case实现jumpserver
最终效果如下
准备密钥认证
[alice@server4 ~]$ ssh-keygen # 生成密钥
[alice@server4 ~]$ ssh-copy-id 192.168.220.140 # 拷贝公钥
[alice@server4 ~]$ ssh-copy-id 192.168.220.171
[alice@server4 ~]$ ssh-copy-id 192.168.220.154
alice根目录创建jumpserver.sh文件
在.bashrc 或者 .bashprofile中执行该脚本
#!/usr/bin/bash
#jumpserver
#version1.0 by wuqiblus 2022-04-19
trap "" HUP INT QUIT TSTP # 信号捕捉,避免用户从跳板机退出
web1=192.168.220.140
web2=192.168.220.171
mysql1=192.168.220.154
clear
while :
do
cat <<-EOF
+-------------------------------+
| jumpserver |
| 1. web1 |
| 2. web2 |
| 3. mysql1 |
+-------------------------------+
EOF
echo -ne "\e[1;32minput number:\e[0m"
read num
case "$num" in
1)
ssh alice@$web1
;;
2)
ssh alice@$web2
;;
3)
ssh alice@$mysql1
;;
"")
;;
*)
echo "error"
esac
done
生产环境:
- 业务服务器不允许直接连接,通过允许从跳板机连接
- 业务服务器不允许root用户直接登陆