真正实现限制SSH单用户登录的方法
(编辑:jimmy 日期: 2024/11/15 浏览:3 次 )
使用方法: 用root权限在后台(比如screen里)运行这个脚本
复制代码代码如下:
#!/usr/bin/perl -w
use strict;
sub main
{
my @lines = `ps -eo user,pid,etime,cmd | grep sshd`;
my $users;
for my $line (@lines) {
if(my ($user, $pid, $etime, $cmd) = $line =~ /^([^s]+)s+(d+)s+([^s]+)s+(sshd:.+)$/) {
next if($user eq ‘root’);
my $proc = {‘pid’, $pid, ‘etime’, $etime, ‘cmd’, $cmd};
push @{$users->{$user}}, $proc;
}
}
for my $key(keys(%$users)) {
my @sshs = sort {
my ($lb, $la) = (length($b->{‘etime’}), length($a->{‘etime’}));
if($lb == $la) {
$b->{‘etime’} cmp $a->{‘etime’};
} else {
$lb <=> $la;
}
} @{$users->{$key}};
for (1 .. 1) { shift @sshs; };
for my $ssh (@sshs) {
kill 9, $ssh->{‘pid’};
}
}
}
while(1) {
main;
sleep 3;
}
复制代码代码如下:
#!/usr/bin/perl -w
use strict;
sub main
{
my @lines = `ps -eo user,pid,etime,cmd | grep sshd`;
my $users;
for my $line (@lines) {
if(my ($user, $pid, $etime, $cmd) = $line =~ /^([^s]+)s+(d+)s+([^s]+)s+(sshd:.+)$/) {
next if($user eq ‘root’);
my $proc = {‘pid’, $pid, ‘etime’, $etime, ‘cmd’, $cmd};
push @{$users->{$user}}, $proc;
}
}
for my $key(keys(%$users)) {
my @sshs = sort {
my ($lb, $la) = (length($b->{‘etime’}), length($a->{‘etime’}));
if($lb == $la) {
$b->{‘etime’} cmp $a->{‘etime’};
} else {
$lb <=> $la;
}
} @{$users->{$key}};
for (1 .. 1) { shift @sshs; };
for my $ssh (@sshs) {
kill 9, $ssh->{‘pid’};
}
}
}
while(1) {
main;
sleep 3;
}
下一篇:SSH证书让Putty免密码登陆Linux的方法