Shell Write login Springboard machine

Prepare 3 Machines

1.linux-node1 ip:10.89.3.108 (Springboard machine)

2.weblamp ip:10.89.3.100

3.weblnmp ip:10.89.3.101

The 3 system environments are as follows:

[Email protected] ~]$ cat/etc/redhat-release CentOS release 6.8 (Final)

1) First do SSH key verification

Perform the following operations on all 3 machines

[[Email protected] ~] #useradd jump [[email protected] ~] #echo 123456|passwd--stdin Jump

Perform the following operation on the springboard machine to generate the key.

[Email protected] ~]$ ssh-keygen-t dsa-p '-F ~/.SSH/ID_DSA

Generating Public/private DSA key pair.

Created directory '/home/jump/.ssh '.

Your identification has been saved IN/HOME/JUMP/.SSH/ID_DSA.

Your public key has been saved in/home/jump/.ssh/id_dsa.pub.

The key fingerprint is:

15:4d:94:d8:a8:0d:e9:d4:e1:70:09:0c:8b:de:2c:96 [email protected]

The key ' s Randomart image is:

+--[DSA 1024x768]----+

|   . Oo++xo. |

| . .=+=.+    |

| . . o +o |

| .      + O.. |

| E o S |

| .           . |

| |

| |

| |

+-----------------+

To view the generated key

[Email protected] ~]$ LL/HOME/JUMP/.SSH

Total 8

-RW-------1 Jump 672 Apr 09:49 ID_DSA

-rw-r--r--1 Jump 618 Apr 09:49 id_dsa.pub (public key)

Distributing the public key to 2 other servers

[Email protected] ~]$ ssh-copy-id-i ~/.ssh/id_dsa.pub 10.89.3.101

The authenticity of host ' 10.89.3.101 (10.89.3.101) ' can ' t be established.

RSA key fingerprint is 01:e7:d2:70:fc:a8:1a:ee:88:07:ef:9b:37:40:29:2d.

Is you sure want to continue connecting (yes/no)? Yes

warning:permanently added ' 10.89.3.101 ' (RSA) to the list of known hosts.

[email protected] ' s password: (the password for jump is entered here)

Now try logging to the machine, with "ssh ' 10.89.3.101 '", and check in:

. Ssh/authorized_keys

To make sure we haven ' t added extra keys so you weren ' t expecting.

[Email protected] ~]$

2) Implement the traditional Remote Connection menu selection script

The menu script is as follows:

Cat <<menu

1) weblamp-10.89.3.100

2) weblnmp-10.89.3.101

3) Administrator

Menu

3) Use the Linux signal Shield to prevent user interrupt signals from being operated on a springboard machine

function trapper () {

Trap ': ' INT EXIT TSTP term HUP

}

4) When the user logs on to the springboard, the script is called (cannot use the command line to manage the springboard) and can only be ordered by the administrator.

The script is as follows (action on a springboard machine)

[[email protected] ~]# cat/etc/profile.d/jump.sh [$UID-ne 0] &&/server/scripts/jump.sh

[Email protected] ~]# cat/server/scripts/jump.sh

#!/bin/bash#alvin trainingtrapper () {    trap  ': ' &NBSP;INT&NBSP;EXIT&NBSP;TSTP  term hup}main () {    while :    do     trapper    clear    cat <<menu     1) weblamp-10.89.3.100    2) weblnmp-10.89.3.101    3) administratormenu    read -p  "Pls input a num.:"  numcase   "$num"  in   1)    echo  "login in 10.89.3.100"     ssh 10.89.3.100   ;; &NBSP;&NBSP;&NBSP;2)    echo  "login in 10.89.3.101"    ssh  10.89.3.101  ;;    3)    stty -echo   read -p  "Your privite &NBSP;PASSWD: " char    if [ " $char " =&nbSP; " 111111 " ]; then    stty echo    echo " \ n "      exit     sleep 3   fi  ;;    *)     echo  "Select error."    esac done}main

[Email protected] ~]# chmod +x/server/scripts/jump.sh

[[email protected] ~]# su-jump 1) weblamp-10.89.3.100 2) weblnmp-10.89.3.101 3) administratorpls input a num.:

650) this.width=650; "Src=" https://s1.51cto.com/wyfs02/M01/8F/E7/wKioL1jtuPnygPrlAAB_0VkAHQk509.jpg-wh_500x0-wm_ 3-wmp_4-s_2043887975.jpg "title=" 1.jpg "alt=" Wkiol1jtupnygprlaab_0vkahqk509.jpg-wh_50 "/>

This article is from the "Knowledge Change Destiny" blog, please be sure to keep this source http://ahtornado.blog.51cto.com/4826737/1915198

Shell Write login Springboard machine