安装JumpServer作为堡垒机
安装:
# yum update
# yum install -y wget curl tar gettext iptables
# yum remove docker docker-common docker-selinux docker-engine
# wget https://github.com/jumpserver/jumpserver/releases/download/v4.10.14/cn-quick_start.sh
# chmod +x cn-quick_start.sh
# ./cn-quick_start.sh
可以仔细看看安装过程中的提示,最后会有使用url、账号、密码提示。
启停:
# cd /opt/jumpserver-installer-v4.10.14
# ./jmsctl.sh start
# ./jmsctl.sh stop
# ./jmsctl.sh restart
# ./jmsctl.sh backup
# ./jmsctl.sh upgrade
# ./jmsctl.sh –help
配置文件:
# vi /opt/jumpserver/config/config.txt
实际使用docker运行:
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
718c1cae84b7 jumpserver/core:v4.10.14-ce “./entrypoint.sh sta…” 27 hours ago Up 27 hours (healthy) 8080/tcp jms_core
b2725a31e6da jumpserver/web:v4.10.14-ce “/docker-entrypoint.…” 27 hours ago Up 27 hours (healthy) 0.0.0.0:80->80/tcp jms_web
83c0d741b7ad jumpserver/chen:v4.10.14-ce “./entrypoint.sh wisp” 27 hours ago Up 27 hours (healthy) 8082/tcp jms_chen
e64f5b7551e5 jumpserver/core:v4.10.14-ce “./entrypoint.sh sta…” 27 hours ago Up 27 hours (healthy) 8080/tcp jms_celery
dc2b573f1dc1 jumpserver/koko:v4.10.14-ce “./entrypoint.sh ./k…” 27 hours ago Up 27 hours (healthy) 0.0.0.0:2222->2222/tcp jms_koko
c6d1ff907252 jumpserver/lion:v4.10.14-ce “./entrypoint.sh sup…” 27 hours ago Up 27 hours (healthy) 4822/tcp, 8081/tcp jms_lion
576de97e1b8e postgres:16.10-bookworm “docker-entrypoint.s…” 27 hours ago Up 27 hours (healthy) 5432/tcp jms_postgresql
a29c312e1d37 redis:7.4.6-bookworm “docker-entrypoint.s…” 27 hours ago Up 27 hours (healthy) 6379/tcp jms_redis
使用:
web访问: http://yy.yy.yy.yy/ ,管理用系统用户: admin / ChangeMe,第一次登录时记得修改密码。
修改sftp的目录位置:
用管理员账号登录web,打开右上角的“系统设置”,选择“平台列表”,右侧“Linux ”条目右侧…选择建立“副本”,在支持的协议“sftp”的右侧“设置”,打开对话框的“SFTP根路径”设置成“~”(账号的home目录)(后面打开sftp时HOME就是账号的home目录)。后面新建资产时选择该linux副本作为”平台”。