linux堡垒机开源软件,开源堡垒机-01-JumpServer的安装

前段时间曾经用过JumpServer帮助一个客户完成了他的关于堡垒机的需求，由于当时赶进度，没来得及将整个过程记录和完善，现在抽时间慢慢整理下。

1)JumpServer的介绍

Jumpserver 是一款由python编写开源的跳板机(堡垒机)系统，实现了跳板机应有的功能。基于ssh协议来管理，客户端无需安装agent。支持常见系统:

CentOS, RedHat, Fedora, Amazon Linux

Debian

SUSE, Ubuntu

FreeBSD

其他ssh协议硬件设备

2)CentOS7下安装JumpServer

[root@localhost ~]# cd /opt/

[root@localhost ~]# cat /etc/redhat-release

CentOS Linux release 7.1.1503 (Core)

[root@localhost opt]# yum -y install git python-pip mysql-devel gcc automake autoconf python-devel vim sshpass lrzsz readline-devel

[root@localhost opt]#git clone https://github.com/jumpserver/jumpserver.git

[root@localhost opt]# ls

jumpserver

[root@localhost opt]# cd jumpserver/

[root@localhost jumpserver]# ls

connect.py docs jlog juser manage.py service.sh

connect.pyc init.sh jperm keys manage.pyc static

docker-compose.yaml install jumpserver LICENSE README.md templates

Dockerfile jasset jumpserver.conf logs run_server.py

[root@localhost jumpserver]# cd install/

[root@localhost install]# ls

developer_doc.txt docker functions initial_data.yaml install.py install.pyc next.py requirements.txt

[root@localhost install]# python install.py

– – – – – – – – – – – – – – – – – – – – – –

开始关闭防火墙和selinux

请输入您服务器的IP地址，用户浏览器可以访问 [10.10.10.133]:

是否安装新的MySQL服务器? (y/n) [y]:

开始安装设置mysql (请手动设置mysql安全)

默认用户名: jumpserver 默认密码: 5Lov@wife

– – – – – – – – – – – – – – – – – – – – – –

一路回车。。。。

连接数据库成功

请输入SMTP地址: smtp.163.com

请输入SMTP端口 [25]: 25

请输入账户: molewan@163.com

请输入密码: **************(密码我就不写出来了)

说明：在邮箱中注意开启smtp服务

请登陆邮箱查收邮件, 然后确认是否继续安装

是否继续? (y/n) [y]:

开始写入配置文件

开始安装Jumpserver …

开始更新jumpserver

Creating tables …

Creating table django_admin_log

Creating table auth_permission

Creating table auth_group_permissions

Creating table auth_group

Creating table django_content_type

Creating table django_session

Creating table setting

Creating table juser_usergroup

Creating table juser_user_group

Creating table juser_user_groups

Creating table juser_user_user_permissions

Creating table juser_user

Creating table juser_admingroup

Creating table juser_document

Creating table jasset_assetgroup

Creating table jasset_idc

Creating table jasset_asset_group

Creating table jasset_asset

Creating table jasset_assetrecord

Creating table jasset_assetalias

Creating table jperm_permlog

Creating table jperm_permsudo

Creating table jperm_permrole_sudo

Creating table jperm_permrole

Creating table jperm_permrule_asset_group

Creating table jperm_permrule_role

Creating table jperm_permrule_asset

Creating table jperm_permrule_user_group

Creating table jperm_permrule_user

Creating table jperm_permrule

Creating table jperm_permpush

Creating table jlog_log

Creating table jlog_alert

Creating table jlog_ttylog

Creating table jlog_execlog

Creating table jlog_filelog

Creating table jlog_termlog_user

Creating table jlog_termlog

Installing custom SQL …

Installing indexes …

Installed 0 object(s) from 0 fixture(s)

请输入管理员用户名 [admin]:

请输入管理员密码: [5Lov@wife]:

请再次输入管理员密码: [5Lov@wife]:

Starting jumpserver service: [ 确定 ]

安装成功，请访问web, 祝你使用愉快。

请访问 https://github.com/jumpserver/jumpserver/wiki 查看文档

3)查看计划任务

[root@localhost ~]# crontab -l

0 1 * * * /usr/bin/python /opt/jumpserver/manage.py crontab run 3718e5baf203ed0f54703b2f0b7e9e16 # django-cronjobs for jumpserver

*/10 * * * * /usr/bin/python /opt/jumpserver/manage.py crontab run 9956b75140f4453ab1dc4aeb62962a74 # django-cronjobs for jumpserver

如果发现服务无法正常开启，即80端口被占用或者无法开启

[root@localhost ~]# cd /opt/jumpserver/

[root@localhost jumpserver]# ls

connect.py docker-compose.yaml docs install jlog jumpserver juser LICENSE manage.py README.md service.sh templates

connect.pyc Dockerfile init.sh jasset jperm jumpserver.conf keys logs manage.pyc run_server.py static

[root@localhost jumpserver]#python manage.py runserver 0.0.0.0:80 &

[root@localhost jumpserver]# lsof -i :80

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME

python 22129 root 3u IPv4 61572 0t0 TCP *:http (LISTEN)

到此，我们的安装已经完毕！

原创文章，作者：Net21-冰冻vs西瓜，如若转载，请注明出处：http://www.178linux.com/24860

你可能也喜欢