Openwrt配置ssh自动登录服务器socks5转发

1.首先安装openssh客户端。

rm -rf /usr/bin/ssh #删除ssh软链接
rm -rf /usr/bin/scp #删除scp软链接
opkg update #更新列表
opkg install openssh-client openssh-keygen#安装openssh客户端

 2.Openwrt生在ssh密钥并上传到服务器端:http://www.l-yp.com/1140.html

3.实现ssh转发:

ssh -D 7070 用户@IP -p端口(22可去除这个参数)-qTfnN

开机启动:

echo 'ssh -D 7070 用户@IP -p端口(22可去除这个参数)-qTfnN >/dev/null 2>&1 &' >> /etc/rc.local

shell脚本监控ssh自动重新连接:

#!/bin/bash
while true
do
if netstat -tlnp|grep ":7070"
then
echo "ssh is working"
else
ssh -D 7070 用户@IP -p端口(22可去除这个参数)-qTfnN >/dev/null 2>&1 &
fi
sleep 300 
done

linux SSH单用户密钥登陆

$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/test/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/test/.ssh/id_rsa.
Your public key has been saved in /home/test/.ssh/id_rsa.pub.
The key fingerprint is:15:b0:02:35:b4:0d:d3:fe:9c:e8:56:e1:a6:06:8c:e9 test@asianux3

创建密钥。

然后拷贝公钥到服务器上:将.ssh/id_rsa.pub 上传到服务器并且重命名 ~/.ssh/authorized_keys  

设置权限600.

Jailkit Chroot

下载:

http://olivier.sessink.nl/jailkit/index.html#download

wget http://olivier.sessink.nl/jailkit/jailkit-2.16.tar.gz
tar xvf jailkit-2.16.tar.gz
cd jailkit-2.16
./configure
make
make install
cp extra/jailkit /etc/init.d/jailkit
chmod a+x /etc/init.d/jailkit
chkconfig jailkit on (Centos)
update-rc.d -f jailkit defaults (debian/ubuntu)
mkdir /jail
chown root:root /jail

给用户创建适当方案:

jk_init -v /jail basicshell 
jk_init -v -j /jail jk_lsh
jk_init -v /jail editors 
jk_init -v /jail extendedshell 
jk_init -v /jail netutils 
jk_init -v /jail ssh 
jk_init -v /jail sftp

- 阅读剩余部分 -