Linux under Trap+shell Three-layer Directory Professional specification springboard machine script

Safety planning for Springboard machine:

Back-end server--center machine, Springboard machine

Springboard machine: Used as a springboard Landing center machine

Central machine: Commonly used for distribution, used to log on to the backend server

In the intranet: generally directly connected to the central machine, and then directly connected to the back-end server

In the external network: in order to be safe, the general user will first connect the springboard machine, then connect the central machine, and then connect the backend server in the central machine

Note: Ordinary users are not allowed to log on to the terminal of the springboard machine

Three-tier catalog Springboard script implementation features:

1. Connect the springboard with normal users and connect directly to the backend server

2, Ssh+key authentication, the CRT proxy forwarding function opens, self-identification user, no need to enter user name, password and port

3, trap signal capture does not allow the user Crtl+c exit script, Springboard script ordinary users will automatically run a login

Note: This only shows the SSH connection of one of the servers on the Qqandroid platform, the same as the IP connection of other platform servers

#创建脚本目录

Mkdir-p/scripts/tiaoban/{qqandroid,qqios,qqwxandroid,wxios}

#禁止普通用户登陆

cat/etc/profile.d/tiaoban.sh[$UID-ne 0] &&. /scripts/tiaoban/tiaoban.sh

#脚本目录结构

[Email protected]/]# tree/scripts/tiaoban//scripts/tiaoban/├──qqandroid│├──1_100.sh│├──ip.txt│└──qqandroid . SH├──QQIOS├──QQWXANDROID├──TIAOBAN.SH└──WXIOS4 directories, 4 files

#跳板脚本第一层目录,

cat /scripts/tiaoban/tiaoban.sh                              #!/bin/ Bashfunction trapper ()  {trap  ': '  1 2 3 20 15}while :d o  trapperclearcat <<menu             &NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;1) qqandroid  &NBSP;&NBSP;&NBSP;&NBSP;2) Qqios (feature not developed)     3) wxandroid (function not developed)     4) Wxios (feature not developed)     5) exitmenuread -p  ' please select a num: '   numcase  "$num"  in1)  sh /scripts/tiaoban/qqandroid/qqandroid.sh ;; 2)  sh /scripts/tiaoban/qqios/qqios.sh ;; 3)  sh /scripts/tiaoban/wxandroid/wxandroid.sh ;; 4)  sh /scripts/tiaoban/wxios/wxios.sh ;; 5)  exit esacdone

#跳板机脚本第二层目录

Cat /scripts/tiaoban/qqandroid/qqandroid.sh#!/bin/bashfunction trapper ()  {         trap  ': '  1 2 3 20 15}while :d o         trapper        clear         cat <<menu                               1) qq1-100 clothing         2) qq101-200 (function not developed)          3) qq201-300 (function not developed)         4) qq301-400 (function not developed)         5) return to the top level          6) exitmenuread -p  ' please select a num: '  numcase  $num '   in1) &NBSP;SH&NBSP;/SCRIPTS/TIAOBAN/QQandroid/1_100.sh ;; 2)  sh /scripts/tiaoban/qqandroid/101_200.sh ;; 3)  sh /scripts/tiaoban/qqandroid/201_300.sh ;; 4)  sh /scripts/tiaoban/qqandroid/301_400.sh ;; 5)  sh /scripts/tiaoban/tiaoban.sh ;; 6)  exit esacdone

#跳板机脚本第三层目录

Cat /scripts/tiaoban/qqandroid/1_100.sh#!/bin/bashfunction trapper ()  {         trap  ': '  1 2 3 20 15}while :d o                                               trapper        clear         cat <<menu                        1) qq1 Clothing     &NBSP;&NBSP;&NBSP;&NBSP;&NBSP;2) QQ2 (function not developed)         3) QQ3 (function not developed)   &NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;4) QQ ... (function not developed)         5) return to the previous level of the directory    &nbsp(    6) back home         7) exit menuread -p  ' Please select a num: '  numyh= ' id ' user= ' echo  $yh  | awk -f '   '   ' {print $2} '  | awk -f ' gid= '   ' {print $2} '  | awk -f ' ('   ' {print  $2} '  | awk -f ') "  ' {print $1} ' case " $num " in1)  ip= ' head -$ Num /scripts/tiaoban/qqandroid/ip.txt '  ssh -p 22 [email protected] $ip  ;; 2)  ip= ' head -$num  /scripts/tiaoban/qqandroid/ip.txt '  ssh -p 22 [email  Protected] $ip  ;; 3)  ip= ' head -$num  /scripts/tiaoban/qqandroid/ip.txt '  ssh -p 22 [email  Protected] $ip  ;; 4)  ip= ' head -$num  /scripts/tiaoban/qqandroid/ip.txt '  ssh -p 22 [email  Protected] $ip  ;; &NBSP;5)   sh /scripts/tiaoban/qqandroid/qqandroid.sh ;; &NBSP;6)   sh /scripts/tiaoban/tiaoban.sh ;; 7)  exit esacdone

#ip. txt file display

[Email protected] ~]# Cat/scripts/tiaoban/qqandroid/ip.txt 192.168.17.215192.168.17.216192.168.17.217192.168.17.218192.168.17.219192.168.17.220192.168.17.221192.168.17.222192.168.1 7.223192.168.17.224192.168.17.225

#脚本执行展示

1) Normal User Login

650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M00/83/18/wKioL1dqpy2y2umGAACcUuLyiY0667.png-wh_500x0-wm_3 -wmp_4-s_3412665460.png "title=" 1.png "alt=" Wkiol1dqpy2y2umgaaccuulyiy0667.png-wh_50 "/>

2) First Level catalogue

650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M00/83/19/wKiom1dqp0ziUdcTAABOE6pB-cs739.png-wh_500x0-wm_3 -wmp_4-s_638941900.png "title=" 2.png "alt=" Wkiom1dqp0ziudctaaboe6pb-cs739.png-wh_50 "/>

3) Second Level directory

650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M02/83/19/wKiom1dqp2bC-nVpAABi-nxFlt8270.png-wh_500x0-wm_3 -wmp_4-s_1862629400.png "title=" 3.png "alt=" Wkiom1dqp2bc-nvpaabi-nxflt8270.png-wh_50 "/>

4) Third level catalogue and landing success Show

650) this.width=650; "Src=" Http://s4.51cto.com/wyfs02/M00/83/18/wKioL1dqp4zjK0mgAAD_cc_pWdo917.png-wh_500x0-wm_3 -wmp_4-s_2182483837.png "title=" qq picture 20160622225739.png "alt=" Wkiol1dqp4zjk0mgaad_cc_pwdo917.png-wh_50 "/>

Note: In the three layer any level of ordinary users are crtl+c is invalid, and in the third level select Exit Exit will return to the second level, in the second level select Exit will return to the first layer, in the first layer select exit will unregister terminal re-execute the springboard script, ordinary users can not log on to the springboard terminal, known

This article is from the "Wsyht blog" blog, make sure to keep this source http://wsyht2015.blog.51cto.com/9014030/1791938

Linux under Trap+shell Three-layer Directory Professional specification springboard machine script