#!/bin/bash
#====================================================
# Author: Mr.Song
# Create Date: 2018-11-16
# Description:
#====================================================
########################################################
#bash配置
cat >> ~/.bashrc <<- EOF
alias cls='clear' #DOS风格的清空
alias h='history | tail'
alias hg='history | grep'
alias hl='history | less'
#stty erase ^H #清除退格 (这个很有必要)
export PS1="[\[\e[0;36m\]\u\[\e[m\]@\[\e[0;32m\]\h \[\e[0;35m\]\W\[\e[m\]]\\\\$"
export HISTTIMEFORMAT="%F %T \`who -u am i 2>/dev/null|awk '{print \$NF}'|sed -e 's/[()]//g'\` \`whoami\` "
EOF
#########################################################
#vim配置:行号、快捷键输入文本、中文支持
cat >> ~/.vimrc <<-EOF
set autoindent
set nu
set tabstop=4
set shiftwidth=4
set fileencodings=utf-8,ucs-bom,gb18030,gbk,gb2312,cp936
set termencoding=utf-8
set encoding=utf-8
function AddTitle()
call setline(1,"#!/bin/bash")
call append(1,"#====================================================")
call append(2,"# Author: Mr.Song")
call append(3,"# Create Date: " . strftime("%Y-%m-%d"))
call append(4,"# Description: ")
call append(5,"#====================================================")
endf
map <F4> :call AddTitle()<cr>
EOF
#########################################################
#openssh优化:禁用DNS查询、禁用root账户使用密码登陆
sed -i -e '/#UseDNS/a\UseDNS no' -e '/#PermitRootLogin yes/a\PermitRootLogin prohibit-password' /etc/ssh/sshd_config
systemctl restart sshd
#########################################################
#防止暴力破解脚本
echo "*/1 * * * * root /root/auto_deny_ip_v1.sh" >> /etc/crontab
tail -n +$(awk '/^#!/{if(i){print NR;exit}i++}' $0) $0>auto_deny_ip_v1.sh
chmod +x auto_deny_ip_v1.sh
exit 0
#!/bin/bash
#Auto drop ssh failed IP address
#By author jfedu.net 2017
#Define Path variables
SEC_FILE=/var/log/secure
IP_ADDR=`awk '{print $0}' /var/log/secure|grep -i "fail"| egrep -o "([0-9]{1,3}\.){3}[0-9]{1,3}" | sort -nr | uniq -c |awk '$1>=1 {print $2}'`
DENY_CONF=/etc/hosts.deny
TM1=`date +%Y%m%d%H%M`
DENY_IP="/tmp/2h_deny_ip.txt"
echo
cat <<EOF
++++++++++++++welcome to use ssh login drop failed ip+++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++------------------------------------++++++++++++++++++
EOF
echo
for ((j=0;j<=2;j++)) ;do echo -n "-";sleep 1 ;done
echo
for i in `echo $IP_ADDR`
do
cat $DENY_CONF |grep $i >/dev/null 2>&1
if [ $? -ne 0 ];then
grep "$i" $DENY_IP>>/dev/null 2>&1
if [ $? -eq 0 ];then
TM3=`date +%Y%m%d%H%M`
IP1=`awk -F"[#:]" '/'$i'/ {print $2,$4}' $DENY_IP|awk '{if('$TM3'>=$2+2) print $1}'`
if [ ! -z $IP1 ];then
echo "sshd:$IP1:deny #$TM1" >>$DENY_CONF
sed -i "/$IP1/d" $DENY_IP
fi
else
echo "sshd:$i:deny #$TM1" >>$DENY_CONF
fi
fi
done
#Allow IP to access
TM2=`date +%Y%m%d%H%M`
IP2=`awk -F"[#:]" '/sshd/ {print $2,$4}' $DENY_CONF|awk '{if('$TM2'>=$2+2) print $1}'`
for k in `echo $IP2`
do
echo $k
sed -i "/$k/d" $DENY_CONF
echo "sshd:$k:deny #$TM2" >>$DENY_IP
done
linux个性化配置初始化脚本
原创
©著作权归作者所有:来自51CTO博客作者唯爱你的的原创作品,请联系作者获取转载授权,否则将追究法律责任
上一篇:IP运营商和归属地查询脚本
下一篇:zabbix 4.0.2安装脚本
提问和评论都可以,用心的回复会被更多人看到
评论
发布评论
相关文章
-
myeclipse个性化配置
myeclipse刚安装完,肯定不适合长时间使用,全是白色的,我是想更改设置的,本来想写一下
myeclipse eclipse 百度 -
Putty个性化配置
Putty个性化配置
ide javascript ubuntu linux 好用 -
【技巧】IDEA 个性化配置
自动补全 关闭大小写区分。
idea 导包 大小写 自动补全 -
phpstorm常用个性化配置
行注释缩紧位置
phpstorm -
linux初始化脚本1.1
linux最小化安装的初始化配置
linux shell