创建专门的deploy账户
adduser deploysh
# 查看是否有 docker 组
getent group docker
# 添加
usermod -aG docker deploy
# 测试
su - deploy
docker ps添加sudo
sh
# 如果没有就安装 apt install sudo
usermod -aG sudo deploy添加公钥 ssh
sh
mkdir -p /home/deploy/.ssh
vim /home/deploy/.ssh/authorized_keyscopy 公钥,如:ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMGHoCP/r4RhUppntCddCDARXFX0pdUVlFYlKMFMuccS
sh
chown -R deploy:deploy /home/deploy/.ssh
chmod 700 /home/deploy/.ssh
chmod 600 /home/deploy/.ssh/authorized_keys在本地验证一下,如:
ssh -o PasswordAuthentication=no my-cc关闭ssh密码登录
sh
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
sudo vim /etc/ssh/sshd_config修改配置
sh
# 公钥登录
PubkeyAuthentication yes
# 密码登录
PasswordAuthentication no
# root 登录
PermitRootLogin nosh
# 验证语法,空白表示没错
# sudo /usr/sbin/sshd -t
sudo sshd -t
sudo systemctl restart ssh
sudo systemctl status ssh