linuxtool/Menus/Login.sh

#!/bin/bash
declare pick
echo "========Login========"
echo "1.修改root密码"
echo "2.ssh安装密钥"
echo "3.新建用户"
echo "4.管理ssh登录方式"
echo "5.更换ssh端口"
echo "任意输入返回主菜单"
echo "========Login========"
read -p "请输入要使用的功能：" pick


case $pick in
    1)
      declare password
    	read -p "请输入root密码：" password
      echo "root:$password" |chpasswd
      sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config
      sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config
      systemctl restart sshd.service
    	echo "修改成功当前root密码为：$password"
      ;;
    2)
      declare key
      echo "请输入公钥或文件路径："
      echo "默认：$HOME/.ssh/id_rsa.pub"
      read -p "回车默认：" key

      if [[ -z $key ]];then
          key="$HOME/.ssh/id_rsa.pub"
      fi

      if [[ -f $key ]];then
          key=$(cat "$key")
      fi
      if [[ ! $key =~ ^ssh-(rsa|ecdsa-sha2-nistp[0-9]+|ed25519|dss) ]];then
          echo "公钥不合法"
          exit 1
      fi

      mkdir -p "$HOME/.ssh"
      echo "$key" > "$HOME/.ssh/authorized_keys"

      chmod 600 "$HOME/.ssh/authorized_keys"
      chmod 700 "$HOME/.ssh"

      sed -i 's/^#\?PubkeyAuthentication.*/PubkeyAuthentication yes/g' /etc/ssh/sshd_config

      declare pick2
      echo "是否关闭密码登录："
      read -p "输入 n 取消关闭：" pick2

      if [[ ! $pick2 =~ [Nn] ]];then
          sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication no/g' /etc/ssh/sshd_config
      fi


      systemctl restart sshd.service

      echo "密钥安装完成"
      ;;
    3)
      declare user_name
      read -p "请输入你想创建的用户名：" user_name

      if id "$user_name" &>/dev/null; then
          echo "用户 $user_name 已存在。"
          exit 1
      fi

      useradd -m -s /bin/bash "$user_name"

      if grep -q "^$user_name " /etc/sudoers;then
          sed -i "s/^#\?$user_name.*/lsy ALL=(ALL) NOPASSWD: ALL/g" /etc/sudoers
      else
          echo "lsy ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
      fi


      declare pick
      echo "用户登录方式"
      echo "y.密码登录"
      echo "n.使用root用户公钥"
        read -p "默认y，请输入：" pick
      if [[ ! $pick =~ [Nn] ]];then
          declare password
          read -p "请输入密码：" password
          echo "$user_name:$password" |chpasswd
          sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config;
          echo "创建成功"
          echo "账号：$user_name"
          echo "密码：$password"
      else
          sed -i 's/^#\?PubkeyAuthentication.*/PubkeyAuthentication yes/g' /etc/ssh/sshd_config
          su "$user_name" -c "mkdir -p '/home/$user_name/.ssh'"
          cp "/root/.ssh/authorized_keys" "/home/$user_name/.ssh/authorized_keys"
          chown lsy:lsy "/home/$user_name/.ssh/authorized_keys"
          su "$user_name" -c "chmod 600 '/home/$user_name/.ssh/authorized_keys'"
          su "$user_name" -c "chmod 700 '/home/$user_name/.ssh/'"

          echo "创建成功"
          echo "账号：$user_name"
          echo "密钥登录"
      fi

      declare pick2
      echo "是否关闭root登录"
      read -p "输入 n 取消关闭：" pick2

      if [[ ! $pick2 =~ [Nn] ]];then
          sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin no/g' /etc/ssh/sshd_config
          echo "root用户登录已关闭"
      fi

      systemctl restart sshd.service

      ;;
    4)
      declare pick_root
      declare pick2_key
      declare pick2_password
      echo "是否关闭root登录"
      read -p "输入 n 关闭：" pick_root
      echo "是否关闭密码登录"
      read -p "输入 n 关闭：" pick2_password
      echo "是否关闭密钥登录"
      read -p "输入 n 关闭：" pick2_key

      if [[ ! $pick_root =~ [Nn] ]];then
          sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config
          echo "root用户登录：开启"
      else
          sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin no/g' /etc/ssh/sshd_config
          echo "root用户登录：关闭"
      fi

      if [[ ! $pick2_password =~ [Nn] ]];then
          sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config
          echo "密码登录：开启"
      else
          sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication no/g' /etc/ssh/sshd_config
          echo "密码登录：关闭"
      fi

      if [[ ! $pick2_key =~ [Nn] ]];then
          sed -i 's/^#\?PubkeyAuthentication.*/PubkeyAuthentication yes/g' /etc/ssh/sshd_config
          echo "密钥登录：开启"
      else
          sed -i 's/^#\?PubkeyAuthentication.*/PubkeyAuthentication no/g' /etc/ssh/sshd_config
          echo "密钥登录：关闭"
      fi

      systemctl restart sshd.service
      ;;
    5)
      read -p "请输入需要修改的端口号(默认22): " port_number

      if [[ -z $port_number ]];then
          port_number=22
      fi

      if ! [[ $port_number =~ ^[0-9]+$ ]] || ! ((port_number > 0 && port_number < 65535)); then
          echo "端口不合法"
          exit
      fi

      if lsof -i :$port_number -t >/dev/null; then
          echo "$port_number 端口已被占用"
          exit
      fi

      sed -i "s/^#\?Port.*/Port $port_number/g" /etc/ssh/sshd_config

      systemctl restart sshd.service

      echo "端口已经修改为$port_number，记得防火墙放行"
      ;;
    *)
      clear
esac