Shulou(Shulou.com)06/01 Report--

Keybox is a ssh terminal management software based on web. In the production and test environment, the server is generally placed in the internal network. If you want to connect remotely through the external network, you need to connect to the proxy server with the external network first, and then ssh the machine in the internal network. With keybox, you can avoid the trouble.

I. installation

1. To install the java environment, it is officially recommended to use more than 1.8 Java JDK

$yum localinstall-y jdk-8u45-linux-x64.rpm# jdk path $ls / usr/java/jdk1.8.0_45/ bin COPYRIGHT db include javafx-src.zip jre lib LICENSE man README.html release src.zip THIRDPARTYLICENSEREADME-JAVAFX.txt THIRDPARTYLICENSEREADME.txt$ vim / etc/profile.d/java_env.sh 1 export JAVA_HOME=/usr/java/jdk1.8.0_45 2 export PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$PATH$ exec bash# View the version of java $java -versionjava version "1.8.045" Java (TM) SE Runtime Environment (build 1.8.0_45-b14) Java HotSpot (TM) 64-Bit Server VM (build 25.45-b02) Mixed mode)

2. Install keybox and download the keybox package directly on github: https://github.com/skavanagh/KeyBox/releases/

$tar xf keybox-jetty-v2.89_00.tar.gz-C / usr/local$ cd / usr/local/$ mv KeyBox-jetty keybox$ cd keybox & & ls jetty LICENSE.md README.md startKeyBox.bat startKeyBox.sh

2. Start keybox

# initialize and launch $. / startKeyBox.sh 2017-05-10 14:13:02.374:INFO::main: Logging initialized @ 813ms to org.eclipse.jetty.util.log.StdErrLog2017-05-10 14:13:02.764:INFO:oejs.Server:main: jetty-9.4.2.v201702202017-05-10 14:13:02.812:INFO:oejdp.ScanningAppProvider:main: Deployment monitor [file:///tmp/KeyBox-jetty/jetty/webapps/] at interval 12017- 05-10 14:13:05.084:INFO:oeja.AnnotationConfiguration:main: Scanning elapsed time=1866ms2017-05-10 14:13:05.478:INFO:oejs.session:main: DefaultSessionIdManager workerName=node02017-05-10 14:13:05.478:INFO:oejs.session:main: No SessionScavenger set Using defaults2017-05-10 14:13:05.483:INFO:oejs.session:main: Scavenging every 660000ms# New Database password Please enter database password: Please confirm database password: Setting KeyBox SSH public/private key pairFinger print: 12:70:18:ad:01:45:f5:dd:e2:ac:44:d4:e3:8e:65:d9KeyBox Generated Global Public Key:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfC1IZiTNKgSZZtTHiL8Y8fWTfPlkA/3CUahUs3bp0oZStJNYPAAu6mUAYkDjs6FCoASqrC/WwSVamu504ZUHBID/tKJ1gV4bvjdrlkUDIo3tyhmTl2DpwAPYhaHh+NSvhVyyCFSmicVONhdll2m74p/M7jU/V8jKygNM90FMR9UGdNa7K4VpK1MW6XFax5LlskMVnN93tfwfUXCgWg18/ShbuGF6JLJibMnBI8sVsS3/PTjI/tp+MtvYLqzN3G5BHfj31lSIIk5mMcIuLK0u6D8N8ITt3+OvNvNNIeUD2A9op1swb9v8Y92RQ9WnVPQnIeHgRVZJnl3sLyr47ERsb keybox@global_key2017-05-10 14 : 13:13.610:INFO:oejsh.ContextHandler:main: Started o.e.j.w.WebAppContext@7e0b0338 {/ File:///tmp/KeyBox-jetty/jetty/keybox/,AVAILABLE}{/tmp/KeyBox-jetty/jetty/keybox}2017-05-10 14:13:13.628:INFO:oejus.SslContextFactory:main: x509=X509@51b1a8f6 (jetty,h= [], w = []) for SslContextFactory@2a389173 (file:///tmp/KeyBox-jetty/jetty/etc/keystore,file:///tmp/KeyBox-jetty/jetty/etc/keystore)2017-05-10 14:13:13.660:INFO:oejs.AbstractConnector:main: Started ServerConnector@1fc76fc9 {SSL [ssl Http/1.1]} {0.0.0.0 Started 8443} 2017-05-10 14:13:13.660:INFO:oejs.Server:main: Started @ 12100ms# View port 8443$ ss-tnl | grep 8443LISTEN 0 50: 8443: * how to use the keybox startup script $/ usr/local/keybox/jetty/bin/jetty.sh Usage: Jetty.sh [- d] {start | stop | run | restart | check | supervise} [CONFIGS.]

3. Visit keybox

1. Open it using a browser

2. Enter the default user name admin and password changeme to log in

Create a new user and configure key-free ssh access

This time, the script is used with ansible to create and configure.

1. Install ansible and configure

$yum install-y ansible$ vim / etc/ansible/hosts# example [proxy] 192.168.1.201 [web] 192.168.1.202192.168.1.203 [MySQL] 192.168.1.204192.168.1.205

2. Configure key-free ssh access for hosts in root and ansible configuration files, which can be done through ssh-keygen and ssh-copy-id.

3. Create a new user password on multiple hosts and log in without key ssh

# New user $vim user_add.shfor name in test {1.. 5} doansible all-m user-a "name=$name generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa state=present group=java" done$. / user_add.sh# configuration password $vim passwd_add.shfor i in test {1.. 5} doansible all-m shell-a "echo '123456' | passwd-- stdin $I" done$. / passwd_add.sh# key-free ssh configuration Set $yum install-y expect$ vim ssh_add.shfor user in test {1.. 5} dopass='123456' for ip in `cat / etc/ansible/hosts | grep "^ [^ ([| #)]. *" ` Do / usr/bin/expect

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.