AlmaLinux

20230108-AlmaLinux 9.1使用体验

2023-01-08  本文已影响0人  負笈在线

Alma Linux 9.1安装

镜像选择:Aliyun的almalinux镜像

参考URL:https://zhuanlan.zhihu.com/p/549307723

内存建议1G+

kernel版本为Linux kernel 5.14.0-162

查看kernel版本

# uname -a
Linux localhost.localdomain 5.14.0-162.6.1.el9_1.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Nov 15 07:49:10 EST 2022 x86_64 x86_64 x86_64 GNU/Linux

SSH版本为OpenSSH-8.7p1,默认禁用root登录

使用OpenSSH-8.7p1几点注意:

查看ssh版本

# ssh -V
OpenSSH_8.7p1, OpenSSL 3.0.1 14 Dec 2021

允许root用户ssh登录

# cp -p  /etc/ssh/sshd_config /etc/ssh/sshd_config.org
# vi /etc/ssh/sshd_config
增加如下三行配置
PermitRootLogin yes
PubkeyAuthentication yes
PasswordAuthentication yes
# diff   /etc/ssh/sshd_config /etc/ssh/sshd_config.org
41d40
< PermitRootLogin yes
46c45
< PubkeyAuthentication yes
---
> #PubkeyAuthentication yes
66c65
< PasswordAuthentication yes
---
> #PasswordAuthentication yes
重启sshd服务
# systemctl restart sshd
# systemctl status sshd

SSL版本为OpenSSL-3.0.1

查看ssl版本

# rpm -qa |grep openssl
openssl-pkcs11-0.4.11-7.el9.x86_64
openssl-libs-3.0.1-43.el9_0.x86_64
openssl-3.0.1-43.el9_0.x86_64

4.httpd版本为2.4.53

默认安装的httpd版本为2.4.53,对应的CVE安全漏洞修复和httpd官方2.4.54版本同步。

查看httpd版本
# httpd -v
Server version: Apache/2.4.53 (AlmaLinux)
Server built:   Jul 20 2022 00:00:00
查看完整更新履历
# yum changelog all httpd  

Changelogs for httpd-2.4.53-7.el9.x86_64

* Wed Jul 20 00:00:00 2022 Lubo拧 Uhliarik <luhliari@redhat.com> - 2.4.53-7

- Resolves: #2094997 - CVE-2022-26377 httpd: mod_proxy_ajp: Possible request
  smuggling
- Resolves: #2097032 - CVE-2022-28615 httpd: out-of-bounds read in 
  ap_strcmp_match()
- Resolves: #2098248 - CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped
  by hop-by-hop mechanism
- Resolves: #2097016 - CVE-2022-28614 httpd: out-of-bounds read via ap_rwrite()
- Resolves: #2097452 - CVE-2022-29404 httpd: mod_lua: DoS in r:parsebody
- Resolves: #2097459 - CVE-2022-30522 httpd: mod_sed: DoS vulnerability
- Resolves: #2097481 - CVE-2022-30556 httpd: mod_lua: Information disclosure
上一篇 下一篇

猜你喜欢

热点阅读