AWS Lightsail 使用 – 刺猬的小屋

密钥登录改用户名密码登录

 echo root:mebime |sudo chpasswd root
sudo sed -i 's/^.*PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config;
sudo sed -i 's/^.*PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config;
sudo service sshd restart

更改后建议安装fail2ban

流量监控脚本

 #!/usr/bin/python3
#coding=utf-8
import sys,re,time,os
maxdata = 1099511627776 # 858993459200 #流量上限，单位是Byte
memfilename = '/root/data.txt'
netcard = '/proc/net/dev'
def checkfile(filename):
    if os.path.isfile(filename):
        pass
    else:
        f = open(filename, 'w')
        f.write('0')
        f.close()
def get_net_data():
    nc = netcard or '/proc/net/dev'
    fd = open(nc, "r")
    netcardstatus = False
    for line in fd.readlines():
        if line.find("eth0") > 0: #这里的网卡用的是ens3，请根据自己的网卡进行调整，可以通过cat /proc/net/dev查看
            netcardstatus = True
            field = line.split() #读取数据
            recv = field[0].split(":")[1]
            recv = recv or field[1] #流入流量
            send = field[9] #流出流量
    if not netcardstatus:
        fd.close()
        print("Please setup your netcard")
        sys.exit()
    fd.close()
    return (float(recv), float(send))
 
def net_loop():
    (recv, send) = get_net_data()
    checkfile(memfilename)
    lasttransdaraopen = open(memfilename,'r')
    lasttransdata = lasttransdaraopen.readline()
    lasttransdaraopen.close()
    totaltrans = int(lasttransdata) or 0
    while True:
        time.sleep(3)
        nowtime = time.strftime('%d %H:%M',time.localtime(time.time()))
        sec = time.localtime().tm_sec
        if nowtime == '01 00:00':
            if sec < 10:
                totaltrans = 0
        (new_recv, new_send) = get_net_data()
        recvdata = new_recv - recv
        recv = new_recv
        senddata = new_send - send
        send = new_send
        totaltrans += int(recvdata)
        totaltrans += int(senddata)
        memw = open(memfilename,'w')
        memw.write(str(totaltrans))
        memw.close()
        if totaltrans >= maxdata:
            os.system('rm -f /root/data.txt && init 0') #超出流量，删除记录并关机。
if __name__ == "__main__":
    net_loop()

保存为.py文件，cron设置定时任务监控流量。

时区同步

 apt-get install -y ntp
systemctl enable ntp
systemctl restart ntp

	echo root:mebime \|sudo chpasswd root
	sudo sed -i 's/^.PermitRootLogin./PermitRootLogin yes/g' /etc/ssh/sshd_config;
	sudo sed -i 's/^.PasswordAuthentication./PasswordAuthentication yes/g' /etc/ssh/sshd_config;
	sudo service sshd restart

	#!/usr/bin/python3
	#coding=utf-8
	import sys,re,time,os
	maxdata = 1099511627776 # 858993459200 #流量上限，单位是Byte
	memfilename = '/root/data.txt'
	netcard = '/proc/net/dev'
	def checkfile(filename):
	if os.path.isfile(filename):
	pass
	else:
	f = open(filename, 'w')
	f.write('0')
	f.close()
	def get_net_data():
	nc = netcard or '/proc/net/dev'
	fd = open(nc, "r")
	netcardstatus = False
	for line in fd.readlines():
	if line.find("eth0") > 0: #这里的网卡用的是ens3，请根据自己的网卡进行调整，可以通过cat /proc/net/dev查看
	netcardstatus = True
	field = line.split() #读取数据
	recv = field[0].split(":")[1]
	recv = recv or field[1] #流入流量
	send = field[9] #流出流量
	if not netcardstatus:
	fd.close()
	print("Please setup your netcard")
	sys.exit()
	fd.close()
	return (float(recv), float(send))

	def net_loop():
	(recv, send) = get_net_data()
	checkfile(memfilename)
	lasttransdaraopen = open(memfilename,'r')
	lasttransdata = lasttransdaraopen.readline()
	lasttransdaraopen.close()
	totaltrans = int(lasttransdata) or 0
	while True:
	time.sleep(3)
	nowtime = time.strftime('%d %H:%M',time.localtime(time.time()))
	sec = time.localtime().tm_sec
	if nowtime == '01 00:00':
	if sec < 10:
	totaltrans = 0
	(new_recv, new_send) = get_net_data()
	recvdata = new_recv - recv
	recv = new_recv
	senddata = new_send - send
	send = new_send
	totaltrans += int(recvdata)
	totaltrans += int(senddata)
	memw = open(memfilename,'w')
	memw.write(str(totaltrans))
	memw.close()
	if totaltrans >= maxdata:
	os.system('rm -f /root/data.txt && init 0') #超出流量，删除记录并关机。
	if __name__ == "__main__":
	net_loop()

	apt-get install -y ntp
	systemctl enable ntp
	systemctl restart ntp