GG修改器破解版下载地址:https://ghb2023zs.bj.bcebos.com/gg/xgq/ggxgq?GGXGQ
大家好,今天小编为大家分享关于gg修改器root权限版_gg修改器授权root的内容,赶快来一起来看看吧。
之前因为漏洞问题,做安全加固的时候参考了百度的一些教程,里面有些地方很坑,写的乱七八糟,导致升级失败了,所以今天才抽空测试了下下面3种方式,都是没什么问题的,整理一下分享给大家。
下面实验是基于redhat6.8 64位系统做测试(7的版本有比较多注意的点,后面有空再整)
这里提供3个方式:1个是rpm包手动升级,一个是rpm包脚本升级,一个是脚本yum一键升级。(这里的rpm包只需要在openssh升级成功后的系统制作rpm包就可以了,篇幅有限,就不介绍这块了)
1、查看当前openssh版本
2、备份
[root@localhost ~]# cp /etc/pam.d/sshd /etc/pam.d/sshd_bak181225
[root@localhost ~]# cp /etc/ssh/sshd_config /etc/ssh/sshd_config_bak181225
[root@localhost ~]# cp /etc/init.d/sshd /etc/init.d/sshd_bak1812
3、执行rpm包
根据rpm -qa|grep openssh找对应的rpm包
# rpm -Uvh openssh-askpass-7.9p1-1.el6.x86_64.rpm openssh-clients-7.9p1-1.el6.x86_64.rpm openssh-7.9p1-1.el6.x86_64.rpm openssh-server-7.9p1-1.el6.x86_64.rpm
4、配置允许root登录
sed -i ’s/#PermitRootLogin yes/PermitRootLogin yes/g’ /etc/ssh/sshd_config
5、改权限
# chmod 600 /etc/ssh/ssh_host_ed25519_key
6、恢复 pam sshd config
cp /etc/pam.d/sshd_bak181225 /etc/pam.d/sshd
7、安装 ssh-copy-id
(ssh-copy-id 将本机的公钥复制到远程机器的authorized_keys文件中,ssh-copy-id也能让你有到远程机器的home, ~./ssh , 和 ~/.ssh/authorized_keys的权利)
install -v -m755 ssh-copy-id /usr/bin
install -v -m644 ssh-copy-id.1 /usr/share/man/man1
8、重启ssh服务
/etc/init.d/sshd restart
9、测试是否升级成功
ssh -V
根据前面的步骤简单整理如下:
PS:这里测试的时候漏了一步,应该先断开连接再重连测试下的,懒得恢复快照测试了,有空的朋友可以帮忙测试下,这里查看版本已经升级成功了。
#!/bin/bash
# update openssh to 7.9 on centos6.x or rhel 6.x
# 前提条件:需要跟rpm包同个目录
# 1、backup pam sshd config
cp -fp /etc/pam.d/sshd /tmp/sshd_bak
# 2、rpm install
rpm -Uvh openssh-askpass-7.9p1-1.el6.x86_64.rpm openssh-clients-7.9p1-1.el6.x86_64.rpm openssh-7.9p1-1.el6.x86_64.rpm openssh-server-7.9p1-1.el6.x86_64.rpm
# 2、config root ssh to server
# vi /etc/ssh/sshd_config
# PermitRootLogin yes
sed -i ’s/#PermitRootLogin yes/PermitRootLogin yes/g’ /etc/ssh/sshd_config
# 3、change permit
chmod 600 /etc/ssh/ssh_host_ed25519_key
# 4、restore pam sshd config
cp -fp /tmp/sshd_bak /etc/pam.d/sshd
# 5、install ssh-copy-id
install -v -m755 ssh-copy-id /usr/bin
install -v -m644 ssh-copy-id.1 /usr/share/man/man1
# 6、restart sshd service
/etc/init.d/sshd restart
#7、test ssh version
ssh -V
前提条件:配置好yum源,openssh-7.9p1.tar.gz安装包跟脚本同一层目录就可以了
#!/bin/bash
#前提条件:配置好yum源
if [ $UID -ne 0 ];then
echo “please run this script as root !”
exit 1
fi
#安装依赖包
yum -y install gcc gcc-c++ pam-devel zlib-devel xinetd openssl-devel
sleep 2
#备份原ssh
today=$(date +%Y%m%d)
mkdir /tmp/$today
cp -a /etc/ssh /tmp/$today
cp -a /etc/rc.d/init.d/sshd /tmp/$today/sshd_init
cp -a /etc/pam.d/ssh-keycat /tmp/$today
cp -a /etc/pam.d/sshd /tmp/$today/sshd_pam
cp -a /etc/sysconfig/sshd /tmp/$today/sshd_configure
#配置telnet登陆
start_telnet ()
{
cat >>/etc/securetty<<EOF
pts/0
pts/1
pts/2
EOF
#sed -i ’s/yes/no/g’ /etc/xinetd.d/telnet
yum install -y telnet-server
sed -i ’/disable/s/yes/no/g’ /etc/xinetd.d/telnet
/etc/init.d/xinetd restart
}
#卸载旧版本openssh
/etc/init.d/sshd stop
rpm -e –nodeps openssh openssh-server openssh-clients
#rpm -e –nodeps openssh-askpass
#rpm -qa |grep openssh|xargs -i rpm -e –nodeps {}
#安装openssh7.9
echo “start update openssh . . . ”
sleep 2
tar xf openssh-7.9p1.tar.gz
cd openssh-7.9p1
./configure –prefix=/usr
–sysconfdir=/etc/ssh
–with-md5-passwords
–with-pam
–with-zlib
–with-openssl-includes=/usr
–with-privsep-path=/var/empty/sshd
make && make install
sleep 2
install -v -m755 contrib/ssh-copy-id /usr/bin
install -v -m644 contrib/ssh-copy-id.1 /usr/share/man/man1
install -v -m755 -d /usr/share/doc/openssh-7.9p1
install -v -m644 INSTALL LICENCE OVERVIEW README* /usr/share/doc/openssh-7.9p1
#配置ssh
cp -p contrib/redhat/sshd.init /etc/rc.d/init.d/sshd
cp -p /tmp/$today/sshd_pam /etc/pam.d/sshd
cp -p /tmp/$today/ssh-keycat /etc/pam.d
chkconfig –add sshd
sed -i ’33 aPermitRootLogin yes’ /etc/ssh/sshd_config
sed -i ’83 aUsePAM yes’ /etc/ssh/sshd_config
clear
/etc/init.d/sshd start
sleep 1
if [ $(pgrep sshd |wc -l) -eq 0 ];then
start_telnet
echo -e “