Linux下挂载U盘:
lsblk #查看哪个是U盘设备
mount /dev/sda1 /mnt/ #挂载U盘
###
禁止使用U盘:( 让安装 usb-storage 模块的操作实际上变成运行 /bin/true )
[root@Zabbix_server_01 ~]# echo "install usb-storage /bin/true" >> /etc/modprobe.d/usb-storage.conf
[root@Zabbix_server_01 ~]# cat /etc/modprobe.d/usb-storage.conf
install usb-storage /bin/true
###
禁止Alt+Ctrl+Del键盘组合键,防止恶意或误操作导致系统重启。
/etc/init/control-alt-delete.conf文件的默认样子:
[root@Zabbix_server_01 ~]# cat /etc/init/control-alt-delete.conf
# control-alt-delete - emergency keypress handling
#
# This task is run whenever the Control-Alt-Delete key combination is
# pressed. Usually used to shut down the machine.
#
# Do not edit this file directly. If you want to change the behaviour,
# please create a file control-alt-delete.override and put your changes there.
start on control-alt-delete
exec /sbin/shutdown -r now "Control-Alt-Delete pressed"
配置方法:(把对应的行注释掉)
[root@Zabbix_server_01 ~]# sed -i 's,^start.*,#start on control-alt-delete,' /etc/init/control-alt-delete.conf
[root@Zabbix_server_01 ~]# sed -i 's,^exec.*,#exec /sbin/shutdown -r now "Control-Alt-Delete pressed",' /etc/init/control-alt-delete.conf
完成的效果:
[root@Zabbix_server_01 ~]# cat /etc/init/control-alt-delete.conf
# control-alt-delete - emergency keypress handling
#
# This task is run whenever the Control-Alt-Delete key combination is
# pressed. Usually used to shut down the machine.
#
# Do not edit this file directly. If you want to change the behaviour,
# please create a file control-alt-delete.override and put your changes there.
#start on control-alt-delete
#exec /sbin/shutdown -r now "Control-Alt-Delete pressed"
###
关闭图像界面:(将系统运行级别设置为3)
[root@Zabbix_server_01 ~]# sed -i 's/^id:.*/id:3:initdefault:/g' /etc/inittab
[root@Zabbix_server_01 ~]# tail -9 /etc/inittab
# 0 - halt (Do NOT set initdefault to this)
# 1 - Single user mode
# 2 - Multiuser, without NFS (The same as 3, if you do not have networking)
# 3 - Full multiuser mode
# 4 - unused
# 5 - X11
# 6 - reboot (Do NOT set initdefault to this)
#
id:3:initdefault:
备注:
0:关机状态(使用此级别时将会关闭主机)
1:单用户模式(不需要密码验证即可登录系统,多用于系统维护)
2:字符界面的多用户模式(不支持访问网络)
3:字符界面的完整多用户模式(默认运行级别)
4:未分配使用
5:图形界面的多用户模式(提供了图形桌面操作环境)
6:重新启动(使用此级别时将会重启主机)
###
禁止DNS反向解析:
[root@Zabbix_server_01 ~]# cat /etc/ssh/sshd_config |grep UseDNS
#UseDNS yes
[root@Zabbix_server_01 ~]# sed -i 's/^[#]\{0,1\}UseDNS.*/UseDNS no/' /etc/ssh/sshd_config
[root@Zabbix_server_01 ~]# cat /etc/ssh/sshd_config |grep UseDNS
UseDNS no
###
设置Banner登录信息:
[root@Zabbix_server_01 ~]# cat /etc/ssh/sshd_config |grep Banner
#Banner none
[root@Zabbix_server_01 ~]# sed -i "s/^[#]\{0,1\}Banner.*/Banner \/etc\/redhat-release/g" /etc/ssh/sshd_config
[root@Zabbix_server_01 ~]# cat /etc/ssh/sshd_config |grep Banner
Banner /etc/redhat-release
[root@Zabbix_server_01 ~]# service sshd restart
停止 sshd:[确定]
正在启动 sshd:[确定]
效果: