1.搭建jumpServer
jumpserver官网:安装部署 - JumpServer 文档
2.登录界面
账户:admin
密码:admin
3.创建用户
4.创建普通用户和特权用户
普通用户
特权用户
[root@localhost ~]# ssh-keygen -f jumpserver #生成密匙 Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in jumpserver. Your public key has been saved in jumpserver.pub. The key fingerprint is: SHA256:yAkBJTs2DMJBzRp10xfU+P4QTwG1B2UcUkxhvmTSdBs root@localhost.localdomain The key's randomart image is: +---[RSA 2048]----+ |=oB+oo. .o+.o+*E+| |.= =.... o . .Xo+| | O . . . o.B | | o o o o o .= .| | + S . + . | | o . | | o | | . | | | +----[SHA256]-----+
5.资产管理
创建资产
配置资产
[root@localhost ~]# useradd jumpserver [root@localhost ~]# visudo .... ## Allow root to run any commands anywhere root ALL=(ALL) ALL jumpserver ALL=(ALL) NOPASSWD:ALL ## Allows members of the 'sys' group ....
[root@localhost ~]# echo 123456 | passwd --stdin jumpserver 更改用户 jumpserver 的密码 。 passwd:所有的身份验证令牌已经成功更新。
[root@localhost ~]# ssh-copy-id -i jumpserver.pub jumpserver@192.168.200.184 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "jumpserver.pub" The authenticity of host '192.168.200.184 (192.168.200.184)' can't be established. ECDSA key fingerprint is SHA256:bhEdVM3mhW8PDNYqILImzNCA1466NnEMybHxMKKNFmU. ECDSA key fingerprint is MD5:a3:60:a4:23:7d:83:ba:c7:1b:bf:0c:8f:04:ea:d6:d4. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys jumpserver@192.168.200.184's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'jumpserver@192.168.200.184'" and check to make sure that only the key(s) you wanted were added.
6.资产授权