0712

1、SSH远程服务的管理操作

A、通过两种方式来拒绝开放一个端口22（SSH端口）:

要求：一种是通过修改配置文件并重新加载配置；另一种是通过命令操作方式来实现开放一个端口，并测试端口是否通。

 

答：

1）

cd /etc/firewalld/zones 进入zones文件夹

vi public.xml 打开防火墙配置文件 删除<service name="ssh"/>行 保存并退出

firewall-cmd --reload   重载防火墙配置文件

 

2）

[root@bogon ~]# firewall-cmd --add-port=22/tcp --permanent 开放一个ssh端口，

success

[root@bogon ~]# firewall-cmd --reload 重载配置文件

success

[root@bogon ~]# netstat -an | grep :22 查看端口状态

tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN     

tcp        0      0 192.168.1.164:22        192.168.1.148:49693     ESTABLISHED  已连通

tcp6       0      0 :::22                   :::*                    LISTEN

[root@bogon ~]# firewall-cmd --remove-port=22/tcp --permanent 删除ssh端口

success

[root@bogon ~]# firewall-cmd --reload 重载配置文件

success

 

B、通过两种方式来结束ssh服务，并把步骤写在上面；

答：

1）

[root@bogon zones]# firewall-cmd --add-service=ssh 查看防火墙中的服务

success

[root@bogon zones]# firewall-cmd --list-all

public (default, active)

  interfaces: eno16777736

  sources:

  services: dhcpv6-client ssh ssh服务

  ports:

  masquerade: no

  forward-ports:

  icmp-blocks:

  rich rules:

[root@bogon zones]# firewall-cmd --remove-service=ssh 删除ssh服务

success

[root@bogon zones]# firewall-cmd --list-all

public (default, active)

  interfaces: eno16777736

  sources:

  services: dhcpv6-client

  ports:

  masquerade: no

  forward-ports:

  icmp-blocks:

  rich rules:

 

2）

[root@bogon zones]# netstat -anp |grep :22 查看端口为22的进程的PID

tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1465/sshd           

tcp        0      0 192.168.1.164:22        192.168.1.148:49790     ESTABLISHED 14846/sshd: root@pt

tcp6       0      0 :::22                   :::*                    LISTEN      1465/sshd           

[root@bogon zones]# kill -9 14846 结束该进程

 

 

 

C、把ssh服务设置成开机禁用，并把步骤及效果写在上面。

 

答：

[root@bogon zones]# systemctl disable sshd.service

Removed symlink /etc/systemd/system/multi-user.target.wants/sshd.service.

 

 

2、查看自己虚拟机的软（系统）硬件（CPU、内存、硬盘、主板）信息，并把信息打出的结果打印在作业上。

 

1)cpu

[root@bogon zones]# lscpu

Architecture:          x86_64

CPU op-mode(s):        32-bit, 64-bit

Byte Order:            Little Endian

CPU(s):                1

On-line CPU(s) list:   0

Thread(s) per core:    1

Core(s) per socket:    1

Socket(s):             1

NUMA node(s):          1

Vendor ID:             GenuineIntel

CPU family:            6

Model:                 58

Model name:            Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz

Stepping:              9

CPU MHz:               2494.399

BogoMIPS:              4988.79

Hypervisor vendor:     VMware

Virtualization type:   full

L1d cache:             32K

L1i cache:             32K

L2 cache:              256K

L3 cache:              3072K

NUMA node0 CPU(s):     0

 

2)内存

[root@bogon zones]# more /proc/meminfo

MemTotal:        1001332 kB

MemFree:           90128 kB

MemAvailable:     148072 kB

Buffers:              12 kB

Cached:           147344 kB

SwapCached:          516 kB

Active:           281960 kB

Inactive:         269472 kB

Active(anon):     198500 kB

Inactive(anon):   211648 kB

Active(file):      83460 kB

Inactive(file):    57824 kB

Unevictable:           0 kB

Mlocked:               0 kB

SwapTotal:       2097148 kB

SwapFree:        2093436 kB

Dirty:                 4 kB

Writeback:             0 kB

AnonPages:        403608 kB

Mapped:            83008 kB

Shmem:              6072 kB

Slab:             116320 kB

SReclaimable:      58564 kB

SUnreclaim:        57756 kB

KernelStack:       12448 kB

PageTables:        24228 kB

NFS_Unstable:          0 kB

Bounce:                0 kB

WritebackTmp:          0 kB

CommitLimit:     2597812 kB

Committed_AS:    2391576 kB

VmallocTotal:   34359738367 kB

VmallocUsed:      171320 kB

VmallocChunk:   34359539344 kB

HardwareCorrupted:     0 kB

AnonHugePages:    147456 kB

HugePages_Total:       0

HugePages_Free:        0

HugePages_Rsvd:        0

HugePages_Surp:        0

Hugepagesize:       2048 kB

DirectMap4k:       89984 kB

DirectMap2M:      958464 kB

 

3）硬盘

[root@bogon zones]# smartctl -a /dev/sda

smartctl 6.2 2013-07-26 r3841 [x86_64-linux-3.10.0-327.el7.x86_64] (local build)

Copyright (C) 2002-13, Bruce Allen, Christian Franke, www.smartmontools.org

 

=== START OF INFORMATION SECTION ===

Vendor:               VMware,

Product:              VMware Virtual S

Revision:             1.0

User Capacity:        21,474,836,480 bytes [21.4 GB]

Logical block size:   512 bytes

Device type:          disk

Local Time is:        Tue Jul 12 20:04:54 2016 CST

SMART support is:     Unavailable - device lacks SMART capability.

 

=== START OF READ SMART DATA SECTION ===

 

Error Counter logging not supported

 

Device does not support Self Test logging

 

4）主板

[root@bogon zones]# dmidecode |grep -A16 "System Information$"

System Information

Manufacturer: VMware, Inc.

Product Name: VMware Virtual Platform

Version: None

Serial Number: VMware-56 4d e6 ab d1 61 6b 87-9f 50 6c de 7e 49 6b 78

UUID: ABE64D56-61D1-876B-9F50-6CDE7E496B78

Wake-up Type: Power Switch

SKU Number: Not Specified

Family: Not Specified

 

Handle 0x0002, DMI type 2, 15 bytes

Base Board Information

Manufacturer: Intel Corporation

Product Name: 440BX Desktop Reference Platform

Version: None

Serial Number: None

Asset Tag: Not Specified