建站
咨询
售后
建站咨询
dropbear编译安装及服务脚本编写-创新互联
编译安装
下载dropbear、并解压
# wget http://matt.ucc.asn.au/dropbear/releases/dropbear-2015.67.tar.bz2 # tar xvf dropbear-2015.67.tar.bz2 # cd dropbear-2015.67 # ./configure --prefix=/usr/local/dropbear --sysconfdir=/etc/dropbear
编译安装dropbear,要指定安装dropbear的哪些程序
# make PROGRAMS="dropbear dbclient dropbearkey dropbearconvert scp" # make PROGRAMS="dropbear dbclient dropbearkey dropbearconvert scp" install
安装完成后没有/etc/dropbear,还要有/etc/dropbear/dropbear_dss_host_key和/etc/dropbear/dropbear_rsa_host_key文件 -t 指定类型 -f 指定安装到那
# mkdir /etc/dropbear # /usr/local/dropbear/bin/dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key # /usr/local/dropbear/bin/dropbearkey -t rsa -s 4096 -f /etc/dropbear/dropbear_rsa_host_key
现在可以启动dropbear
# /usr/local/dropbear/sbin/dropbear -p 2222 #监听在2222端口 # ps aux | grep dropbear #服务已经启动了 root 25377 0.0 0.0 15300 536 ? Ss 17:50 0:00 /usr/local/dropbear/sbin/dropbear -p 2222 root 25379 0.0 0.0 103256 856 pts/2 S+ 17:51 0:00 grep dropbear # netstat -tnlp #2222端口开始监听 Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:8307 0.0.0.0:* LISTEN 2861/vmware-hostd tcp 0 0 0.0.0.0:2222 0.0.0.0:* LISTEN 25377/dropbear tcp 0 0 :::22 :::* LISTEN 2576/sshd tcp 0 0 :::2222 :::* LISTEN 25377/dropbear # ss -tanl tate Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 100 :::2222 :::* LISTEN 0 100 *:2222 *:*
换一个端口
Xshell :\> ssh 192.168.1.9 2222 #可以连接
不想用ssh服务,回到原端口
# chkconfig sshd off #默认开机不启动 # service sshd stop
服务脚本的编写
想让dropbear开机启动,换到2222端口
# vim /etc/rc.d/rc.local /usr/local/dropbear/sbin/dropbear -p 2222 #能启动,但是不能关闭,写个服务脚本
# vim /etc/sysconfig/dropbear
port=2222
# vim /etc/rc.d/init.d/dropbear
#!/bin/bash
#
# chkconfig: 2345 75 50 默认级别 启动级别 关闭级别
# description: lightweight ssh3 implementation
#
[ -r /etc/rc.d/init.d/functions ] && . /etc/rc.d/init.d/functions
[ -f /etc/sysconfig/dropbear ] && . /etc/sysconfig/dropbear
dsskey=/etc/dropbear/dropbear_dss_host_key
rsakey=/etc/dropbear/dropbear_rsa_host_key
pidfile=/var/run/dropbear.pid
lockfile=/var/lock/subsys/dropbear
dropbearkey=/usr/local/dropbear/bin/dropbearkey
dropbear=/usr/local/dropbear/sbin/dropbear
port=${port:=22}
gendsskey() {
if [ ! -f $dsskey ]; then
$dropbearkey -t dss -f $dsskey &> /dev/null
[ $? -eq 0 ] && return 0 || return 1
RETVAL=$?
if [ $RETVAL -eq 0 ]; then
echo -n "Generate dss key finished."
passed
echo
return 0
else
echo -n "Genrate dss key failed"
failure
echo
exit 6
fi
else
return 0
fi
}
genrsakey() {
if [ ! -f $rsakey ]; then
$dropbearkey -t rsa -f $rsakey -s 2048 &> /dev/null
# [ $? -eq 0 ] && return 0 || return 1 #这行不需要了
RETVAL=$?
if [ $RETVAL -eq 0 ]; then
echo -n "Generate rsa key finished."
passed
echo
return 0
else
echo -n "Genrate rsa key failed"
failure
echo
exit 6
fi
else
return 0
fi
}
start() {
gendsskey
genrsakey
if [ -f $lockfile ]; then
echo -n "dropbear is already running."
failure
echo
exit 7
fi
echo -n "Start dropbear"
daemon --pidfile $pidfile $dropbear -p $port
RETVAL=$?
echo
if [ $RETVAL -eq 0 ];then
touch $lockfile
return 0
else
rm -f $lockfile $pidfile
return 1
fi
}
stop() {
if [ ! -f $lockfile ]; then
echo -n "dropbear is not running."
failure
echo
exit 8
fi
echo -n "Stop dropbear:"
killproc dropbear
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f $lockfile && return 0 || return 1
}
case $1 in
start)
start ;;
stop)
stop;;
restart)
stop
start ;;
*)
exit 3 ;;
esac# service dropbear start Start dropbear [确定] # service dropbear restart Stop dropbear: [确定] Start dropbear [确定] # service dropbear stop Stop dropbear: [确定]
另外有需要云服务器可以了解下创新互联scvps.cn,海内外云服务器15元起步,三天无理由+7*72小时售后在线,公司持有idc许可证,提供“云服务器、裸金属服务器、高防服务器、香港服务器、美国服务器、虚拟主机、免备案服务器”等云主机租用服务以及企业上云的综合解决方案,具有“安全稳定、简单易用、服务可用性高、性价比高”等特点与优势,专为企业上云打造定制,能够满足用户丰富、多元化的应用场景需求。
分享文章:dropbear编译安装及服务脚本编写-创新互联
新闻来源:http://www.jxjierui.cn/article/ccooeo.html
