Jumpserver 是一款由python編寫開源的跳板機(堡壘機)系統,實現了跳板機應有的功能。基於ssh協議來管理,客戶端無需安裝agent。
特點:
完全開源,GPL授權
Python編寫,容易再次開發
實現了跳板機基本功能,認證、授權、審計
集成了Ansible,批量命令等
支持WebTerminal
Bootstrap編寫,界面美觀
自動收集硬件信息
錄像回放
命令搜索
實時監控
批量上傳下載
實驗環境
centos6.5_x64
實驗軟件
epel-release-6-8.noarch
pycrypto-2.4.1.tar.gz
jumpserver-0.3.2.zip
軟件安裝
rpm -ivh epel-release-6-8.noarch.rpm
sed -i 's/^mirrorlist=https/mirrorlist=http/' /etc/yum.repos.d/epel.repo
yum install -y git* python-pip* gcc automake autoconf python-devel
yum install -y sshpass readline-devel* pip* python-crypto* python-paramiko*
yum install -y openssl* unzip* gmp* gmp-devel* lrzsz unzip* mysql mysql-server
vim /etc/my.cnf
[mysqld]
default-character-set=utf8 添加配置
service mysqld restart
mysqladmin -uroot password 數據庫訪問密碼
mysql -uroot password 數據庫訪問密碼
mysql> create database jumpserver;
mysql> grant all privileges on jumpserver.* to jumpserver@localhost identified by '123456'; jumpserver爲授權用戶 123456授權密碼
mysql> flush privileges;
mysql> select host,user from mysql.user;
| localhost | jumpserver |
mysql -u jumpserver password 授權數據庫訪問密碼
update mysql.user set password=PASSWORD('123456') where user='jumpserver'; 從置用戶密碼
unzip jumpserver-0.3.2.zip
mv jumpserver /opt
cd /opt/jumpserver/install/
pip install -r requirements.txt
python install.py
pip freeze
You are using pip version 7.1.0, however version 8.1.2 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
Traceback (most recent call last):
File "/opt/jumpserver-0.3.1/install/next.py", line 21, in <module>
from juser.user_api import db_add_user, get_object, User
File "/opt/jumpserver-0.3.1/juser/user_api.py", line 3, in <module>
from Crypto.PublicKey import RSA
File "/usr/lib64/python2.6/site-packages/Crypto/PublicKey/RSA.py", line 37, in <module>
from Crypto.Util.number import getRandomRange
File "/usr/lib64/python2.6/site-packages/Crypto/Util/number.py", line 56, in <module>
if _fastmath is not None and not _fastmath.HAVE_DECL_MPZ_POWM_SEC:
AttributeError: 'module' object has no attribute 'HAVE_DECL_MPZ_POWM_SEC'
pip uninstall pycrypto
rm -fr /usr/lib64/python2.6/site-packages/Crypto/
rm -rf /usr/lib64/python2.6/site-packages/pycrypto-2.4.1-py2.6-linux-x86_64.egg
easy_install /root/pycrypto-2.4.1.tar.gz
python /opt/jumpserver/install/install.py
請輸入您服務器的IP地址,用戶瀏覽器可以訪問 [192.168.31.135]:
是否安裝新的MySQL服務器? (y/n) [y]: n 如果有運行數據庫服務器選 n 第一次安裝選 y
開始安裝設置mysql (請手動設置mysql安全)
默認用戶名: jumpserver 默認密碼: 5Lov@wife
連接數據庫成功
請輸入SMTP地址:
請輸入SMTP端口 [25]:
請輸入賬戶:
請輸入密碼: 郵箱認證建議使用新浪郵箱
請輸入管理員用戶名 [admin]: admin
請輸入管理員密碼: [5Lov@wife]:
請再次輸入管理員密碼: [5Lov@wife]:
Starting jumpserver service:[ OK ]
netstat -tuplna | grep 8000
tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 11780/python
ps -ef | grep 8000
root 10160 2430 0 10:54 pts/0 00:00:00 grep 8000
/opt/jumpserver/service.sh start/restart
http://serverip:8000
用戶名 admin 密碼爲初始化自行設置