root 账号
初始化系统先设置 root 密码
切到 root 账户权限
时区调整
1
| sudo dpkg-reconfigure tzdata
|
切换语言到中文
这个根据喜好可以做也可以不做,个人比较喜欢中文提示,详见
https://www.lance.moe/archives/post-319/
实用小工具
NiceEdit:一个可视化的编辑器,不需要像 vim 等编辑器一样记忆繁杂的指令,简单易用,适合新手入门。
ncdu:一个磁盘占用情况分析工具,可以很方便找到占硬盘的大文件,防止服务器磁盘爆满导致无法正常运行的情况,建议安装好系统就安装这个工具。可以使用键盘的箭头键快速浏览列表,并通过d键删除占用太多空间的文件。
1
2
| sudo apt install ncdu
全盘扫描指令:ncdu /
|
SSH 配置
备份原始配置
1
| sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
|
编辑配置
1
| sudo vim /etc/ssh/sshd_config
|
修改如下几行
1
2
3
4
5
| Port 8022 # (22 端口默认被占用,此处更换为 8022 端口)
ListenAddress 0.0.0.0 # (监听端口0.0.0.0,解除注释,去掉前面的 #)
PermitRootLogin yes # (允许 root 登陆,修改为 yes)
#StrictModes yes # (严格模式,注释掉,在前面加上 #)
PasswordAuthentication yes # (允许使用密码登陆,原来是 no 改成 yes)
|
Tips:vim 的用法
键盘上点击「i」键后进入插入模式,可对文本进行编辑
编辑完毕后按「ESC」键退出插入模式
输入「:wq」保存并退出
启动 SSH
如果提示 sshd error: could not load host key 则需要重新生成 key
1
| sudo dpkg-reconfigure openssh-server
|
此时 SSH 已经启动,可以在 Xshell 等工具中尝试登陆了
更换源列表 & 更新软件包
备份源列表
1
| sudo cp /etc/apt/sources.list /etc/apt/sources.list.bak
|
编辑源列表
1
| sudo vim /etc/apt/sources.list
|
博主在日本,所以切换成在日本比较快的源,国内的朋友可以使用阿里云的源,具体列表可以到网上寻找
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
| #
# deb cdrom:[Ubuntu-Server 18.04 LTS _Bionic Beaver_ - Release amd64 (20180426)]/ bionic main restricted
# deb cdrom:[Ubuntu-Server 18.04 LTS _Bionic Beaver_ - Release amd64 (20180426)]/ bionic main restricted
# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb http://jp.archive.ubuntu.com/ubuntu/ focal main restricted
# deb-src http://jp.archive.ubuntu.com/ubuntu/ bionic main restricted
## Major bug fix updates produced after the final release of the
## distribution.
deb http://jp.archive.ubuntu.com/ubuntu/ focal-updates main restricted
# deb-src http://jp.archive.ubuntu.com/ubuntu/ bionic-updates main restricted
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
deb http://jp.archive.ubuntu.com/ubuntu/ focal universe
# deb-src http://jp.archive.ubuntu.com/ubuntu/ bionic universe
deb http://jp.archive.ubuntu.com/ubuntu/ focal-updates universe
# deb-src http://jp.archive.ubuntu.com/ubuntu/ bionic-updates universe
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb http://jp.archive.ubuntu.com/ubuntu/ focal multiverse
# deb-src http://jp.archive.ubuntu.com/ubuntu/ bionic multiverse
deb http://jp.archive.ubuntu.com/ubuntu/ focal-updates multiverse
# deb-src http://jp.archive.ubuntu.com/ubuntu/ bionic-updates multiverse
## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
deb http://jp.archive.ubuntu.com/ubuntu/ focal-backports main restricted universe multiverse
# deb-src http://jp.archive.ubuntu.com/ubuntu/ bionic-backports main restricted universe multiverse
## Uncomment the following two lines to add software from Canonical's
## 'partner' repository.
## This software is not part of Ubuntu, but is offered by Canonical and the
## respective vendors as a service to Ubuntu users.
# deb http://archive.canonical.com/ubuntu bionic partner
# deb-src http://archive.canonical.com/ubuntu bionic partner
deb http://security.ubuntu.com/ubuntu focal-security main restricted
# deb-src http://security.ubuntu.com/ubuntu bionic-security main restricted
deb http://security.ubuntu.com/ubuntu focal-security universe
# deb-src http://security.ubuntu.com/ubuntu bionic-security universe
deb http://security.ubuntu.com/ubuntu focal-security multiverse
# deb-src http://security.ubuntu.com/ubuntu bionic-security multiverse
# deb http://nginx.org/packages/mainline/ubuntu/ bionic nginx
# deb-src http://nginx.org/packages/mainline/ubuntu/ bionic nginx
|
更新源列表,使新源生效
更新所有软件包
删除已经失效的软件包
开启 BBR
Google 开源了其 TCP BBR 拥塞控制算法,并提交到了 Linux 内核,从 4.9 开始,Linux 内核已经用上了该算法。根据以往的传统,Google 总是先在自家的生产环境上线运用后,才会将代码开源,此次也不例外。 根据实地测试,在部署了最新版内核并开启了 TCP BBR 的机器上,网速甚至可以提升好几个数量级。
运行 lsmod | grep bbr,如果结果中没有tcp_bbr,则先运行:
Ubuntu 18.04 LTS 之后的新版系统可以直接开启 BBR:
1
2
3
| sudo bash -c 'echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf'
sudo bash -c 'echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf'
sudo sysctl -p
|
保存生效。运行:
1
2
| sysctl net.ipv4.tcp_available_congestion_control
sysctl net.ipv4.tcp_congestion_control
|
若均有 bbr ,则恭喜 BBR 已经开启。开启 BBR 后,网速有极大提升,我的树莓派从原来的 40Mbps 左右带宽增速到了 80Mbps,效果显著。