CN105872059B - A kind of remote execution method and device - Google Patents
A kind of remote execution method and device Download PDFInfo
- Publication number
- CN105872059B CN105872059B CN201610200642.5A CN201610200642A CN105872059B CN 105872059 B CN105872059 B CN 105872059B CN 201610200642 A CN201610200642 A CN 201610200642A CN 105872059 B CN105872059 B CN 105872059B
- Authority
- CN
- China
- Prior art keywords
- target
- long
- information
- range
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/08—Protocols specially adapted for terminal emulation, e.g. Telnet
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
- Computer And Data Communications (AREA)
Abstract
The embodiment of the invention discloses a kind of remote execution method and device, user information private key information corresponding with the corresponding relationship of the identification information of the second class server, user information is stored in advance in first kind server;First kind server receives the long-range of target user's transmission and executes request, and judge the local corresponding relationship for whether being stored with target user's information and target identification information, if it is, the corresponding target private key information of target user's information is locally being searched, and the target private key information found and long-range execution order are sent to target the second class server;Target the second class server executes the long-range execution order for after the public key information itself stored and the successful matching of target private key information.It can be seen that not needing the environment for configuring multiple IT O&M automation tools using illustrated embodiment of the present invention, different user can be realized to the requirements for access of different remote servers.
Description
Technical field
The present invention relates to information technology O&M field, in particular to a kind of remote execution method and device.
Background technique
With the continuous development of information technology, IT (Information Technology, information technology) O&M at
For component part important in information technology.IT O&M refers to the operation and maintenance to computer hardware, software systems.
In face of the business to become increasingly complex, in face of more and more diversified user demand, IT O&M is towards automation
Direction is developed.The automation of IT O&M, that is, utilize operation and maintenance of the IT O&M automation tools to computer hardware, software systems.
IT O&M automation tools such as Ansible can be realized the function of access remote server, and can be weighed for remote access
Limit control.Wherein, Ansible and other IT O&M automation tools are to carry out permission control for remote access based on SSH mostly
System, that is, public key is set in remote server, private key is set in local server, only when public key and private key successful matching
When, local server could access the remote server.
But for the IT O&M automation tools for carrying out permission control for remote access based on SSH, such as
When configuring an Ansible environment in local server, a private key can only be arranged in local server in Ansible, that is,
It says, different permissions cannot be set for using the different user of local server, be not able to satisfy different user to different long-range
The requirements for access of server.In the prior art, in order to meet different user to the requirements for access of different remote servers, usually exist
Multiple Ansible environment are configured in local server, and different private keys is respectively set in each Ansible environment.Using upper
Scheme is stated, needs to switch between multiple Ansible environment, it is very inconvenient, and it is easy error.
Summary of the invention
The embodiment of the present invention is designed to provide a kind of remote execution method and device, to meet different user to difference
The requirements for access of remote server.
In order to achieve the above objectives, the embodiment of the invention discloses a kind of remote execution methods, are applied to first kind server,
User information and the user information are previously stored in the first kind server has the second class server of access authority
Identification information corresponding relationship and the corresponding private key information of the user information;The described method includes:
Receive target user's transmission remotely executes request, includes target second to be visited in the long-range execution request
The target identification information of class server, long-range execution order and target user's information;
Judge the local corresponding relationship for whether being stored with target user's information and the target identification information;
If so, searching the corresponding target private key information of target user's information;
The corresponding target private key information of target user's information and the long-range execution order are sent to described in having
The target the second class server of target identification information, so that the target the second class server is by target user's information
The public key information that corresponding target private key information is stored with itself is matched, if successful matching, the second class of target clothes
Business device executes the long-range execution order.
Optionally, can also include:
Receive that target the second class server sends after executing the long-range execution order described long-range executes life
Corresponding data output content is enabled, and data output content is sent to the target user.
Optionally, what the reception target user sent remotely executes request, may include:
By calling long-range execution function, receive target user's transmission remotely executes request.
Optionally, described in reception target the second class server is sent after executing the long-range execution order
Long-range execute orders corresponding data to export content, and data output content is sent to the target user, can wrap
It includes:
By calling data receiver function, target the second class server is received after executing the long-range execution order
The corresponding data of the long-range execution order sent export content, and data output content is sent to the target and is used
Family.
Optionally, can also include:
By calling condition monitoring function, the execution state of the remote execution method is monitored.
Optionally, described in reception target the second class server is sent after executing the long-range execution order
Long-range execute orders corresponding data to export content, and data output content is sent to the target user, can wrap
It includes:
When the execution state for monitoring the remote execution method is completed to execute, by calling the first data receiver letter
Number receives the long-range execution order that target the second class server is sent after executing the long-range execution order and corresponds to
Data export content, and by the data output content be sent to the target user;
When the execution state for monitoring the remote execution method is in execution, passes through and call the second data receiver letter
Number receives the long-range execution order that target the second class server is sent after executing the long-range execution order and corresponds to
Data export content, and by the data output content be sent to the target user.
In order to achieve the above objectives, the embodiment of the invention also discloses a kind of long-range executive devices, are applied to first kind service
Device, user information and the user information are previously stored in the first kind server has the second class service of access authority
The corresponding relationship of the identification information of device and the corresponding private key information of the user information;Described device includes:
First receiving module, receive that target user sends remotely executes request, the long-range execution request in include to
The target identification information of target the second class server of access, long-range execution order and target user's information;
Judgment module, for judging local pair for whether being stored with target user's information and the target identification information
It should be related to;
Searching module, for it is corresponding to search target user's information when the judgment module judging result, which is, is
Target private key information;
Sending module, for sending out the corresponding target private key information of target user's information and the long-range execution order
The target the second class server with the target identification information is given, so that the second class of target server will be described
The public key information that the corresponding target private key information of target user's information is stored with itself matches, described if successful matching
Target the second class server executes the long-range execution order.
Optionally, can also include:
Second receiving module is sent after executing the long-range execution order for receiving target the second class server
The corresponding data of the long-range execution order export content, and data output content is sent to the target user.
Optionally, first receiving module, specifically can be used for:
By calling long-range execution function, receive target user's transmission remotely executes request.
Optionally, second receiving module, specifically can be used for:
By calling data receiver function, target the second class server is received after executing the long-range execution order
The corresponding data of the long-range execution order sent export content, and data output content is sent to the target and is used
Family.
Optionally, described device can also include:
Monitoring module, for monitoring the execution state of the remote execution method by calling condition monitoring function.
Optionally, second receiving module may include:
First receiving submodule, the execution state for monitoring the remote execution method when the monitoring module are to hold
When row is completed, by calling the first data receiver function, receives target the second class server and executing the long-range execution
The corresponding data output content of the long-range execution order sent after order, and data output content is sent to described
Target user;
Second receiving submodule, the execution state for monitoring the remote execution method when the monitoring module are to hold
When in row, by calling the second data receiver function, target the second class server is received executing and described long-range executes life
The corresponding data output content of the long-range execution order sent after order, and data output content is sent to the mesh
Mark user.
By above scheme as it can be seen that being previously stored with user information and the user information in first kind server has access
The corresponding relationship and the corresponding private key information of the user information of the identification information of second class server of permission;First kind clothes
Business device receives the target identification information including target the second class server to be visited of target user's transmission, remotely executes order
Long-range with target user's information executes request;First kind server judges locally whether be stored with target user's information and target
The corresponding relationship of identification information, if so, locally searching the corresponding target private key information of target user's information;First kind service
The target private key information found and long-range execution order are sent to target the second class server by device;Target the second class server
After the public key information of itself storage and the successful matching of target private key information, the long-range execution order is executed.It can be seen that using
Illustrated embodiment of the present invention does not need the environment for configuring multiple IT O&M automation tools, different user can be realized to not
With the requirements for access of remote server.
Certainly, it implements any of the products of the present invention or method must be not necessarily required to reach all the above excellent simultaneously
Point.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of invention for those of ordinary skill in the art without creative efforts, can be with
It obtains other drawings based on these drawings.
Fig. 1 is the first flow diagram of remote execution method provided in an embodiment of the present invention;
Fig. 2 is second of flow diagram of remote execution method provided in an embodiment of the present invention;
Fig. 3 is the third flow diagram of remote execution method provided in an embodiment of the present invention;
Fig. 4 is the first structural schematic diagram of long-range executive device provided in an embodiment of the present invention;
Fig. 5 is second of structural schematic diagram of long-range executive device provided in an embodiment of the present invention;
Fig. 6 is the third structural schematic diagram of long-range executive device provided in an embodiment of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
In order to solve prior art problem, the embodiment of the invention provides a kind of remote execution method and devices, are applied to
First kind server.Wherein, first kind server can be the local server that user can log in;Second class server can be with
The remote server accessed is needed for user.User information and the user information are previously stored in first kind server to be had
The corresponding relationship and the corresponding private key information of the user information of the identification information of second class server of access authority.Below
A kind of remote execution method provided in an embodiment of the present invention is described in detail first.
Assuming that storing the mark that user information A1 and A1 has the second class server of access authority in first kind server
Know the corresponding of the identification information B2 of the second class server of the corresponding relationship, user information B1 of information A2 with B1 with access authority
There is the corresponding relationship of the identification information C2 of the second class server of access authority and user to believe by relationship, user information C1 and C1
Cease the corresponding private key information A3 of A1, the corresponding private key information B3 of user information B1, the corresponding private key information C3 of user information C1.
Fig. 1 is the first flow diagram of remote execution method provided in an embodiment of the present invention,
S101: receive target user's transmission remotely executes request.It wherein, include to be visited in the long-range execution request
Target the second class server target identification information, long-range execute order and target user's information.
Specifically, receiving the long-range of target user's transmission executes request, function can be remotely executed by calling, reception mesh
What mark user sent remotely executes request.
In practical applications, remotely executing function can be execute function, include following parameter in execute function:
The target identification information of target the second class server to be visited, long-range execution order and target user's information;That is, int
Execute (hostname, user, command, sysuser), wherein hostname can be the second class of target server
Target identification information, specifically, identification information can be server name etc.;User can be to want access target the second class server
Target user's information;Command can execute order to be long-range;It can also include sysuser, sysuser is to be visited
User information in target the second class server.
S102: judge locally whether be stored with the corresponding relationship of target user's information and target identification information, if so, holding
Row S103.
Specifically, if the corresponding relationship of target user's information and target identification information is locally stored, then it represents that the mesh
Mark user has the permission of second class server of the access with the target identification information;If local not stored target user's information
With the corresponding relationship of target identification information, then it represents that the target user does not access the clothes of the second class with the target identification information
It is engaged in the permission of device, in this case, not the second class of access target server.
S103: the corresponding target private key information of target user's information is searched.
S104: the corresponding target private key information of target user's information and long-range execution order are sent to target identification
Target the second class server of information so that target the second class server by the corresponding target private key information of target user's information with
The public key information of itself storage is matched, if successful matching, target the second class server executes the long-range execution order.
Illustrated embodiment of the present invention can apply SSH agreement, private key be stored in first kind server, in the second class service
Storage of public keys in device, the second class server, which executes, after public and private key successful matching remotely executes order.
It is illustrated with above-mentioned example, it is assumed that receive target user A transmission remotely executes request, and the long-range execution is asked
Target identification information A2 in asking including target the second class server to be visited, order is remotely executed (such as in target second
A file is created in class server) and target user's information A1.
First kind server judges locally whether be stored with the pass corresponding with target identification information A2 target user's information A1
System, judging result is yes.First kind server searches the corresponding target private key information A3 of target user's information A1, by A3 and remotely
It executes order (for example creating a file in target the second class server) and is sent to the mesh with target identification information A2
Mark the second class server.
It will be appreciated by persons skilled in the art that illustrated embodiment of the present invention application SSH agreement, second class of target clothes
Business device matches the corresponding target private key information A3 of target user's information A1 received the public key information stored with itself.
If successful matching, execute the long-range execution order: target the second class server is localling create a file.
In practical applications, private key information can be stored in the NFS share directory of first kind server, which passes through
Cryptographic protocol carries out network transmission communication, the same of private key can be shared between cluster server with carry in cluster server
When ensure that private key transmission safety.In addition, public key information is stored in the second class server, if the second class server is protected
There is public key information X, then it represents that user corresponding with the private key information of public key information X pairing, which has, accesses the second class server
Permission.Only in the case where public private key information successful matching, target the second class server executes the long-range execution order.
Using embodiment illustrated in fig. 1 of the present invention, it is previously stored with user information in first kind server and the user believes
Ceasing has the corresponding relationship of the identification information of the second class server of access authority and the corresponding private key letter of the user information
Breath;The target identification information including target the second class server to be visited of first kind server reception target user's transmission,
Long-range execution order and the long-range of target user's information execute request;First kind server judges that the local target that whether is stored with is used
The corresponding relationship of family information and target identification information, if so, locally searching the corresponding target private key letter of target user's information
Breath;The target private key information found and long-range execution order are sent to target the second class server by first kind server;Mesh
This will be executed and long-range execute life after the public key information itself stored and the successful matching of target private key information by marking the second class server
It enables.It can be seen that not needing the environment for configuring multiple IT O&M automation tools using illustrated embodiment of the present invention
Realize different user to the requirements for access of different remote servers.
Fig. 2 is second of flow diagram of remote execution method provided in an embodiment of the present invention, real shown in Fig. 2 of the present invention
On the basis of applying example embodiment shown in Fig. 1, increase S105.
S105: it is corresponding to receive the long-range execution order that target the second class server is sent after executing long-range execution order
Data export content, and data output content is sent to target user.
It is corresponded to specifically, receiving the long-range execution order that target the second class server is sent after executing long-range execution order
Data export content, and by data output content be sent to target user, can pass through call data receiver function, receive mesh
It marks the second class server and is executing the long-range corresponding data output content of long-range execution order for executing and sending after order, and will count
Target user is sent to according to output content.
In practical applications, which can be one file of creation etc. on target the second class server
Order, or some data, such as CPU usage etc. of request target the second class server.
It is also illustrated with above-mentioned example, it is assumed that the long-range execution order is that one is created on target the second class server
File, target the second class server is executing the long-range execution order, can be remote by this after localling create a file
Journey holds the corresponding data output content of line command and is sent to first kind server.
The first kind server receives the data output content of target the second class server transmission, and the data are defeated
Content is sent to target user A out.
Assuming that the long-range execution order is the CPU usage of the second class of request target server, target the second class server
The long-range execution order is being executed, it, can will be in the corresponding data output of the long-range execution order after obtaining itself CPU usage
Hold (i.e. itself CPU usage) and is sent to first kind server.
The data that the first kind server receives target the second class server transmission export content, and (i.e. itself CPU makes
With rate), and data output content is sent to target user A.
Using embodiment illustrated in fig. 2 of the present invention, receives target the second class server and sent after executing long-range execution order
Long-range execution order corresponding data to export content, and data output content is sent to target user, further realizes use
Requirements for access of the family to remote server.
Fig. 3 is the third flow diagram of remote execution method provided in an embodiment of the present invention, real shown in Fig. 3 of the present invention
On the basis of applying example embodiment shown in Fig. 2, before S105, increase S106: by calling condition monitoring function, monitoring is long-range
The execution state of execution method judges execution state to execute and completing in still execution.
S105 may include: S105A and S105B, when the execution state for monitoring remote execution method is completed to execute,
Execute S105A;When the execution state for monitoring remote execution method is in execution, S105B is executed.
S105A: by calling the first data receiver function, target the second class server is received in execution and remotely executes order
Corresponding data output content is ordered in the long-range execution sent afterwards, and data output content is sent to target user.
S105B: by calling the second data receiver function, target the second class server is received in execution and remotely executes order
Corresponding data output content is ordered in the long-range execution sent afterwards, and data output content is sent to target user.
In practical applications, condition monitoring function can be status function, and the first data receiver function can be
GetLog function, the second data receiver function can be pullLog function.
By calling status function to monitor the execution state of the remote execution method, when this method, which executes, to be completed, lead to
It crosses calling getLog function, receives the total data that target the second class server is sent and export content, and by total data data
Content is sent to target user;When the execution state of this method is in execution, passes through and call pullLog function, receives target
The real-time partial data that second class server is sent exports content, and the real-time partial data output content is sent to mesh
Mark user.
Holding for remote execution method can be monitored by calling condition monitoring function using embodiment illustrated in fig. 3 of the present invention
Row state, user experience is more preferably;When the execution state of remote execution method is to execute to complete, by calling the first data receiver
Function receives the long-range execution that target the second class server is sent after executing long-range execution order and orders corresponding data output
Content, and data output content is sent to target user;When the execution state of remote execution method is in execution, pass through tune
With the second data receiver function, target the second class server is received what execution was remotely sent after execution is ordered and remotely executes order
Corresponding data export content, and data output content is sent to target user, realize in varied situations, with different
Long-range execute is ordered corresponding data output content to be sent to user by mode.
Corresponding with above-mentioned embodiment of the method, the embodiment of the present invention also provides a kind of long-range executive device.
Fig. 4 is the first structural schematic diagram of long-range executive device provided in an embodiment of the present invention, comprising:
First receiving module 201, receive target user's transmission remotely executes request, includes in the long-range execution request
The target identification information of target the second class server to be visited, long-range execution order and target user's information;
In practical applications, the first receiving module 201, specifically can be used for:
By calling long-range execution function, receive target user's transmission remotely executes request.
Judgment module 202, for judging locally whether be stored with target user's information and the target identification information
Corresponding relationship;
Searching module 203, for searching target user's information when 202 judging result of judgment module, which is, is
Corresponding target private key information;
Sending module 204, for by the corresponding target private key information of target user's information and described long-range executing life
Order is sent to the target the second class server with the target identification information, so that the target the second class server will
The public key information that the corresponding target private key information of target user's information is stored with itself matches, if successful matching,
Target the second class server executes the long-range execution order.
Using embodiment illustrated in fig. 4 of the present invention, it is previously stored with user information in first kind server and the user believes
Ceasing has the corresponding relationship of the identification information of the second class server of access authority and the corresponding private key letter of the user information
Breath;The target identification information including target the second class server to be visited of first kind server reception target user's transmission,
Long-range execution order and the long-range of target user's information execute request;First kind server judges that the local target that whether is stored with is used
The corresponding relationship of family information and target identification information, if so, locally searching the corresponding target private key letter of target user's information
Breath;The target private key information found and long-range execution order are sent to target the second class server by first kind server;Mesh
This will be executed and long-range execute life after the public key information itself stored and the successful matching of target private key information by marking the second class server
It enables.It can be seen that not needing the environment for configuring multiple IT O&M automation tools using illustrated embodiment of the present invention
Realize different user to the requirements for access of different remote servers.
Fig. 5 is second of structural schematic diagram of long-range executive device provided in an embodiment of the present invention, real shown in Fig. 5 of the present invention
It applies example on the basis of the embodiment shown in fig. 4, can also include:
Second receiving module 205, for receiving target the second class server after executing the long-range execution order
The corresponding data of the long-range execution order sent export content, and data output content is sent to the target and is used
Family.
In practical applications, the second receiving module 205, specifically can be used for:
By calling data receiver function, target the second class server is received after executing the long-range execution order
The corresponding data of the long-range execution order sent export content, and data output content is sent to the target and is used
Family.
Using embodiment illustrated in fig. 5 of the present invention, receives target the second class server and sent after executing long-range execution order
Long-range execution order corresponding data to export content, and data output content is sent to target user, further realizes use
Requirements for access of the family to remote server.
Fig. 6 is the third structural schematic diagram of long-range executive device provided in an embodiment of the present invention, real shown in Fig. 6 of the present invention
On the basis of applying example embodiment shown in Fig. 5, can also include:
Monitoring module 206, for monitoring the execution state of the remote execution method by calling condition monitoring function.
Second receiving module 205 may include the first receiving submodule 205A and the second receiving submodule 205B.
First receiving submodule 205A, for monitoring the execution state of the remote execution method when monitoring module 206
When completing to execute, by calling the first data receiver function, it is described long-range in execution to receive target the second class server
The corresponding data output content of the long-range execution order sent after order is executed, and data output content is sent to
The target user;
Second receiving submodule 205B, for monitoring the execution state of the remote execution method when monitoring module 206
When in executing, by calling the second data receiver function, receives target the second class server and described remotely hold executing
The corresponding data output content of the long-range execution order sent after line command, and data output content is sent to institute
State target user.
Holding for remote execution method can be monitored by calling condition monitoring function using embodiment illustrated in fig. 6 of the present invention
Row state, user experience is more preferably;When the execution state of remote execution method is to execute to complete, by calling the first data receiver
Function receives the long-range execution that target the second class server is sent after executing long-range execution order and orders corresponding data output
Content, and data output content is sent to target user;When the execution state of remote execution method is in execution, pass through tune
With the second data receiver function, target the second class server is received what execution was remotely sent after execution is ordered and remotely executes order
Corresponding data export content, and data output content is sent to target user, realize in varied situations, with different
Long-range execute is ordered corresponding data output content to be sent to user by mode.
It should be noted that, in this document, relational terms such as first and second and the like are used merely to a reality
Body or operation are distinguished with another entity or operation, are deposited without necessarily requiring or implying between these entities or operation
In any actual relationship or order or sequence.Moreover, the terms "include", "comprise" or its any other variant are intended to
Non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those
Element, but also including other elements that are not explicitly listed, or further include for this process, method, article or equipment
Intrinsic element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that
There is also other identical elements in process, method, article or equipment including the element.
Each embodiment in this specification is all made of relevant mode and describes, same and similar portion between each embodiment
Dividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for device reality
For applying example, since it is substantially similar to the method embodiment, so being described relatively simple, related place is referring to embodiment of the method
Part explanation.
Those of ordinary skill in the art will appreciate that all or part of the steps in realization above method embodiment is can
It is completed with instructing relevant hardware by program, the program can store in computer-readable storage medium,
The storage medium designated herein obtained, such as: ROM/RAM, magnetic disk, CD.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the scope of the present invention.It is all
Any modification, equivalent replacement, improvement and so within the spirit and principles in the present invention, are all contained in protection scope of the present invention
It is interior.
Claims (12)
1. a kind of remote execution method, which is characterized in that be applied to first kind server, the first kind server is matched at one
Set the identification information that the second class server of user information and the user information with access authority is previously stored under environment
Corresponding relationship and the corresponding private key information of the user information, the private key information be based on SSH agreement be stored in described first
Under one configuration surroundings of class server;The described method includes:
Receive target user's transmission remotely executes request, includes that the second class of target to be visited takes in the long-range execution request
The target identification information of business device, long-range execution order and target user's information;
Judge the local corresponding relationship for whether being stored with target user's information and the target identification information;
If so, searching the corresponding target private key information of target user's information;
The corresponding target private key information of target user's information and the long-range execution order are sent to the target
The target the second class server of identification information, so that the target the second class server is corresponding by target user's information
The public key information that is stored with itself of target private key information matched, if successful matching, the second class of target server
Execute the long-range execution order;The public key information is based on SSH agreement and is stored in the second class server.
2. the method according to claim 1, wherein further include:
Receive the long-range execution order pair that target the second class server is sent after executing the long-range execution order
The data output content answered, and data output content is sent to the target user.
3. the method according to claim 1, wherein it is described receive target user send remotely execute request,
Include:
By calling long-range execution function, receive target user's transmission remotely executes request.
4. according to the method described in claim 2, it is characterized in that, described receive target the second class server in execution institute
State it is long-range execute the corresponding data output content of the long-range execution order of send after order described, and the data are exported into content
It is sent to the target user, comprising:
By calling data receiver function, receives target the second class server and sent after executing the long-range execution order
The corresponding data of the long-range execution order export content, and data output content is sent to the target user.
5. according to the method described in claim 2, it is characterized by further comprising:
By calling condition monitoring function, the execution state of the remote execution method is monitored.
6. according to the method described in claim 5, it is characterized in that, described receive target the second class server in execution institute
State it is long-range execute the corresponding data output content of the long-range execution order of send after order described, and the data are exported into content
It is sent to the target user, comprising:
When the execution state for monitoring the remote execution method is completed to execute, by calling the first data receiver function,
It is corresponding to receive the long-range execution order that target the second class server is sent after executing the long-range execution order
Data export content, and data output content is sent to the target user;
When the execution state for monitoring the remote execution method is in execution, by calling the second data receiver function, connect
The corresponding number of the long-range execution order for receiving that target the second class server sends after executing the long-range execution order
The target user is sent to according to output content, and by data output content.
7. a kind of long-range executive device, which is characterized in that be applied to first kind server, the first kind server is matched at one
Set the identification information that the second class server of user information and the user information with access authority is previously stored under environment
Corresponding relationship and the corresponding private key information of the user information, the private key information be based on SSH agreement be stored in described first
Under one configuration surroundings of class server;Described device includes:
First receiving module, it includes to be visited in the long-range execution request that receive target user's transmission, which remotely executes request,
Target the second class server target identification information, long-range execute order and target user's information;
Judgment module, for judging locally whether be stored with target user's information pass corresponding with the target identification information
System;
Searching module, for searching the corresponding target of target user's information when the judgment module judging result, which is, is
Private key information;
Sending module, for the corresponding target private key information of target user's information and the long-range execution order to be sent to
The target the second class server with the target identification information, so that the target the second class server is by the target
The public key information that the corresponding target private key information of user information is stored with itself is matched, if successful matching, the target
Second class server executes the long-range execution order;The public key information is based on SSH agreement and is stored in the second class service
In device.
8. device according to claim 7, which is characterized in that further include:
Second receiving module, the institute sent after executing the long-range execution order for receiving target the second class server
It states long-range execute and orders corresponding data output content, and data output content is sent to the target user.
9. device according to claim 7, which is characterized in that first receiving module is specifically used for:
By calling long-range execution function, receive target user's transmission remotely executes request.
10. device according to claim 8, which is characterized in that second receiving module is specifically used for:
By calling data receiver function, receives target the second class server and sent after executing the long-range execution order
The corresponding data of the long-range execution order export content, and data output content is sent to the target user.
11. device according to claim 8, which is characterized in that described device further include:
Monitoring module, for monitoring the execution state of the remote execution method by calling condition monitoring function.
12. device according to claim 11, which is characterized in that second receiving module, comprising:
First receiving submodule, the execution state for monitoring the remote execution method when the monitoring module are to have executed
Cheng Shi receives target the second class server and is executing the long-range execution order by calling the first data receiver function
The corresponding data output content of the long-range execution order sent afterwards, and data output content is sent to the target
User;
Second receiving submodule, for monitoring the execution state of the remote execution method when the monitoring module as in execution
When, by calling the second data receiver function, target the second class server is received after executing the long-range execution order
The corresponding data of the long-range execution order sent export content, and data output content is sent to the target and is used
Family.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610200642.5A CN105872059B (en) | 2016-03-31 | 2016-03-31 | A kind of remote execution method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610200642.5A CN105872059B (en) | 2016-03-31 | 2016-03-31 | A kind of remote execution method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105872059A CN105872059A (en) | 2016-08-17 |
CN105872059B true CN105872059B (en) | 2019-08-09 |
Family
ID=56627105
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610200642.5A Active CN105872059B (en) | 2016-03-31 | 2016-03-31 | A kind of remote execution method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105872059B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107204843B (en) * | 2017-04-11 | 2020-10-27 | 北京奇艺世纪科技有限公司 | Public key processing method and device |
CN107342999A (en) * | 2017-07-04 | 2017-11-10 | 郑州云海信息技术有限公司 | A kind of system and method based on agent protection certificate is strengthened |
CN109728957B (en) * | 2019-01-31 | 2021-08-03 | 网宿科技股份有限公司 | Interactive operation and maintenance method and device |
CN112333244A (en) * | 2020-10-16 | 2021-02-05 | 济南浪潮数据技术有限公司 | Cluster mutual trust method, system, equipment and computer readable storage medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101119368A (en) * | 2007-08-14 | 2008-02-06 | 北京佳讯飞鸿电气股份有限公司 | Method for implementing wireless network safety communication |
CN101453394A (en) * | 2007-12-03 | 2009-06-10 | 华为技术有限公司 | Method, system and equipment for access control |
CN102571698A (en) * | 2010-12-17 | 2012-07-11 | ***通信集团公司 | Access authority control method, system and device for virtual machine |
CN103051628A (en) * | 2012-12-21 | 2013-04-17 | 微梦创科网络科技(中国)有限公司 | Method and system for obtaining authentication token based on servers |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2012047997A1 (en) * | 2010-10-05 | 2012-04-12 | Citrix Systems, Inc. | Display management for native user experiences |
-
2016
- 2016-03-31 CN CN201610200642.5A patent/CN105872059B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101119368A (en) * | 2007-08-14 | 2008-02-06 | 北京佳讯飞鸿电气股份有限公司 | Method for implementing wireless network safety communication |
CN101453394A (en) * | 2007-12-03 | 2009-06-10 | 华为技术有限公司 | Method, system and equipment for access control |
CN102571698A (en) * | 2010-12-17 | 2012-07-11 | ***通信集团公司 | Access authority control method, system and device for virtual machine |
CN103051628A (en) * | 2012-12-21 | 2013-04-17 | 微梦创科网络科技(中国)有限公司 | Method and system for obtaining authentication token based on servers |
Also Published As
Publication number | Publication date |
---|---|
CN105872059A (en) | 2016-08-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105872059B (en) | A kind of remote execution method and device | |
CN1688996B (en) | Method to remotely query, safely measure, and securely communicate configuration information of a networked computational device | |
KR101862965B1 (en) | Management system, gateway apparatus, server apparatus, management method, gateway method and management process execution method | |
CN101090402B (en) | Thin client system using session managing server and session managing method | |
US20070203972A1 (en) | Remote application publication and communication system | |
CN102045337A (en) | Apparatus and methods for managing network resources | |
CN105761340A (en) | Network control method and network control device for door lock, server and PMS (Property Management System) | |
US8762725B2 (en) | Secure machine-to-machine communication protocol | |
CN100433645C (en) | Network device management method and network management system | |
CN106022128B (en) | Method, device and mobile terminal for detection procedure access authority | |
CN103891257B (en) | For monitoring the central processing unit of at least one sensor | |
US20160337328A1 (en) | Enterprise computing environment with continuous user authentication | |
CN104135378A (en) | Method of management control of Internet of Things gateways and management control entity for Internet of Things gateways | |
CN105933374A (en) | Mobile terminal data backup method, system and mobile terminal | |
CN103796343B (en) | M2M gateway devices and its application process | |
CN110727938A (en) | Configuration method and device of intelligent equipment, electronic equipment and storage medium | |
CN113973275A (en) | Data processing method, apparatus and medium | |
CN100442711C (en) | File managing system and method in digital household network | |
CN102281302A (en) | resource access processing method and system | |
CN109947844B (en) | Medical data management system based on medical block chain | |
US8655334B2 (en) | System and method for configuring a communication device | |
CN113094157A (en) | Generation method and device for calling topological graph, storage medium and electronic device | |
CN102591742A (en) | Portable device, data storage method and data storage system | |
CN105959292A (en) | Device using authority identification method and system, and management server | |
US20150242501A1 (en) | Social network address book |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |