简易搭建堡垒机

1.搭建jumpServer

jumpserver官网:安装部署 - JumpServer 文档

2.登录界面

账户:admin

密码:admin

简易搭建堡垒机

 

 

 简易搭建堡垒机

 

 

 3.创建用户

简易搭建堡垒机

 

 

 简易搭建堡垒机

 

 

 简易搭建堡垒机

 

 

 4.创建普通用户和特权用户

普通用户

简易搭建堡垒机

 

 

 简易搭建堡垒机

 

 

 简易搭建堡垒机

 

 

 简易搭建堡垒机

 

 

 特权用户

简易搭建堡垒机

[root@localhost ~]# ssh-keygen -f jumpserver #生成密匙
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in jumpserver.
Your public key has been saved in jumpserver.pub.
The key fingerprint is:
SHA256:yAkBJTs2DMJBzRp10xfU+P4QTwG1B2UcUkxhvmTSdBs root@localhost.localdomain
The key's randomart image is:
+---[RSA 2048]----+
|=oB+oo. .o+.o+*E+|
|.= =.... o . .Xo+|
|  O .   . .  o.B |
| o o o o   o .= .|
|      + S . +  . |
|           o .   |
|            o    |
|             .   |
|                 |
+----[SHA256]-----+

简易搭建堡垒机

 

 

 简易搭建堡垒机

 

 

 5.资产管理

创建资产

简易搭建堡垒机

 

 

 简易搭建堡垒机

 

 

简易搭建堡垒机

 

 

 简易搭建堡垒机

 

 

 配置资产

[root@localhost ~]# useradd jumpserver
[root@localhost ~]# visudo 
....
## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL
jumpserver      ALL=(ALL)       NOPASSWD:ALL
## Allows members of the 'sys' group 
....
[root@localhost ~]# echo 123456 | passwd --stdin jumpserver
更改用户 jumpserver 的密码 。
passwd:所有的身份验证令牌已经成功更新。
[root@localhost ~]# ssh-copy-id -i jumpserver.pub jumpserver@192.168.200.184
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "jumpserver.pub"
The authenticity of host '192.168.200.184 (192.168.200.184)' can't be established.
ECDSA key fingerprint is SHA256:bhEdVM3mhW8PDNYqILImzNCA1466NnEMybHxMKKNFmU.
ECDSA key fingerprint is MD5:a3:60:a4:23:7d:83:ba:c7:1b:bf:0c:8f:04:ea:d6:d4.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
jumpserver@192.168.200.184's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'jumpserver@192.168.200.184'"
and check to make sure that only the key(s) you wanted were added.

简易搭建堡垒机

 

 简易搭建堡垒机

 

 简易搭建堡垒机

 

 6.资产授权

简易搭建堡垒机

 

 简易搭建堡垒机

 

 简易搭建堡垒机

 

 简易搭建堡垒机

 

 简易搭建堡垒机

 

 简易搭建堡垒机

 

 简易搭建堡垒机

 

上一篇:Spring 中使用Jode-Money 与 mongoDB


下一篇:事件推送网关:让cmdb告别“花瓶”