Initializing Google Cloud Server SSH Remote Configuration Tutorial SSH Remote Login
SSH remote configuration tutorial SSH remote login , createdGoogle Cloud ServerAfter the instance, you first need toConfigure Google Cloudof SSHRemote login service requires access to the free cloudserver Virtual machine configuration system environment, free of chargeCloud Server installed onlinuxCentOS7, 8, 9 operating systems. The operation method is the same. Let鈥檚 start the SSH remote management service step by step.
SSH remote configuration tutorial to enable SSH remote login
On the Google Cloud VM instance interface, click Connect SSH behind the IP and select Open in a browser window.
Control CentOS7 operating system through browser.
Now you are logged in to the virtual machine server. The one in the front is your Google account, and the one in the back iscloudis the VM instance name of the virtual machine.
SSH remote configuration tutorial to set the root super administrator password
Next, you need to switch to the user mode of the root super administrator.
Enter at the cursor:
sudo -i
or
sudo su
Now you have entered the super administrator root user. At this time, root does not have a password yet, and Linux is still a brand new operating system.
Set the password to modify root and enter the command
passwd
After entering the passwd command, set a new password:
When setting a password, it will not be displayed on the interface. After entering the password, hit Enter, and then enter the password again to confirm. If the passwords are the same twice, the password is set successfully.
passwd: all authentication tokens updated successfully.
If the English above is displayed, it means that the password has been changed.
Set up and enable SSH service
After setting the password, start setting up the SSH service.
vi /etc/ssh/sshd_config
VI edits the SSHD configuration file. Modify sshd_config and change the two options inside to yes
Press "I" in sshd_config to enable editing mode.
PermitRootLogin聽 聽 聽 聽 聽 聽 聽 聽 聽 聽yes defaults to no, you need to enable root user access and change it to yes
Password Authentication聽 聽 聽yes defaults to no, change it to yes to enable password login
After modification, press ESC to exit the editing mode, then enter ":wq" to exit saving the file.
After setting, reboot the server. After sshd reads the configuration file, SSH is successfully opened.
After setting up SSH, you still need to do some basic work. For example, update the system, install the source of software packages, install commonly used software packages, etc.
Linux centos close firewall
If you don鈥檛 want to use the Linux firewall, you can turn off the Linux firewall directly in the system.
centos 7 uses firewall as the firewall by default. How to turn off the firewall in centos7?
You can use the systemctl command to turn off the firewall, the syntax is "systemctl stop firewalld"; you can also use the "systemctl disable firewalld" statement to prohibit the firewall from starting.
Some systems have the firewall turned on by default. You need to check the firewall status.
systemctl status firewalld
Permanently disable the firewall using the following command
Stop firewall systemctl stop firewalld Disable firewall from starting systemctl disable firewalld
After the firewall is turned off, use the reboot command to restart the server.
If you don鈥檛 want to turn off the system鈥檚 firewall, you can add the remote login port to the firewall as follows.
Add firewall remote port
For example, to change the remote port to 10086, first add port 10086 to the firewall.
firewall-cmd --permanent --add-port=10086/tcp
After adding it, verify whether the addition was successful.
firewall-cmd --permanent --query-port=10086/tcp
If yes is returned, port 10086 is added successfully. Next, change the SSH port.
vi /etc/ssh/sshd_config
exist#Port 22Add the following line Port 10086 , then save and exit, and restart the server.
Notice Port 10086 There is no # number in the front. If you are worried that you cannot connect remotely after setting, you can also open the default port 22, remove the # number in front of Port 22, and use port 22 and port 10086 for remote login. Finally, if there is no problem, close port 22 .
After modifying the remote management port, close port 22 in the firewall.
firewall-cmd --permanent --remove-port=22/tcp
After shutting down, restart the firewall service.
systemctl reload firewalld
Then use the following command to view the current firewall open ports.
firewall-cmd --list-ports
After the firewall and remote management port are set up, update the server system and install the development kit.
dnf update -y dnf group install 'Development Tools' -y
Install common commands
dnf install -y curl socat wget
聽
How to turn off SELinux
Note: After installing the centos system, it is strongly recommended to turn off SELinux. If you do not turn it off, many inexplicable problems will occur.
Security Enhanced Linux (SELinux) is a Linux kernel feature that provides a security policy protection mechanism that supports access control.
Verify SELinux status
Remotely connect to the EC2 instance with root privileges.
Run the getenforce command to verify the SELinux status. The return status should be enforcing or permissive, and the current status is enforcing. Run the sestatus command to obtain more SELinux information.
The parameter information SELinux status is displayed as enabled, indicating that SELinux has been started.
Turn off SELinux
Remotely connect to the ECS instance with root privileges. For connection methods, see Connection Method Overview.
Run the command getenforce to verify the SELinux status.
If the return status is enforcing, it indicates that SELinux is turned on.
Choose to temporarily disable or permanently disable SELinux.
Execute the command setenforce 0 to temporarily shut down SELinux.
Shut down SElinux permanently. Run the following command to edit the SELinux config file.
vi /etc/selinux/config
turn upSELINUX=enforcing, press i to enter editing mode, and modify the parameters to:
SELINUX=disabled
聽
After the modification is completed, press the Esc key on the keyboard, execute the command: wq, save and exit the file.
reboot Restart the ECS instance.
After rebooting, run the command getenforce, verify that the SELinux status is disabled, indicating that SELinux is turned off.
More configuration reference:Google Cloud Google cloud server configuration LNMP environment PHP+Mysql+Nginx installation details
