Jumpserver是一款由python编写, Django开发的开源跳板机/堡垒机系统, 助力互联网企业高效 用户、资产、权限、审计 管理。jumpserver实现了跳板机应有的功能,基于ssh协议来管理,客户端无需安装agent。
Jumpserver特点:
1)完全开源,GPL授权
2)Python编写,容易再次开发
3)实现了跳板机基本功能,身份认证、访问控制、授权、审计 、批量操作等。
4)集成了Ansible,批量命令等
5)支持WebTerminal
6)Bootstrap编写,界面美观
7)自动收集硬件信息
8)录像回放
9)命令搜索
10)实时监控
11)批量上传下载
不多做介绍了,下面就Jumpserver安装及功能使用做一记录:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
|
安装jumpserver
3.0
版本,相对于jumpserver
2.0
版本,在新的版本
3.0
中取消了LDAP授权,取而代之的是ssh进行推送;界面也有所变化,功能更完善,安装更简单。
本案例操作系统是Centos7.
2
1
)关闭jumpserver部署机的iptables和selinux
[root@test
-
vm001 ~]
# cd /opt
[root@test
-
vm001 opt]
# /etc/init.d/iptables stop
[root@test
-
vm001 opt]
# setenforce 0
2
)安装依赖包
[root@test
-
vm001 opt]
# yum -y install epel-release
[root@test
-
vm001 opt]
# yum clean all && yum makecache
[root@test
-
vm001 opt]
# yum -y update
[root@test
-
vm001 opt]
# yum -y install git python-pip mysql-devel gcc automake autoconf python-devel vim sshpass lrzsz readline-devel
3
)下载jumpserver V3.
0
下载地址:https:
/
/
pan.baidu.com
/
s
/
1nv4zVCX
提取密码:vcbg
[root@test
-
vm001 opt]
# tar -zvxf jumpserver3.0.tar.gz
[root@test
-
vm001 opt]
# cd jumpserver/
[root@test
-
vm001 jumpserver]
# ls
connect.py connect.pyc docs install jasset jlog jperm jumpserver jumpserver.conf juser keys LICENSE logs manage.py README.md run_websocket.py service.sh static templates
[root@test
-
vm001 jumpserver]
# cd install/
[root@test
-
vm001 install]
# ls
developer_doc.txt initial_data.yaml install.py install.pyc
next
.py requirements.txt zzjumpserver.sh
4
)执行快速安装脚本
[root@test
-
vm001 install]
# pip install -r requirements.txt //如果一次执行失败,可以多尝试执行几次
...........
...........
Running setup.py install
for
ansible
Running setup.py install
for
pyinotify
Found existing installation: argparse
1.2
.
1
Uninstalling argparse
-
1.2
.
1
:
Successfully uninstalled argparse
-
1.2
.
1
Successfully installed MarkupSafe
-
1.0
MySQL
-
python
-
1.2
.
5
PyYAML
-
3.12
ansible
-
1.9
.
4
argparse
-
1.4
.
0
backports
-
abc
-
0.5
backports.ssl
-
match
-
hostname
-
3.5
.
0.1
certifi
-
2017.4
.
17
django
-
1.6
django
-
bootstrap
-
form
-
3.2
django
-
crontab
-
0.6
.
0
ecdsa
-
0.13
jinja2
-
2.9
.
6
paramiko
-
1.16
.
0
passlib
-
1.6
.
5
psutil
-
3.3
.
0
pycrypto
-
2.6
.
1
pyinotify
-
0.9
.
6
singledispatch
-
3.4
.
0.3
tornado
-
4.3
xlrd
-
0.9
.
4
xlsxwriter
-
0.7
.
7
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
报错:
Could
not
find a version that satisfies the requirement django
=
=
1.6
(
from
-
r requirements.txt...
解决办法:
# pip install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
5
)查看安装的包
[root@test
-
vm001 install]
# pip freeze
ansible
=
=
1.9
.
4
backports
-
abc
=
=
0.5
backports.ssl
-
match
-
hostname
=
=
3.4
.
0.2
certifi
=
=
2017.7
.
27.1
configobj
=
=
4.7
.
2
decorator
=
=
3.4
.
0
Django
=
=
1.6
django
-
bootstrap
-
form
=
=
3.2
django
-
crontab
=
=
0.6
.
0
ecdsa
=
=
0.13
iniparse
=
=
0.4
Jinja2
=
=
2.9
.
6
MarkupSafe
=
=
1.0
MySQL
-
python
=
=
1.2
.
5
paramiko
=
=
1.16
.
0
passlib
=
=
1.6
.
5
perf
=
=
0.1
psutil
=
=
3.3
.
0
pycrypto
=
=
2.6
.
1
pycurl
=
=
7.19
.
0
pygobject
=
=
3.14
.
0
pygpgme
=
=
0.3
pyinotify
=
=
0.9
.
6
pyliblzma
=
=
0.5
.
3
pyudev
=
=
0.15
pyxattr
=
=
0.5
.
1
PyYAML
=
=
3.12
singledispatch
=
=
3.4
.
0.3
six
=
=
1.10
.
0
slip
=
=
0.4
.
0
slip.dbus
=
=
0.4
.
0
tornado
=
=
4.3
urlgrabber
=
=
3.10
xlrd
=
=
0.9
.
4
XlsxWriter
=
=
0.7
.
7
|