小刘,这是你的地盘希望这里会越来越好,有更多的访客...
这是一个留言本!要来留言签到嘛...
还有 5 人发表了评论 加入462人围观linux运维
指定版本openssh、openssl升级脚本
a_lyx 发表于2025-05-07 浏览96 评论0
#!/bin/bash
# 检测系统类型
if command -v dnf &> /dev/null; then
PACKAGE_MANAGER="dnf"
elif command -v apt-get &> /dev/null; then
PACKAGE_MANAGER="apt-get"
else
echo "error: 无法检测到支持的包管理器"
exit 1
fi
# 将所有输出重定向到 output.log 文件
exec > >(tee -a output.log)
exec 2> >(tee -a output.log >&2)
# 安装必要的包
echo "安装依赖包..."
$PACKAGE_MANAGER install -y gcc make perl zlib-devel pam-devel wget krb5-devel
if [ "$?" != "0" ]; then
echo "error: 安装依赖项失败"
exit 1
fi
# 检查当前版本
echo "当前版本信息:"
ssh -V
openssl version
# 创建工作目录
mkdir -p /root/rqjc
cd /root/rqjc || { echo "error: 进入 /root/rqjc 目录失败"; exit 1; }
##############################################
# 安装 OpenSSL 3.5.0
##############################################
echo "开始安装 OpenSSL 3.5.0..."
# 下载并解压 OpenSSL 源代码包
wget https://www.openssl.org/source/openssl-3.5.0.tar.gz || { echo "error: 下载 OpenSSL 源代码包失败"; exit 1; }
tar -zxvf openssl-3.5.0.tar.gz || { echo "error: 解压 OpenSSL 源代码包失败"; exit 1; }
cd openssl-3.5.0 || { echo "error: 进入 OpenSSL 解压目录失败"; exit 1; }
# 检查依赖项
if command -v cpan &> /dev/null; then
sudo cpan IPC::Cmd || { echo "error: 安装 IPC::Cmd 模块失败"; exit 1; }
else
echo "error: cpan 未安装,请先安装 cpan"
exit 1
fi
# 配置编译选项
./config --prefix=/usr/local/openssl --openssldir=/usr/local/openssl shared zlib
# 编译并安装
make -j$(nproc) || { echo "error: OpenSSL 编译失败"; exit 1; }
sudo make install || { echo "error: OpenSSL 安装失败"; exit 1; }
# 更新动态链接库配置
echo "/usr/local/openssl/lib64" | sudo tee /etc/ld.so.conf.d/openssl-3.5.0.conf
sudo ldconfig
# 验证安装
echo "OpenSSL 安装完成,版本信息:"
/usr/local/openssl/bin/openssl version
##############################################
# 安装 OpenSSH 10.0p1
##############################################
echo "开始安装 OpenSSH 10.0p1..."
cd /root/rqjc || { echo "error: 进入 /root/rqjc 目录失败"; exit 1; }
# 下载并解压 OpenSSH 源代码包
wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-10.0p1.tar.gz || { echo "error: 下载 OpenSSH 源代码包失败"; exit 1; }
tar -zxvf openssh-10.0p1.tar.gz || { echo "error: 解压 OpenSSH 源代码包失败"; exit 1; }
cd openssh-10.0p1 || { echo "error: 进入 OpenSSH 解压目录失败"; exit 1; }
# 配置编译选项(明确指定 OpenSSL 路径)
./configure --with-ssl-dir=/usr/local/openssl --with-zlib --with-pam || { echo "error: OpenSSH 编译配置失败"; exit 1; }
# 编译并安装
make || { echo "error: OpenSSH 编译失败"; exit 1; }
sudo make install || { echo "error: OpenSSH 安装失败"; exit 1; }
# 备份现有配置文件
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak || { echo "warning: 备份 SSH 配置文件失败"; }
sudo cp /etc/ssh/ssh_config /etc/ssh/ssh_config.bak || { echo "warning: 备份 SSH 配置文件失败"; }
# 更新系统链接
sudo mv /usr/bin/ssh /usr/bin/ssh-old && sudo ln -sf /usr/local/bin/ssh /usr/bin/ssh || { echo "error: 更新 SSH 链接失败"; exit 1; }
# 重启 SSH 服务
sudo systemctl restart sshd || { echo "error: 重启 SSH 服务失败"; exit 1; }
# 验证安装
echo "OpenSSH 安装完成,版本信息:"
ssh -V
echo "链接的 OpenSSL 版本:"
strings /usr/local/bin/ssh | grep OpenSSL
echo 'hello'
# 检查服务状态
sudo systemctl status sshd
echo "升级完成!"网安知识
云服务器_反弹shell
a_lyx 发表于2025-04-29 浏览99 评论0
使用云服务器(ubuntu)执行反弹shell的操作
云服务器初始配置默认端口开放情况为只开放22号端口和3389端口
nc命令:反弹shell 开放一个监听端口 7777号端口
nc -lvnp 7777
linux运维
linux运维操作——mysql编译安装脚本自动安装
a_lyx 发表于2025-04-28 浏览111 评论0
#!/bin/bash
#Description : MySQL8.4.4 Install Script
#Author : lyx
#Version : 2.0_01
function MySQL_User() {
id mysql >/dev/null 2>&1
if [ "$?" != "0" ]; then
useradd -s /sbin/nologin mysql >/dev/null 2>&1
fi
}
function Create_DIR() {
DIRECTORY=("/home/mysql/data" "/home/mysql/mysqlbase" "/home/mysql/mysqllog")
for i in "${DIRECTORY[@]}"; do
if [ ! -d "${i}" ]; then
mkdir -p "${i}"
fi
done
}
function DOWNLOAD_MYSQL() {
if [ ! -f "/root/mysql-8.4.4-linux-glibc2.28-x86_64.tar.xz" ]; then
echo "Downloading MySQL 8.4.4..."
wget https://dev.mysql.com/get/Downloads/MySQL-8.4/mysql-8.4.4-linux-glibc2.28-x86_64.tar.xz -P /root/
if [ "$?" != "0" ]; then
echo "Failed to download MySQL 8.4.4."
exit 1
fi
else
echo "MySQL 8.4.4 package already exists."
fi
}
function INSTALL() {
chown -R mysql:mysql /home/mysql/{data,mysqlbase,mysqllog}
tar -xvf /root/mysql-8.4.4-linux-glibc2.28-x86_64.tar.xz -C /home/mysql/mysqlbase
mv /home/mysql/mysqlbase/mysql-8.4.4-linux-glibc2.28-x86_64 /home/mysql/mysqlbase/mysql-8.4.4
/home/mysql/mysqlbase/mysql-8.4.4/bin/mysqld --initialize --user=mysql --basedir=/home/mysql/mysqlbase/mysql-8.4.4/ --datadir=/home/mysql/data/
if [ "$?" != "0" ]; then
echo "An error occurs during the installation of the MySQL Database Service."
exit 1
fi
if [ -f /etc/my.cnf ]; then
rm -rf /etc/my.cnf
fi
mv /root/my.cnf /etc/
if [ -f /etc/init.d/mysqld ]; then
rm -rf /etc/init.d/mysqld
fi
cp /home/mysql/mysqlbase/mysql-8.4.4/support-files/mysql.server /etc/init.d/mysqld
if [ ! -f /usr/bin/mysql ]; then
ln -s /home/mysql/mysqlbase/mysql-8.4.4/bin/mysql /usr/bin/mysql
fi
}
function MYSQL_LOG() {
MYSQL_LOG=("/home/mysql/mysqllog/error_log" "/home/mysql/mysqllog/mybinlog")
for j in "${MYSQL_LOG[@]}"; do
if [ ! -d "${j}" ]; then
mkdir -p "${j}"
fi
done
touch /home/mysql/mysqllog/error_log/error.log
touch /home/mysql/mysqllog/mysql-slow.log
chown -R mysql:mysql /home/mysql/mysqllog
}
function MYSQL_START() {
/etc/init.d/mysqld start
sleep 5
if [ "$?" != "0" ]; then
echo "MySQL Service Running Is Error."
exit 1
else
echo "MySQL Service Running Is Successful."
fi
}
function main() {
MySQL_User
Create_DIR
DOWNLOAD_MYSQL
INSTALL
MYSQL_LOG
MYSQL_START
}
main