配置dropbear
子车青青
配置dropbear
1 编译zlib
下载,解压zlib:
wget http://www.zlib.net/zlib-1.2.11.tar.gz
tar -xvf zlib-1.2.11.tar.gz
进入zlib解压目录,配置,编译,安装:
cd zlib-1.2.11
makdir build
cd build
../configure --prefix=/usr/local/zlib
make && make install
完成以上步骤,在/usr/local/zlib目录下会看到很多目录和文件,说明zlib编译成功!!
2 编译dropbear
下载,解压dropbear:
wget https://matt.ucc.asn.au/dropbear/releases/dropbear-2018.76.tar.bz2
tar -xvf dropbear-2018.76.tar.bz2
进入dropbear解压目录:
cd dropbear-2018.76
mkdir build
cd build
../configure --prefix=/usr/ --with-zlib=/usr/local/zlib/
生成的文件需要放在/usr/bin和/usr/sbin下面,不然会影响后面命令的使用。
编译安装:
make PROGRAMS="dropbear dbclient dropbearkey dropbearconvert scp"
make PROGRAMS="dropbear dbclient dropbearkey dropbearconvert scp" install
3 移植dropbear
3.1 拷贝执行文件:
将安装文件,如下:
/usr/local/zlib。
/usr/sbin目录下有:dropbear。
/usr/bin目录下有:dbclient,dropbearkey,dropbearconvert,scp。
帮助文档/usr/share/man/man1:dropbear.8,dbclient.1,dropbearkey.1,dropbearconvert.1,scp.1。
/user/local/zlib
以及需要的库文件。
移植到busybox的相应目录下。
3.2 新建目录存放密钥
mkdir /etc/dropbear/
3.3 添加配置文件
新建配置文件/etc/sysconfig/dropbear,文件里面添加内容:
dropbear_keysize=1024
dropbear_port=22223
3.4 添加服务脚本:
新建脚本并命名pro_dropbear,然后在脚本里面添加如下内容:
dropbear_dsskey=/etc/dropbear/dropbear_dss_host_key
dropbear_rsakey=/etc/dropbear/dropbear_rsa_host_key
dropbear_dropbear=/usr/sbin/dropbear
dropbear_dropbearkey=/usr/bin/dropbearkey
[ -f /etc/sysconfig/dropbear ] && [ -r /etc/sysconfig/dropbear ] && . /etc/sysconfig/dropbear
dropbear_keysize=${dropbear_keysize:-1024}
dropbear_port=${dropbear_port:-22222}
echo $dropbear_port
dropbear_check_process(){
local var_name=$1
local var_pid=$(ps -ef | grep ${var_name} | grep -v "grep" | grep -v "ash" | awk '{print $1}')
if [ "${var_pid}" = "" ];then
return 0
else
return 1
fi
}
dropbear_kill_process()
{
local var_name=$1
local var_pid=$(ps -ef | grep ${var_name} | grep -v "grep" | grep -v "ash" | awk '{print $1}')
if [ "${var_pid}" = "" ];then
echo not exist ${var_name}, pid: ${var_pid}
return 1
else
echo "kill ${var_name}, pid: ${var_pid}"
kill -9 ${var_pid}
return 0
fi
}
dropbear_gendsskey(){
[ -d /etc/dropbear ] || mkdir /etc/dropbear
echo -n "Starting generate the dss key: "
${dropbear_dropbearkey} -t dss -f ${dropbear_dsskey} &> /dev/null
RETVAL=$?
if [ ${RETVAL} -eq 0 ]; then
echo "[success]"
return 0
else
echo "[failure]"
return 1
fi
}
dropbear_genrsakey(){
[ -d /etc/dropbear ] || mkdir /etc/dropbear
echo -n "starting generate the rsa key: "
${dropbear_dropbearkey} -t rsa -s ${dropbear_keysize} -f ${dropbear_rsakey} &> /dev/null
RETVAL=$?
if [ ${RETVAL} -eq 0 ]; then
echo "[success]"
return 0
else
echo "[failure]"
return 1
fi
}
dropbear_usage(){
echo "Usage: dropbear {start | stop | restart | status | gendsskey | genrsakey}"
}
dropbear_start(){
[ -e ${dropbear_dsskey} ] || dropbear_gendsskey
[ -e ${dropbear_rsakey} ] || dropbear_genrsakey
dropbear_check_process dropbear
RETVAL=$?
if [ ${RETVAL} -eq 1 ]; then
echo -n "dropbear daemon is already running: "
exit 0
fi
echo -n "starting dropbear: "
#${dropbear_dropbear} -p ${dropbear_port} -d ${dropbear_dsskey} -r ${dropbear_rsakey}
${dropbear_dropbear} -p ${dropbear_port}
RETVAL=$?
if [ ${RETVAL} -eq 0 ];then
echo "[success]"
return 0
else
echo "[failure]"
return 1
fi
}
dropbear_stop(){
echo -n "stopping dropbear daemon: "
dropbear_kill_process dropbear
RETVAL=$?
if [ ${RETVAL} -eq 0 ];then
echo "[success]"
return 0
else
echo "[failure]"
return 1
fi
}
dropbear_status(){
dropbear_check_process dropbear
RETVAL=$?
if [ ${RETVAL} -eq 1 ];then
echo "dropbear is running..."
else
echo "dropbear is stopped..."
fi
}
case $1 in
start)
dropbear_start
;;
stop)
dropbear_stop
;;
restart)
dropbear_stop
dropbear_start
;;
status)
dropbear_status
;;
gendsskey)
dropbear_gendsskey
;;
genrsakey)
dropbear_genrsakey
;;
*)
dropbear_usage
;;
esac
4 开启服务:
可以直接使用命令:
/usr/local/dropbear/sbin/dropbear -p 22222 -d /etc/dropbear/dropbear_dss_host_key -r /etc/dropbear/dropbear_rsa_host_key
或者使用上面定义脚本:
./pro_dropbear
参考:
http://matt.ucc.asn.au/dropbear/dropbear.html
https://www.cnblogs.com/Jimmy1988/p/9060826.html 。
类似资料: