linux计划任务防暴力破解脚本+免密操作

1.在root创建satools目录

mkdir satools

2.编辑防破解脚本

vi fpj.sh

#!/bin/bash
#zsl -xie
cat /var/log/secure|awk '/Failed/{print $(NF-3)}'|sort|uniq -c|awk '{print $2"="$1;}' > /root/satools/black.txt
DEFINE="10"
for i in `cat /root/satools/black.txt`
        do
                IP=`echo $i |awk -F= '{print $1}'`
                NUM=`echo $i |awk -F= '{print $2}'`
                if [ $NUM -gt $DEFINE ];then
                grep $IP /etc/hosts.deny > /dev/null
                if [ $? -gt 0 ];then
                echo "sshd:$IP" >> /etc/hosts.deny
fi
fi
done

3.编辑计划任务每两个小时执行一次

crontab -e

0 */2 * * * sh /root/fpj.sh

4.设置任务开机启动 重启任务

systemctl reload crond.service
systemctl restart crond.service
systemctl enable crond.service

5.查看被ban ip和记录

cat /etc/hosts.deny
cat /var/log/secure
cat /root/satools/black.txt

cat /var/log/secure|awk '/Failed/{print $(NF-3)}'|uniq -c|sort -rn

 

 6.

yum install lrzsz -y
rz
ssh-keygen
cat id_rsa_1024.pub >> .ssh/authorized_keys

 7.linux端免密

ssh-keygen -t rsa
ssh-copy-id 192.168.1.219
ssh 192.168.1.219
ssh-copy-id -i ~/.ssh/id_rsa.pub "-p 1122 appl@192.168.1.219"
ssh -p 1122 192.168.1.219

 

sort用法

https://www.linuxidc.com/Linux/2017-08/146605.htm

子网查询

https://www.sojson.com/convert/subnetmask.html