|
@@ -1,4 +1,5 @@
|
|
|
-Boot en mode root avec slef ssh
|
|
|
+
|
|
|
+# Boot en mode root avec slef ssh
|
|
|
|
|
|
eric@aldebaran:~$ ssh root@91.121.72.10
|
|
|
The authenticity of host '91.121.72.10 (91.121.72.10)' can't be established.
|
|
@@ -7,101 +8,94 @@ Are you sure you want to continue connecting (yes/no)? yes
|
|
|
Warning: Permanently added '91.121.72.10' (ECDSA) to the list of known hosts.
|
|
|
Linux adara 4.9.103-xxxx-std-ipv6-64 #222672 SMP Mon Jun 4 15:16:03 UTC 2018 x86_64
|
|
|
|
|
|
- Debian GNU/Linux 9 (stretch)
|
|
|
+ Debian GNU/Linux 9 (stretch)
|
|
|
|
|
|
- Linux adara.yojik.eu 4.9.103-xxxx-std-ipv6-64 #222672 SMP Mon Jun 4 15:16:03 UTC 2018 x86_64 GNU/Linux
|
|
|
+ Linux adara.yojik.eu 4.9.103-xxxx-std-ipv6-64 #222672 SMP Mon Jun 4 15:16:03 UTC 2018 x86_64 GNU/Linux
|
|
|
|
|
|
|
|
|
- Server : 141519
|
|
|
- IPv4 : 91.121.72.10
|
|
|
- IPv6 : 2001:41d0:1:7d0a::1
|
|
|
- Hostname : adara.yojik.eu
|
|
|
+ Server : 141519
|
|
|
+ IPv4 : 91.121.72.10
|
|
|
+ IPv6 : 2001:41d0:1:7d0a::1
|
|
|
+ Hostname : adara.yojik.eu
|
|
|
|
|
|
-Last login: Sun Jun 24 12:31:50 2018 from 217.182.145.216
|
|
|
+ Last login: Sun Jun 24 12:31:50 2018 from 217.182.145.216
|
|
|
|
|
|
|
|
|
-booter sur le serveur:
|
|
|
+Booter sur le serveur:
|
|
|
|
|
|
-eric@aldebaran:~$ ssh root@91.121.72.10
|
|
|
-The authenticity of host '91.121.72.10 (91.121.72.10)' can't be established.
|
|
|
-ECDSA key fingerprint is SHA256:BT4r+uaJ8qAVUKgquJ557W4wyFJ3cfqOy/qC838RKMw.
|
|
|
-Are you sure you want to continue connecting (yes/no)? yes
|
|
|
-Warning: Permanently added '91.121.72.10' (ECDSA) to the list of known hosts.
|
|
|
-Linux adara 4.9.103-xxxx-std-ipv6-64 #222672 SMP Mon Jun 4 15:16:03 UTC 2018 x86_64
|
|
|
+ eric@aldebaran:~$ ssh root@91.121.72.10
|
|
|
+ The authenticity of host '91.121.72.10 (91.121.72.10)' can't be established.
|
|
|
+ ECDSA key fingerprint is SHA256:BT4r+uaJ8qAVUKgquJ557W4wyFJ3cfqOy/qC838RKMw.
|
|
|
+ Are you sure you want to continue connecting (yes/no)? yes
|
|
|
+ Warning: Permanently added '91.121.72.10' (ECDSA) to the list of known hosts.
|
|
|
+ Linux adara 4.9.103-xxxx-std-ipv6-64 #222672 SMP Mon Jun 4 15:16:03 UTC 2018 x86_64
|
|
|
|
|
|
- Debian GNU/Linux 9 (stretch)
|
|
|
+ Debian GNU/Linux 9 (stretch)
|
|
|
|
|
|
- Linux adara.yojik.eu 4.9.103-xxxx-std-ipv6-64 #222672 SMP Mon Jun 4 15:16:03 UTC 2018 x86_64 GNU/Linux
|
|
|
+ Linux adara.yojik.eu 4.9.103-xxxx-std-ipv6-64 #222672 SMP Mon Jun 4 15:16:03 UTC 2018 x86_64 GNU/Linux
|
|
|
|
|
|
|
|
|
- Server : 141519
|
|
|
- IPv4 : 91.121.72.10
|
|
|
- IPv6 : 2001:41d0:1:7d0a::1
|
|
|
- Hostname : adara.yojik.eu
|
|
|
+ Server : 141519
|
|
|
+ IPv4 : 91.121.72.10
|
|
|
+ IPv6 : 2001:41d0:1:7d0a::1
|
|
|
+ Hostname : adara.yojik.eu
|
|
|
|
|
|
-Last login: Sun Jun 24 13:00:53 2018 from 217.182.145.216
|
|
|
+ Last login: Sun Jun 24 13:00:53 2018 from 217.182.145.216
|
|
|
|
|
|
|
|
|
Date et heure: il faut reconfigurer tzdata
|
|
|
|
|
|
-root@adara:~# date
|
|
|
-dimanche 24 juin 2018, 12:33:18 (UTC+0000)
|
|
|
-root@adara:~# dpkg-reconfigure tzdata
|
|
|
-
|
|
|
-Current default time zone: 'Europe/Paris'
|
|
|
-Local time is now: Sun Jun 24 14:33:42 CEST 2018.
|
|
|
-Universal Time is now: Sun Jun 24 12:33:42 UTC 2018.
|
|
|
-
|
|
|
-root@adara:~#
|
|
|
-
|
|
|
-On reboote et on vérifie l'heure:
|
|
|
-
|
|
|
-root@adara:~# date
|
|
|
-dimanche 24 juin 2018, 14:40:39 (UTC+0200)
|
|
|
-
|
|
|
-c'est bon.
|
|
|
+ root@adara:~# date
|
|
|
+ dimanche 24 juin 2018, 12:33:18 (UTC+0000)
|
|
|
+ root@adara:~# dpkg-reconfigure tzdata
|
|
|
|
|
|
-on modifie le password de root!!!!!!!!!!!!!!
|
|
|
+ Current default time zone: 'Europe/Paris'
|
|
|
+ Local time is now: Sun Jun 24 14:33:42 CEST 2018.
|
|
|
+ Universal Time is now: Sun Jun 24 12:33:42 UTC 2018.
|
|
|
|
|
|
-on ajoute un utilisateur
|
|
|
+ root@adara:~#
|
|
|
|
|
|
+Redémarrage et vérification de l'heure:
|
|
|
|
|
|
-On ajoute les dépots manquants, et on update
|
|
|
+ root@adara:~# date
|
|
|
+ dimanche 24 juin 2018, 14:40:39 (UTC+0200)
|
|
|
|
|
|
+C'est bon.
|
|
|
|
|
|
+Modification du mot d epasse root password de root!!!!!!!!!!!!!!
|
|
|
|
|
|
-et on passe à l'étape ssh
|
|
|
+Ajout d'un utilisateur.
|
|
|
|
|
|
-on passe l'étape configuration du réseau, car elle est pré-réglée dans l'installation de OVH
|
|
|
+Ajout des dépots manquants, et update..
|
|
|
|
|
|
-On ajoute seulement son adresse ipv6 et l'adresse du serveur de sauvegarde
|
|
|
+Configuration de **ssh**.
|
|
|
|
|
|
+Configuration du réseau: elle est pré-réglée dans l'installation de OVH.
|
|
|
|
|
|
-```
|
|
|
-root@adara:/home/ericadmin/bin# cat /etc/hosts
|
|
|
-127.0.0.1 localhost
|
|
|
-127.0.1.1 adara.yojik.eu adara
|
|
|
+Ajout de l'adresse **IPV6** et de l'adresse du serveur de sauvegarde.
|
|
|
|
|
|
-# The following lines are desirable for IPv6 capable hosts
|
|
|
-::1 localhost ip6-localhost ip6-loopback
|
|
|
-ff02::1 ip6-allnodes
|
|
|
-ff02::2 ip6-allrouters
|
|
|
|
|
|
-91.121.72.10 adara.yojik.eu adara
|
|
|
-2001:41d0:1:7d0a::1 adara.yojik.eu adara
|
|
|
+ root@adara:/home/ericadmin/bin# cat /etc/hosts
|
|
|
+ 127.0.0.1 localhost
|
|
|
+ 127.0.1.1 adara.yojik.eu adara
|
|
|
|
|
|
-# adresse du serveur de sauvegarde
|
|
|
-37.187.3.182 polis.yojik.eu polis
|
|
|
-2001:41d0:a:3b6::1 polis.yojik.eu polis
|
|
|
-```
|
|
|
+ # The following lines are desirable for IPv6 capable hosts
|
|
|
+ ::1 localhost ip6-localhost ip6-loopback
|
|
|
+ ff02::1 ip6-allnodes
|
|
|
+ ff02::2 ip6-allrouters
|
|
|
|
|
|
-l'étape de config de netfilter-persistent echoue à cause du kernel de OVH :(:(
|
|
|
+ 91.121.72.10 adara.yojik.eu adara
|
|
|
+ 2001:41d0:1:7d0a::1 adara.yojik.eu adara
|
|
|
|
|
|
- IL faudra le faire à la main avec
|
|
|
+ # adresse du serveur de sauvegarde
|
|
|
+ 37.187.3.182 polis.yojik.eu polis
|
|
|
+ 2001:41d0:a:3b6::1 polis.yojik.eu polis
|
|
|
|
|
|
+L'étape de configuration de netfilter-persistent echoue à cause du kernel de OVH :(:(
|
|
|
|
|
|
-iptables-save > /etc/iptables/rules.v4
|
|
|
-ip6tables-save > /etc/iptables/rules.v6
|
|
|
+IL faudra le faire à la main avec:
|
|
|
|
|
|
+ iptables-save > /etc/iptables/rules.v4
|
|
|
+ ip6tables-save > /etc/iptables/rules.v6
|
|
|
|
|
|
Pour fail2ban, il n'a rien à configurer pour l'instant. Seul ssh est surveillé.
|