Skip to content

VM配置CentOS

Jump to bottom
yangyp8110 edited this page Jan 17, 2018 · 1 revision

安装Centos

  • Win7安装Centos 7需要打开网络配置,否则安装完了没有网卡(/etc/sysconfig/network-scripts/ 下找不到ifcfg-eth开头的文件),不能上网,需要配置。

配置静态IP 和 端口

打开终端,输入命令ip add,可以看到eno16777736

[yyp@localhost Desktop]$ ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ef:6d:9e brd ff:ff:ff:ff:ff:ff
[yyp@localhost Desktop]$

我们需要编辑它。
先获得root权限,命令:su root,输入密码。
命令:ls /etc/sysconfig/network-scripts/看看具体名字,然后编辑它。

[root@localhost Desktop]# cat /etc/sysconfig/network-scripts/ifcfg-eno16777736 
HWADDR=00:0C:29:EF:6D:9E
TYPE=Ethernet
BOOTPROTO=dhcp
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=eno16777736
UUID=ca10f06d-fc54-4674-9428-63d392563cd5
ONBOOT=no
[root@localhost Desktop]#

命令: vi /etc/sysconfig/network-scripts/ifcfg-eno16777736(也可以用其它命令编辑,前提是必须有root权限)

如下图所示,具体配置如下。一定要最后的ONBOOT,要设为yes.
编辑完之后按Esc,输入:wq保存。
在root权限下输入shutdown -r now
重启后ping www.baidu.com就能看到ping通了。

HWADDR=00:0C:29:EF:6D:9E
TYPE=Ethernet
BOOTPROTO=dhcp
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=eno16777736
UUID=ca10f06d-fc54-4674-9428-63d392563cd5
ONBOOT=yes
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
:wq

重启后,再次输入 ip add,可以看到ip :192.168.74.129

[yyp@localhost Desktop]$ ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ef:6d:9e brd ff:ff:ff:ff:ff:ff
    inet 192.168.74.129/24 brd 192.168.74.255 scope global dynamic eno16777736
       valid_lft 1726sec preferred_lft 1726sec
    inet6 fe80::20c:29ff:feef:6d9e/64 scope link 
       valid_lft forever preferred_lft forever
[yyp@localhost Desktop]$

修改eno1677736: 增加 DEVICE=eno16777736

DEVICE=eno16777736
HWADDR=00:0C:29:EF:6D:9E
TYPE=Ethernet
BOOTPROTO=dhcp
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=eno16777736
UUID=ca10f06d-fc54-4674-9428-63d392563cd5
ONBOOT=yes

shutdown -r now后,可以通过ssh的port 22连接到服务器

Connecting to 192.168.74.129:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.

Last login: Fri Oct 21 13:00:47 2016
/usr/bin/xauth:  file /root/.Xauthority does not exist
[root@localhost ~]#

重新指定ssh端口

1.修改sshd_config:添加 Port 1001 //在自带的 #Port 22下一行添加

[root@localhost Desktop]# vi /etc/ssh/sshd_config 
[root@localhost Desktop]#

2.修改SELinux

使用 semanage port -l | grep ssh 查看ssh允许的端口

[root@localhost Desktop]# semanage port -l | grep ssh
ssh_port_t                     tcp      22
[root@localhost Desktop]#

添加1001端口到 SELinux
semanage port -a -t ssh_port_t -p tcp 1001

[root@localhost Desktop]# semanage port -a -t ssh_port_t -p tcp 1001
[root@localhost Desktop]#

semanage port -l | grep ssh检查是否加入成功

[root@localhost Desktop]# semanage port -l | grep ssh
ssh_port_t                     tcp      1001, 22
[root@localhost Desktop]#

3.修改防火墙

vi /etc/sysconfig/iptables编辑iptables
增加: -A INPUT -p tcp -m state --state NEW -m tcp --dport 1001 -j ACCEPT

重启防火墙iptables,应用规则

[root@localhost Desktop]# systemctl restart iptables.service
[root@localhost Desktop]#

4.设置开机自启

chkconfig sshd on #开机自启

重启ssh: systemctl restart sshd.service

命令执行:

[root@localhost Desktop]# vi /etc/sysconfig/iptables
[root@localhost Desktop]# systemctl restart iptables.service
[root@localhost Desktop]# chkconfig sshd on #开机自启
Note: Forwarding request to 'systemctl enable sshd.service'.
[root@localhost Desktop]# systemctl restart sshd.service
[root@localhost Desktop]#

此时成功了修改了ssh端口

修改端口成功,ssh连接测试

通过端口1001连接成功

Connecting to 192.168.74.129:1001...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.

Last login: Fri Oct 21 13:11:43 2016

如果路由未生效开启vmware后,需要以root身份执行systemctl restart iptables.service才能通过ssh登陆linux

Clone this wiki locally