出于安全考虑,修改 SSH 默认端口(22)是一个常见的安全加固措施。本文介绍如何修改 SSH 监听端口,并正确配置 SELinux 以允许新端口的访问。
sudo vi /etc/ssh/sshd_config
找到 #Port 22 这一行,取消注释并修改为需要的端口:
Port 22
Port 2222
建议同时保留默认端口和自定义端口,便于测试。确认新端口正常工作后,再删除默认端口配置。
sudo systemctl restart sshd
# 检查 SSH 服务监听端口
sudo ss -tlnp | grep sshd
# 或使用 netstat
sudo netstat -tlnp | grep sshd
应该看到新端口(如 2222)已开始监听。
铁威马的系统配置和常见Linux系统配置不一样,搞了好半天。
假设需要启用IPv6的网卡为eth1
编辑 /etc/network 添加或修改配置为:
[eth1]
SLAVE=0
MTU=1500
DHCP=YES
IPV6_CONF=auto
IPV6_DEFROUTE=yes
IPV6INIT=YES
MtuStatus=0
echo 0 > /proc/sys/net/ipv6/conf/eth1/disable_ipv6
DHCP 获取IP
killall -2 nasips
因为要配置防火墙,需要固定NFS mount的绑定端口。之前的做法是配置/etc/default/nfs-kernel-server,配置RPCMOUNTDOPTS="--manage-gids -p 2050"。现在该配置文件已经失效,需要修改/etc/nfs.conf
[mountd]
# debug="all|auth|call|general|parse"
manage-gids=y
# descriptors=0
port=2050
| TCP Port | Where | Notes |
|---|---|---|
| 443 | vCenter Server, ESXi Host | Default port used for connections to VMware infrastructure (vCenter server and ESXi host). Must be opened on vCenter Servers and ESXi hosts. |
| 902 | ESXi Host | Port used for data transfer and moving. Must be opened on ESXi hosts. |
Rocky Linux 9 导入 GPG key,报错 warning: Signature not supported. Hash algorithm SHA1 not available.查询资料得知,SHA1算法已被弃用。
update-crypto-policies --set DEFAULT:SHA1update-crypto-policies --set DEFAULT参考资料:
https://www.redhat.com/en/blog/rhel-security-sha-1-package-signatures-distrusted-rhel-9
本文摘自 https://oi-wiki.org/intro/symbol/
本文规定了 OI Wiki 中数学符号的推荐写法,并给出了一些应用范例。
本文参考了 GB/T 3102.11-1993 和 ISO 80000-2:2019 修订,故基本与国内通行教材的符号体系兼容。
符号的 LaTeX 写法请参考 本文章的源代码
| 编号 | 符号,表达式 | 意义,等同表述 | 备注与示例 |
|---|---|---|---|
| n1.1 | $p \land q$ | $p$ 和 $q$ 的合取 | $p$ 与 $q$. |
| n1.2 | $p \lor q$ | $p$ 和 $q$ 的析取 | $p$ 或 $q$;此处的 “或” 是包含的,即若 $p$,$q$ 中有一个为真陈述,则 $p \lor q$ 为真。 |
| n1.3 | $\lnot p$ | $p$ 的否定 | 非 $p$. |
| n1.4 | $p \implies q$ | $p$ 蕴含 $q$;若 $p$ 为真,则 $q$ 为真 | $q \impliedby p$ 和 $p \implies q$ 同义。 |
| n1.5 | $p \iff q$ | $p$ 等价于 $q$ | $(p \implies q) \land (q \implies p)$ 和 $p \iff q$ 同义。 |
| n1.6 | $(\forall~x \in A)~~p(x)$ | 对 $A$ 中所有的 $x$, 命题 $p(x)$ 均为真 | 如果从上下文中可以得知考虑的是哪个集合 $A$, 可以使用记号 $(\forall~x)~~p(x)$.$\forall$ 称为全称量词。 $x \in A$ 的含义见 n2.1. |
| n1.7 | $(\exists~x \in A)~~p(x)$ | 存在一个属于 $A$ 的 $x$ 使得 $p(x)$ 为真 | 如果从上下文中可以得知考虑的是哪个集合 $A$, 可以使用记号 $(\exists~x)~~p(x)$.$\exists$ 称为存在量词。 $x \in A$ 的含义见 n2.1. $(\exists!~x)~~p(x)$(唯一量词)用来表示恰有一个 $x$ 使得 $p(x)$ 为真。 $\exists!$ 也可以写作 $\exists^1$. |
| Letter | Name | Ancient pronunciation | Modern pronunciation |
|---|---|---|---|
| Α α | alpha, άλφα | Short: a Long: aː | Short: first a as in English await Long: a as in English father |
| Β β | beta, βήτα | b | b as in English better |
| Γ γ | gamma, γάμμα | ɡ ŋ when used before γ, κ, ξ, χ, and possibly μ | g as in English get ng as in English sing when used before γ, κ, ξ, χ, and possibly μ |
| Δ δ | delta, δέλτα | d | d as in English delete |
| Ε ε | epsilon, έψιλον | e | e as in English pet |
| Ζ ζ | zeta, ζήτα | zd, or possibly dz | sd as in English wisdom, or possibly dz as in English adze |
| Η η | eta, ήτα | ɛː | ê as in French tête |
| Θ θ | theta, θήτα | tʰ | t as in English top |
| Ι ι | iota, ιώτα | Short: i Long: iː | Short: i as in French vite, Long: i as in English machine |
| Κ κ | kappa, κάππα | k | k as in English, but completely unaspirated |
| Λ λ | la(m)bda, λά(μ)βδα | l | l as in English lantern |
| Μ μ | mu, μυ | m | m as in English music |
| Ν ν | nu, νυ | n | n as in English net |
| Ξ ξ | xi, ξι | [ks] | x as in English fox |
| Ο ο | omicron, όμικρον | o | o as in German ohne |
| Π π | pi, πι | p | p as in English top |
| Ρ ρ | rho, ρώ | r | trilled r as in Italian or Spanish |
| Σ σ/ς, Ϲ ϲ | sigma, σίγμα | s z before β, γ, or μ | s as in English soft, s as in English muse when used before β, γ, or μ |
| Τ τ | tau, ταυ | t | t as in English coat |
| Υ υ | upsilon, ύψιλον | Short: y Long: yː | Short: u as in French lune Long: u as in French ruse |
| Φ φ | phi, φι | pʰ | p as in English pot |
| Χ χ | chi, χι | kʰ | c as in English cat |
| Ψ ψ | psi, ψι | [ps] | ps as in English lapse |
| Ω ω | omega, ωμέγα | ɔː | aw as in English saw |
创建Admin账号
sudo runuser -u _gvm -- gvmd --create-user=Admin --new-password=12345
重置Admin密码
sudo runuser -u _gvm -- gvmd --user=Admin --new-password=12345
应用目录下storage/app/backup-temp的所有者是root,改成www-data即可。
登录Hermes SEG提示要做动态口令认证,因为是测试环境,所以决定取消该认证。
Register device
因为无法登录网页控制台,所以通过修改数据库修改配置。结果发现"access_control" 是"one_factor",用户配置并没有开启。
ESXi的评估许可只有60天,如果不想重装虚拟环境的话,可以重置评估许可。操作如下:
rm -r /etc/vmware/license.cfgcp /etc/vmware/.#license.cfg /etc/vmware/license.cfg/etc/init.d/vpxa restart