配置SSH回顾:
1.关闭防火墙、selinux
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
vim /etc/selinux/config
SELINUX=disable
2.
2.配置YUM源
我计划配本地yum源
2.1 yum源备份
cd /etc/yum.repos.d
tar -zcf repo.tar.gz *.repo
rm -rf *.repo
2.2 光盘挂载
rm -rf /mnt/*
mount -o ro /dev/sr0 /mnt
lsblk
#lsblk查看挂载是否成功 -o 挂载方式 ro 以只写形式挂载
chmod +x rc.local
#给系统文件加写权限 rc.local是啥文件?系统开机启动文件,系统开机会自动加载并执行
echo 'mount -o ro /dev/sro /mnt'>>/etc/rc.local
#把挂载操作写入开机自启文件
#这里没有systemctl restart 之类的东西
2.3编写本地yum源
vim local.repo
[local]
name = local yum
baseurl=file:///mnt
#本地目录用 file://本地路径
#远程目录用 ftp:// http:// https://
gpgcheck=0
enabled=1
:wq
yum clean all
yum makecache
3.下载openssh
yum install openssh-y
为啥下载ssh用yum install openssh -y 不用yum install ssh
检查也是检查openssh
yum install openssh
rpm -qa|grep openssh
rpm -ql openssh
#rpm -qa ,rpm -ql 是什么意思 rpm -qa 查询所有已安装包;rpm -ql 查询包内文件
5(可选).5,
5.可选,修改ssh 配置文件
man 5 sshd_config
vim /etc/ssh/sshd_config
#可选择是否允许root登录,印象里还有端口号等,修改端口号
6.sshd服务管理
(?为什么不是ssh管理 因为sshd是系统服务吗?需要手动开启?ssh是命令?只有启动了sshd服务才能使用ssh命令?)
对面主机启动sshd服务
systemctl start sshd
#systemctl stop sshd
#systemctl disable sshd
rsync配置
增量备份,权限不变
rsync -av /dir1/ /dir2/
#本地同步?是/dir1所有文件的拷贝 还是同步
#回答:同步
rsync -av /dir1 /dir2/
#将/dir1整个目录 同步到/dir2 下 注意 加不加/
rsync -av --delete /dir1/ 对面user@对面ip:/dir2/
#上传(同步 ?推测也是 对面Ip /dir2 和本地 /dir1 中内容同步) /dir1/文件 到 对面ip /dir2 文件夹下
rsync -av --delete 对面user@对面ip:/对面文件夹/ /本地文件夹
#下载
#推测也是同步?将本地文件夹中内容和对面文件夹内容进行同步?
确实、
rsync定时同步
1.环境配置
1.1 关闭防火墙 selinux
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
vim /etc/selinux/config
SELINUX=disable
1.2设置主机名
hostnamectl set-hostname code
hostnamectl set-hostname backup
1.3配置yum源
tar -zcf repo.tar.gz *.repo
rm -rf *.repo
#1备份
#2.挂载
rm -rf /mnt/*
mount -o ro /dev/sr0 /mnt
chmod +x /etc/rc.local
#设置执行权限给rc.local 开机自启文件
echo 'mount -o ro /dev/sr0 /mnt'>>/etc/rc.local
#开机自动挂载
#3.编写local.yum
vim local.yum
[local]
name=local yum
baseurl=file:///mnt
#本地文件是file://本地路径 远程文件是ftp://远程路径,http://远程路径
enable=1
gpgcheck=0
:wq
yum clean all
yum makecache
#4.测试
yum repolist
1.4关闭NetWorkmanager
查一下
为什么开启rsync要关闭NetworkManager?意思是希望停止dhcp?dhcp归networkmanager管吗?
那1.4推测应该是设置静态ip
vim /etc/sysconfig/network-scripts/网卡名称(例如ifcfg-ens33)
IPADDR=192.168.235.20
GATEWAY=192.168.235.XX
#注意 要和虚拟机的保持一致 否则Ping 不通外网 NAT模式;如果是仅主机模式,需要设置网关吗?貌似不需要?两个仅主机互相ping也需要网关吧?
DNS1=8.8.8.8
BOOTPROTO=none
#静态 DHCP动态
ONBOOT=yes
#开机自动启动网关?
NETMASK=255.255.255.0
#为啥是C类地址,配置的就是C类的子网掩码;假如是10.x.x.x,是否也需要配子网掩码为255.255.255.0,好像是为了减少能分配的主机数?
1.5关闭NetworkManager
rsync需要稳定的路由和端口(修正:特定的端口和稳定的路由表)
systemctl stop NetworkManager
systemctl disable NetworkManager
1.6 设置时钟
#ntpdate cn.org.ntp.cn
ntpdate cn.ntp.org.cn
配置定时同步
code:
0:创建同步文件夹
code:/app/java
backup:/backup/app/java
1.配置/etc/rsyncd.conf
vim /etc/rsyncd.conf
#配什么嘞?
#1.备份地址
path=/app/java
#2.日志
log file=/var/log/rsync.log
:wq
systemctl restart rsyncd
backup:
2.测试系统服务
#rsync -av --delete root@code主机ip:: 错误 连接系统服务用 -a
rsync -a root@code主机Ip::
输出app
编写备份语句:
#rsync -a /app/java/ root@code主机Ip::app /backup/app/java 错误,推测 app 服务中已包括源地址 为什么这里用-av
rsync -av root@code主机ip::app /backup/app/java
#这里 /etc/rsyncd.conf 中的Path=/app/java java后需要加/ 如果不加/ 为什么不是把/app/java 整个目录同步到 /backup/app/java下
如何理解目标路径 已存在且为目录
为何:目标路径 /backup/app/java 的存在会导致 rsync 忽略模块路径的目录名,仅同步内容。
计划休息
源码:
192.168.235.20
root@192.168.235.20's password:
▒▒▒ʱ▒▒ܾ▒
root@192.168.235.20's password:
┌────────────────────────────────────────────────────────────────────┐
│ • MobaXterm 20.0 • │
│ (SSH client, X-server and networking tools) │
│ │
│ ➤ SSH session to root@192.168.235.20 │
│ • SSH compression : ✘ │
│ • SSH-browser : ✔ │
│ • X11-forwarding : ✔ (remote display is forwarded through SSH) │
│ • DISPLAY : ✔ (automatically set on remote server) │
│ │
│ ➤ For more info, ctrl+click on help or visit our website │
└────────────────────────────────────────────────────────────────────┘
Last failed login: Mon May 26 18:52:30 CST 2025 from 192.168.235.1 on ssh:notty
There was 1 failed login attempt since the last successful login.
Last login: Sun May 25 19:17:00 2025 from 192.168.235.1
[root@code ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.235.2 0.0.0.0 UG 0 0 0 ens33
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 ens33
192.168.235.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33
您在 /var/spool/mail/root 中有新邮件
[root@code ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:97:84:5e brd ff:ff:ff:ff:ff:ff
inet 192.168.235.20/24 brd 192.168.235.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe97:845e/64 scope link
valid_lft forever preferred_lft forever
3: virbr0: <BROADCAST,MULTICAST> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 52:54:00:2a:35:da brd ff:ff:ff:ff:ff:ff
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
link/ether 52:54:00:2a:35:da brd ff:ff:ff:ff:ff:ff
[root@code ~]# cat /etc/sysconfig/ifcfg-ens33
cat: /etc/sysconfig/ifcfg-ens33: 没有那个文件或目录
[root@code ~]# cat /etc/sysconfig
cat: /etc/sysconfig: 是一个目录
[root@code ~]# cd /etc/sysconfig
[root@code sysconfig]# ls
anaconda chronyd firewalld iptables-config man-db ntpd readonly-root samba sysstat
atd console grub irqbalance modules ntpdate rpcbind saslauthd sysstat.ioconf
authconfig cpupower htcacheclean kdump netconsole qemu-ga rpc-rquotad selinux virtlockd
autofs crond httpd kernel network radvd rsyncd smartmontools virtlogd
cbq ebtables-config init ksm network-scripts raid-check rsyslog sshd wpa_supplicant
cgred fcoe ip6tables-config libvirtd nfs rdisc run-parts svnserve xinetd
[root@code sysconfig]# cd network-scripts
[root@code network-scripts]# ls
ifcfg-ens33 ifdown-ib ifdown-ppp ifdown-tunnel ifup-ib ifup-plusb ifup-Team network-functions
ifcfg-lo ifdown-ippp ifdown-routes ifup ifup-ippp ifup-post ifup-TeamPort network-functions-ipv6
ifdown ifdown-ipv6 ifdown-sit ifup-aliases ifup-ipv6 ifup-ppp ifup-tunnel
ifdown-bnep ifdown-isdn ifdown-Team ifup-bnep ifup-isdn ifup-routes ifup-wireless
ifdown-eth ifdown-post ifdown-TeamPort ifup-eth ifup-plip ifup-sit init.ipv6-global
[root@code network-scripts]# cat ifcfg-ens33
TYPE=Ethernet
BOOTPROTO=none
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.235.20
NETMASK=255.255.255.0
GATEWAY=192.168.235.2
DNS1=8.8.8.8
您在 /var/spool/mail/root 中有邮件
[root@code network-scripts]#
Network error: Software caused connection abort
192.168.235.100
code@192.168.235.100's password:
┌────────────────────────────────────────────────────────────────────┐
│ • MobaXterm 20.0 • │
│ (SSH client, X-server and networking tools) │
│ │
│ ➤ SSH session to code@192.168.235.100 │
│ • SSH compression : ✘ │
│ • SSH-browser : ✔ │
│ • X11-forwarding : ✔ (remote display is forwarded through SSH) │
│ • DISPLAY : ✔ (automatically set on remote server) │
│ │
│ ➤ For more info, ctrl+click on help or visit our website │
└────────────────────────────────────────────────────────────────────┘
Last login: Sun May 25 19:17:28 2025 from 192.168.235.1
[code@code ~]$ cat /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
BOOTPROTO=none
DEFROUTE=yes
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.235.100
GATEWAY=192.168.235.2
DNS1=8.8.8.8
[code@code ~]$
Network error: Software caused connection abort
──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Session stopped
- Press <return> to exit tab
- Press R to restart session
- Press S to save terminal output to file
code@192.168.235.100's password:
┌────────────────────────────────────────────────────────────────────┐
│ • MobaXterm 20.0 • │
│ (SSH client, X-server and networking tools) │
│ │
│ ➤ SSH session to code@192.168.235.100 │
│ • SSH compression : ✘ │
│ • SSH-browser : ✔ │
│ • X11-forwarding : ✔ (remote display is forwarded through SSH) │
│ • DISPLAY : ✔ (automatically set on remote server) │
│ │
│ ➤ For more info, ctrl+click on help or visit our website │
└────────────────────────────────────────────────────────────────────┘
Last login: Mon May 26 18:52:26 2025 from 192.168.235.1
[code@code ~]$ ls
backup cc.conf code rsync.sh
[code@code ~]$ cd /etc
[code@code etc]$ su - caozx26
su: user caozx26 does not exist
[code@code etc]$ su - caozx26420
密码:
上一次登录:日 5月 25 09:26:02 CST 2025从 192.168.235.1pts/3 上
[caozx26420@code ~]$ sudo su
[sudo] caozx26420 的密码:
ABRT 已检测到 '1' 个问题。预了解详细信息请执行:abrt-cli list --since 1747912563
[root@code caozx26420]#