debian11 防坑指南

debian11 防坑指南

系统刚安装完成后必备操作

切换 root 帐号

su root

更换国内源

备份原系统源

cp /etc/apt/source.list /etc/apt/source.list.bak

编辑 source.list

vim /etc/apt/source.list

替换成以下内容

# 默认注释了源码镜像以提高 apt update 速度，如有需要可自行取消注释
deb https://mirrors.tuna.tsinghua.edu.cn/debian/ bullseye main contrib non-free
# deb-src https://mirrors.tuna.tsinghua.edu.cn/debian/ bullseye main contrib non-free
deb https://mirrors.tuna.tsinghua.edu.cn/debian/ bullseye-updates main contrib non-free
# deb-src https://mirrors.tuna.tsinghua.edu.cn/debian/ bullseye-updates main contrib non-free

deb https://mirrors.tuna.tsinghua.edu.cn/debian/ bullseye-backports main contrib non-free
# deb-src https://mirrors.tuna.tsinghua.edu.cn/debian/ bullseye-backports main contrib non-free

deb https://mirrors.tuna.tsinghua.edu.cn/debian-security bullseye-security main contrib non-free
# deb-src https://mirrors.tuna.tsinghua.edu.cn/debian-security bullseye-security main contrib non-free

如果遇到无法拉取 https 源的情况，请先使用 http 源并安装：

apt install apt-transport-https ca-certificates

---

更新系统

apt update && apt upgrade -y

开启远程登陆

安装 openssh 客户端和服务端

apt install openssh-client openssh-server

查看 sshd 服务状态

systemctl status sshd

启动 sshd

systemctl start sshd

开机启动 sshd

systemctl enable sshd

修改 /etc/ssh/sshd_config，prohibit-password 是设置是否允许 root 远程登陆

PermitRootLogin的默认值为 prohibit-password，将其修改为 yes

或者增加一行 PermitRootLogin yes

vim /etc/ssh/sshd_config

#PermitRootLogin prohibit-password
PermitRootLogin yes

重启 sshd 服务

systemctl restart sshd

完成后就可以 ssh 帐号密码登陆操作远程系统

ssh 密钥登陆

待续