下面来讲解如何在 Linux 服务器上制作密钥对,将公钥添加给账户,设置 SSH,最后通过客户端登录。
1. 制作密钥对
首先在服务器上制作密钥对。首先用密码登录到你打算使用密钥登录的账户,然后执行以下命令:
[root@host ~]$ ssh-keygen <==建立密钥对 #或生成pem:ssh-keygen -t rsa -f my.pem -C "your@email.com"Generatingpublic/private rsa key pair.Enter file in which to save the key (/root/.ssh/id_rsa):<==按EnterCreated directory '/root/.ssh'.Enter passphrase (empty forno passphrase):<==输入密钥锁码,或直接按Enter留空Enter same passphrase again:<==再输入一遍密钥锁码Your identification has been saved in/root/.ssh/id_rsa.<==私钥Yourpublic key has been saved in/root/.ssh/id_rsa.pub.<==公钥The key fingerprint is:0f:d3:e7:1a:1c:bd:5c:03:f1:19:f1:22:df:9b:cc:08 root@host
I needed to run LSI MegaRaid Storage Manager (vivaldiframework) for my LSI 9260-8i SAS card in my Ubuntu Desktop. Ubuntu is based on Debian so this may also work to get LSI MegaRaid Storage Manager on Debian as well, but I have not yet tried it yet. It took some work but I go it to install so I thought I would tell you how I did it. It is assumed that in the following, when editing a file you are doing it with superuser rights such as opening the files from the comand prompt with "sudo nano /path/to/file/file" or "sudo vi /path/to/file/file"
I found that you need to have a GUI installed (though the install can be done completely by ssh.
root account:
If the root account has not been enabled, it will need to be enabled and have a pasword set
sudo passwd root
sudo passwd -u root
Install prerequisites:
sudo apt-get install alien libstdc++5 rcconf
You also need to install at least Java 7, I am using Java8. I followed the procedure found at: http://www.ubuntugeek.com/how-to-install-oracle-java-7-in-ubuntu-12-04.html and just changed java7 in the command line to java8
You need to download the Linux build from LSI (http://www.lsi.com/support/pages/download-results.aspx?component=Storage+Component&productfamily=RAID+Controllers&productcode=P00066&assettype=Management+Software+and+Tools&productname=MegaRAID+SAS+9260-8i). I initially tried the latest but had some problems with it. It could very well have been a fluk but I just went back to the 13.11.01.00 version that worked just fine.
deb http://mirrors.aliyun.com/debian/ buster main non-free contrib
deb-data-original http://mirrors.aliyun.com/debian/ buster main non-free contrib
deb http://mirrors.aliyun.com/debian-security buster/updates main
deb-data-original http://mirrors.aliyun.com/debian-security buster/updates main
deb http://mirrors.aliyun.com/debian/ buster-updates main non-free contrib
deb-data-original http://mirrors.aliyun.com/debian/ buster-updates main non-free contrib
deb http://mirrors.aliyun.com/debian/ buster-backports main non-free contrib
deb-data-original http://mirrors.aliyun.com/debian/ buster-backports main non-free contrib
对于KVM虚拟机,可以直接在创建虚拟机的时候勾上NAT,这时候就会自动为虚拟机分配一个虚拟的子网并且虚拟机可以通过nat连接到外部网络,基本上是开箱即用。同时也支持端口映射,具体可参考官方wiki下的QEMU port redirection。但之前在使用的过程中,发现这个端口映射并不是很稳定。同时虽然这种方法很简单,但是虚拟机之间是隔离的,无法互通数据,这样就非常不灵活。
同时,LXC虚拟机是没有这种开箱即用的NAT的。
FROM ubuntu:trusty
ENV VER 3.0.0
ENV TARBALL http://download.redis.io/releases/redis-$VER.tar.gz# ==> Install curl and helper tools...
RUN apt-get update
RUN apt-get install -y curl make gcc
# ==> Download, compile, and install...
RUN curl -L $TARBALL | tar zxv
WORKDIR redis-$VER
RUN make
RUN make install
#...# ==> Clean up...
WORKDIR /
RUN apt-get remove -y --auto-remove curl make gcc
RUN apt-get clean
RUN rm -rf /var/lib/apt/lists/* /redis-$VER
#...
CMD ["redis-server"]
结合注释,读起来并不困难,用到的都是常规的几个命令,简要介绍如下:
FROM:顶头写,指定一个基础镜像,此处基于 ubuntu:trusty
ENV:设置环境变量,这里设置了 VER 和 TARBALL 两个环境变量
RUN:最常用的 Dockerfile 指令,用于运行各种命令,这里调用了 8 次 RUN 指令
WORKDIR:指定工作目录,相当于指令 cd
CMD:指定镜像默认执行的命令,此处默认执行 redis-server 命令来启动 redis
执行构建:
$ docker build -t redis:lab-1.
注:国内网络,更新下载可能会较慢
查看大小:
动辄就有 300多 M 的大小,不能忍,下面我们开始一步步优化。
步骤 2: 优化基础镜像
方法:选用更小的基础镜像。
常用的 Linux 系统镜像一般有 ubuntu、centos、debian,其中debian 更轻量,而且够用,对比如下: