一键cat命令完成vps所有优化

 一键cat命令完成vps所有优化,以修改端口为9999例,包括安装xanmod,bbr+fq,mosh等等所有优化,代码:


cat <<'EOF' | bash

set -e

echo "===== 检查系统 ====="


if ! grep -qi debian /etc/os-release; then


  echo "❌ 当前不是 Debian,停止执行"


  exit 1


fi


echo "===== 更新系统 ====="


apt update -y && apt upgrade -y


echo "===== 修改 SSH 端口 ====="


sed -i 's/#Port 22/Port 9999/g' /etc/ssh/sshd_config


sed -i 's/^Port 22/Port 9999/g' /etc/ssh/sshd_config


echo "===== SSH:密码 + 密钥登录 ====="


cat <<'EOF' | bash

set -e


echo "===== 检查系统 ====="

if ! grep -qi debian /etc/os-release; then

echo "❌ 当前不是 Debian,停止执行"

exit 1

fi


echo "===== 更新系统 ====="

apt update -y && apt upgrade -y


echo "===== 修改 SSH 端口 ====="

sed -i 's/#Port 22/Port 9999/g' /etc/ssh/sshd_config

sed -i 's/^Port 22/Port 9999/g' /etc/ssh/sshd_config


echo "===== SSH:密码 + 密钥登录 ====="

sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes/g' /etc/ssh/sshd_config

sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config

sed -i 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/g' /etc/ssh/sshd_config

sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config


echo "===== SSH 防掉线优化 ====="

grep -q "ClientAliveInterval" /etc/ssh/sshd_config || cat >> /etc/ssh/sshd_config <<EOL

ClientAliveInterval 60

ClientAliveCountMax 10

TCPKeepAlive yes

UseDNS no

GSSAPIAuthentication no

EOL

systemctl restart ssh

echo "===== 安装基础工具 ====="
apt install -y curl wget sudo vim htop mosh fail2ban gnupg ca-certificates

echo "===== 安装 xanmod 内核 ====="
wget -qO - https://dl.xanmod.org/gpg.key | gpg --dearmor -o /usr/share/keyrings/xanmod.gpg
echo 'deb [signed-by=/usr/share/keyrings/xanmod.gpg] http://deb.xanmod.org releases main' > /etc/apt/sources.list.d/xanmod-release.list

apt update
apt install -y linux-xanmod-lts || apt install -y linux-xanmod

echo "===== 启用 BBR ====="
grep -q "tcp_congestion_control=bbr" /etc/sysctl.conf || cat >> /etc/sysctl.conf <<EOL
net.core.default_qdisc=fq
net.ipv4.tcp_congestion_control=bbr
EOL

sysctl -p


echo "===== 尝试 BBR3(可能失败)====="

modprobe tcp_bbr 2>/dev/null || true


echo "===== 网络优化 ====="

grep -q "tcp_fastopen" /etc/sysctl.conf || cat >> /etc/sysctl.conf <<EOL

net.ipv4.tcp_fastopen=3

net.ipv4.tcp_mtu_probing=1

net.ipv4.tcp_syncookies=1

net.core.somaxconn=1024

net.ipv4.ip_forward=1

EOL


sysctl -p


echo "===== 配置 fail2ban ====="

cat > /etc/fail2ban/jail.local <<EOL

[sshd]

enabled = true

port = 9999

logpath = /var/log/auth.log

maxretry = 3

bantime = 3600

EOL


systemctl enable fail2ban

systemctl restart fail2ban


echo "===== 完成 ====="

echo "⚠️ 请执行 reboot 重启以启用 xanmod 内核"

echo "👉 SSH连接: ssh -p 9999 root@IP"

EOF


运行后重启vps生效。

Next Post Previous Post
No Comment
Add Comment
comment url