking port Usage
netstat -anp|grep 8080
Copy the code