發表文章

ntp.conf

 Installation and Configuration Steps Follow these steps to install, configure, and verify the NTP service on your Ubuntu 24.04 system. Install the NTP Service: Start by updating your package lists to ensure you have the latest version of the repositories. $ sudo apt update Then, install the NTP package using the following command: $ sudo apt install ntp This command installs the NTP service on your Ubuntu system, making it ready for configuration. Configure NTP Servers: Configuring your NTP servers is a critical step. Open the NTP configuration file in a text editor of your choice. Here, nano is used for simplicity. $ sudo nano /etc/ntp.conf In the configuration file, add or modify the server lines to specify your preferred NTP servers. For example: server 0.ubuntu.pool.ntp.org server 1.ubuntu.pool.ntp.org server 2.ubuntu.pool.ntp.org server 3.ubuntu.pool.ntp.org These servers are part of the Ubuntu pool, but you can choose other public NTP servers closer to your geographic location.

rsyslog

  vi /etc/rsyslog.d/50-default.conf 增加一行 auth,authpriv.*     (client ip) sudo systemctl restart rsyslog 可以下指令查看514是否有監聽中。 ss -tunelp | grep 514

在 Ubuntu server 22.04 設定 NTP server 校時

圖片
  在 Ubuntu server 22.04 設定 NTP server 校時 工程絲 · Follow Feb 16, 2023 使用 systemd-timesyncd,在 ubuntu server22.04 上指定特定的 NTP server 來自動校時 1. 安裝 systemd-timesyncd apt install systemd-timesyncd timedatectl set-ntp true sudo systemctl start systemd-timesyncd 2. 檢查安裝 systemctl status systemd-timesyncd 結果範例 ● systemd-timesyncd.service - Network Time Synchronization Loaded: loaded (/lib/systemd/system/systemd-timesyncd.service; enabled; vendor preset: enabled) Active: active (running) since Thu 2023-02-16 11:06:08 CST; 16min ago Docs: man:systemd-timesyncd.service(8) Main PID: 12832 (systemd-timesyn) Status: "Idle." Tasks: 2 ( limit : 19067) Memory: 1.2M CPU: 52ms CGroup: /system.slice/systemd-timesyncd.service └─12832 /lib/systemd/systemd-timesyncd 3. 設定:編輯 /etc/systemd/timesyncd.conf sudo vi /etc/systemd/timesyncd.conf 內容 [Time] NTP =ntp.server.you.want #FallbackNTP=ntp.ubuntu.com #RootDistanceMaxSec=5 #PollIntervalMinSec=3

firewalld

 aot install furewalld cd /tmp ./firewall-cmd systemctl enable firewalld 檢查 firewalld 服務狀態: systemctl status firewalld  啟動 firewalld 服務: systemctl start firewalld

HTTP 代理伺服器 for apt

  HTTP 代理伺服器 若要讓  apt  透過其他的 HTTP 代理伺服器下載資料,可以將  /etc/apt/apt.conf.d/12proxy  設定檔改為以下這樣的 HTTP 代理伺服器設定: Acquire :: http :: Proxy "http://your.proxy.com:3128" ; Acquire :: https :: Proxy "http://your.proxy.com:3128" ; Acquire :: ftp :: Proxy "http://your.proxy.com:3128" ;

螢幕太小(太大),TTY字體太小看不清楚的解法(UBUNTU Linux)

  螢幕太小(太大),TTY字體太小看不清楚的解法(UBUNTU Linux)   2021-10-03     Jir 我的老螢幕(CRT 17″)配新的電腦硬體和顯卡,安裝UBUNTU的時候,X桌面還可以設定解析度把畫面從1920X1080P LCD模式降到1024X768的VGA模式。 但是在文字登入TTY Console的畫面,除了字很小以外,字體也看得很不清楚。 找好多資料終於找到,趁記憶猶新趕快給自己筆記做紀錄。 指令: sudo dpkg-reconfigure console-setup 進去後,會提示修改想要的選項。 先選UTF-8之後, 第一個畫面,我是選擇最後一項系統自己判斷語言字型。 第二個畫面,我是選擇VGA。 第三個畫面,我是選擇最大字體。 接著確定後,等他更新一下系統,然後登入的TTY Console就會恢復成舒服的字體和尺寸了。 螢幕太大或是太小,造成文字字體太小看不清楚,可以嘗試這樣調整看看。 如果畫面沒更新成功,可以嘗試執行指令一次。 sudo setupcon 如果畫面還是不滿意,也能嘗試手動編輯 sudo nano /etc/default/console-setup 目前在LCD 48吋電視螢幕測試,覺得字體放大最舒服的設定是這樣: ACTIVE_CONSOLES="/dev/tty[1-6]" CHARMAP="UTF-8" CODESET="guess" FONTFACE="TerminusBold" FONTSIZE="16x32" ##Edited by JIR. SCREEN_WIDTH=1280 SCREEN_HEIGHT=1024 修改後,也再執行一次 sudo setupcon 或是 sudo dpkg-reconfigure console-setup 讓新的設定更新。 其他相關參考連結: 1. https://unix.stackexchange.com/questions/49779/can-i-change-the-font-of-the-text-mode-console 2. https://askubuntu.com/questions/173220/how-do-i-change-the-fon

Web Server Misconfiguration: HTTP Basic Authentication (HTTP Basic Logins Sent Over Unencrypted Connection)

Web Server Misconfiguration: HTTP Basic Authentication (HTTP Basic Logins Sent Over Unencrypted Connection) Web 服務器配置錯誤:HTTP 基本身份驗證(通過未加密連接發送的 HTTP 基本登錄)  Description: Any area of a web application that possibly contains sensitive information or access to privileged functionality such as remote site administration functionality should utilize SSL or another form of encryption to prevent login information from being sniffed or otherwise intercepted or stolen. ~FullURL~ has failed this policy.  Recommendations include ensuring that sensitive areas of your web application have proper encryption protocols in place to prevent login information and other data that could be helpful to an attacker from being intercepted. An attacker who exploited this design vulnerability would be able to utilize the information to escalate their method of attack, possibly leading to impersonation of a legitimate user, the theft of proprietary data, or execution of actions not intended by the application devel