From 8d0a88e02e8c7755ea361d6c69da11cfd86b4997 Mon Sep 17 00:00:00 2001 From: lsy Date: Tue, 24 Sep 2024 17:59:47 +0800 Subject: [PATCH] =?UTF-8?q?=E5=B0=86login=E6=8F=90=E5=8F=96=E5=87=BA?= =?UTF-8?q?=E6=9D=A5=E6=94=B9=E4=B8=BAuser?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Config/Login/key.sh | 0 Config/Login/passwd.sh | 0 Config/Login/ssh.sh | 0 Config/Login/user.sh | 0 Config/Other/acme_ssl.sh | 4 +- Config/User/key.sh | 113 ++++++++++++++++++++++++ Config/User/ssh.sh | 71 +++++++++++++++ Config/User/user.sh | 103 ++++++++++++++++++++++ Menus/Login.sh | 182 --------------------------------------- Menus/Software.sh | 2 +- Menus/User.sh | 26 ++++++ 11 files changed, 316 insertions(+), 185 deletions(-) delete mode 100644 Config/Login/key.sh delete mode 100644 Config/Login/passwd.sh delete mode 100644 Config/Login/ssh.sh delete mode 100644 Config/Login/user.sh create mode 100644 Config/User/key.sh create mode 100644 Config/User/ssh.sh create mode 100644 Config/User/user.sh delete mode 100644 Menus/Login.sh create mode 100644 Menus/User.sh diff --git a/Config/Login/key.sh b/Config/Login/key.sh deleted file mode 100644 index e69de29..0000000 diff --git a/Config/Login/passwd.sh b/Config/Login/passwd.sh deleted file mode 100644 index e69de29..0000000 diff --git a/Config/Login/ssh.sh b/Config/Login/ssh.sh deleted file mode 100644 index e69de29..0000000 diff --git a/Config/Login/user.sh b/Config/Login/user.sh deleted file mode 100644 index e69de29..0000000 diff --git a/Config/Other/acme_ssl.sh b/Config/Other/acme_ssl.sh index 35d8f61..32ad3e7 100644 --- a/Config/Other/acme_ssl.sh +++ b/Config/Other/acme_ssl.sh @@ -64,8 +64,8 @@ case $pick_mode in 'TXT记录') declare domain declare log_output=$(${HOME}/.acme.sh/acme.sh --issue --dns $domain_str --yes-I-know-dns-manual-mode-enough-go-ahead-please) - declare -a domain=($( echo "$log_output" | grep "Domain:" | awk -F ": " '{print $2}' | cut " ")) - declare -a txt_value=($(echo "$log_output" | grep "TXT value:" | awk -F ": " '{print $2}'| cut " ")) + declare -a domain=($( echo "$log_output" | grep "Domain:" | awk -F ": " '{print $2}')) + declare -a txt_value=($(echo "$log_output" | grep "TXT value:" | awk -F ": " '{print $2}')) echo "请到dns系统解析TXT记录" for (( i = 0; i < ${#domain[@]}; i++ )); do echo "需要解析的第$((i+1))条" diff --git a/Config/User/key.sh b/Config/User/key.sh new file mode 100644 index 0000000..c3cc39f --- /dev/null +++ b/Config/User/key.sh @@ -0,0 +1,113 @@ +#!/bin/bash +echo "========key========" +echo "1.生成密钥" +echo "2.安装密钥" +echo "输入其他返回主页" +declare pick +echo "========key========" +read -p "请输入要选择的命令" pick + +case $pick in +'1') + declare site="${HOME}/.ssh" + read -p "请输入密钥安装位置,默认 :${site}:" pick + + if [[ -d $pick ]]; then + site=$pick + elif [[ ! -z $pick ]];then + echo "该路径没有文件夹" + exit + fi + + declare bit="" + declare type="" + declare phrase="" + declare -A type_dick + type_dick['rsa']="2048 4096" + type_dick['ed25519']="" + + declare print_number=0 + declare -a print_arr + for i in "${!type_dick[@]}" ; do + print_number=$(( print_number+1 )) + print_arr[$print_number]=$i + echo "${print_number}.${i}" + done + read -p "请选择要生成的密钥类型:" pick + if ! [[ $pick =~ [1-${#type_dick[@]}] ]]; then + echo "选择错误" + exit + fi + type=${type_dick[$pick]} + + if [ ! -z ${type_dick[$type]} ]; then + echo "请选择密钥位大小" + for i in ${type_dick[$type]} ; do + print_number=$(( print_number+1 )) + print_arr[$print_number]=$i + echo "${print_number}.${i}" + done + read -p "请选择:" pick + if ! [[ $pick =~ [1-${#print_arr[@]}] ]]; then + echo "选择错误" + exit + fi + bit="-b ${print_arr[$pick]}" + fi + + read -p "是否开启密钥短语,输入y开启,请输入:" pick + if [[ $pick =~ [Yy] ]]; then + read -p "请输入要设置的密钥短语" phrase + fi + eval "ssh-keygen -t ${type} ${bit} -N '${phrase}' -f '${site}/key' -q" + echo "密钥安装成功" + echo "私钥:${site}/key" + echo "公钥:${site}/key.pub" + read -p "是否开启密钥登录,输入n取消:" pick + if ! [[ $pick =~ [Nn] ]]; then + mkdir -p "$HOME/.ssh" + echo "${site}/key.pub" > "$HOME/.ssh/authorized_keys" + open_key + fi + ;; +'2') +declare key +echo "请输入公钥或文件路径:" +echo "默认:$HOME/.ssh/id_rsa.pub" +read -p "回车默认:" key + +if [[ -z $key ]];then + key="$HOME/.ssh/id_rsa.pub" +fi + +if [[ -f $key ]];then + key=$(cat "$key") +fi +if [[ ! $key =~ ^ssh-(rsa|ecdsa-sha2-nistp[0-9]+|ed25519|dss) ]];then + echo "公钥不合法" + exit 1 +fi + +mkdir -p "$HOME/.ssh" +echo "$key" > "$HOME/.ssh/authorized_keys" +open_key +esac + +function open_key() { + chmod 600 "$HOME/.ssh/authorized_keys" + chmod 700 "$HOME/.ssh" + + sed -i 's/^#\?PubkeyAuthentication.*/PubkeyAuthentication yes/g' /etc/ssh/sshd_config + + declare pick2 + echo "是否关闭密码登录:" + read -p "输入 n 取消关闭:" pick2 + + if [[ ! $pick2 =~ [Nn] ]];then + sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication no/g' /etc/ssh/sshd_config + fi + + systemctl restart sshd.service + + echo "密钥安装完成" +} \ No newline at end of file diff --git a/Config/User/ssh.sh b/Config/User/ssh.sh new file mode 100644 index 0000000..26121d1 --- /dev/null +++ b/Config/User/ssh.sh @@ -0,0 +1,71 @@ +#!/bin/bash +declare pick +echo "========ssh========" +echo "1.更换ssh端口" +echo "2.修改ssh登录方式" +echo "任意输入返回主菜单" +echo "========ssh========" +read -p "请输入要使用的功能:" pick + +case $pick in +'1') + read -p "请输入需要修改的端口号(默认22): " port_number + + if [[ -z $port_number ]];then + port_number=22 + fi + + if ! [[ $port_number =~ ^[0-9]+$ ]] || ! ((port_number > 0 && port_number < 65535)); then + echo "端口不合法" + exit + fi + + if lsof -i :$port_number -t >/dev/null; then + echo "$port_number 端口已被占用" + exit + fi + + sed -i "s/^#\?Port.*/Port $port_number/g" /etc/ssh/sshd_config + + systemctl restart sshd.service + + echo "端口已经修改为$port_number,记得防火墙放行" + ;; +'2') + declare pick_root + declare pick2_key + declare pick2_password + echo "是否关闭root登录" + read -p "输入 n 关闭:" pick_root + echo "是否关闭密码登录" + read -p "输入 n 关闭:" pick2_password + echo "是否关闭密钥登录" + read -p "输入 n 关闭:" pick2_key + + if [[ ! $pick_root =~ [Nn] ]];then + sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config + echo "root用户登录:开启" + else + sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin no/g' /etc/ssh/sshd_config + echo "root用户登录:关闭" + fi + + if [[ ! $pick2_password =~ [Nn] ]];then + sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config + echo "密码登录:开启" + else + sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication no/g' /etc/ssh/sshd_config + echo "密码登录:关闭" + fi + + if [[ ! $pick2_key =~ [Nn] ]];then + sed -i 's/^#\?PubkeyAuthentication.*/PubkeyAuthentication yes/g' /etc/ssh/sshd_config + echo "密钥登录:开启" + else + sed -i 's/^#\?PubkeyAuthentication.*/PubkeyAuthentication no/g' /etc/ssh/sshd_config + echo "密钥登录:关闭" + fi + + systemctl restart sshd.service + ;; +esac \ No newline at end of file diff --git a/Config/User/user.sh b/Config/User/user.sh new file mode 100644 index 0000000..985ca08 --- /dev/null +++ b/Config/User/user.sh @@ -0,0 +1,103 @@ +#!/bin/bash + +declare pick +echo "========user========" +echo "1.新建用户" +echo "2.查看所有用户" +echo "3.删除用户" +echo "4.修改用户密码" +echo "任意输入返回主菜单" +echo "========user========" +read -p "请输入要使用的功能:" pick + +case $pick in +'1') + declare user_name + read -p "请输入你想创建的用户名:" user_name + + if id "$user_name" &>/dev/null; then + echo "用户 $user_name 已存在。" + exit 1 + fi + + useradd -m -s /bin/bash "$user_name" + + if grep -q "^$user_name " /etc/sudoers;then + sed -i "s/^#\?$user_name.*/$user_name ALL=(ALL) NOPASSWD: ALL/g" /etc/sudoers + else + echo "$user_name ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers + fi + + + declare pick + echo "用户登录方式" + echo "y.密码登录" + echo "n.使用root用户公钥" + read -p "默认y,请输入:" pick + if [[ ! $pick =~ [Nn] ]];then + declare password + read -p "请输入密码:" password + echo "$user_name:$password" |chpasswd + sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config; + echo "创建成功" + echo "账号:$user_name" + echo "密码:$password" + else + sed -i 's/^#\?PubkeyAuthentication.*/PubkeyAuthentication yes/g' /etc/ssh/sshd_config + su "$user_name" -c "mkdir -p '/home/$user_name/.ssh'" + cp "/root/.ssh/authorized_keys" "/home/$user_name/.ssh/authorized_keys" + chown "$user_name:$user_name" "/home/$user_name/.ssh/authorized_keys" + su "$user_name" -c "chmod 600 '/home/$user_name/.ssh/authorized_keys'" + su "$user_name" -c "chmod 700 '/home/$user_name/.ssh/'" + + echo "创建成功" + echo "账号:$user_name" + echo "密钥登录" + fi + + declare pick2 + echo "是否关闭root登录" + read -p "输入 n 取消关闭:" pick2 + + if [[ ! $pick2 =~ [Nn] ]];then + sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin no/g' /etc/ssh/sshd_config + echo "root用户登录已关闭" + fi + + systemctl restart sshd.service + ;; +'2') + echo "当前系统有以下用户" + cut -d: -f1 /etc/passwd + ;; +'3') + declare user_name + read -p "请输入需要删除的用户:" user_name + if ! id $user_name &> /dev/nuull ;then + echo "系统内没有该用户" + exit + fi + sed -i "s/^#\?$user_name.*/d" /etc/sudoers + pkill -u root + userdel -r $user_name &> /dev/null + rm -rf "/home/${user_name}" + echo "用户删除成功" + ;; +'4') + declare password + declare user_name + read -p "请输入需要修改密码的用户" user_name + if ! id $user_name;then + echo "系统内没有该用户" + exit + fi + read -p "请输入${user_name}密码:" password + echo "${user_name}:${password}" |chpasswd + if [[ ${user_name} == "root" ]]; then + sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config + fi + sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config + systemctl restart sshd.service + echo "修改成功,用户${user_name}密码为:${password}" + ;; +esac \ No newline at end of file diff --git a/Menus/Login.sh b/Menus/Login.sh deleted file mode 100644 index a62fb33..0000000 --- a/Menus/Login.sh +++ /dev/null @@ -1,182 +0,0 @@ -#!/bin/bash -declare pick -echo "========Login========" -echo "1.修改root密码" -echo "2.ssh安装密钥" -echo "3.新建用户" -echo "4.管理ssh登录方式" -echo "5.更换ssh端口" -echo "任意输入返回主菜单" -echo "========Login========" -read -p "请输入要使用的功能:" pick - - -case $pick in - 1) - declare password - read -p "请输入root密码:" password - echo "root:$password" |chpasswd - sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config - sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config - systemctl restart sshd.service - echo "修改成功当前root密码为:$password" - ;; - 2) - declare key - echo "请输入公钥或文件路径:" - echo "默认:$HOME/.ssh/id_rsa.pub" - read -p "回车默认:" key - - if [[ -z $key ]];then - key="$HOME/.ssh/id_rsa.pub" - fi - - if [[ -f $key ]];then - key=$(cat "$key") - fi - if [[ ! $key =~ ^ssh-(rsa|ecdsa-sha2-nistp[0-9]+|ed25519|dss) ]];then - echo "公钥不合法" - exit 1 - fi - - mkdir -p "$HOME/.ssh" - echo "$key" > "$HOME/.ssh/authorized_keys" - - chmod 600 "$HOME/.ssh/authorized_keys" - chmod 700 "$HOME/.ssh" - - sed -i 's/^#\?PubkeyAuthentication.*/PubkeyAuthentication yes/g' /etc/ssh/sshd_config - - declare pick2 - echo "是否关闭密码登录:" - read -p "输入 n 取消关闭:" pick2 - - if [[ ! $pick2 =~ [Nn] ]];then - sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication no/g' /etc/ssh/sshd_config - fi - - - systemctl restart sshd.service - - echo "密钥安装完成" - ;; - 3) - declare user_name - read -p "请输入你想创建的用户名:" user_name - - if id "$user_name" &>/dev/null; then - echo "用户 $user_name 已存在。" - exit 1 - fi - - useradd -m -s /bin/bash "$user_name" - - if grep -q "^$user_name " /etc/sudoers;then - sed -i "s/^#\?$user_name.*/lsy ALL=(ALL) NOPASSWD: ALL/g" /etc/sudoers - else - echo "lsy ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers - fi - - - declare pick - echo "用户登录方式" - echo "y.密码登录" - echo "n.使用root用户公钥" - read -p "默认y,请输入:" pick - if [[ ! $pick =~ [Nn] ]];then - declare password - read -p "请输入密码:" password - echo "$user_name:$password" |chpasswd - sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config; - echo "创建成功" - echo "账号:$user_name" - echo "密码:$password" - else - sed -i 's/^#\?PubkeyAuthentication.*/PubkeyAuthentication yes/g' /etc/ssh/sshd_config - su "$user_name" -c "mkdir -p '/home/$user_name/.ssh'" - cp "/root/.ssh/authorized_keys" "/home/$user_name/.ssh/authorized_keys" - chown lsy:lsy "/home/$user_name/.ssh/authorized_keys" - su "$user_name" -c "chmod 600 '/home/$user_name/.ssh/authorized_keys'" - su "$user_name" -c "chmod 700 '/home/$user_name/.ssh/'" - - echo "创建成功" - echo "账号:$user_name" - echo "密钥登录" - fi - - declare pick2 - echo "是否关闭root登录" - read -p "输入 n 取消关闭:" pick2 - - if [[ ! $pick2 =~ [Nn] ]];then - sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin no/g' /etc/ssh/sshd_config - echo "root用户登录已关闭" - fi - - systemctl restart sshd.service - - ;; - 4) - declare pick_root - declare pick2_key - declare pick2_password - echo "是否关闭root登录" - read -p "输入 n 关闭:" pick_root - echo "是否关闭密码登录" - read -p "输入 n 关闭:" pick2_password - echo "是否关闭密钥登录" - read -p "输入 n 关闭:" pick2_key - - if [[ ! $pick_root =~ [Nn] ]];then - sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config - echo "root用户登录:开启" - else - sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin no/g' /etc/ssh/sshd_config - echo "root用户登录:关闭" - fi - - if [[ ! $pick2_password =~ [Nn] ]];then - sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config - echo "密码登录:开启" - else - sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication no/g' /etc/ssh/sshd_config - echo "密码登录:关闭" - fi - - if [[ ! $pick2_key =~ [Nn] ]];then - sed -i 's/^#\?PubkeyAuthentication.*/PubkeyAuthentication yes/g' /etc/ssh/sshd_config - echo "密钥登录:开启" - else - sed -i 's/^#\?PubkeyAuthentication.*/PubkeyAuthentication no/g' /etc/ssh/sshd_config - echo "密钥登录:关闭" - fi - - systemctl restart sshd.service - ;; - 5) - read -p "请输入需要修改的端口号(默认22): " port_number - - if [[ -z $port_number ]];then - port_number=22 - fi - - if ! [[ $port_number =~ ^[0-9]+$ ]] || ! ((port_number > 0 && port_number < 65535)); then - echo "端口不合法" - exit - fi - - if lsof -i :$port_number -t >/dev/null; then - echo "$port_number 端口已被占用" - exit - fi - - sed -i "s/^#\?Port.*/Port $port_number/g" /etc/ssh/sshd_config - - systemctl restart sshd.service - - echo "端口已经修改为$port_number,记得防火墙放行" - ;; - *) - clear -esac - diff --git a/Menus/Software.sh b/Menus/Software.sh index 3baa84c..bfec311 100644 --- a/Menus/Software.sh +++ b/Menus/Software.sh @@ -88,7 +88,7 @@ if [[ ${soft_dick['docker']} == 2 ]];then docker_img_number[$docker_img_number_pick]=$i echo "${docker_img_number_pick}.${i}" done - read -p "请输入需要选择的镜像站:" docker_img_number_pick + read -p "请选择Docker镜像站:" docker_img_number_pick declare docker_img if [[ ! $docker_img_number_pick =~ [1-${#docker_imgs[@]}] ]];then docker_img='https://mirrors.sustc.edu.cn/docker-ce' diff --git a/Menus/User.sh b/Menus/User.sh new file mode 100644 index 0000000..a0648d8 --- /dev/null +++ b/Menus/User.sh @@ -0,0 +1,26 @@ +#!/bin/bash + +if ! command -v ssh &> /dev/null; then + echo "ssh未安装" + exit +fi + +declare path_script=$1 +declare file_name=$(basename $0 .sh) +declare pick_array +declare pick_number=0 + +declare pick +echo "========Login========" +for i in "${path_script}/Config/${file_name}"/*;do + pick_number=$((pick_number + 1)) + pick_array[$pick_number]=$(awk -F '.' '{print $1}' <<< "$(basename $i)") + echo "${pick_number}.${pick_array[$pick_number]}" +done +echo "任意输入返回主菜单" +echo "========Login========" +read -p "请输入要使用的功能:" pick + +if [[ $pick =~ [1-$pick_number] ]]; then + bash "${path_script}/Config/${file_name}/${pick_array[${pick}]}.sh" +fi \ No newline at end of file