大橙子网站建设,新征程启航

为企业提供网站建设、域名注册、服务器等服务

Linux之不同运维人员共用root账户权限审计

建站服务器

[root@open1~]#wgethttp://ftp.gnu.org/gnu/bash/bash-4.1.tar.gz[root@open1~]#tarxvfbash-4.1.tar.gz
[root@open1~]#cdbash-4.1

[root@open1bash-4.1]#vimconfig-top.c#defineSSH_SOURCE_BASHRC#defineSYSLOG_HISTORY

[root@open1bash-4.1]#vimbashhist.c
#...省略部分段落
void
bash_syslog_history(line)
constchar*line;
{chartrunc[SYSLOG_MAXLEN];
constchar*p;
p=getenv(NAME_OF_KEY);if(strlen(line)

[root@open1bash-4.1]#./configure--prefix=/usr/local/bash_new
[root@open1bash-4.1]#make&&makeinstall...iftestbash=gettext-tools;then\\
/bin/sh/root/bash-4.1/./support/mkinstalldirs/usr/local/bash_new/share/gettext/po;\\forfileinMakefile.in.inremove-potcdate.sinquot.sedboldquot.seden@quot.headeren@boldquot.headerinsert-header.sinRules-quotMakevars.template;do\\
/usr/bin/install-c-m644./$file\\
/usr/local/bash_new/share/gettext/po/$file;\\done;\\forfileinMakevars;do\\rm-f/usr/local/bash_new/share/gettext/po/$file;\\done;\\else\\
:;\\fimake[1]:Leavingdirectory`/root/bash-4.1/po\'

[root@open1bash-4.1]#echo/usr/local/bash_new/bin/bash>>/etc/shells
[root@open1bash-4.1]#cat/etc/shells
/bin/sh/bin/bash
/sbin/nologin
/bin/dash
/usr/local/bash_new/bin/bash

创新互联长期为上千多家客户提供的网站建设服务,团队从业经验10年,关注不同地域、不同群体,并针对不同对象提供差异化的产品和服务;打造开放共赢平台,与合作伙伴共同营造健康的互联网生态环境。为相山企业提供专业的网站建设、成都网站建设相山网站改版等技术服务。拥有十多年丰富建站经验和众多成功案例,为您定制开发。
[root@open1bash-4.1]#vim/etc/passwdroot:x:0:0:root:/root:/usr/local/bash_new/bin/bash

View Code

-C 注释 (加上这个也是为了最后进行对服务器访问人员进行辨别的一个关键点)

[root@rsyslog~]#ssh-copy-id-i/root/.ssh/id_rsa.pubroot@192.168.30.72root@192.168.30.72\'spassword:Nowtryloggingintothemachine,withssh\'root@192.168.30.72\',andcheckin:

.ssh/authorized_keys

tomakesurewehaven\'taddedextrakeysthatyouweren\'texpecting.

View Code

[root@swift3~]#ssh-copy-id-i/root/.ssh/id_rsa.pubroot@192.168.30.72Theauthenticityofhost\'192.168.30.72(192.168.30.72)\'can\'tbeestablished.RSAkeyfingerprintis8f:a7:1b:8d:e4:92:ad:ae:ea:1b:fb:67:0b:0b:7c:ac.
Areyousureyouwanttocontinueconnecting(yes/no)?yes
Warning:Permanentlyadded\'192.168.30.72\'(RSA)tothelistofknownhosts.
root@192.168.30.72\'spassword:Nowtryloggingintothemachine,withssh\'root@192.168.30.72\',andcheckin:

.ssh/authorized_keys

tomakesurewehaven\'taddedextrakeysthatyouweren\'texpecting.

View Code

[root@open1~]#touch/var/log/keys

View Code

[root@open1~]#echotest-f/etc/CheckUser.sh&&./etc/CheckUser.sh>>/etc/profile

[root@open1~]#tail-1f/etc/bashrc
test-z$BASH_EXECUTION_STRING||{test-f/etc/CheckUser.sh&&./etc/CheckUser.sh;logger-t-bash-sHISTORY$SSH_CLIENTUSER=$NAME_OF_KEYCMD=$BASH_EXECUTION_STRING>/dev/null2>&1;}

[root@open1~]#sed-i\'s/#LogLevelINFO/LogLevelDEBUG/g\'/etc/ssh/sshd_config
[root@open1~]#servicesshdrestart
Stoppingsshd:[OK]
Startingsshd:[OK]


网站名称:Linux之不同运维人员共用root账户权限审计
文章网址:http://dzwzjz.com/article/cjodeh.html
在线咨询
服务热线
服务热线:028-86922220
TOP