#! /bin/bash #取值服务器当前时间 servertime=$(date "+%Y.%m.%d") #创建普通用户 read -t 1000 -p "请输入用户名:" username useradd $username echo $username:passwd|chpasswd #备份当前ssh配置文件 cp /etc/ssh/sshd_config /etc/ssh/sshd_config_bak_$servertime #修改ssh默认端口为51022 sed -i '/^#port/c port 51022' /etc/ssh/sshd_config sed -i '/^port/c port 51022' /etc/ssh/sshd_config #禁止root登陆ssh sed -i '/^#PermitRootLogin/c PermitRootLogin no \n AllowUsers $username' /etc/ssh/sshd_config #更改yum配置使yum更新时不更新内核 cp /etc/yum.conf /etc/yum.conf_$servertime sed -i 's/exclude=/exclude=kernel* /' /etc/yum.conf #开启防火墙端口51022 firewall-cmd --zone=public --add-port=51022/tcp --permanent firewall-cmd --reload #获取服务器IP serverip=`ifconfig|grep "inet"|grep -v "inet6"|grep -v "127.0.0.1"|awk '{print $2}'` #输出连接成功的行数并且判定是否有连接成功记录 touch null sshnum=`echo -e "\n" | telnet $serverip 51022 2>~/null | grep Connected | wc -l` if [ $sshnum = 0 ];then echo "ssh端口不通,请检查配置" exit else echo "ssh端口正常" fi #输出用户名和默认密码 echo "用户名:$username" echo "默认密码:passwd" echo "请及时修改"