惘城落遇 发表于 2019-12-10 08:03:58
本帖最后由 惘城落遇 于 2020-1-2 08:48 编辑

1、进入后台,选择对应的服务

2、选择 Control Panel

3、选择 Manage

4、选择 Reinstall

5、选择 Debian 9 64bit Minimal

6、记住密码
7TuFb5oylwYCfZd.jpg

7、然后通过SSH连接VPS
  1. Linux QuietEvergreen-VM 4.9.0-4-amd64 #1 SMP Debian 4.9.65-3+deb9u1 (2017-12-23) x86_64

  2. The programs included with the Debian GNU/Linux system are free software;
  3. the exact distribution terms for each program are described in the
  4. individual files in /usr/share/doc/*/copyright.

  5. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
  6. permitted by applicable law.
复制代码



8、使用 passwd 命令修改密码,输入两遍密码
  1. [email protected]:~# passwd
  2. Enter new UNIX password:
  3. Retype new UNIX password:
  4. passwd: password updated successfully
复制代码


9、安装 Screen
  1. apt install screen
  2. The following NEW packages will be installed:
  3.   screen
  4. 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
复制代码


10、启动 Screen
  1. screen -S s
复制代码


11、生成 RSA 密钥对
  1. [email protected]:~# ssh-keygen -t rsa -b 4096
  2. Generating public/private rsa key pair.
  3. Enter file in which to save the key (/root/.ssh/id_rsa):
  4. Created directory '/root/.ssh'.
  5. Enter passphrase (empty for no passphrase):
  6. Enter same passphrase again:
  7. Your identification has been saved in /root/.ssh/id_rsa.
  8. Your public key has been saved in /root/.ssh/id_rsa.pub.
  9. The key fingerprint is:
  10. SHA256:NeqEoukPQ2qi6UBq5XITvzkt3P5iKDLlnsOncgCONWg [email protected]
  11. The key's randomart image is:
  12. +---[RSA 4096]----+
  13. |                 |
  14. |                 |
  15. | .        o      |
  16. |oEo    . o .     |
  17. |=o.+. . S        |
  18. |+=o+o. o         |
  19. |=+X+..+ .        |
  20. |**oOo*o=         |
  21. |+.B=*o=.o.       |
  22. +----[SHA256]-----+
复制代码


11、新建文件夹 Z:\.ssh 【输入 .ssh. 】

12、通过 SFTP 连接VPS,下载密钥对
  1. sftp> get ~/.ssh/*
  2. Downloading authorized_keys from /root/.ssh/authorized_keys
  3.   100% 748 bytes    748 bytes/s 00:00:01     
  4. /root/.ssh/authorized_keys: 748 bytes transferred in 1 seconds (748 bytes/s)
  5. Downloading id_rsa from /root/.ssh/id_rsa
  6.   100% 3KB      3KB/s 00:00:01     
  7. /root/.ssh/id_rsa: 3243 bytes transferred in 1 seconds (3243 bytes/s)
  8. Downloading id_rsa.pub from /root/.ssh/id_rsa.pub
  9.   100% 748 bytes    748 bytes/s 00:00:01     
  10. /root/.ssh/id_rsa.pub: 748 bytes transferred in 1 seconds (748 bytes/s)
复制代码

13、删除密钥对
  1. [email protected]:~# rm ~/.ssh/id_rsa*
复制代码

14、使用 PuTTY Key Generator 转换私钥添加口令
File——Load priate key
Save private key——选择.ssh——保存为id_rsa.ppk

15、修改 sshd_config 文件并检查
  1. [email protected]:~# cat << EOF > /etc/ssh/sshd_config
  2. > AcceptEnv LANG LC_*
  3. > ChallengeResponseAuthentication no
  4. > PasswordAuthentication no
  5. > PermitRootLogin yes
  6. > Port 22
  7. > PrintMotd no
  8. > PubkeyAuthentication yes
  9. > Subsystem sftp /usr/lib/openssh/sftp-server
  10. > UsePAM yes
  11. > X11Forwarding yes
  12. > EOF
  13. [email protected]:~# sshd -t
复制代码

16、重新启动 SSH 服务
  1. systemctl restart sshd
复制代码

17、使用SSH密钥登录连接 VPS
  1. Linux QuietEvergreen-VM 4.9.0-4-amd64 #1 SMP Debian 4.9.65-3+deb9u1 (2017-12-23) x86_64

  2. The programs included with the Debian GNU/Linux system are free software;
  3. the exact distribution terms for each program are described in the
  4. individual files in /usr/share/doc/*/copyright.

  5. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
  6. permitted by applicable law.
  7. [email protected]:~#
复制代码

18、升级系统
  1. screen -S s

  2. apt update && \
  3. apt upgrade && \
  4. apt full-upgrade && \
  5. apt autoremove && \
  6. apt autoclean
复制代码

19、升级到 Debian 10
  1. sed -i 's/stretch/buster/g' /etc/apt/sources.list && \
  2. apt update && \
  3. apt upgrade && \
  4. apt full-upgrade && \
  5. apt autoremove && \
  6. apt autoclean
复制代码

20、使用新内核启动
  1. systemctl reboot
复制代码

21、移除旧内核
  1. [email protected]:~# screen -S s
  2. [email protected]:~# dpkg --get-selections | grep linux
  3. console-setup-linux                             install
  4. firmware-linux-free                             install
  5. libselinux1:amd64                               install
  6. linux-base                                      install
  7. linux-image-4.19.0-6-amd64                      install
  8. linux-image-4.9.0-11-amd64                      install
  9. linux-image-4.9.0-4-amd64                       install
  10. linux-image-amd64                               install
  11. util-linux                                      install
  12. util-linux-locales                              install

  13. [email protected]:~# apt autoremove --purge linux-image-4.9.0-4-amd64 linux-image-4.9.0-11-amd64
  14. Reading package lists... Done

  15. [email protected]:~# dpkg --get-selections | grep linux
  16. console-setup-linux                             install
  17. firmware-linux-free                             install
  18. libselinux1:amd64                               install
  19. linux-base                                      install
  20. linux-image-4.19.0-6-amd64                      install
  21. linux-image-amd64                               install
  22. util-linux                                      install
  23. util-linux-locales                              install
复制代码

22、更新 grub
  1. [email protected]:~# update-grub
  2. Generating grub configuration file ...
  3. Found linux image: /boot/vmlinuz-4.19.0-6-amd64
  4. Found initrd image: /boot/initrd.img-4.19.0-6-amd64
  5. done
复制代码

23、开启 BBR
  1. [email protected]:~# echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf && \
  2. > echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf && \
  3. > sysctl -p && \
  4. > lsmod |grep bbr
  5. net.core.default_qdisc = fq
  6. net.ipv4.tcp_congestion_control = bbr
  7. tcp_bbr                20480  1
  8. [email protected]:~#
复制代码

24、安装 acme.sh
  1. [email protected]:~# apt install curl
  2. [email protected]:~# curl https://get.acme.sh | sh
  3. [Mon 09 Dec 2019 02:18:05 PM EST] Install success!
  4. [email protected]:~# echo 'alias acme.sh=~/.acme.sh/acme.sh' >> /etc/profile
  5. [email protected]:~# source /etc/profile
  6. [email protected]:~# acme.sh --upgrade --auto-upgrade
  7. [Mon 09 Dec 2019 02:20:07 PM EST] Install success!
  8. [Mon 09 Dec 2019 02:20:07 PM EST] Upgrade success!
  9. [email protected]:~#
复制代码

25、签发证书 【使用 cloudflare】
  1. export [email protected]
  2. export CF_Key=d2d833bd132a12a5de698b64ec5e4c91d8da6
  3. acme.sh --issue -d domain.com -d *.domain.com --dns dns_cf
复制代码

26、安装证书
  1. mkdir -p /etc/nginx/ssl/domain.com && \
  2. ~/.acme.sh/acme.sh --install-cert -d domain.com \
  3. --cert-file /etc/nginx/ssl/domain.com/domain.com.cer \
  4. --ca-file /etc/nginx/ssl/domain.com/ca.cer \
  5. --key-file /etc/nginx/ssl/domain.com/domain.com.key \
  6. --fullchain-file /etc/nginx/ssl/domain.com/fullchain.cer \
  7. --reloadcmd "service nginx force-reload"

  8. [Mon 09 Dec 2019 02:26:21 PM EST] Installing cert to:/etc/nginx/ssl/domain.com/domain.com.cer
  9. [Mon 09 Dec 2019 02:26:21 PM EST] Installing CA to:/etc/nginx/ssl/domain.com/ca.cer
  10. [Mon 09 Dec 2019 02:26:21 PM EST] Installing key to:/etc/nginx/ssl/domain.com/domain.com.key
  11. [Mon 09 Dec 2019 02:26:21 PM EST] Installing full chain to:/etc/nginx/ssl/domain.com/fullchain.cer
  12. [Mon 09 Dec 2019 02:26:21 PM EST] Run reload cmd: service nginx force-reload
  13. Failed to restart nginx.service: Unit nginx.service not found.
  14. [Mon 09 Dec 2019 02:26:22 PM EST] Reload error for :
复制代码

27、安装V*R*y
  1. [email protected]:~# bash <(curl -L -s https://install.direct/go.sh)
  2. PORT:10101
  3. UUID:ec7e2136-8ab8-43dc-86b8-10861c5cafc2
  4. Created symlink /etc/systemd/system/multi-user.target.wants/v2ray.service → /etc/systemd/system/v2ray.service.
  5. V2Ray v4.21.3 is installed.

  6. [email protected]:~# systemctl start v2ray

  7. [email protected]:~# cat /etc/v2ray/config.json
  8. {
  9.   "inbounds": [{
  10.     "port": 23222,
  11.     "protocol": "vmess",
  12.     "settings": {
  13.       "clients": [
  14.         {
  15.           "id": "ec7e2136-8ab8-43dc-86b8-10861c5cafc2",
  16.           "level": 1,
  17.           "alterId": 64
  18.         }
  19.       ]
  20.     }
  21.   }],
  22.   "outbounds": [{
  23.     "protocol": "freedom",
  24.     "settings": {}
  25.   },{
  26.     "protocol": "blackhole",
  27.     "settings": {},
  28.     "tag": "blocked"
  29.   }],
  30.   "routing": {
  31.     "rules": [
  32.       {
  33.         "type": "field",
  34.         "ip": ["geoip:private"],
  35.         "outboundTag": "blocked"
  36.       }
  37.     ]
  38.   }
  39. }
复制代码

28、安装 Nginx
  1. [email protected]:~# apt install nginx
  2. The following NEW packages will be installed:
  3.   nginx nginx-common nginx-full
  4. 0 upgraded, 23 newly installed, 0 to remove and 0 not upgraded.
  5. Need to get 4,559 kB of archives.
  6. After this operation, 10.1 MB of additional disk space will be used.
  7. Do you want to continue? [Y/n]
复制代码
绿水本无忧, 因风皱面;青山原不老, 为雪白头
返回板块
回帖列表
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

 
快速回复 返回顶部 返回列表