一.使用密钥登录   1.先sudo su -s 切换到root   2.生成秘钥对 root@ubuntu:~# ssh-keygen   命令 Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): <== 按 Enter Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): 直接按 Enter 留空 Enter same passphrase again: <== 回车 Your identification has been saved in /root/.ssh/id_rsa. <== 私钥 Your public key has been saved in /root/.ssh/id_rsa.pub. <== 公钥 The key fingerprint is: 0f:d3:e7:1a:1c:bd:5c:03:f1:19:f1:22:df:9b:cc:08 root@host   cd  /root/.ssh/导出id_rsa   一定先导入密钥再执行下面操作   3.服务器安装公钥 cd /root/.ssh/  cat id_rsa.pub >> authorized_keys chmod 600 authorized_keys chmod 700 /root/.ssh/   4.设置ssh,密钥登录 vim /etc/ssh/sshd_config  修改下面配置 PermitRootLogin yes PasswordAuthentication no   重启sshd service ssh restart   退出shell,使用root加密钥登录   二.设置数据库配置文件权限 chattr +i /var/spool/cron/crontabs/root   #禁止任何人修改计划任务 chattr +i /etc/postgresql/9.6/main/pg_hba.conf  #禁止任何人修改数据库配置文件 chattr +a  /data/postgresql   #禁止任何人修改数据目录权限
扫码关注我们
微信号:SRE实战
拒绝背锅 运筹帷幄