document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-02-03 23:40:14 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'LCTT/master'

Browse Source
This commit is contained in:
Xingyu Wang 2020-03-26 09:15:39 +08:00
commit 2f477f83dd
6 changed files with 180 additions and 181 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
translated/tech/20200316 Connect your Google Drive to Fedora Workstation.md → published/20200316 Connect your Google Drive to Fedora Workstation.md
View File

@ -1,22 +1,22 @@
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-12037-1.html)
[#]: subject: (Connect your Google Drive to Fedora Workstation)
[#]: via: (https://fedoramagazine.org/connect-your-google-drive-to-fedora-workstation/)
[#]: author: (Paul W. Frields https://fedoramagazine.org/author/pfrields/)
将你的 Google Drive 连接到 Fedora Workstation
将你的 Google Drive 连接到 Fedora 工作站
======
![][1]
有大量的云服务可用于存储重要文档。Google Drive 无疑是最受欢迎的之一。它提供了一组相应的应用程序,例如文档,表格和幻灯片来创建内容。但是,你也可以在 Google Drive 中存储任意内容。本文向你展示如何将其连接到 [Fedora Workstation][2]。
有大量的云服务可用于存储重要文档。Google Drive 无疑是最受欢迎的之一。它提供了一组相应的应用程序,例如文档,表格和幻灯片来创建内容。但是,你也可以在 Google Drive 中存储任意内容。本文向你展示如何将其连接到 [Fedora 工作站][2]。
### 添加帐户
Fedora Workstation 可在安装后首次启动或者之后的任何时候添加一个帐户。要在首次启动期间添加帐户,请按照提示进行操作。其中包括选择添加一个帐户:
Fedora 工作站可在安装后首次启动或者之后的任何时候添加一个帐户。要在首次启动期间添加帐户,请按照提示进行操作。其中包括选择添加一个帐户:
![][3]
@ -24,29 +24,25 @@ Fedora Workstation 可在安装后首次启动或者之后的任何时候添加
![][4]
请注意,此信息仅传输给 Google而不传输给 GNOME 项目。下一个页面要求你授予访问权限,这是必需的,以便系统桌面可以与 Google 进行交互。向下滚动查看访问请求,然后选择 _Allow_ 继续。
请注意,此信息仅传输给 Google而不传输给 GNOME 项目。下一个页面要求你授予访问权限,这是必需的,以便系统桌面可以与 Google 进行交互。向下滚动查看访问请求,然后选择“允许”继续。
你会在移动设备和 Gmail 中收到有关新设备(系统)访问 Google 帐户的通知。这是正常现象。
![][5]
如果你在初次启动时没有执行此操作,或者需要重新添加帐户,请打开 _Settings_,然后选择 _Online Accounts_ 来添加帐户。可以通过顶部栏右侧的下拉菜单(“齿轮”图标)或打开“概览”并输入 _settings_ 来使用它。接着和上面一样。
如果你在初次启动时没有执行此操作,或者需要重新添加帐户,请打开“设置”,然后选择“在线账户”来添加帐户。可以通过顶部栏右侧的下拉菜单(“齿轮”图标)或打开“概览”并输入“settings”来使用它。接着和上面一样。
### 在 Google Drive 中使用“文件”应用
打开_文件_ 应用(以前称为 _nautilus_)。“文件”应用可以通过左侧栏访问。在列表中找到你的 Google 帐户。
打开“文件”应用(以前称为 “nautilus”)。“文件”应用可以通过左侧栏访问。在列表中找到你的 Google 帐户。
当你选择帐户后,“文件”应用会显示你的 Google Drive 的内容。你可以使用 Fedora Workstation 的本地应用打开某些文件,例如声音文件或 [LibreOffice][6] 兼容文件(包括 Microsoft Office 文档)。其他文件(例如 Google 文档、表格和幻灯片等 Google 应用文件)将使用浏览器和相应的应用打开。
当你选择帐户后,“文件”应用会显示你的 Google Drive 的内容。你可以使用 Fedora 工作站的本地应用打开某些文件,例如声音文件或 [LibreOffice][6] 兼容文件(包括 Microsoft Office 文档)。其他文件(例如 Google 文档、表格和幻灯片等 Google 应用文件)将使用浏览器和相应的应用打开。
请记住,如果文件很大,将需要一些时间才能通过网络接收文件,你才可以打开它。
你还可以复制粘贴 Google Drive 中的文件到连接到 Fedora Workstation 的其他存储,或者反之。你还可以使用内置功能来重命名文件、创建文件夹并组织它们。对于共享和其他高级选项,请和平常一样在浏览器中使用 Google Drive。
你还可以复制粘贴 Google Drive 中的文件到连接到 Fedora 工作站的其他存储,或者反之。你还可以使用内置功能来重命名文件、创建文件夹并组织它们。对于共享和其他高级选项,请和平常一样在浏览器中使用 Google Drive。
请注意,“文件”应用程序不会实时刷新内容。如果你从其他连接 Google 的设备(例如手机或平板电脑)添加或删除文件,那么可能需要按 **Ctrl+R** 刷新“文件”应用。
* * *
_照片由 [Beatriz Pérez Moya][7] 发表在 [Unsplash][8] 中。_
请注意,“文件”应用程序不会实时刷新内容。如果你从其他连接 Google 的设备(例如手机或平板电脑)添加或删除文件,那么可能需要按 `Ctrl+R` 刷新“文件”应用。
--------------------------------------------------------------------------------
@ -55,7 +51,7 @@ via: https://fedoramagazine.org/connect-your-google-drive-to-fedora-workstation/
作者:[Paul W. Frields][a]
选题:[lujun9972][b]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

46
translated/tech/20200319 Manually rotating log files on Linux.md → published/20200319 Manually rotating log files on Linux.md
View File

@ -1,8 +1,8 @@
[#]: collector: (lujun9972)
[#]: translator: (HankChow)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-12038-1.html)
[#]: subject: (Manually rotating log files on Linux)
[#]: via: (https://www.networkworld.com/article/3531969/manually-rotating-log-files-on-linux.html)
[#]: author: (Sandra Henry-Stocker https://www.networkworld.com/author/Sandra-Henry_Stocker/)
@ -10,29 +10,25 @@
在 Linux 系统中手动滚动日志
======
[deovolenti][1] [(CC BY 2.0)][2]
![](https://img.linux.net.cn/data/attachment/album/202003/25/223932xqibwq5fafx5ao3f.jpg)
<ruby>日志滚动<rt>log rotation</rt></ruby>在 Linux 系统上是常见不过的一个功能了,它为系统监控和故障排查保留必要的日志内容,同时又防止过多日志堆积在单个日志文件当中
<ruby>日志滚动<rt>log rotation</rt></ruby>在 Linux 系统上是常见不过的一个功能了,它为系统监控和故障排查保留必要的日志内容,同时又防止过多的日志造成单个日志文件太大
日志滚动的过程是这样的:在一组日志文件之中,编号最大的一个日志文件会被删除,其余的日志文件编号则依次增大并取代较旧的日志文件。这一个过程很容易就可以实现自动化,在细节上还能按需作出微调。
[[Get regularly scheduled insights by signing up for Network World newsletters.]][3]
日志滚动的过程是这样的:在一组日志文件之中,编号最大的(最旧的)一个日志文件会被删除,其余的日志文件编号则依次增大并取代较旧的日志文件,而较新的文件则取代它作为当前的日志文件。这一个过程很容易就可以实现自动化,在细节上还能按需作出微调。
使用 `logrotate` 命令可以手动执行日志滚动的操作。本文将要介绍的就是手动进行日志滚动的方法,以及预期产生的结果。
文中出现的示例适用于 Ubuntu 等 Linux 系统,对于其它类型的系统,日志文件和配置文件可能会有所不同,但日志滚动的过程是大同小异的。
### 为什么需要日志滚动
### 为什么需要滚动日志
一般情况下Linux 系统会每隔一天(或间隔更长的时间)就自动进行一次日志滚动,因此需要手动执行日志滚动的场景并不多,除非有些日志的体积确实比较大。如果你需要释放存储空间,又或者将某一部分日志文件从活动的日志中分割出来,得当的日志滚动就是很方便的解决方法
一般情况下,无需手动旋转日志文件。Linux 系统会每隔一天(或间隔更长的时间)或根据日志文件的大小自动进行一次日志滚动。如果你需要滚动日志以释放存储空间,又或者将某一部分日志从当前的活动中分割出来,这很容易做到,具体要取决于文件滚动规则
### 一点背景介绍
在 Linux 系统安装完成后就已经有很多日志文件被纳入到日志滚动的范围内了另外,一些应用程序在安装时也会为自己产生的日志文件设置滚动规则。一般来说,日志滚动的配置文件会放置在 `/etc/logrotate.d`。如果你想了解日志滚动的详细实现,可以参考[这篇以前的文章][4]。
在 Linux 系统安装完成后就已经有很多日志文件被纳入到日志滚动的范围内了另外,一些应用程序在安装时也会为自己产生的日志文件设置滚动规则。一般来说,日志滚动的配置文件会放置在 `/etc/logrotate.d`。如果你想了解日志滚动的详细实现,可以参考[这篇以前的文章][4]。
在日志滚动的过程中,活动日志会以一个新名称命名,例如 `log.1`,之前被命名为 `log.1` 的文件则会被重命名为 `log.2`,以此类推。在这一组文件中,最旧的日志文件(假如名为 `log.7`)会从系统中删除。日志滚动时文件的命名方式、保留日志文件的数量等参数是由 `/etc/logrotate.d` 目录中的配置文件决定的,因此你可能会看到有些日志文件只有少数几次滚动,而有些日志文件的滚动次数远大于 7 次。
[][5]
在日志滚动的过程中,活动日志会以一个新名称命名,例如 `log.1`,之前被命名为 `log.1` 的文件则会被重命名为 `log.2`,依此类推。在这一组文件中,最旧的日志文件(假如名为 `log.7`)会从系统中删除。日志滚动时文件的命名方式、保留日志文件的数量等参数是由 `/etc/logrotate.d` 目录中的配置文件决定的,因此你可能会看到有些日志文件只保留少数几次滚动,而有些日志文件的滚动次数会到 7 次或更多。
例如 `syslog` 在经过日志滚动之后可能会如下所示(注意,行尾的注释部分只是说明滚动过程是如何对文件名产生影响的):
@ -48,7 +44,7 @@ $ ls -l /var/log/syslog*
-rw-r----- 1 syslog adm 211074 Mar 4 00:00 /var/log/syslog.7.gz <== 之前的 syslog.6.gz
```
你可能会发现,除了活动日志和最新一次滚动的日志文件之外,其余的文件都已经被压缩以节省存储空间。这样设计的原因是大部分系统管理员都只需要查阅最新的日志文件,其余的日志文件压缩起来,需要的时候可以解压查阅,这是一个很好的折中方案。
你可能会发现,除了当前活动日志和最新一次滚动的日志文件之外,其余的文件都已经被压缩以节省存储空间。这样设计的原因是大部分系统管理员都只需要查阅最新的日志文件,其余的日志文件压缩起来,需要的时候可以解压查阅,这是一个很好的折中方案。
### 手动日志滚动
@ -58,7 +54,18 @@ $ ls -l /var/log/syslog*
$ sudo logrotate -f /etc/logrotate.d/rsyslog
```
值得一提的是,`logrotate` 命令使用 `/etc/logrotate.d/rsyslog` 这个配置文件,并通过了 `-f` 参数实行“强制滚动”。因此,整个过程将会是:删除 `syslog.7.gz`,将原来的 `syslog.6.gz` 命名为 `syslog.7.gz`,将原来的 `syslog.5.gz` 命名为 `syslog.6.gz`,将原来的 `syslog.4.gz` 命名为 `syslog.5.gz`,将原来的 `syslog.3.gz` 命名为 `syslog.4.gz`,将原来的 `syslog.2.gz` 命名为 `syslog.3.gz`,将原来的 `syslog.1.gz` 命名为 `syslog.2.gz`,但新的 `syslog` 文件不一定会创建。你可以按照下面的几条命令执行操作,以确保文件的属主和权限正确:
值得一提的是,`logrotate` 命令使用 `/etc/logrotate.d/rsyslog` 这个配置文件,并通过了 `-f` 参数实行“强制滚动”。因此,整个过程将会是:
- 删除 `syslog.7.gz`
- 将原来的 `syslog.6.gz` 命名为 `syslog.7.gz`
- 将原来的 `syslog.5.gz` 命名为 `syslog.6.gz`
- 将原来的 `syslog.4.gz` 命名为 `syslog.5.gz`
- 将原来的 `syslog.3.gz` 命名为 `syslog.4.gz`
- 将原来的 `syslog.2.gz` 命名为 `syslog.3.gz`
- 将原来的 `syslog.1.gz` 命名为 `syslog.2.gz`
- 但新的 `syslog` 文件不一定必须创建。
你可以按照下面的几条命令执行操作,以确保文件的属主和权限正确:
```
$ sudo touch /var/log/syslog
@ -90,7 +97,7 @@ endscript
}
```
下面是用户登录日志文件 `wtmp` 手动日志滚动的示例。由于 `/etc/logrotate.d/wtmp` 中有 `rotate 2` 的配置,因此系统中只保留了两份 `wtmp` 日志文件。
下面是手动滚动记录用户登录信息的 `wtmp` 日志的示例。由于 `/etc/logrotate.d/wtmp` 中有 `rotate 2` 的配置,因此系统中只保留了两份 `wtmp` 日志文件。
滚动前:
@ -122,9 +129,6 @@ $ grep wtmp /var/lib/logrotate/status
"/var/log/wtmp" 2020-3-12-11:52:57
```
欢迎加入 [Facebook][6] 和 [LinkedIn][7] 上的 Network World 社区参与话题评论。
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3531969/manually-rotating-log-files-on-linux.html
@ -132,7 +136,7 @@ via: https://www.networkworld.com/article/3531969/manually-rotating-log-files-on
作者:[Sandra Henry-Stocker][a]
选题:[lujun9972][b]
译者:[HankChow](https://github.com/HankChow)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

117
sources/talk/20200317 Coronavirus challenges remote networking.md
View File

@ -1,117 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (HankChow)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Coronavirus challenges remote networking)
[#]: via: (https://www.networkworld.com/article/3532440/coronavirus-challenges-remote-networking.html)
[#]: author: (Michael Cooney https://www.networkworld.com/author/Michael-Cooney/)
Coronavirus challenges remote networking
======
COVID-19 sends IBM, Google, Amazon, AT&T, Cisco, Apple and others scrambling to securely support an enormous rise in teleworkers, and puts stress on remote-access networks.
Thinkstock
As the coronavirus spreads, many companies are requiring employees to work from home, putting unanticipated stress on remote networking technologies and causing bandwidth and security concerns.
Businesses have facilitated brisk growth of teleworkers over the past decades to an estimated 4 million-plus. The meteoric rise in new remote users expected to come online as a result of the novel coronavirus calls for stepped-up capacity.
Research by VPN vendor [Atlas][1] shows that VPN usage in the U.S. grew by 53% between March 9 and 15, and it could grow faster. VPN usage in Italy, where the virus outbreak is about two weeks ahead of the U.S., increased by 112% during the last week. "We estimate that VPN usage in the U.S. could increase over 150% by the end of the month," said Rachel Welch, chief operating officer of Atlas VPN, in a statement.
Businesses are trying to get a handle on how much capacity they'll need by running one-day tests. For example, JPMorgan Chase, Morningstar and analytics startup Arity have tested or plan to test their systems by having employees work from home for a day, according to the [Chicago Tribune][2].
On the government side, agencies such as [National Oceanic and Atmospheric Administration][3] and NASA have or will run remote networking stress tests to understand their remote networking capacity and what the impact will be if they add thousands of new teleworkers. About [2 million people][4] work for the government in the U.S.
To help stave off congestion in cellular data networks, the [Federal Communications Commission][5] has granted T-Mobile temporary access to spectrum in the 600MHz band that's owned by other licensees. T-Mobile said it requested the spectrum "to make it easier for Americans to participate in telehealth, distance learning, and telework, and simply remain connected while practicing recommended 'social distancing'."
Last-mile internet access may become congested in areas that rely on wireless connectivity, some industry players warn.
[][6]
"Bottlenecks are likely going to exist in hard-to-reach areas, such as rural locations, where internet access relies on microwave or wireless infrastructure," said Alex Cruz Farmer, product manager for network intelligence company ThousandEyes, which makes software that analyzes the performance of local and wide area networks. "The challenge here is that the available bandwidth is usually much less via these solutions, as well as more latent."
"We have seen a very small number of platform-related issues or outages due to increased loads, although those have since been resolved," added ThousandEyes' Farmer.
For its part, AT&amp;T said it has noticed shifts in usage on its wireless network, but capacity has not been taxed.
"In cities where the coronavirus has had the biggest impact, we are seeing fewer spikes in wireless usage around particular cell towers or particular times of day, because more people are working from home rather than commuting to work, and fewer people are gathering in large crowds at specific locations," [AT&amp;T said in a statement][7]. "We continuously monitor bandwidth usage with tools that analyze and correlate network statistics, which reveal network trends and provide us with performance and capacity reports that help us manage our network."
Verizon says it hasn't seen a measurable increase in data usage since the coronavirus outbreak, despite a jump in the number of customers working from home. "Verizons networks are designed and built to meet future demand and are ready should demand increase or usage patterns change significantly. While this is an unprecedented situation, we know things are changing, and we are ready to adjust network resources as we better understand any shifts in demand," the company said in a statement.
Verizon has been monitoring network usage in the most affected areas and pledged to work with and prioritize network resources to meet the needs of hospitals, first responders and government agencies. It also announced plans to increase capital spending from between $17 billion and $18 billion to between $17.5 billion to $18.5 billion in 2020 in an effort to "accelerate Verizon's transition to 5G and help support the economy during this period of disruption."
### Enterprise VPN security concerns
For enterprises, supporting the myriad network and security technologies that sit between data centers and remote users is no small task, particularly since remote-access VPNs, for example, typically rely on residential internet-access services over which businesses have little control. But IT pros should try to verify that these connections meet enterprise standards, according Tom Nolle, president of CIMI Corp. (Read more of Nolle's thoughts on working at home [here][8].)
"The home broadband elements, like the ISP and DNS and Wi-Fi, should really be part of a business certification of suitable networking for home work," Nolle said. "I find that DNS services like Google's are less prone to being overloaded than ISPs' services, which suggests users should be required to adopt one of them. OpenDNS is also good."
The security of home Wi-Fi networks is also an issue, Nolle said. IT pros should require workers to submit screenshots of their Wi-Fi configurations in order to validate the encryption being used. "Home workers often bypass a lot of the security built into enterprise locations," he said. 
Education of new home workers is also important, said Andrew Wertkin, chief strategy officer with DNS software company BlueCat. "There will be remote workers who have not substantially worked from home before, and may or may not understand the implications to security," Wertkin said. "This is especially problematic if the users are accessing the network via personal home devices versus corporate devices."
An unexpected increase in remote corporate users using a [VPN][9] can also introduce cost challenges.
"VPN appliances are expensive, and moving to virtualized environments in the cloud often can turn out to be expensive when you take into account compute cost and per-seat cost," Farmer said. A significant increase in per-seat VPN licenses have likely not been budgeted for.
On the capacity side, systems such as DHCP, which doles out IP addresses, could come under stress with increased remote-access use. "It doesn't matter if there are enough licenses for VPN if the devices connecting cannot obtain network addresses," Wertkin said. "Companies must test for and understand choke points and start implementing strategies to mitigate these risks."
Along those lines, enterprises "may have to validate the number of SSL sockets their data centers can expose for use, or they could end up running out," Nolle said.
Paul Collinge, a senior program manager in the Microsoft Office 365 product team, raised similar concerns. Network elements such as VPN concentrators, central network egress equipment such as proxies, DLP, central internet bandwidth, backhaul MPLS circuits, and NAT capability are put under enormous strain when all employees are using them, Collinge wrote in a [blog][10] about optimizing Office 365 traffic for remote staff. The result is poor performance and productivity coupled with a poor user experience for those working from home.
ThousandEyes' Farmer said enterprises might have to increase the number of VPN concentrators on their networks. "This way, remote-user connectivity is distributed across multiple VPN endpoints and not concentrated," he said. If that's not an option, businesses may have to open firewall ports to allow access to essential applications, which would enable them to scale up, but could also weaken security temporarily.
### Can VPN split tunneling help?
Industry players are divided on the use of split tunnerling to minimize coronavirus capacity concerns.
VPNs can be set up to allow split tunneling, where only traffic intended for the corporate network tunnels through the VPN, BlueCat's Wertkin said. The rest of the traffic goes directly to the internet at large, meaning it isn't subject to the security controls imposed by the tunnel and by tools within the corporate network, which is a security concern. This could lead to remote users' computers being compromised by internet-borne attacks, which could in turn put corporate data and networks at risk.
Despite this, Microsoftlast week recommended split tunneling as a way for IT admins to address its Office 365 service becoming congested due to an influx of remote users. In [the advisory][10], Microsoft offers a list of URLs and IP addresses for its points of access and describes how IT can use that information to route traffic directly to Office 365.
The VPN client should be configured so that traffic to identified URLs/IPs/ports is routed in this way, according to Collinge. "This allows us to deliver extremely high performance levels to users wherever they are in the world.”
ThousandEyes' Farmer said increased use of remote access VPNs might call for a review of network security in general. "[For] enterprises that are still using a legacy network security architecture, it may be time to consider cloud-based security options, which could improve performance for remote workers and diminish the overall use of the enterprises WAN circuits."
Other related developments:
* The [FCC][11] called on broadband providers to relax their data cap policies in appropriate circumstances, on telephone carriers to waive long-distance and overage fees in appropriate circumstances, on those that serve schools and libraries to work with them on remote learning opportunities, and on all network operators to prioritize the connectivity needs of hospitals and healthcare providers. AT&amp;T and others have responded.
* [U.S. Senator Mark R. Warner (D-VA)][12] and 17 other senators sent a letter to the CEOs of eight major ISPs calling on the companies to take steps to accommodate the unprecedented reliance on telepresence services, including telework, online education, telehealth, and remote support services. In the letter, sent to the CEOs of AT&amp;T, CenturyLink, Charter Communications, Comcast, Cox Communications, Sprint, T-Mobile, and Verizon, the senators call on companies to suspend restrictions and fees that could limit telepresence options. Related to the nation's broadband gaps, they also call on the companies to provide free or at-cost broadband options for students affected by the virus who otherwise lack broadband access for online learning during the outbreak.
* Vendors including [Cisco][13], Microsoft, [Google][14], [LogMeIn][15], [Spectrum][16] and others are offering free tools to help customers manage security and communications during the outbreak.
Join the Network World communities on [Facebook][17] and [LinkedIn][18] to comment on topics that are top of mind.
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3532440/coronavirus-challenges-remote-networking.html
作者:[Michael Cooney][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Michael-Cooney/
[b]: https://github.com/lujun9972
[1]: https://atlasvpn.com/blog/vpn-usage-in-italy-rockets-by-112-and-53-in-the-us-amidst-coronavirus-outbreak/
[2]: https://www.chicagotribune.com/coronavirus/ct-coronavirus-work-from-home-20200312-bscm4ifjvne7dlugjn34sksrz4-story.html
[3]: https://federalnewsnetwork.com/workforce/2020/03/agencies-ramp-up-coronavirus-preparations-as-noaa-plans-large-scale-telework-test/
[4]: https://fas.org/sgp/crs/misc/R43590.pdf
[5]: https://www.fcc.gov/coronavirus
[6]: https://www.networkworld.com/blog/itaas-and-the-corporate-storage-technology/?utm_source=IDG&utm_medium=promotions&utm_campaign=HPE22140&utm_content=sidebar (ITAAS and Corporate Storage Strategy)
[7]: https://about.att.com/pages/COVID-19.html
[8]: https://blog.cimicorp.com/?p=4055
[9]: https://www.networkworld.com/article/3268744/understanding-virtual-private-networks-and-why-vpns-are-important-to-sd-wan.html
[10]: https://techcommunity.microsoft.com/t5/office-365-blog/how-to-quickly-optimize-office-365-traffic-for-remote-staff-amp/ba-p/1214571
[11]: https://www.fcc.gov/document/commissioner-starks-statement-fccs-response-covid-19
[12]: https://www.warner.senate.gov/public/_cache/files/2/3/239084db-83bd-4641-bf59-371cb829937a/A99E41ACD1BA92FB37BDE54E14A97BFA.letter-to-isps-on-covid-19-final-v2.-signed.pdf
[13]: https://blogs.cisco.com/collaboration/cisco-announces-work-from-home-webex-contact-center-quick-deployment
[14]: https://cloud.google.com/blog/products/g-suite/helping-businesses-and-schools-stay-connected-in-response-to-coronavirus
[15]: https://www.gotomeeting.com/work-remote?clickid=RFlSQF3DBxyOTSr0MKVSfWfHUknShrScK0%3AhTY0&irgwc=1&cid=g2m_noam_ir_aff_cm_pl_ct
[16]: https://www.multichannel.com/news/charter-opening-wi-fi-hotspots-in-face-of-covid-19
[17]: https://www.facebook.com/NetworkWorld/
[18]: https://www.linkedin.com/company/network-world

2
sources/tech/20200323 Don-t love diff- Use Meld instead.md
View File

@ -1,5 +1,5 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )

115
translated/talk/20200317 Coronavirus challenges remote networking.md Normal file
View File

@ -0,0 +1,115 @@
[#]: collector: (lujun9972)
[#]: translator: (HankChow)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Coronavirus challenges remote networking)
[#]: via: (https://www.networkworld.com/article/3532440/coronavirus-challenges-remote-networking.html)
[#]: author: (Michael Cooney https://www.networkworld.com/author/Michael-Cooney/)
新型冠状病毒对远程网络的影响
======
由于 COVID-19 的肆虐IBM、谷歌、亚马逊、AT&T、思科、苹果等公司都陆续为远程办公提供了技术上的支持这为远程网络带来了不少的压力。
在新型冠状病毒广泛传播的大环境下,很多公司都要求员工留在家中远程办公,远程网络技术因此承受了更大的压力,一些带宽和安全方面的问题爷接踵而至。
在过去的几十年当中,由于各种企业的蓬勃发展,远程办公的人数增加了 400 多万。而当前疫情流行的背景下,远程办公的需求激增,有望达到一个新的高峰。
VPN 提供商 [Atlas][1] 的一份研究表明,在今年 3 月 9 日到 3 月 15 日之间,美国的 VPN 使用量增加了 53%,并且还会继续提高。而在意大利这个疫情爆发比美国早两周的国家,过去一周内的 VPN 使用量甚至增加了 112%。Atlas VPN 的首席执行官 Rachel Welch 在一份声明中称,美国的 VPN 使用量在 3 月底预估会达到 150% 的增幅。
部分企业正在尝试通过<ruby>一日测试<rt>one-day test</rt></ruby>来评估远程办公的可行性。据《[芝加哥论坛报][2]》的报道,摩根大通、晨星以及一家数据分析方面的初创公司 Arity 已经通过让员工在家办公一天来测试整个办公系统的稳定性。
在政府方面,[美国国家海洋与大气管理局][3]和 NASA 都已经进行或计划进行网络方面的压力测试,评估是否有足够的网络容量足以让上千名工作人员远程办公,以及远程办公可能造成的影响。而放眼整个美国,供职于美国政府部门的员工数量在 [200 万][4]左右。
为了避免蜂窝网络发生拥堵,美国[联邦通信委员会][5]临时授权允许 T-mobile 访问已分配给其它运营商的 600MHz 频段T-mobile 表示“将使用这个频段让美国人更方便地享受远程医疗、参与远程工作和学习,同时在保持‘物理距离’的情况下保持联系”。
但也有一些业内人士指出,在一些对蜂窝网络有较强依赖的的场景下,“最后一英里”的网络访问会变得非常拥堵。
[][6]
网络情报公司 ThousandEyes 的主要产品是局域网和广域网性能分析的软件,该公司的产品经理 Alex Cruz Farmer 表示,网络瓶颈在于一些较为偏远的农村地区,因为那些地区的网络基础设施较为薄弱,主要通过微波或蜂窝网络来访问互联网。最大的挑战在于现有的解决方案所能提供的带宽远远不足。
Alex Cruz Farmer 还补充道,尽管持续时间不长,但现在的确已经出现一些由于运营商问题或网络负载增加导致的故障现象。
AT&T 表示目前已经留意到蜂窝网络使用量的变化,但网络容量并没有作出提高。
[AT&T 在一份声明中称][7],在病毒传播最严重的城市中,由于越来越多的人留在了家中远程办公,减少了通勤和人群聚集,很多特定位置和特定时段的蜂窝网络使用量峰值都明显降低了。他们还使用了一些工具对网络带宽进行了统计和监控,通过这些工具,他们可以更直观地了解网络使用情况的趋势,同时获取网络性能和网络容量方面的报告,进而管理整个通信网络。
Verison 表示自从新型冠状病毒疫情爆发以来尽管在家办公的用户数量大增但使用的数据量并没有明显的上升。他们在一份声明中称“Verison 的网络是为满足未来的需求设计建造的,面对各种需求量的增加或使用方式的改变,我们都有充分的准备。虽然这是一次前所未有的社会事件,整个局面也在不断发生改变,但随着不断了解实际需求的变化情况,我们随时可以对网络资源作出调整”。
Verison 一直在关注受影响最严重的地区的网络使用情况并承诺将会与医院、医护人员、政府机构合作制定网络资源使用的优先级以满足他们的需求。Verison 还宣布计划在 2020 年将支出在 170 亿至 180 亿美元的基础上再提高 5 亿美元,以实现“加快 Verison 向 5G 过渡并在困难时期帮助支撑经济”的目标。
### 企业 VPN 安全问题
对于企业来说,数据中心与远程用户之间的网络和安全问题解决起来绝非易事,尤其是使用 VPN 进行远程访问时来自用户所在住宅网络的访问几乎无法由企业控制。CIMI 公司总裁 Tom Nolle 认为IT 部门有必要验证这些连接是否符合企业的标准(关于 Tom Nolle 更多关于在家办公的看法,可以查阅[这里][8])。
Tom Nolle 认为像 ISP、DNS 和 Wi-Fi 这些常见的家用网络要素都应该作为适合远程办公网络业务认证的一部分。他发现 Google 的 DNS 服务比 ISP 提供的服务更能承受压力OpenDNS 也是一个很好的选择,这说明用户可以考虑使用其中一种。
Tom Nolle 还说,家庭 Wi-Fi 网络的安全性也是一个问题IT 部门应该要求远程办公的员工提交 Wi-Fi 配置的屏幕截图,以保证使用了正确的加密方式。之所以有这样的想法,是因为他觉得很多远程办公的员工都会绕过企业预设的一些安全措施。
DNS 软件公司 BlueCat 的首席战略官 Andrew Wertkin 表示,对一些刚刚开始在家远程办公的员工来说,适当提供相关指导是很有必要的。大部分员工从来没有尝试过在家远程办公,他们或许并不了解安全的重要性。如果员工访问公司网络的时候使用的是个人设备而不是公司设备,就更有可能出现问题。
而使用 [VPN][9] 远程办公的人数激增也会为企业带来成本上的挑战。
“VPN 设备并不便宜,如果考虑到计算资源的成本和每个人的均摊成本,迁移到云上的虚拟环境会带来一笔不小的开支,这还不包括每个 VPN 许可证价格的上升”Alex Cruz Farmer 坦言。
在容量方面,随着远程访问量的增加,用于分配 IP 地址的 DHCP 服务也会承受巨大的压力。Andrew Wertkin 指出,如果进行远程连接的设备无法获取到网络地址,那将会成为比 VPN 许可证数量更严重的问题。企业内部必须对这些风险进行测试,了解其中存在瓶颈的部分,并制定规避这些风险的策略。
按照这个思路,企业甚至需要验证数据中心可以用于公开的 SSL 套接字数量,否则也会面临数量不足的风险。
微软 Office 365 产品团队的高级程序经理 Paul Collinge 也表达了类似的担忧。他在一篇关于优化 Office 365 员工远程办公流量的[博客][10]中写道,当大量员工在同时接入企业网络时,会对诸如 VPN 集中器、中央网络出口设备例如代理、DLP、中央互联网带宽、回程 MPLS 和 NAT 等网络要素产生巨大的压力。最终导致的结果是低下的性能、低下的生产力,以及员工们低下的使用体验。
Alex Cruz Farmer 提出,企业很可能需要增加网络上 VPN 集中器的数量,这样就可以让远程用户分布在多个不同的 VPN 端点上,避免产生拥堵。退而求其次,只能在防火墙上把某些端口放开,允许特定应用程序的公开访问,尽管这样有助于提高工作效率,但却降低了整体的安全性。
### VPN <ruby>隧道分割<rt>tunneling split</rt></ruby>有效吗?
业内人士对隧道分割技术有不同的看法。
BlueCat 的 Andrew Wertkin 认为VPN 可以使用隧道分割技术,使得仅有需要访问企业内部网络的流量才通过 VPN 隧道访问,其余流量则直接进入互联网。这意味着会有部分流量不受隧道和企业网络内部的安全控制,用户的计算机会暴露在互联网当中,进而导致企业的数据和网络面临安全风险。
尽管如此,微软在上周还是建议 IT 管理员使用隧道分割技术以缓解 Office 365 由于大量远程用户涌入导致的拥堵问题。微软在[建议][10]中提供了相关接入点的 URL 和 IP 地址列表,并引导 IT 人员如何按照这个方式将流量路由到 Office 365。
按照 Paul Collinge 的说法VPN 客户端需要经过配置,才能将流量路由到已标识的 URL/IP/ 端口上,进而为全球的用户提供高性能的服务。
Alex Cruz Farmer 认为,在 VPN 使用率上升之后,企业很有必要对网络安全进行一个全面的审查。对于仍然在使用传统网络安全架构的企业来说,应该开始考虑基于云端的网络安全方案了,这不仅可以提升远程办公的性能,还能减少企业对于广域网的使用量。
其它相关情况:
* [FCC][11] 呼吁宽带提供商应该适当放宽数据传输的限制电话运营商应该适当免除用户的长途电话费远程教育提供商应该合作为社会提供远程学习的机会网络运营商应该优先考虑医院或医疗机构的网络连接需求。对此AT&T 已经作出了相关的回应和行动。
* [美国参议员 Mark R. Warner (D-VA)][12] 和其他 17 名参议员致信了 AT&amp;T、CenturyLink、Charter Communications、Comcast、Cox Communications、Sprint、T-Mobile、Verizon 这八家主要 ISP 的首席执行官,呼吁这些公司应该采取措施应对远程办公、在线教育、远程医疗、远程支持服务等方面需求激增带来的压力。这些参议员在信中呼吁,各公司应该降低可能对远程服务产生影响的限制和费用,同时还应该为受到疫情影响的学生提供免费或收费的宽带服务,否则学生在疫情期间无法接入网络进行在线学习。
* [思科][13]、微软、[谷歌][14]、[LogMeIn][15]、[Spectrum][16] 等供应商都提供了一些免费工具,帮助用户在疫情爆发期间正常进行安全通信。
欢迎加入 [Facebook][17] 和 [LinkedIn][18] 上的 Network World 社区参与话题评论。
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3532440/coronavirus-challenges-remote-networking.html
作者:[Michael Cooney][a]
选题:[lujun9972][b]
译者:[HankChow](https://github.com/HankChow)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Michael-Cooney/
[b]: https://github.com/lujun9972
[1]: https://atlasvpn.com/blog/vpn-usage-in-italy-rockets-by-112-and-53-in-the-us-amidst-coronavirus-outbreak/
[2]: https://www.chicagotribune.com/coronavirus/ct-coronavirus-work-from-home-20200312-bscm4ifjvne7dlugjn34sksrz4-story.html
[3]: https://federalnewsnetwork.com/workforce/2020/03/agencies-ramp-up-coronavirus-preparations-as-noaa-plans-large-scale-telework-test/
[4]: https://fas.org/sgp/crs/misc/R43590.pdf
[5]: https://www.fcc.gov/coronavirus
[6]: https://www.networkworld.com/blog/itaas-and-the-corporate-storage-technology/?utm_source=IDG&utm_medium=promotions&utm_campaign=HPE22140&utm_content=sidebar (ITAAS and Corporate Storage Strategy)
[7]: https://about.att.com/pages/COVID-19.html
[8]: https://blog.cimicorp.com/?p=4055
[9]: https://www.networkworld.com/article/3268744/understanding-virtual-private-networks-and-why-vpns-are-important-to-sd-wan.html
[10]: https://techcommunity.microsoft.com/t5/office-365-blog/how-to-quickly-optimize-office-365-traffic-for-remote-staff-amp/ba-p/1214571
[11]: https://www.fcc.gov/document/commissioner-starks-statement-fccs-response-covid-19
[12]: https://www.warner.senate.gov/public/_cache/files/2/3/239084db-83bd-4641-bf59-371cb829937a/A99E41ACD1BA92FB37BDE54E14A97BFA.letter-to-isps-on-covid-19-final-v2.-signed.pdf
[13]: https://blogs.cisco.com/collaboration/cisco-announces-work-from-home-webex-contact-center-quick-deployment
[14]: https://cloud.google.com/blog/products/g-suite/helping-businesses-and-schools-stay-connected-in-response-to-coronavirus
[15]: https://www.gotomeeting.com/work-remote?clickid=RFlSQF3DBxyOTSr0MKVSfWfHUknShrScK0%3AhTY0&irgwc=1&cid=g2m_noam_ir_aff_cm_pl_ct
[16]: https://www.multichannel.com/news/charter-opening-wi-fi-hotspots-in-face-of-covid-19
[17]: https://www.facebook.com/NetworkWorld/
[18]: https://www.linkedin.com/company/network-world

51
sources/tech/20200320 How to Check Password Expiration Date for All Users on Linux.md → translated/tech/20200320 How to Check Password Expiration Date for All Users on Linux.md
View File

@ -7,44 +7,44 @@
[#]: via: (https://www.2daygeek.com/linux-check-user-password-expiration-date/)
[#]: author: (Magesh Maruthamuthu https://www.2daygeek.com/author/magesh/)
How to Check Password Expiration Date for All Users on Linux
如何在 Linux 上检查所有用户密码到期日期
======
If you enable a **[password policy on Linux][1]**.
如果你在 **[Linux 上启用了密码策略][1]**。
The password must be changed before it expires, and you will be notified when you log in to the system.
密码必须在到期前进行更改,并且登录到系统时会收到通知。
If you rarely use your account, it may be locked due to password expiration.
如果你很少使用自己的帐户,那么可能由于密码过期而被锁定。
In many cases, this can happen in service accounts with a **[password-less login][2]**, because nobody will monitor it.
在许多情况下,这可能会在[无需密码登录][2]的服务帐户中发生,因为没人会注意到它。
This will lead to stop the **[cronjobs/crontab][3]** configured on the server.
这将导致停止服务器上配置的 **[cronjob/crontab][3]**。
If so, how to mitigate this situation.
如果如此,该如何缓解这种情况。
You can write a **[shell script][4]** to get a notification about it, for which we wrote an article some time ago.
你可以写一个 **[shell 脚本][4]**来获得有关它的通知,我们前一段时间为此写了一篇文章。
* **[Bash Script to Send eMail With a List of User Accounts Expiring in “X” Days][5]**
* **[发送 “X” 日内到期的用户帐户列表邮件的 Bash 脚本][5]**
This will give you the number of days, but this article aims to give you a actual date on your terminal.
它将给出天数,但是本文旨在在终端中给你实际日期。
This can be achieved with the chage command.
这可以使用 chage 命令来实现。
### What is chage Command?
### 什么是 chage 命令?
chage stands for change age. It changes user password expiration information.
chage 代表更改时效 change age。它更改用户密码到期信息。
The chage command changes the number of days between password changes and the date of the last password change.
chage 命令更改两次密码更改之间的天数,以及最后一次更改密码的日期。
This information is used by the system to determine when a user should change his/her password.
系统使用此信息来确定用户何时应更改密码。
It allows the user to perform other functions such as setting the account expiration date, setting the password inactive after the expiration, displaying account aging information, setting minimum and maximum days before password change, and setting expiry warning days.
它允许用户执行其他功能,例如设置帐户到期日期、在到期后将密码设置为无效、显示帐户时效信息、设置密码更改之前的最小和最大天数以及设置到期警告天数。
### 1) How to Check the Password Expiration Date for a Specific User on Linux
### 1)如何在 Linux 上检查特定用户的密码到期日期
If you want to check the password expiration date for a specific user on Linux, use the following command.
如果要检查 Linux 上特定用户的密码到期日期,请使用以下命令。
```
# chage -l daygeek
@ -58,17 +58,18 @@ Maximum number of days between password change : 90
Number of days of warning before password expires : 7
```
### 2) How To Check Password Expiration Date For All Users On Linux
### 2)如何在 Linux 上检查所有用户的密码到期日期
You can use the chage command directly for a single user, which may not work as expected for many users, but you can use it.
你可以直接对单个用户使用 chage 命令,这对你可以使用的多个用户可能无效。
To achieve this you need to write a small shell script. The shell script below allows you to list all users added to your system, including system users.
为此,你需要编写一个小的 shell 脚本。下面的 shell 脚本可以列出添加到系统中的所有用户,包括系统用户。
```
# for user in $(cat /etc/passwd |cut -d: -f1); do echo $user; chage -l $user | grep "Password expires"; done | paste -d " " - - | sed 's/Password expires//g'
```
You will get an output like the one below, but the username may differ.
你将得到类似以下的输出,但是用户名可能不同。
```
root : never
@ -85,15 +86,15 @@ u4 : Jun 17, 2019
u5 : Jun 17, 2019
```
### 3) How To Check Password Expiration Date For All Users Except System Users On Linux
### 3)如何检查 Linux 上除系统用户外的所有用户的密码有效期
The below shell script will display a list of users who has an expiry date.
下面的 shell 脚本将显示有到期日期的用户列表。
```
# for user in $(cat /etc/passwd |cut -d: -f1); do echo $user; chage -l $user | grep "Password expires"; done | paste -d " " - - | sed 's/Password expires//g' | grep -v "never"
```
You will get an output like the one below, but the username may differ.
你将得到类似以下的输出,但是用户名可能不同。
```
u1 : Nov 12, 2018
@ -109,7 +110,7 @@ via: https://www.2daygeek.com/linux-check-user-password-expiration-date/
作者:[Magesh Maruthamuthu][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出