如何通过Ant sshexec查看PC1在PC2上执行的bash历史记录
当前有 2 台 PC,PC1 和 PC2。 我在 PC1 上有一个 Ant 脚本,该脚本将使用 sshexec 任务在 PC2 上执行 bash 命令,代码片段可能如下所示:
<sshexec
host="${IPofPC2}"
username="${USERofPC2}"
password="${PASSofPC2}"
command='echo "Hello World!"'
trust="true"></sshexec>
实际上,该命令是一个复杂的命令,我给出 echo "Hello World!" 举个例子。
我想查看 PC2 上执行的命令到底是什么,但我不知道该怎么做。 我用谷歌搜索并发现 .bash_history 将使用类似 ssh 的终端一次登录来保存远程执行的命令。
看起来这可能有帮助,但尝试没有成功,.bash_history 文件不会记录 sshexec 任务远程执行的命令。
所以SOS,请帮忙。提前致谢。
编辑:
#/etc/syslog.conf
!sshd
*.* /var/log/sshd.log
附件:
$cat /var/log/sshd.log
12 月 8 日 17:36:29 布朗申 启动代理[1373]: /usr/libexec/sshd-keygen-wrapper: 连接来自:10.224.105.186 端口:4090 12 月 8 日 17:36:30 布朗申 sshd[1376]:在 pam_sm_authenticate() 中: 无法确定 Kerberos 主体 姓名。 12 月 8 日 17:36:30 布朗申 sshd[1374]:已接受 用于 houvega 的键盘交互/pam 来自 10.224.105.186 端口 4090 ssh2 十二月 8 17:36:30 布朗森 com.apple.SecurityServer[23]:会话 0x3096eb 创建于 12 月 8 日 17:36:30 布朗申 com.apple.SecurityServer[23]:会话 0x3096eb 属性 0x20 12 月 8 日 17:36:30 布朗森 com.apple.SecurityServer[23]:会话 0x3096eb 于 12 月 8 日 17:36:30 死亡 布朗申 com.apple.SecurityServer[23]:杀戮 auth 主办 12 月 8 日 17:36:30 Brownshen com.apple.SecurityServer[23]:会话 0x3096eb 被毁
there are currently 2 PCs, PC1 and PC2.
I have an Ant script on PC1, the script will execute bash commands on PC2 using sshexec task, the snippet may like the following:
<sshexec
host="${IPofPC2}"
username="${USERofPC2}"
password="${PASSofPC2}"
command='echo "Hello World!"'
trust="true"></sshexec>
in practice the command is a complex one, I give echo "Hello World!" for an example.
I want to see what exactly the command is that have executed on PC2, but I don't know how to.
I googled and find .bash_history will save the remotely executed commands by one login using ssh-like terminal.
It seems this may help, but tried with no success, the .bash_history file won't record commands executed by sshexec task remotely.
So SOS, please help. Thanks in advance.
Edit:
#/etc/syslog.conf
!sshd
*.* /var/log/sshd.log
Attachment:
$cat /var/log/sshd.log
Dec 8 17:36:29 brownshen
launchproxy[1373]:
/usr/libexec/sshd-keygen-wrapper:
Connection from: 10.224.105.186 on
port: 4090 Dec 8 17:36:30 brownshen
sshd[1376]: in pam_sm_authenticate():
Failed to determine Kerberos principal
name. Dec 8 17:36:30 brownshen
sshd[1374]: Accepted
keyboard-interactive/pam for zhouvega
from 10.224.105.186 port 4090 ssh2 Dec
8 17:36:30 brownshen
com.apple.SecurityServer[23]: Session
0x3096eb created Dec 8 17:36:30
brownshen
com.apple.SecurityServer[23]: Session
0x3096eb attributes 0x20 Dec 8
17:36:30 brownshen
com.apple.SecurityServer[23]: Session
0x3096eb dead Dec 8 17:36:30
brownshen
com.apple.SecurityServer[23]: Killing
auth hosts Dec 8 17:36:30 brownshen
com.apple.SecurityServer[23]: Session
0x3096eb destroyed
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
看看这个: http://www .unix.com/unix-advanced-expert-users/4722-ssh-command-logging.html
我的第一个想法是,您可以将 passwd 中指定的 shell 更改为记录所有输入的 shell 包装器,但我认为 sshd 方法更好。
而且,除非您有充分的理由(用户输入?),否则您应该使用 SSH 密钥进行自动登录,而不是保存密码。
Take a look at this: http://www.unix.com/unix-advanced-expert-users/4722-ssh-command-logging.html
My first thought was that you could change the shell specified in passwd to be a shell-wrapper that logs all input, but I think the sshd approach is better.
And, unless you have a good reason to (user input?) you should use SSH keys for auto-logins instead of saving passwords.
您需要确保您的脚本实际上是由 Bash 而不是
sh执行的。然后,将这些添加到脚本的开头:选择不同的文件以将历史记录与用户的交互历史记录分开保存。您可以使用
set -o History打开历史记录保存,并使用set +o History将其关闭。您可以有选择地使用它来仅保存脚本的部分内容。将其添加到脚本末尾以将内存中的历史记录写入文件:
请注意,
HISTSIZE变量会影响内存中存储的历史记录行数。默认值为 500,可以通过执行脚本快速填充。HISTFILESIZE变量也默认为 500,并且存在同样的问题。您可能需要在脚本中将这些变量设置为更大的值,并在用户的启动文件(例如~/.bashrc`)中设置HISTFILESIZE',这样它就不会在交互使用期间被截断,如果您使用相同的历史文件。请注意,对于某些用途,您可以使用 set -x 来打开跟踪并将标准输出捕获到文件中,而不是使用历史记录。
You will need to make sure that your script is actually being executed by Bash and not
sh. Then, add these to the beginning of your script:Choose a different file to save the history separately from the user's interactive history. You can use
set -o historyto turn history saving on andset +o historyto turn it off. You can use this selectively to only save parts of the script.Add this at the end of your script to write the in-memory history to the file:
Note that the
HISTSIZEvariable affects how many lines of history are stored in memory. The default is 500 which could be quickly filled by an executing script. TheHISTFILESIZEvariable also defaults to 500 and the same issue applies. You may need to set these variables to larger values in your script and setHISTFILESIZE' also in the user's startup file (e.g.~/.bashrc`) so it doesn't get truncated during interactive use if you're using the same history file.Note that for some uses, instead of using history you can use
set -xto turn on tracing and capture stdout to a file.