charlie@ubuntu:~/CS548$ ssh -i ~/CS548/XXXX.pem ec2-user@eXXXXXX.amazonaws.com
I got this error at the beginning.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0664 for 'CS548/ec2-glassfish-keypair.pem' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: CS548/ec2-glassfish-keypair.pem
Permission denied (publickey).
Solution:
change the permission to access private key :
Only owner can read and write the private key:
chomod 600 ~/CS548/XXXX.pem
http://www.thinkplexx.com/learn/howto/security/ssh/fix-permissions-are-too-open-private-key-will-be-ignored
SSH - "provide secure remote login"
SSH(SecureShell)是目前比较可靠的为远程登录会话和其他网络服务提供安全性的协议。利用SSH协议可以有效防止远程管理过程中的信息泄露问题。通过SSH,可以把所有传输的数据进行加密,也能够防止DNS欺骗和IP欺骗。
后面会提示你私钥的文件名,放在哪,这些问题,选择默认就行了,中途会让你输入密码,这个你可得记住。这样你的用户目录下会多出一个隐藏的.ssh文件夹。可以使用ls-A来查看。里面还有两文件,一个是id_rsa(私钥),还有一个是id_rsa.pub(公钥)
这个私钥和公钥到底是什么概念?
简单说,公钥就是你的银行帐户,这个可能别人也知道,但只有手上有信用卡或是存折才能有资格去试帐户密码。所以这个信用卡和存折就是你的私钥。所以这个私钥得保存好。
也就是说,那个id_rsa文件你得保存好,可以弄到U盘上,随身带着。而id_rsa.pub得改成系统默认识别的authorized_keys并保存在.ssh文件夹下
15 Linux Yum Command Examples – Install, Uninstall, Update Packages
http://www.thegeekstuff.com/2011/08/yum-command-examples/
Installing, removing, and updating packages is a typical activity on Linux. Most of the Linux distributions provides some kind of package manager utility. For example,
apt-get, dpkg, rpm, yum, etc.
On some Linux distributions, yum is the default package manager.
yum-security http://linux.die.net/man/8/yum-security
Description
This plugin extends yum to allow lists and updates to be limited using security relevant criteria
sudo意思就是super-user do,让当前用户暂时以管理员的身份root来执行这条命令。
su是用来改变当前用户的,su root,就是将当前用户切换为root,用了su root之后,下面所有的命令就可以不用打sudo了,因为当前用户已经是管理员root了。
root 用户为根用户,也就是 系统管理员 拥有全部权限
一个用户只能拥有一个 GID ,但是还可以归属于其它附加群组
__| __|_ )
_| ( / Amazon Linux AMI
___|\___|___|
https://aws.amazon.com/amazon-linux-ami/2012.09-release-notes/
[ec2-user@ip-10-195-17-79 ~]$ ls
[ec2-user@ip-10-195-17-79 ~]$ su root
Password:
su: incorrect password
[ec2-user@ip-10-195-17-79 ~]$ sudo su -
[root@ip-10-195-17-79 ~]# ^C
[root@ip-10-195-17-79 ~]#
[root@ip-10-195-17-79 ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/xvda1 8256952 966160 7206936 12% /
tmpfs 304364 0 304364 0% /dev/shm
[root@ip-10-195-17-79 ~]# fdisk -l ----查看硬盘分区
Disk /dev/xvda1: 8589 MB, 8589934592 bytes
255 heads, 63 sectors/track, 1044 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
Disk /dev/xvdf: 1073 MB, 1073741824 bytes
255 heads, 63 sectors/track, 130 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
[root@ip-10-195-17-79 ~]# mkfs -t ext3 /dev/xvdf
/*mkfs - build a Linux file system
mke2fs 1.42.3 (14-May-2012)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
65536 inodes, 262144 blocks
13107 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=268435456
8 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376
Allocating group tables: done
Writing inode tables: done
Creating journal (8192 blocks): done
Writing superblocks and filesystem accounting information: done
Cat 有三大功能
1. 一次显示整个文件
$cat filename
2. 从键盘输入内容创建一个文件,该命令不能用来修改已经存在的文件
$cat >filename2
3. 把多个文件合并成一个文件
$cat filename1 filename2 > filename3
*/
/*
The fstab ( /etc/fstab ) (or file systems table) file is a system configuration file commonly found on Unix systems.
*/
[root@ip-10-195-17-79 ~]# cat /etc/fstab
#
LABEL=/ / ext4 defaults,noatime 1 1
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
[root@ip-10-195-17-79 ~]# echo "/dev/xvdf /data ext3 noatime 0 0">>/etc/fstab
[root@ip-10-195-17-79 ~]# cat /etc/fstab
/*
< What is fstab and why it's useful >
http://www.tuxfiles.org/linuxhelp/fstab.html
*/
#
LABEL=/ / ext4 defaults,noatime 1 1
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
/dev/xvdf /data ext3 noatime 0 0
/*mount command: 挂载文件系统*/
[root@ip-10-195-17-79 ~]# mount /data
[root@ip-10-195-17-79 ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/xvda1 8256952 966168 7206928 12% /
tmpfs 304364 0 304364 0% /dev/shm
/dev/xvdf 1032088 34088 945572 4% /data
// Install postgresql:
[root@ip-10-195-17-79 ~]# sudo yum install postgresql postgresql-server postgresql-devel postgresql-contrib postgresql-docs
//initialize the software
[ec2-user@ip-10-195-17-79 ~]$ sudo rm -rf /data/lost+found
[ec2-user@ip-10-195-17-79 ~]$ chown -R postgres:postgres /data
chown: changing ownership of `/data': Operation not permitted
[ec2-user@ip-10-195-17-79 ~]$ sudo chown -R postgres:postgres /data
[ec2-user@ip-10-195-17-79 ~]$ sudo su -
[root@ip-10-195-17-79 ~]# su postgres -
bash-4.1$ /usr/bin/initdb -D /data
could not change directory to "/root"
The files belonging to this database system will be owned by user "postgres".
This user must also own the server process.
The database cluster will be initialized with locale "en_US.UTF-8".
The default database encoding has accordingly been set to "UTF8".
The default text search configuration will be set to "english".
fixing permissions on existing directory /data ... ok
creating subdirectories ... ok
selecting default max_connections ... 100
selecting default shared_buffers ... 32MB
creating configuration files ... ok
creating template1 database in /data/base/1 ... ok
initializing pg_authid ... ok
initializing dependencies ... ok
creating system views ... ok
loading system objects' descriptions ... ok
creating collations ... ok
creating conversions ... ok
creating dictionaries ... ok
setting privileges on built-in objects ... ok
creating information schema ... ok
loading PL/pgSQL server-side language ... ok
vacuuming database template1 ... ok
copying template1 to template0 ... ok
copying template1 to postgres ... ok
WARNING: enabling "trust" authentication for local connections
You can change this by editing pg_hba.conf or using the option -A, or
--auth-local and --auth-host, the next time you run initdb.
Success. You can now start the database server using:
/usr/bin/postgres -D /data
or
/usr/bin/pg_ctl -D /data -l logfile start
bash-4.1$
// Install postgresql:
[root@ip-10-195-17-79 ~]# sudo yum install postgresql postgresql-server postgresql-devel postgresql-contrib postgresql-docs
//initialize the software
[ec2-user@ip-10-195-17-79 ~]$ sudo rm -rf /data/lost+found
[ec2-user@ip-10-195-17-79 ~]$ chown -R postgres:postgres /data
chown: changing ownership of `/data': Operation not permitted
[ec2-user@ip-10-195-17-79 ~]$ sudo chown -R postgres:postgres /data
[ec2-user@ip-10-195-17-79 ~]$ sudo su -
[root@ip-10-195-17-79 ~]# su postgres -
bash-4.1$ /usr/bin/initdb -D /data
could not change directory to "/root"
The files belonging to this database system will be owned by user "postgres".
This user must also own the server process.
The database cluster will be initialized with locale "en_US.UTF-8".
The default database encoding has accordingly been set to "UTF8".
The default text search configuration will be set to "english".
fixing permissions on existing directory /data ... ok
creating subdirectories ... ok
selecting default max_connections ... 100
selecting default shared_buffers ... 32MB
creating configuration files ... ok
creating template1 database in /data/base/1 ... ok
initializing pg_authid ... ok
initializing dependencies ... ok
creating system views ... ok
loading system objects' descriptions ... ok
creating collations ... ok
creating conversions ... ok
creating dictionaries ... ok
setting privileges on built-in objects ... ok
creating information schema ... ok
loading PL/pgSQL server-side language ... ok
vacuuming database template1 ... ok
copying template1 to template0 ... ok
copying template1 to postgres ... ok
WARNING: enabling "trust" authentication for local connections
You can change this by editing pg_hba.conf or using the option -A, or
--auth-local and --auth-host, the next time you run initdb.
Success. You can now start the database server using:
/usr/bin/postgres -D /data
or
/usr/bin/pg_ctl -D /data -l logfile start
bash-4.1$
bash-4.1$ wget -O postgresql.conf.1 http://www.cs.stevens.edu/~dduggan/Teaching/Scripts/ec2/postgresql.conf
--2013-01-20 20:03:00-- http://www.cs.stevens.edu/~dduggan/Teaching/Scripts/ec2/postgresql.conf
Resolving www.cs.stevens.edu... 155.246.89.84
Connecting to www.cs.stevens.edu|155.246.89.84|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 16947 (17K) [text/plain]
Saving to: “postgresql.conf.1”
100%[===============================>] 16,947 --.-K/s in 0.02s
2013-01-20 20:03:01 (784 KB/s) - “postgresql.conf.1” saved [16947/16947]
Control the server
bash-4.1$ /usr/bin/pg_ctl start -D /data
server starting
bash-4.1$ /usr/bin/pg_ctl status -D /data
pg_ctl: server is running (PID: 2502)
/usr/bin/postgres "-D" "/data"
PostgreSQL - creating and dropping roles
http://articles.slicehost.com/2009/5/7/postgresql-creating-and-deleting-roles
----------------------------------------------------------------set up jdk--------------------------------------
wget in linux
http://blog.kdecherf.com/2012/04/12/oracle-i-download-your-jdk-by-eating-magic-cookies/
*/
/* scp command - > copy file using ssh */
/*create a usrgroup and create a user */
No comments:
Post a Comment