热门标签
热门文章
- 1Yakit工具篇:WebFuzzer模块之序列操作
- 2SpringBoot2---单元测试(Junit5)(1),2024年最新金九银十
- 3ping: sendto: No route to host
- 4图详解第五篇:单源最短路径--Bellman-Ford算法
- 5ElasticSearch查询流程详解_elasticsearch查询过程
- 6pytest自动化测试框架_pytest框架
- 7Java自然语言处理实现基于酒店评价的词云可视化(前端与后端交互使用)_java词云分析
- 8看langchain代码之前必备知识之 - Python 协程:异步编程的利器_langchian python
- 9阿里计算巢:开启数据集市场的宝库,助力AI研究和应用_cmekg数据集
- 10IT入门知识第五部分《前端开发》(5/10)
当前位置: article > 正文
Python之paramiko远程配置Linux安全基线_基线扫描原理paramiko
作者:寸_铁 | 2024-07-01 04:23:44
赞
踩
基线扫描原理paramiko
raspberry.py
import paramiko import yaml class Raspberry(object): def __init__(self): # 实例化SSHClient self.ssh_client = paramiko.SSHClient() # 自动添加策略,保存服务器的主机名和密钥信息,如果不添加,那么不再本地 # know_hosts文件中记录的主机将无法连接 ,此方法必须放在connect方法的前面 self.ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) @staticmethod def server_info(): with open('host_info.yaml') as f: data = f.read() return yaml.load(data) def execute_cmd(self): for host_info in self.server_info(): print(host_info) self.ssh_client.connect( hostname=host_info.get('hostname'), port=host_info.get('port'), username=host_info.get('username'), password=host_info.get('password') ) for command in host_info.get('exec_command'): std_in, stdout, stderr = self.ssh_client.exec_command(command) print(stdout.read().decode('utf-8')) def close_connect(self): self.execute_cmd() self.ssh_client.close() if __name__ == '__main__': r = Raspberry() r.close_connect()
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
host_info.yaml
- hostname: 192.168.201.3 username: root password: raspberry port: 22 exec_command: - ls -l - df -Th - du -sh * - ifconfig|grep -E -o "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" - echo "hello world" > /root/paramiko.txt - sed -i "s/hello world/Hello World/g" /root/paramiko.txt - iptables -nvL - find / -name .netrc -exec rm -rf {} \; && find / -name .rhosts -exec rm -rf {} \; - echo "TMOUT=180" >> /etc/profile - echo "auth required pam_tally.so deny=10 unlock_time=300" >> /etc/pam.d/system-auth - for PART in `grep -v ^# /etc/fstab | awk '($6 != "0") {print $2 }'`;do find $PART -nouser -o -nogroup -print 2>>/dev/null;done - echo "password requisite pam_cracklib.so difok=3 minlen=8 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1" >> /etc/pam.d/system-auth - sed -i 's/PermitRootLogin yes/#PermitRootLogin yes/g' /etc/ssh/sshd_config && service sshd restart - sed -i 's/PASS_MAX_DAYS/#PASS_MAX_DAYS/g' /etc/login.defs - sed -i 's/PASS_MIN_DAYS/#PASS_MIN_DAYS/g' /etc/login.defs - sed -i 's/PASS_WARN_AGE/#PASS_WARN_AGE/g' /etc/login.defs - echo "PASS_MAX_DAYS 90" >> /etc/login.defs && echo "PASS_MIN_DAYS 2" >> /etc/login.defs && echo "PASS_WARN_AGE 7" >> /etc/login.defs - echo "net.ipve.icmp_echo_ignore_broadcasts=1" >> /etc/sysctl.conf - rpm -e wget --nodeps - echo "PermitRootLogin no" >> /etc/ssh/sshd_config - hostname: 192.168.244.135 username: root password: raspberry port: 22 exec_command: - ls -l - df -Th - du -sh * - ifconfig|grep -E -o "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" - echo "hello world" > /root/paramiko.txt
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/寸_铁/article/detail/775043
推荐阅读
相关标签
