运维审计系统

安装paramiko模块

wget http://ftp.dlitz.net/pub/dlitz/crypto/pycrypto/pycrypto-2.6.tar.gz

tar zxvf pycrypto-2.6.tar.gz

cd pycrypto-2.6

python setup.py build && python setup.py install

wget https://pypi.python.org/packages/source/p/paramiko/paramiko-1.12.1.tar.gz

tar zxvf paramiko-1.12.1.tar.gz

cd paramiko-1.12.1

python setup.py build && python setup.py install

创建一个用户

useradd abc

cd /home/abc

cp demo.py /home/abc/

cp interactive.py /home/abc/

chown abc:abc demo.py interactive.py

vim demo.py  ##更改部分内容

import base64

from binascii import hexlify

import getpass

import os

import select

import socket

import sys

import time

import traceback

import tab

import paramiko

import interactive

def agent_auth(transport, username):

"""

Attempt to authenticate to the given transport using any of the private

keys available from an SSH agent.

"""

agent = paramiko.Agent()

agent_keys = agent.get_keys()

if len(agent_keys) == 0:

return

for key in agent_keys:

print ‘Trying ssh-agent key %s‘ % hexlify(key.get_fingerprint()),

try:

transport.auth_publickey(username, key)

print ‘... success!‘

return

except paramiko.SSHException:

print ‘... nope.‘

def manual_auth(username, hostname):

default_auth = ‘p‘

auth = raw_input(‘Auth by (p)assword, (r)sa key, or (d)ss key? [%s] ‘ % default_auth)

if len(auth) == 0:

auth = default_auth

if auth == ‘r‘:

default_path = os.path.join(os.environ[‘HOME‘], ‘.ssh‘, ‘id_rsa‘)

path = raw_input(‘RSA key [%s]: ‘ % default_path)

if len(path) == 0:

path = default_path

try:

key = paramiko.RSAKey.from_private_key_file(path)

except paramiko.PasswordRequiredException:

password = getpass.getpass(‘RSA key password: ‘)

key = paramiko.RSAKey.from_private_key_file(path, password)

t.auth_publickey(username, key)

elif auth == ‘d‘:

default_path = os.path.join(os.environ[‘HOME‘], ‘.ssh‘, ‘id_dsa‘)

path = raw_input(‘DSS key [%s]: ‘ % default_path)

if len(path) == 0:

path = default_path

try:

key = paramiko.DSSKey.from_private_key_file(path)

except paramiko.PasswordRequiredException:

password = getpass.getpass(‘DSS key password: ‘)

key = paramiko.DSSKey.from_private_key_file(path, password)

t.auth_publickey(username, key)

else:

pw = getpass.getpass(‘Password for %[email protected]%s: ‘ % (username, hostname))

t.auth_password(username, pw)

# setup logging

paramiko.util.log_to_file(‘demo.log‘)

username = ‘‘

if len(sys.argv) > 1:

hostname = sys.argv[1]

if hostname.find(‘@‘) >= 0:

username, hostname = hostname.split(‘@‘)

else:

hostname = raw_input(‘Hostname: ‘)

if len(hostname) == 0:

print ‘*** Hostname required.‘

sys.exit(1)

port = 22

if hostname.find(‘:‘) >= 0:

hostname, portstr = hostname.split(‘:‘)

port = int(portstr)

# now connect

try:

sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

sock.connect((hostname, port))

except Exception, e:

print ‘*** Connect failed: ‘ + str(e)

traceback.print_exc()

sys.exit(1)

try:

t = paramiko.Transport(sock)

try:

t.start_client()

except paramiko.SSHException:

print ‘*** SSH negotiation failed.‘

sys.exit(1)

try:

keys = paramiko.util.load_host_keys(os.path.expanduser(‘~/.ssh/known_hosts‘))

except IOError:

try:

keys = paramiko.util.load_host_keys(os.path.expanduser(‘~/ssh/known_hosts‘))

except IOError:

print ‘*** Unable to open host keys file‘

keys = {}

# check server‘s host key -- this is important.

key = t.get_remote_server_key()

if not keys.has_key(hostname):

print ‘*** WARNING: Unknown host key!‘

elif not keys[hostname].has_key(key.get_name()):

print ‘*** WARNING: Unknown host key!‘

elif keys[hostname][key.get_name()] != key:

print ‘*** WARNING: Host key has changed!!!‘

sys.exit(1)

else:

print ‘*** Host key OK.‘

# get username

if username == ‘‘:

default_username = getpass.getuser()

username = raw_input(‘Username [%s]: ‘ % default_username)

if len(username) == 0:

username = default_username

agent_auth(t, username)

if not t.is_authenticated():

manual_auth(username, hostname)

if not t.is_authenticated():

print ‘*** Authentication failed. :(‘

t.close()

sys.exit(1)

chan = t.open_session()

chan.get_pty()

chan.invoke_shell()

print ‘*** Here we go!‘

print

interactive.interactive_shell(chan,username,hostname)

chan.close()

t.close()

except Exception, e:

print ‘*** Caught exception: ‘ + str(e.__class__) + ‘: ‘ + str(e)

traceback.print_exc()

try:

t.close()

except:

pass

sys.exit(1)

vim interactive.py  ##更改部分内容

import base64

from binascii import hexlify

import getpass

import os

import select

import socket

import sys

import time

import traceback

import tab

import paramiko

import interactive

def agent_auth(transport, username):

"""

Attempt to authenticate to the given transport using any of the private

keys available from an SSH agent.

"""

agent = paramiko.Agent()

agent_keys = agent.get_keys()

if len(agent_keys) == 0:

return

for key in agent_keys:

print ‘Trying ssh-agent key %s‘ % hexlify(key.get_fingerprint()),

try:

transport.auth_publickey(username, key)

print ‘... success!‘

return

except paramiko.SSHException:

print ‘... nope.‘

def manual_auth(username, hostname):

default_auth = ‘p‘

auth = raw_input(‘Auth by (p)assword, (r)sa key, or (d)ss key? [%s] ‘ % defa

if len(auth) == 0:

auth = default_auth

if auth == ‘r‘:

default_path = os.path.join(os.environ[‘HOME‘], ‘.ssh‘, ‘id_rsa‘)

path = raw_input(‘RSA key [%s]: ‘ % default_path)

if len(path) == 0:

path = default_path

try:

key = paramiko.RSAKey.from_private_key_file(path)

except paramiko.PasswordRequiredException:

password = getpass.getpass(‘RSA key password: ‘)

key = paramiko.RSAKey.from_private_key_file(path, password)

t.auth_publickey(username, key)

elif auth == ‘d‘:

default_path = os.path.join(os.environ[‘HOME‘], ‘.ssh‘, ‘id_dsa‘)

path = raw_input(‘DSS key [%s]: ‘ % default_path)

if len(path) == 0:

path = default_path

try:

key = paramiko.DSSKey.from_private_key_file(path)

except paramiko.PasswordRequiredException:

password = getpass.getpass(‘DSS key password: ‘)

key = paramiko.DSSKey.from_private_key_file(path, password)

t.auth_publickey(username, key)

else:

pw = getpass.getpass(‘Password for %[email protected]%s: ‘ % (username, hostname))

t.auth_password(username, pw)

# setup logging

paramiko.util.log_to_file(‘demo.log‘)

username = ‘‘

if len(sys.argv) > 1:

hostname = sys.argv[1]

if hostname.find(‘@‘) >= 0:

username, hostname = hostname.split(‘@‘)

else:

hostname = raw_input(‘Hostname: ‘)

if len(hostname) == 0:

print ‘*** Hostname required.‘

sys.exit(1)

port = 22

if hostname.find(‘:‘) >= 0:

hostname, portstr = hostname.split(‘:‘)

port = int(portstr)

# now connect

try:

sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

sock.connect((hostname, port))

except Exception, e:

print ‘*** Connect failed: ‘ + str(e)

traceback.print_exc()

sys.exit(1)

try:

t = paramiko.Transport(sock)

try:

t.start_client()

except paramiko.SSHException:

print ‘*** SSH negotiation failed.‘

sys.exit(1)

try:

keys = paramiko.util.load_host_keys(os.path.expanduser(‘~/.ssh/known_hos

except IOError:

try:

keys = paramiko.util.load_host_keys(os.path.expanduser(‘~/ssh/known_

except IOError:

print ‘*** Unable to open host keys file‘

keys = {}

# check server‘s host key -- this is important.

key = t.get_remote_server_key()

if not keys.has_key(hostname):

print ‘*** WARNING: Unknown host key!‘

elif not keys[hostname].has_key(key.get_name()):

print ‘*** WARNING: Unknown host key!‘

elif keys[hostname][key.get_name()] != key:

print ‘*** WARNING: Host key has changed!!!‘

sys.exit(1)

else:

print ‘*** Host key OK.‘

# get username

if username == ‘‘:

default_username = getpass.getuser()

username = raw_input(‘Username [%s]: ‘ % default_username)

if len(username) == 0:

username = default_username

agent_auth(t, username)

if not t.is_authenticated():

manual_auth(username, hostname)

if not t.is_authenticated():

print ‘*** Authentication failed. :(‘

t.close()

sys.exit(1)

chan = t.open_session()

chan.get_pty()

chan.invoke_shell()

print ‘*** Here we go!‘

print

interactive.interactive_shell(chan,username,hostname)

chan.close()

t.close()

except Exception, e:

print ‘*** Caught exception: ‘ + str(e.__class__) + ‘: ‘ + str(e)

traceback.print_exc()

try:

t.close()

except:

pass

sys.exit(1)

[[email protected] audit_agent]# cat interactive.py

# Copyright (C) 2003-2007  Robey Pointer <[email protected]>

#

# This file is part of paramiko.

#

# Paramiko is free software; you can redistribute it and/or modify it under the

# terms of the GNU Lesser General Public License as published by the Free

# Software Foundation; either version 2.1 of the License, or (at your option)

# any later version.

#

# Paramiko is distributed in the hope that it will be useful, but WITHOUT ANY

# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR

# A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more

# details.

#

# You should have received a copy of the GNU Lesser General Public License

# along with Paramiko; if not, write to the Free Software Foundation, Inc.,

# 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA.

import socket

import sys,os,datetime,time,tab

# windows does not have termios...

try:

import termios

import tty

has_termios = True

except ImportError:

has_termios = False

def interactive_shell(chan,remoteuser,hostname):

if has_termios:

posix_shell(chan,remoteuser,hostname)

else:

windows_shell(chan)

def posix_shell(chan,remoteuser,hostname):

import select

oldtty = termios.tcgetattr(sys.stdin)

try:

tty.setraw(sys.stdin.fileno())

tty.setcbreak(sys.stdin.fileno())

chan.settimeout(0.0)

record = []

record_dic = {}

day_time = time.strftime(‘%Y_%m_%d‘)

#triaquae_path = tri_config.Working_dir

f = open(‘/home/audit_agent/audit_%s_%s.log‘ % (day_time,remoteuser), ‘a‘)

while True:

data = time.strftime(‘%Y_%m_%d %H:%M:%S‘)

r, w, e = select.select([chan, sys.stdin], [], [])

if chan in r:

try:

x = chan.recv(1024)

if len(x) == 0:

print ‘\r\n*** EOF\r\n‘,

break

sys.stdout.write(x)

sys.stdout.flush()

except socket.timeout:

pass

if sys.stdin in r:

x = sys.stdin.read(1)

if len(x) == 0:

break

record.append(x)

chan.send(x)

if x == ‘\r‘:

cmd = ‘‘.join(record).split(‘\r‘)[-2]

log = "%s | %s | %s | %s\n" % (hostname,data,remoteuser,cmd)

f.write(log)

f.flush()

f.close()

finally:

termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)

# thanks to Mike Looijmans for this code

def windows_shell(chan):

import threading

sys.stdout.write("Line-buffered terminal emulation. Press F6 or ^Z to send EOF.\r\n\r\n")

def writeall(sock):

while True:

data = sock.recv(256)

if not data:

sys.stdout.write(‘\r\n*** EOF ***\r\n\r\n‘)

sys.stdout.flush()

break

sys.stdout.write(data)

sys.stdout.flush()

writer = threading.Thread(target=writeall, args=(chan,))

writer.start()

try:

while True:

d = sys.stdin.read(1)

if not d:

break

chan.send(d)

except EOFError:

# user hit ^Z or F6

pass

从其他用户目录下拷贝.bashrc文件

vim .bachrc  ##在最护添加两行

python demo.py

logout