- 新建分组 a. groupadd developer b. 查看分组ID:cat /et c/group
- 新建⽤户 a. adduser --gid 分组 id username
- 切换到新建⽤户⽬录下添加公钥(不添加公钥⽆法进⾏登录) a. 切换到该⽤户:su - username b. 切换到⽤户⽬录:cd /home/username c. 检查.ssh⽬录是否存在,不存在则新建:mkdir .ssh d. 添加需要登录该账号的公钥到该⽂件:vim ./ssh/aut horized_keys e. 修改权限:chmod 600 /home/username/.ssh/aut horized_keys f. 重启ssh服务:sudo /et c/init .d/ssh rest art
- 修改⽂件权限chmod u+w /et c/sudoers
- 添加免密执⾏的账号或分组 a. # User privilege specificat ion ⽤ 户 b. root ALL=(ALL:ALL) ALL c. zhichun.zhang ALL=(ALL:ALL) NOPASSWD:ALL d. # Members of t he admin group may gain root privileges 分 组 e. %admin ALL=(ALL) ALL f. %developer ALL=NOPASSWD: ALL g. # Allow members of group sudo t o execut e any command h. %sudo ALL=(ALL:ALL) ALL
- 修改⽂件权限chmod u-w /et c/sudoers
- 禁⽤root 账号登录 a. 打开⽂件:/et c/ssh/sshd_config b. 修改配置(禁⽌root 账号登录):Permit Root Login no c. 修改配置(禁⽌使⽤密码登录):PasswordAut hent icat ion no