下面来讲解如何在 Linux 服务器上制作密钥对,将公钥添加给账户,设置 SSH,最后通过客户端登录。
1. 制作密钥对
首先在服务器上制作密钥对。首先用密码登录到你打算使用密钥登录的账户,然后执行以下命令:
[root@host ~]$ ssh-keygen <==建立密钥对 #或生成pem:ssh-keygen -t rsa -f my.pem -C "your@email.com"Generatingpublic/private rsa key pair.Enter file in which to save the key (/root/.ssh/id_rsa):<==按EnterCreated directory '/root/.ssh'.Enter passphrase (empty forno passphrase):<==输入密钥锁码,或直接按Enter留空Enter same passphrase again:<==再输入一遍密钥锁码Your identification has been saved in/root/.ssh/id_rsa.<==私钥Yourpublic key has been saved in/root/.ssh/id_rsa.pub.<==公钥The key fingerprint is:0f:d3:e7:1a:1c:bd:5c:03:f1:19:f1:22:df:9b:cc:08 root@host
I needed to run LSI MegaRaid Storage Manager (vivaldiframework) for my LSI 9260-8i SAS card in my Ubuntu Desktop. Ubuntu is based on Debian so this may also work to get LSI MegaRaid Storage Manager on Debian as well, but I have not yet tried it yet. It took some work but I go it to install so I thought I would tell you how I did it. It is assumed that in the following, when editing a file you are doing it with superuser rights such as opening the files from the comand prompt with "sudo nano /path/to/file/file" or "sudo vi /path/to/file/file"
I found that you need to have a GUI installed (though the install can be done completely by ssh.
root account:
If the root account has not been enabled, it will need to be enabled and have a pasword set
sudo passwd root
sudo passwd -u root
Install prerequisites:
sudo apt-get install alien libstdc++5 rcconf
You also need to install at least Java 7, I am using Java8. I followed the procedure found at: http://www.ubuntugeek.com/how-to-install-oracle-java-7-in-ubuntu-12-04.html and just changed java7 in the command line to java8
You need to download the Linux build from LSI (http://www.lsi.com/support/pages/download-results.aspx?component=Storage+Component&productfamily=RAID+Controllers&productcode=P00066&assettype=Management+Software+and+Tools&productname=MegaRAID+SAS+9260-8i). I initially tried the latest but had some problems with it. It could very well have been a fluk but I just went back to the 13.11.01.00 version that worked just fine.
对于KVM虚拟机,可以直接在创建虚拟机的时候勾上NAT,这时候就会自动为虚拟机分配一个虚拟的子网并且虚拟机可以通过nat连接到外部网络,基本上是开箱即用。同时也支持端口映射,具体可参考官方wiki下的QEMU port redirection。但之前在使用的过程中,发现这个端口映射并不是很稳定。同时虽然这种方法很简单,但是虚拟机之间是隔离的,无法互通数据,这样就非常不灵活。
同时,LXC虚拟机是没有这种开箱即用的NAT的。
FROM ubuntu:trusty
ENV VER 3.0.0
ENV TARBALL http://download.redis.io/releases/redis-$VER.tar.gz# ==> Install curl and helper tools...
RUN apt-get update
RUN apt-get install -y curl make gcc
# ==> Download, compile, and install...
RUN curl -L $TARBALL | tar zxv
WORKDIR redis-$VER
RUN make
RUN make install
#...# ==> Clean up...
WORKDIR /
RUN apt-get remove -y --auto-remove curl make gcc
RUN apt-get clean
RUN rm -rf /var/lib/apt/lists/* /redis-$VER
#...
CMD ["redis-server"]
结合注释,读起来并不困难,用到的都是常规的几个命令,简要介绍如下:
FROM:顶头写,指定一个基础镜像,此处基于 ubuntu:trusty
ENV:设置环境变量,这里设置了 VER 和 TARBALL 两个环境变量
RUN:最常用的 Dockerfile 指令,用于运行各种命令,这里调用了 8 次 RUN 指令
WORKDIR:指定工作目录,相当于指令 cd
CMD:指定镜像默认执行的命令,此处默认执行 redis-server 命令来启动 redis
执行构建:
$ docker build -t redis:lab-1.
注:国内网络,更新下载可能会较慢
查看大小:
动辄就有 300多 M 的大小,不能忍,下面我们开始一步步优化。
步骤 2: 优化基础镜像
方法:选用更小的基础镜像。
常用的 Linux 系统镜像一般有 ubuntu、centos、debian,其中debian 更轻量,而且够用,对比如下:
这里我们可以看到有"The server could not connect to the client to verify the domain"的错误提示信息,包括也有其他提示错误,"The server experienced an internal error :: Error creating new registration"我们在邮局的时候不要用国内免费邮局。所以,如果我们是海外域名就直接先用域名自带的DNS。
Including Red Hat® Enterprise Linux® / RHEL, CentOS and Fedora.
Node.js is available from the NodeSource Enterprise Linux and Fedora binary distributions repository. Support for this repository, along with its scripts, can be found on GitHub at nodesource/distributions.
Note that the Node.js packages for EL 5 (RHEL5 and CentOS 5) depend on the EPEL repository being available. The setup script will check and provide instructions if it is not installed.
Run as root on RHEL, CentOS or Fedora, for Node.js v6 LTS: