Solaris 10 ftp,telnet,ssh,sendmail

时间:2022-06-01 22:10:30

1. 管理命令 svcadm (服务状态管理,启动、停止等)
# svcs <br>查看当前所有的服务状态,可以使用|管道符重定向作更个性化的查找;如
# svcs |grep online 查看当前运行服务
# svcs |grep offline 查看当前停止服务
# svcs |grep inetd 查看inetd服务状态

 

2. solaris 10 关闭ftp、telnet、sendmail
#svcadm disable svc:network/ftp
#svcadm disable svc:network/telnet
#svcadm disable svc:network/smtp:sendmail

3. Solaris 修改root 可以Telnet 与ftp
这几天安装了Solaris 10 安装完后发现不可以用root telnet 与 ftp ,
修改 /etc/default/login把CONSOLE=/dev/console该行注释掉,就可以用root telnet 。
/etc/ftpd/ftpusers,如果有root,行首加#号注释掉就可以了。


4. Solaris 10开启SSH服务

Solaris在安装完毕后就提供了该项服务:OpenSSH
服务的开启方法:
svcadm enbale -rt ssh
默认情况下,OpenSSH是禁止root帐户通过SSH方式登录的,以保障安全。
方法如下:
修改 /etc/ssh/sshd_config文件,将其中的“PermitRootLogin no”修改为“PermitRootLogin yes”,再执行 svcadm restart ssh 重新启动SSH服务。

5. 启动FTP或查看FTP状态

默认FTP是关闭的,启动命令:

# svcadm enable /network/ftp

此时查看FTP服务状态:

# svcs -l network/ftp

默认情况下,root用户无法登录,需要修改/etc/ftpd/ftpusers文件,把root那行前面加个#注释掉就可以了。

 

6. 重启SSH

默认SSH是开启的。但是root用户无法登录,需要修改/etc/ssh/sshd_config,把里面的 PermitRootLogin改为 yes,再重启ssh服务,

重启命令:

# svcadm restart network/ssh

7. 重启网卡

以前修改/etc/hosts文件的IP后都是通过重启机器来使设置生效的,现在也可以通过下面的命令让它生效,无需重启机器。

# svcadm restart physical

8. 如何重新启动sshd服务

# ps -ef | grep ssh    查询ssh状态

root 516 1 0 Dec 27 ? 0:00 /usr/lib/ssh/sshd

root 2006 1728 0 09:52:49 pts/3 0:00 grep ssh

# kill -9 516     终止ssh

# /usr/lib/ssh/sshd   启动ssh

 

9.

注释掉/etc/default/login其中CONSOLE=/dev/console 一行,root就可以telnet:

 

# more /etc/default/login
#ident  "@(#)login.dfl  1.14    04/06/25 SMI"
#
# Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
# Use is subject to license terms.

# Set the TZ environment variable of the shell.
#
#TIMEZONE=EST5EDT

# ULIMIT sets the file size limit for the login.  Units are disk blocks.
# The default of zero means no limit.
#
#ULIMIT=0

# If CONSOLE is set, root can only login on that device.
# Comment this line out to allow remote login by root.
#
#CONSOLE=/dev/console

# PASSREQ determines if login requires a password.
#
PASSREQ=YES

# ALTSHELL determines if the SHELL environment variable should be set
#
ALTSHELL=YES

# PATH sets the initial shell PATH variable
#
#PATH=/usr/bin:

# SUPATH sets the initial shell PATH variable for root
#
#SUPATH=/usr/sbin:/usr/bin

# TIMEOUT sets the number of seconds (between 0 and 900) to wait before
# abandoning a login session.
#
#TIMEOUT=300

# UMASK sets the initial shell file creation mode mask.  See umask(1).
#
#UMASK=022

# SYSLOG determines whether the syslog(3) LOG_AUTH facility should be used
# to log all root logins at level LOG_NOTICE and multiple failed login
# attempts at LOG_CRIT.
#
SYSLOG=YES

# SLEEPTIME controls the number of seconds that the command should
# wait before printing the "login incorrect" message when a
# bad password is provided.  The range is limited from
# 0 to 5 seconds.
#
#SLEEPTIME=4

# DISABLETIME  If present, and greater than zero, the number of seconds
# login will wait after RETRIES failed attempts or the PAM framework returns
# PAM_ABORT. Default is 20. Minimum is 0. No maximum is imposed.
#
#DISABLETIME=20

# RETRIES determines the number of failed logins that will be
# allowed before login exits. Default is 5 and maximum is 15.
# If account locking is configured (user_attr(4)/policy.conf(4))
# for a local user's account (passwd(4)/shadow(4)), that account
# will be locked if failed logins equals or exceeds RETRIES.
#
#RETRIES=5
#
# The SYSLOG_FAILED_LOGINS variable is used to determine how many failed
# login attempts will be allowed by the system before a failed login
# message is logged, using the syslog(3) LOG_NOTICE facility.  For example,
# if the variable is set to 0, login will log -all- failed login attempts.
#
#SYSLOG_FAILED_LOGINS=5

=========================================================