将VPS的原系统改为Arch Linux并进行初始化设置

Talk is cheap.

一般的VPS可以提供CentOS和Debian等操作系统,我比较喜欢选择Debian 8,Let’s get started!

sudo apt-get update && sudo apt-get upgrade
sudo apt-get install git
git clone https://github.com/drizzt/vps2arch.git
cd vps2arch
chmod +x ./vps2arch
./vps2arch
###########如果您的VPS位于国内,则建议修改一下vps2arch脚本#############
vim vps2arch
#修改位于第324行的如下参数
: ${mirrors:="http://mirror.rackspace.com/archlinux http://dgix.ru/mirrors/archlinux"}
改为
: ${mirrors:="https://mirrors.ustc.edu.cn/archlinux https://mirrors.tuna.tsinghua.edu.cn/archlinux"}
#####################################################################
reboot -f #请使用该命令重启VPS

以上可以将VPS的系统改为ArchLinux
Warning:我已经在阿里云,腾讯云上测试过了,均能修改,不过建议在腾讯云使用,阿里云的话由于内核是注入的,如果采用这种方式强行使用archlinux最新的4.6.2内核可能会导致安装docker之后由于内核不支持(但其实archlinux的4.6内核是支持docker的)而启动失败。

以下是我使用的初始化设置arch的一些命令

vi /etc/pacman.d/mirrorlist
###Add up some fastest mirrors on the top of this file,maybe not necessarily needed#########
useradd -m -g users -G audio,lp,optical,storage,video,wheel,games,network,power -s /bin/bash yourname
passwd yourname
pacman -Syu
pacman -S sudo fakeroot git wget htop docker zsh tmux vim
pacman -R vi ###在这里吐槽一下Arch,默认的编辑器本来是vim,但是竟然又被偷偷换回了vi
vim /etc/locale.gen #####注释掉en_US等等
locale-gen ###生成locale
export EDITOR=vim
visudo #########Scroll down and delete or modify the comments before the lines below:########################
yourname ALL=(ALL) NOPASSWD: ALL #When you want to escalate without typing the password into the password frame.
############################################################################################################
exit root and login to "yourname" using your authenticate.
#######################################################
Now you are logged in as 'yourname'
sh -c "$(wget https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/tools/install.sh -O -)"
chsh -s /bin/zsh #type your password
mkdir .ssh
cd .ssh
touch authorized_keys
sudo vim authorized_keys
sudo vim /etc/ssh/sshd_config

Configurations of sshd_config

PermitRootLogin no
RSAAuthentication yes
PubkeyAuthentication yes
PasswordAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
AuthorizedKeysFile .ssh/authorized_keys

##################################Continue#######################################

sudo systemctl restart sshd
sudo pacman -S ufw

修改防火墙设置,禁止ping,以及只允许http/https连入,默认放行SSH/tcp

ufw default reject
ufw allow 22/tcp
ufw allow in http
ufw allow in https
vim /etc/ufw/before.rules
#修改配置#允许ping
-A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT
#禁止ping
-A ufw-before-input -p icmp --icmp-type echo-request -j DROP
sudo ufw enable
anyShare分享到:

12 条评论

昵称
  1. qianqian

    么么哒三爷 😛

    1. kiritoalex

      么么哒= =

  2. 静静

    通过修改vps2arch代码来修改mirror已经失效,乃可以用”-m”参数来修改mirror,记得改一下呦。

    1. kiritoalex

      好的,感谢您的提醒!

  3. 静静

    用一下markdown会死吗

    1. kiritoalex

      我最近看看能不能改一改,感谢您的反馈!

  4. 4679kun
    1. 雨宫千鹤

      么么哒,好久不见ww

  5. nrechn

    话说conoha的VPS原系统有Arch选项~

    1. 雨宫千鹤

      conoha我是不敢用了,2333333

  6. Chion82

    互访一下聚聚的博客

    1. kiritoalex

      欢迎欢迎~菊苣什么的不敢当