Encryption method:
Symmetric encryption: Encrypt and decrypt using the same password
Public Key cryptography: each password appears in pairs, one for the private key (secret key) and one for the public key
One-way encryption, hash encryption: Extracting data signatures, often used for data integrity checks
1. Avalanche effect
2, fixed-length output
Md5:message digest,128 fixed-length output
Sha1:secure Hash algorithm,160 bit fixed length output
Useradd NAME
Groupadd GROUPNAME
User management:
Useradd,userdel,usermod,passwd,chsh,chfn,finger,id,chane
Group Management:
gourpadd,groupdel,groupmod,gpasswd
Rights Management:
Chown,chgrp,chmod,umask
useradd [Options] USERNAME
-U UID, uniqueness, ≥500
-G GID (Basic Group)
-G GID, ... (Attachment group, additional group) can have multiple attachment groups
-C "COMMENT"
-d/path/to/somedirectory, specify home directory
-s Specifies the shell path
-m-k Creating a home directory
-M does not create home directories for users
-K
/etc/login.defs
[Email protected] default]# useradd-c "Tony blare"-d/home/blare user4
[Email protected] default]# tail-1/etc/passwd
User4:x:1003:1003:tony Blare:/home/blare:/bin/bash
/etc/shells: Specifies the security shell that is available for the current system
Userdel:
Userdel [option] USERNAME the user's home directory is not deleted by default.
-R: Delete the user's home directory at the same time.
ID: View the user's account attribute information.
-U
-G
-G
-N
Finger: View user account information
Finger USERNAME
How to modify the account attribute information:
Usermod:
-U Modify UID
-G GID
-G GID Change the additional group, if there are additional groups, and then change the additional group, the preceding additional group is lost, if you do not want to lose, with option-a
-C Display annotation information
-D-M: Move the previous home directory to the new home directory
-S
-L: Change user login name
-L lock account, similar to disable
-U Unlock Account
CHSH: Changing the user shell
CHFN: Modifying annotation information
Password Management:
passwd [USERNAME] Modify user password
--stdin receives password information from other locations, for example: pipe information.
-L Lock Password
-U unlock Password
-D Delete account password
Pam:
PWCK: Checking the integrity of user accounts
Group Management:
Create Group: Groupadd
Groupadd
-g Specifies GID, if not specified, greater than 500, from the largest GID plus 1
-R Add a system user, System group usually does not have home directory, cannot log on system
Groupmod: Modifying groups
-G GID
-N GRPNAME
Groupdel: Deleting a group
GPASSWD: Add password to group, followed by group name
Newgrp GRPNAME <--> Exit
Chage: Change user password expiration information.
-D: Last modification time
-E: Expiration time
-I: Inactive time
-M: Minimum period of use
-M: Maximum lifespan
-W: Warning time
Rights Management:
There are three types of users per file
Three types of permissions
R: Readable
W: Writable
X: Executable
Three types of users:
U: Owner
G: Genus Group
O: Other users
Chown: Change file owner (only administrators can use this command)
#chown USERNAME file ....
-R: Modifies the owner of the directory and its internal files.
--reference=/path/to/somefile file
Chown username:grpname file .... If the username before the colon is removed, only the genus Group is changed, and the owner is not changed.
Chown USERNAME. GRPNAME file .... equals Username:grpname
CHGRP: Change file group, only administrator has permission
# chgrp GRPNAME file ....
-R
--reference=/path/to/somefile file
chmod: Modify File permissions
Modify permissions for three categories of users
chmod MODE file ..... Specify permissions, octal permissions
-R
--referrence=/path/to/somefile file ....
Modify permissions for a user or some class of user
U,g,o,a (All users)
chmod user category =mode file ....
[Email protected]/]# chmod U=RWX/TMP/ABC
Modify a bit or some bit permission for a certain type of user
chmod user category + permissions | File ....
chmod user Category-Permissions | File ...
Umask: Masking Code
666-umask
777-umask
The file cannot have execute permissions by default, and if the result has Execute permissions, add 1 to its permissions:
umask:023
File: 666-023=643 x
Catalog: 777-023=754
Don't want others to have permission to execute, umask027.
User's login:
User Shell login type, standing in the user's view:
1. Landing shell
A shell that is normally landed through a terminal
Su-username
Su-l USERNAME
2. Non-landing shell
Su USERNAME
The command window opened in the graphics terminal is also non-logged
Automatically executed shell scripts are also non-logged-in
Bash configuration file:
Two categories:
1. Full Distance configuration
/etc/profile,/etc/profile.d/*.sh,/ETC/BASHRC configuration files, which are configured for all users.
2. Personal configuration
~/.bash_profile, ~/.BASHRC
The smaller the scope, the more effective
File for Profile class:
Setting environment variables
Run a command or script to do some preparatory work before the user logs in.
Files of the BASHRC class
Setting Local Variables
Defining command aliases
Log-in Shell How to read a configuration file
/etc/profile--/etc/profile.d/*.sh--and ~/.bash_profile--~/.BASHRC--/ETC/BASHRC
How do I configure a file for a non-logged-in shell?
~/.BASHRC--/ETC/BASHRC-/etc/profile.d/*.sh
BASH: script interpreter
Environment variables
PATH
Histsize
SHELL
The group must implement the existence
Linux User and permissions detailed