热门标签
热门文章
- 1遇到:AttributeError: ‘NoneType‘ object has no attribute ‘find_all‘ 错误应该如何解决_attributeerror: 'nonetype' object has no attribute
- 2MongoDB查询语句的关键字以及分页_navicate db.collection.find 查询的结果是分页的
- 3Simulink Embeded Coder生成的C代码解析
- 4IntelliJ-IDEA 详细教程四 版本控制SVN 及Git_unreal perforce svn git
- 5NetworkManager前世今生:探索网络管理的奥秘与发展趋势_networkmanager被淘汰
- 6java固定资产管理(源码+文档+数据库)_固定资产管理系统 源码
- 7谷歌浏览器(chrome)安装crx插件_.crx插件安装谷歌
- 8如何解决mfc100u.dll丢失问题,关于mfc100u.dll丢失的多种解决方法
- 9IEEE论文接受(accept)后的详细流程及状态变化总结_in final production stage with ieee publishing ope
- 10西电计科院计算机通信与网络期末考试考点汇总_西安电子科技大学计算机网络期末考试
当前位置: article > 正文
Python之paramiko远程配置Linux安全基线_基线扫描原理paramiko
作者:寸_铁 | 2024-07-01 04:23:44
赞
踩
基线扫描原理paramiko
raspberry.py
import paramiko import yaml class Raspberry(object): def __init__(self): # 实例化SSHClient self.ssh_client = paramiko.SSHClient() # 自动添加策略,保存服务器的主机名和密钥信息,如果不添加,那么不再本地 # know_hosts文件中记录的主机将无法连接 ,此方法必须放在connect方法的前面 self.ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) @staticmethod def server_info(): with open('host_info.yaml') as f: data = f.read() return yaml.load(data) def execute_cmd(self): for host_info in self.server_info(): print(host_info) self.ssh_client.connect( hostname=host_info.get('hostname'), port=host_info.get('port'), username=host_info.get('username'), password=host_info.get('password') ) for command in host_info.get('exec_command'): std_in, stdout, stderr = self.ssh_client.exec_command(command) print(stdout.read().decode('utf-8')) def close_connect(self): self.execute_cmd() self.ssh_client.close() if __name__ == '__main__': r = Raspberry() r.close_connect()
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
host_info.yaml
- hostname: 192.168.201.3 username: root password: raspberry port: 22 exec_command: - ls -l - df -Th - du -sh * - ifconfig|grep -E -o "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" - echo "hello world" > /root/paramiko.txt - sed -i "s/hello world/Hello World/g" /root/paramiko.txt - iptables -nvL - find / -name .netrc -exec rm -rf {} \; && find / -name .rhosts -exec rm -rf {} \; - echo "TMOUT=180" >> /etc/profile - echo "auth required pam_tally.so deny=10 unlock_time=300" >> /etc/pam.d/system-auth - for PART in `grep -v ^# /etc/fstab | awk '($6 != "0") {print $2 }'`;do find $PART -nouser -o -nogroup -print 2>>/dev/null;done - echo "password requisite pam_cracklib.so difok=3 minlen=8 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1" >> /etc/pam.d/system-auth - sed -i 's/PermitRootLogin yes/#PermitRootLogin yes/g' /etc/ssh/sshd_config && service sshd restart - sed -i 's/PASS_MAX_DAYS/#PASS_MAX_DAYS/g' /etc/login.defs - sed -i 's/PASS_MIN_DAYS/#PASS_MIN_DAYS/g' /etc/login.defs - sed -i 's/PASS_WARN_AGE/#PASS_WARN_AGE/g' /etc/login.defs - echo "PASS_MAX_DAYS 90" >> /etc/login.defs && echo "PASS_MIN_DAYS 2" >> /etc/login.defs && echo "PASS_WARN_AGE 7" >> /etc/login.defs - echo "net.ipve.icmp_echo_ignore_broadcasts=1" >> /etc/sysctl.conf - rpm -e wget --nodeps - echo "PermitRootLogin no" >> /etc/ssh/sshd_config - hostname: 192.168.244.135 username: root password: raspberry port: 22 exec_command: - ls -l - df -Th - du -sh * - ifconfig|grep -E -o "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" - echo "hello world" > /root/paramiko.txt
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/寸_铁/article/detail/775043
推荐阅读
相关标签
