Debian系统初始化操作

Read

一、基础环境

$ uname -a
Linux open-boots-1.localdomain 6.1.0-9-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.27-1 (2023-05-08) x86_64 GNU/Linux
$ apt update && apt upgrade
Linux open-boots-1.localdomain 6.1.0-27-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.115-1 (2024-11-01) x86_64 GNU/Linux
$ uname -r
6.1.0-9-amd64
$ uname -m
x86_64

二、系统初始

apt-get purge vim -y apt autoremove -y apt install vim -y cp /usr/share/vim/vim[0-9][0-9]/defaults.vim /usr/share/vim/vim[0-9][0-9]/defaults.vim.bak sed -i 's/set mouse=a/set mouse-=a/g' /usr/share/vim/vim[0-9][0-9]/defaults.vim echo 'export EDITOR=vim' >> ~/.bashrc source ~/.bashrc update-alternatives --config editor #定义默认编辑器 apt-cache search openldap | grep dev #查找openldap的dev包 cp /etc/apt/sources.list /etc/apt/sources.list.bak > /etc/apt/sources.list echo 'deb http://mirrors.huaweicloud.com/debian/ bookworm main non-free-firmware' >> /etc/apt/sources.list echo 'deb-src http://mirrors.huaweicloud.com/debian/ bookworm main non-free-firmware' >> /etc/apt/sources.list echo 'deb http://security.debian.org/debian-security bookworm-security main non-free-firmware' >> /etc/apt/sources.list echo 'deb-src http://security.debian.org/debian-security bookworm-security main non-free-firmware' >> /etc/apt/sources.list echo 'deb http://mirrors.huaweicloud.com/debian/ bookworm-updates main non-free-firmware' >> /etc/apt/sources.list echo 'deb-src http://mirrors.huaweicloud.com/debian/ bookworm-updates main non-free-firmware' >> /etc/apt/sources.list apt update && apt upgrade

0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

apt-get purge vim -y
apt autoremove -y
apt install vim -y
cp /usr/share/vim/vim[0-9][0-9]/defaults.vim /usr/share/vim/vim[0-9][0-9]/defaults.vim.bak
sed -i 's/set mouse=a/set mouse-=a/g' /usr/share/vim/vim[0-9][0-9]/defaults.vim
echo 'export EDITOR=vim' >> ~/.bashrc
source ~/.bashrc
update-alternatives --config editor #定义默认编辑器
apt-cache search openldap | grep dev #查找openldap的dev包
cp /etc/apt/sources.list /etc/apt/sources.list.bak
> /etc/apt/sources.list
echo 'deb http://mirrors.huaweicloud.com/debian/ bookworm main non-free-firmware' >> /etc/apt/sources.list
echo 'deb-src http://mirrors.huaweicloud.com/debian/ bookworm main non-free-firmware' >> /etc/apt/sources.list
echo 'deb http://security.debian.org/debian-security bookworm-security main non-free-firmware' >> /etc/apt/sources.list
echo 'deb-src http://security.debian.org/debian-security bookworm-security main non-free-firmware' >> /etc/apt/sources.list
echo 'deb http://mirrors.huaweicloud.com/debian/ bookworm-updates main non-free-firmware' >> /etc/apt/sources.list
echo 'deb-src http://mirrors.huaweicloud.com/debian/ bookworm-updates main non-free-firmware' >> /etc/apt/sources.list
apt update && apt upgrade

SourceByrd's Weblog-https://note.t4x.org/basic/debian-update-openssl/

三、安装zlib

cd /data/tools
wget https://www.zlib.net/zlib-1.3.1.tar.gz
tar -zxf  zlib-1.3.1.tar.gz
cd zlib-1.3.1
./configure --prefix=/opt/zlib-1.3.1 --64
make -j 4 && make test && make install
echo "/opt/zlib-1.3.1/lib" >> /etc/ld.so.conf.d/libc.conf
ldconfig 
ldconfig -v

cd /data/tools

wget https://www.zlib.net/zlib-1.3.1.tar.gz

tar -zxf zlib-1.3.1.tar.gz

cd zlib-1.3.1

./configure --prefix=/opt/zlib-1.3.1 --64

make -j 4 && make test && make install

echo "/opt/zlib-1.3.1/lib" >> /etc/ld.so.conf.d/libc.conf

ldconfig

ldconfig -v

SourceByrd's Weblog-https://note.t4x.org/basic/debian-update-openssl/

四、安装openssl

apt-get install zlib1g-dev libfindbin-libs-perl -y
cd /data/tools/
wget https://github.com/openssl/openssl/releases/download/openssl-3.4.0/openssl-3.4.0.tar.gz
tar zxf openssl-3.4.0.tar.gz 
cd openssl-3.4.0/
./config --prefix=/opt/openssl-3.4.0 enable-shared zlib
make && make install
echo "/opt/openssl-3.4.0/lib64" >> /etc/ld.so.conf.d/libc.conf
ldconfig 
ldconfig -v
mv /usr/bin/openssl /usr/bin/openssl.bak
ln -s /opt/openssl-3.4.0/bin/openssl /usr/bin/openssl 
openssl version -f |grep ZLIB

apt-get install zlib1g-dev libfindbin-libs-perl -y

cd /data/tools/

wget https://github.com/openssl/openssl/releases/download/openssl-3.4.0/openssl-3.4.0.tar.gz

tar zxf openssl-3.4.0.tar.gz

cd openssl-3.4.0/

./config --prefix=/opt/openssl-3.4.0 enable-shared zlib

make && make install

echo "/opt/openssl-3.4.0/lib64" >> /etc/ld.so.conf.d/libc.conf

ldconfig

ldconfig -v

mv /usr/bin/openssl /usr/bin/openssl.bak

ln -s /opt/openssl-3.4.0/bin/openssl /usr/bin/openssl

openssl version -f |grep ZLIB

SourceByrd's Weblog-https://note.t4x.org/basic/debian-update-openssl/

五、安装openssh

apt-get install libpam0g-dev -y
cd /data/tools
wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.9p1.tar.gz
tar zxf openssh-9.9p1.tar.gz
cd openssh-9.9p1
./configure --prefix=/opt/openssh-9.9p1 --sysconfdir=/etc/ssh --with-pam --with-ssl-dir=/opt/openssl-3.4.0/ --with-zlib=/opt/zlib-1.3.1
make 
mv /etc/ssh /etc/ssh.bak
make install
mv /usr/sbin/sshd /usr/sbin/sshd.bak
mv /usr/bin/ssh /usr/bin/ssh.bak
mv /usr/bin/ssh-keygen /usr/bin/ssh-keygen.bak
mv /usr/bin/scp /usr/bin/scp.bak
mv /usr/bin/sftp /usr/bin/sftp.bak
mv /usr/bin/ssh-add /usr/bin/ssh-add.bak
mv /usr/bin/ssh-agent /usr/bin/ssh-agent.bak
mv /usr/bin/ssh-keyscan /usr/bin/ssh-keyscan.bak
ln -s /opt/openssh-9.9p1/sbin/sshd /usr/sbin/sshd
ln -s /opt/openssh-9.9p1/bin/scp /usr/bin/scp
ln -s /opt/openssh-9.9p1/bin/sftp /usr/bin/sftp
ln -s /opt/openssh-9.9p1/bin/ssh /usr/bin/ssh
ln -s /opt/openssh-9.9p1/bin/ssh-add /usr/bin/ssh-add
ln -s /opt/openssh-9.9p1/bin/ssh-agent /usr/bin/ssh-agent
ln -s /opt/openssh-9.9p1/bin/ssh-keygen /usr/bin/ssh-keygen
ln -s /opt/openssh-9.9p1/bin/ssh-keyscan /usr/bin/ssh-keyscan

systemctl -l --type service --all|grep ssh
systemctl disable ssh
systemctl enable ssh 
#Executing: /usr/lib/systemd/systemd-sysv-install enable ssh
#Created symlink /etc/systemd/system/sshd.service → /usr/lib/systemd/system/ssh.service.
#Created symlink /etc/systemd/system/multi-user.target.wants/ssh.service → /usr/lib/systemd/system/ssh.service.
systemctl restart sshd

apt-get install libpam0g-dev -y

cd /data/tools

wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.9p1.tar.gz

tar zxf openssh-9.9p1.tar.gz

cd openssh-9.9p1

./configure --prefix=/opt/openssh-9.9p1 --sysconfdir=/etc/ssh --with-pam --with-ssl-dir=/opt/openssl-3.4.0/ --with-zlib=/opt/zlib-1.3.1

make

mv /etc/ssh /etc/ssh.bak

make install

mv /usr/sbin/sshd /usr/sbin/sshd.bak

mv /usr/bin/ssh /usr/bin/ssh.bak

mv /usr/bin/ssh-keygen /usr/bin/ssh-keygen.bak

mv /usr/bin/scp /usr/bin/scp.bak

mv /usr/bin/sftp /usr/bin/sftp.bak

mv /usr/bin/ssh-add /usr/bin/ssh-add.bak

mv /usr/bin/ssh-agent /usr/bin/ssh-agent.bak

mv /usr/bin/ssh-keyscan /usr/bin/ssh-keyscan.bak

ln -s /opt/openssh-9.9p1/sbin/sshd /usr/sbin/sshd

ln -s /opt/openssh-9.9p1/bin/scp /usr/bin/scp

ln -s /opt/openssh-9.9p1/bin/sftp /usr/bin/sftp

ln -s /opt/openssh-9.9p1/bin/ssh /usr/bin/ssh

ln -s /opt/openssh-9.9p1/bin/ssh-add /usr/bin/ssh-add

ln -s /opt/openssh-9.9p1/bin/ssh-agent /usr/bin/ssh-agent

ln -s /opt/openssh-9.9p1/bin/ssh-keygen /usr/bin/ssh-keygen

ln -s /opt/openssh-9.9p1/bin/ssh-keyscan /usr/bin/ssh-keyscan

systemctl -l --type service --all|grep ssh

systemctl disable ssh

systemctl enable ssh

#Executing: /usr/lib/systemd/systemd-sysv-install enable ssh

#Created symlink /etc/systemd/system/sshd.service → /usr/lib/systemd/system/ssh.service.

#Created symlink /etc/systemd/system/multi-user.target.wants/ssh.service → /usr/lib/systemd/system/ssh.service.

systemctl restart sshd

参考网站：
1：https://www.zlib.net/
2：https://openssl-library.org/source/
3：https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/SourceByrd's Weblog-https://note.t4x.org/basic/debian-update-openssl/ SourceByrd's Weblog-https://note.t4x.org/basic/debian-update-openssl/

申明：除非注明Byrd's Blog内容均为原创,未经许可禁止转载!详情请阅读版权申明!