/dev/disk/
可以用来获取 Disk 设备的绝对路径(插拔和重启系统均不会改变)
# tree /dev/disk/
/dev/disk/
├── by-diskseq
│ ├── 10 -> ../../sda
│ ├── 12 -> ../../sdb
│ ├── 12-part1 -> ../../sdb1
│ ├── 12-part2 -> ../../sdb2
│ ├── 14 -> ../../sdc
│ ├── 14-part1 -> ../../sdc1
│ ├── 14-part2 -> ../../sdc2
│ ├── 15 -> ../../loop0
│ ├── 2 -> ../../loop1
│ ├── 3 -> ../../loop2
│ ├── 4 -> ../../loop3
│ ├── 5 -> ../../loop4
│ ├── 6 -> ../../loop5
│ ├── 7 -> ../../loop6
│ ├── 8 -> ../../loop7
│ └── 9 -> ../../nvme0n1
├── by-dname
│ └── md0 -> ../../md0p1
├── by-id
│ ├── ata-TOSHIBA_MQ01ACF050_88FXCFYWT -> ../../sda
│ ├── md-name-ubuntu-server:0 -> ../../md0
│ ├── md-name-ubuntu-server:0-part1 -> ../../md0p1
│ ├── md-name-ubuntu-server:0-part2 -> ../../md0p2
│ ├── md-uuid-cd562ab6:fb31ae7e:e4d1a15c:7d592927 -> ../../md0
│ ├── md-uuid-cd562ab6:fb31ae7e:e4d1a15c:7d592927-part1 -> ../../md0p1
│ ├── md-uuid-cd562ab6:fb31ae7e:e4d1a15c:7d592927-part2 -> ../../md0p2
│ ├── nvme-KINGSTON_SNVS500G_50026B7684AF1E5C -> ../../nvme0n1
│ ├── nvme-KINGSTON_SNVS500G_50026B7684AF1E5C_1 -> ../../nvme0n1
│ ├── nvme-eui.00000000000000000026b7684af1e5c5 -> ../../nvme0n1
│ ├── scsi-0ATA_TOSHIBA_MQ01ACF0_88FXCFYWT -> ../../sda
│ ├── scsi-1ATA_TOSHIBA_MQ01ACF050_88FXCFYWT -> ../../sda
│ ├── scsi-35000000000000001 -> ../../sdb
│ ├── scsi-35000000000000001-part1 -> ../../sdb1
│ ├── scsi-35000000000000001-part2 -> ../../sdb2
│ ├── scsi-350000398b4306b2e -> ../../sda
│ ├── scsi-SATA_TOSHIBA_MQ01ACF0_88FXCFYWT -> ../../sda
│ ├── scsi-SST2000LM_007-1R8174_8BB138EE1A62 -> ../../sdb
│ ├── scsi-SST2000LM_007-1R8174_8BB138EE1A62-part1 -> ../../sdb1
│ ├── scsi-SST2000LM_007-1R8174_8BB138EE1A62-part2 -> ../../sdb2
│ ├── usb-ST2000LM_007-1R8174_26A1EE831BB8-0:0 -> ../../sdb
│ ├── usb-ST2000LM_007-1R8174_26A1EE831BB8-0:0-part1 -> ../../sdb1
│ ├── usb-ST2000LM_007-1R8174_26A1EE831BB8-0:0-part2 -> ../../sdb2
│ ├── usb-USB_Lenovo_SX1_16G_31097780XB15110242-0:0 -> ../../sdc
│ ├── usb-USB_Lenovo_SX1_16G_31097780XB15110242-0:0-part1 -> ../../sdc1
│ ├── usb-USB_Lenovo_SX1_16G_31097780XB15110242-0:0-part2 -> ../../sdc2
│ ├── wwn-0x5000000000000001 -> ../../sdb
│ ├── wwn-0x5000000000000001-part1 -> ../../sdb1
│ ├── wwn-0x5000000000000001-part2 -> ../../sdb2
│ └── wwn-0x50000398b4306b2e -> ../../sda
├── by-label
│ └── Disk -> ../../sdb1
├── by-partlabel
│ ├── Basic\x20data\x20partition -> ../../sdc2
│ └── EFI\x20system\x20partition -> ../../sdc1
├── by-partuuid
│ ├── 00001000-01 -> ../../sdb1
│ ├── 00001000-02 -> ../../sdb2
│ ├── 18561bc4-1a3e-4acd-a2d5-b99466963a1d -> ../../md0p2
│ ├── 3eb8d365-9b80-4064-b2e4-e6c521acb503 -> ../../md0p1
│ ├── 6324ff2c-cf19-4ca6-beaf-4c06aab7ff8c -> ../../sdc1
│ └── b95482ba-b802-4896-b520-4167cc86f2df -> ../../sdc2
├── by-path
│ ├── pci-0000:01:00.0-nvme-1 -> ../../nvme0n1
│ ├── pci-0000:05:00.3-usb-0:2:1.0-scsi-0:0:0:0 -> ../../sdb
│ ├── pci-0000:05:00.3-usb-0:2:1.0-scsi-0:0:0:0-part1 -> ../../sdb1
│ ├── pci-0000:05:00.3-usb-0:2:1.0-scsi-0:0:0:0-part2 -> ../../sdb2
│ ├── pci-0000:05:00.3-usb-0:3:1.0-scsi-0:0:0:0 -> ../../sdc
│ ├── pci-0000:05:00.3-usb-0:3:1.0-scsi-0:0:0:0-part1 -> ../../sdc1
│ ├── pci-0000:05:00.3-usb-0:3:1.0-scsi-0:0:0:0-part2 -> ../../sdc2
│ ├── pci-0000:05:00.3-usbv2-0:3:1.0-scsi-0:0:0:0 -> ../../sdc
│ ├── pci-0000:05:00.3-usbv2-0:3:1.0-scsi-0:0:0:0-part1 -> ../../sdc1
│ ├── pci-0000:05:00.3-usbv2-0:3:1.0-scsi-0:0:0:0-part2 -> ../../sdc2
│ ├── pci-0000:05:00.3-usbv3-0:2:1.0-scsi-0:0:0:0 -> ../../sdb
│ ├── pci-0000:05:00.3-usbv3-0:2:1.0-scsi-0:0:0:0-part1 -> ../../sdb1
│ ├── pci-0000:05:00.3-usbv3-0:2:1.0-scsi-0:0:0:0-part2 -> ../../sdb2
│ ├── pci-0000:06:00.0-ata-1 -> ../../sda
│ └── pci-0000:06:00.0-ata-1.0 -> ../../sda
└── by-uuid
├── 2C3626BF5232BC8B -> ../../sdc2
├── 3bdcaa82-78ae-48fe-ab31-0bd609e3bff8 -> ../../md0p2
├── 63758c8d-7e86-4d08-8dda-ebd42ba23e8b -> ../../sdb2
├── 9CCE4B3FCE4B1146 -> ../../sdb1
├── ED7F-0521 -> ../../sdc1
└── b5bf47c0-225a-4a10-a0bb-5a360674903d -> ../../md0p1
9 directories, 77 files
/etc/udev/rules.d/70-persistent-net.rules
/etc/udev/rules.d/70-persistent-net.rules 是 Linux 系统中用于 持久化网卡设备名称与MAC地址映射关系 的配置文件,确保网络接口名称(如 eth0、eth1)在重启后保持不变。可用来修改网卡名称。
# openEuler 22.03 LTS
# 修改网卡名称,文件不存在可以创建
# cat /etc/udev/rules.d/70-persistent-net.rules
#SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="fa:16:3e:5e:91:8c", NAME="ens3"
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="fa:16:3e:5e:91:8c", NAME="eth0"
# 生效重启系统
udevadm control --reload-rules
/etc/resolv.conf
这个文件归 systemd-resolved 服务或者 NetworkManager 服务管理,如果直接修改配置文件,重启网络服务和系统后,修改会被重置。
确认当前 DNS 管理机制
首先检查 /etc/resolv.conf 是否为符号链接,确定由谁管理 DNS(没有链接则可通过修改配置现实管理DNS):
# 若指向 NetworkManager 或 systemd-resolved,则 DNS 由这些服务动态管理。
ls -l /etc/resolv.conf
lrwxrwxrwx 1 root root 39 Jan 1 00:00 /etc/resolv.conf -> ../run/NetworkManager/resolv.conf
一般情况下,我们希望通过 resolv.conf 来实现 dns 服务器的配置,有几种方法可以实现。
# 方法1:
# 关闭并禁用systemd-resolved服务。
systemctl stop systemd-resolved
systemctl disable systemd-resolved
# 方法2:
/etc/systemd/resolved.conf
[Resolve]
DNSStubListener=no # 禁用本地 DNS 监听(可选)
systemctl restart systemd-resolved
# 方法3:
# 禁用 NetworkManager 对 DNS 的覆盖
/etc/NetworkManager/NetworkManager.conf
[main]
dns=none
systemctl restart NetworkManager
/etc/ssh/sshd_config
GSSAPIAuthentication 改为 no #禁用 GSSAPI 身份验证以解决 Kerberos 相关问题。
UseDNS 改为 no #避免 DNS 解析延迟影响连接速度。
UsePAM 改为 no #避免 PAM 模块造成的延迟。
#认证方式
AuthenticationMethods publickey,keyboard-interactive # 同时提供公钥和多因素认证(顺序可调)
publickey,password # 同时提供公钥和用户密码(顺序可调)
none # 禁用所有认证方式
PasswordAuthentication no # 密码认证
PubkeyAuthentication yes # 公钥认证
KbdInteractiveAuthentication yes # 启用键盘交互认证
PermitRootLogin yes # ROOT用户远程登录
ChallengeResponseAuthentication yes # 是 SSH服务(sshd) 的配置参数,用于启用 挑战-应答认证(Challenge-Response Authentication) - 和多因素认证有关
Port 12004 # 可以同时监听多个端口
AddressFamily any # 监听IP协议(IPv4/IPv6):inet、inet6
ListenAddress 127.0.0.1 # 可以同时监听多个地址
#从简到详 QUIET → FATAL → ERROR → INFO → VERBOSE → DEBUG → DEBUG1 → DEBUG2 → DEBUG3
LogLevel VERBOSE # 日志等级
