Question

我在frontendmaster上学习了前端工程师的全栈。

我使用的是Digital Ocean服务器。我通过设置PermitRootLogin no禁用了root访问权限，并将我的公钥添加到authorized_key文件中，以便我可以登录。

然后： sudo tail -f /var/log/auth.log

Oct  7 08:42:17 ubuntu-512mb-sgp1-01-fem-young sshd[16857]: Invalid user user from 74.208.145.162
Oct  7 08:42:17 ubuntu-512mb-sgp1-01-fem-young sshd[16857]: input_userauth_request: invalid user user [preauth]
Oct  7 08:42:17 ubuntu-512mb-sgp1-01-fem-young sshd[16857]: Connection closed by 74.208.145.162 port 58905 [preauth]
Oct  7 08:42:23 ubuntu-512mb-sgp1-01-fem-young sshd[16859]: Invalid user ubnt from 74.208.145.162
Oct  7 08:42:23 ubuntu-512mb-sgp1-01-fem-young sshd[16859]: input_userauth_request: invalid user ubnt [preauth]
Oct  7 08:42:23 ubuntu-512mb-sgp1-01-fem-young sshd[16859]: Connection closed by 74.208.145.162 port 59157 [preauth]
Oct  7 08:42:26 ubuntu-512mb-sgp1-01-fem-young sshd[16861]: Connection closed by 74.208.145.162 port 59446 [preauth]
Oct  7 08:42:31 ubuntu-512mb-sgp1-01-fem-young sshd[16863]: Invalid user admin from 74.208.145.162
Oct  7 08:42:31 ubuntu-512mb-sgp1-01-fem-young sshd[16863]: input_userauth_request: invalid user admin [preauth]
Oct  7 08:42:32 ubuntu-512mb-sgp1-01-fem-young sshd[16863]: Connection closed by 74.208.145.162 port 59670 [preauth]
Oct  7 08:42:33 ubuntu-512mb-sgp1-01-fem-young sshd[16865]: Invalid user support from 74.208.145.162
Oct  7 08:42:33 ubuntu-512mb-sgp1-01-fem-young sshd[16865]: input_userauth_request: invalid user support [preauth]
Oct  7 08:42:34 ubuntu-512mb-sgp1-01-fem-young sshd[16865]: Connection closed by 74.208.145.162 port 59872 [preauth]
Oct  7 08:42:39 ubuntu-512mb-sgp1-01-fem-young sshd[16867]: Invalid user admin from 74.208.145.162
Oct  7 08:42:39 ubuntu-512mb-sgp1-01-fem-young sshd[16867]: input_userauth_request: invalid user admin [preauth]
Oct  7 08:42:40 ubuntu-512mb-sgp1-01-fem-young sshd[16867]: Connection closed by 74.208.145.162 port 59944 [preauth]

这是否意味着我被黑了？如果是这样，我该怎样做才能保护自己？

Answer 1

sudo命令让最终用户像root用户一样行事。

要禁用sudo访问权限，您需要修改/etc/sudoers文件。

实施例在sudoers文件中输入后，让测试用户执行任何命令，就像来自任何终端的任何用户一样。

test ALL=(ALL) ALL

禁用测试用户的sudo，您可以在/etc/sudoers上方的条目上发表评论。

`sudo tail -f /var/log/auth.log`是什么意思？

1 个答案: