CN105872059B - A kind of remote execution method and device - Google Patents

A kind of remote execution method and device Download PDF

Info

Publication number
CN105872059B
CN105872059B CN201610200642.5A CN201610200642A CN105872059B CN 105872059 B CN105872059 B CN 105872059B CN 201610200642 A CN201610200642 A CN 201610200642A CN 105872059 B CN105872059 B CN 105872059B
Authority
CN
China
Prior art keywords
target
long
information
range
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610200642.5A
Other languages
Chinese (zh)
Other versions
CN105872059A (en
Inventor
章敏杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing QIYI Century Science and Technology Co Ltd
Original Assignee
Beijing QIYI Century Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing QIYI Century Science and Technology Co Ltd filed Critical Beijing QIYI Century Science and Technology Co Ltd
Priority to CN201610200642.5A priority Critical patent/CN105872059B/en
Publication of CN105872059A publication Critical patent/CN105872059A/en
Application granted granted Critical
Publication of CN105872059B publication Critical patent/CN105872059B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/08Protocols specially adapted for terminal emulation, e.g. Telnet
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)
  • Computer And Data Communications (AREA)

Abstract

The embodiment of the invention discloses a kind of remote execution method and device, user information private key information corresponding with the corresponding relationship of the identification information of the second class server, user information is stored in advance in first kind server;First kind server receives the long-range of target user's transmission and executes request, and judge the local corresponding relationship for whether being stored with target user's information and target identification information, if it is, the corresponding target private key information of target user's information is locally being searched, and the target private key information found and long-range execution order are sent to target the second class server;Target the second class server executes the long-range execution order for after the public key information itself stored and the successful matching of target private key information.It can be seen that not needing the environment for configuring multiple IT O&M automation tools using illustrated embodiment of the present invention, different user can be realized to the requirements for access of different remote servers.

Description

A kind of remote execution method and device
Technical field
The present invention relates to information technology O&M field, in particular to a kind of remote execution method and device.
Background technique
With the continuous development of information technology, IT (Information Technology, information technology) O&M at For component part important in information technology.IT O&M refers to the operation and maintenance to computer hardware, software systems.
In face of the business to become increasingly complex, in face of more and more diversified user demand, IT O&M is towards automation Direction is developed.The automation of IT O&M, that is, utilize operation and maintenance of the IT O&M automation tools to computer hardware, software systems. IT O&M automation tools such as Ansible can be realized the function of access remote server, and can be weighed for remote access Limit control.Wherein, Ansible and other IT O&M automation tools are to carry out permission control for remote access based on SSH mostly System, that is, public key is set in remote server, private key is set in local server, only when public key and private key successful matching When, local server could access the remote server.
But for the IT O&M automation tools for carrying out permission control for remote access based on SSH, such as When configuring an Ansible environment in local server, a private key can only be arranged in local server in Ansible, that is, It says, different permissions cannot be set for using the different user of local server, be not able to satisfy different user to different long-range The requirements for access of server.In the prior art, in order to meet different user to the requirements for access of different remote servers, usually exist Multiple Ansible environment are configured in local server, and different private keys is respectively set in each Ansible environment.Using upper Scheme is stated, needs to switch between multiple Ansible environment, it is very inconvenient, and it is easy error.
Summary of the invention
The embodiment of the present invention is designed to provide a kind of remote execution method and device, to meet different user to difference The requirements for access of remote server.
In order to achieve the above objectives, the embodiment of the invention discloses a kind of remote execution methods, are applied to first kind server, User information and the user information are previously stored in the first kind server has the second class server of access authority Identification information corresponding relationship and the corresponding private key information of the user information;The described method includes:
Receive target user's transmission remotely executes request, includes target second to be visited in the long-range execution request The target identification information of class server, long-range execution order and target user's information;
Judge the local corresponding relationship for whether being stored with target user's information and the target identification information;
If so, searching the corresponding target private key information of target user's information;
The corresponding target private key information of target user's information and the long-range execution order are sent to described in having The target the second class server of target identification information, so that the target the second class server is by target user's information The public key information that corresponding target private key information is stored with itself is matched, if successful matching, the second class of target clothes Business device executes the long-range execution order.
Optionally, can also include:
Receive that target the second class server sends after executing the long-range execution order described long-range executes life Corresponding data output content is enabled, and data output content is sent to the target user.
Optionally, what the reception target user sent remotely executes request, may include:
By calling long-range execution function, receive target user's transmission remotely executes request.
Optionally, described in reception target the second class server is sent after executing the long-range execution order Long-range execute orders corresponding data to export content, and data output content is sent to the target user, can wrap It includes:
By calling data receiver function, target the second class server is received after executing the long-range execution order The corresponding data of the long-range execution order sent export content, and data output content is sent to the target and is used Family.
Optionally, can also include:
By calling condition monitoring function, the execution state of the remote execution method is monitored.
Optionally, described in reception target the second class server is sent after executing the long-range execution order Long-range execute orders corresponding data to export content, and data output content is sent to the target user, can wrap It includes:
When the execution state for monitoring the remote execution method is completed to execute, by calling the first data receiver letter Number receives the long-range execution order that target the second class server is sent after executing the long-range execution order and corresponds to Data export content, and by the data output content be sent to the target user;
When the execution state for monitoring the remote execution method is in execution, passes through and call the second data receiver letter Number receives the long-range execution order that target the second class server is sent after executing the long-range execution order and corresponds to Data export content, and by the data output content be sent to the target user.
In order to achieve the above objectives, the embodiment of the invention also discloses a kind of long-range executive devices, are applied to first kind service Device, user information and the user information are previously stored in the first kind server has the second class service of access authority The corresponding relationship of the identification information of device and the corresponding private key information of the user information;Described device includes:
First receiving module, receive that target user sends remotely executes request, the long-range execution request in include to The target identification information of target the second class server of access, long-range execution order and target user's information;
Judgment module, for judging local pair for whether being stored with target user's information and the target identification information It should be related to;
Searching module, for it is corresponding to search target user's information when the judgment module judging result, which is, is Target private key information;
Sending module, for sending out the corresponding target private key information of target user's information and the long-range execution order The target the second class server with the target identification information is given, so that the second class of target server will be described The public key information that the corresponding target private key information of target user's information is stored with itself matches, described if successful matching Target the second class server executes the long-range execution order.
Optionally, can also include:
Second receiving module is sent after executing the long-range execution order for receiving target the second class server The corresponding data of the long-range execution order export content, and data output content is sent to the target user.
Optionally, first receiving module, specifically can be used for:
By calling long-range execution function, receive target user's transmission remotely executes request.
Optionally, second receiving module, specifically can be used for:
By calling data receiver function, target the second class server is received after executing the long-range execution order The corresponding data of the long-range execution order sent export content, and data output content is sent to the target and is used Family.
Optionally, described device can also include:
Monitoring module, for monitoring the execution state of the remote execution method by calling condition monitoring function.
Optionally, second receiving module may include:
First receiving submodule, the execution state for monitoring the remote execution method when the monitoring module are to hold When row is completed, by calling the first data receiver function, receives target the second class server and executing the long-range execution The corresponding data output content of the long-range execution order sent after order, and data output content is sent to described Target user;
Second receiving submodule, the execution state for monitoring the remote execution method when the monitoring module are to hold When in row, by calling the second data receiver function, target the second class server is received executing and described long-range executes life The corresponding data output content of the long-range execution order sent after order, and data output content is sent to the mesh Mark user.
By above scheme as it can be seen that being previously stored with user information and the user information in first kind server has access The corresponding relationship and the corresponding private key information of the user information of the identification information of second class server of permission;First kind clothes Business device receives the target identification information including target the second class server to be visited of target user's transmission, remotely executes order Long-range with target user's information executes request;First kind server judges locally whether be stored with target user's information and target The corresponding relationship of identification information, if so, locally searching the corresponding target private key information of target user's information;First kind service The target private key information found and long-range execution order are sent to target the second class server by device;Target the second class server After the public key information of itself storage and the successful matching of target private key information, the long-range execution order is executed.It can be seen that using Illustrated embodiment of the present invention does not need the environment for configuring multiple IT O&M automation tools, different user can be realized to not With the requirements for access of remote server.
Certainly, it implements any of the products of the present invention or method must be not necessarily required to reach all the above excellent simultaneously Point.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this Some embodiments of invention for those of ordinary skill in the art without creative efforts, can be with It obtains other drawings based on these drawings.
Fig. 1 is the first flow diagram of remote execution method provided in an embodiment of the present invention;
Fig. 2 is second of flow diagram of remote execution method provided in an embodiment of the present invention;
Fig. 3 is the third flow diagram of remote execution method provided in an embodiment of the present invention;
Fig. 4 is the first structural schematic diagram of long-range executive device provided in an embodiment of the present invention;
Fig. 5 is second of structural schematic diagram of long-range executive device provided in an embodiment of the present invention;
Fig. 6 is the third structural schematic diagram of long-range executive device provided in an embodiment of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall within the protection scope of the present invention.
In order to solve prior art problem, the embodiment of the invention provides a kind of remote execution method and devices, are applied to First kind server.Wherein, first kind server can be the local server that user can log in;Second class server can be with The remote server accessed is needed for user.User information and the user information are previously stored in first kind server to be had The corresponding relationship and the corresponding private key information of the user information of the identification information of second class server of access authority.Below A kind of remote execution method provided in an embodiment of the present invention is described in detail first.
Assuming that storing the mark that user information A1 and A1 has the second class server of access authority in first kind server Know the corresponding of the identification information B2 of the second class server of the corresponding relationship, user information B1 of information A2 with B1 with access authority There is the corresponding relationship of the identification information C2 of the second class server of access authority and user to believe by relationship, user information C1 and C1 Cease the corresponding private key information A3 of A1, the corresponding private key information B3 of user information B1, the corresponding private key information C3 of user information C1.
Fig. 1 is the first flow diagram of remote execution method provided in an embodiment of the present invention,
S101: receive target user's transmission remotely executes request.It wherein, include to be visited in the long-range execution request Target the second class server target identification information, long-range execute order and target user's information.
Specifically, receiving the long-range of target user's transmission executes request, function can be remotely executed by calling, reception mesh What mark user sent remotely executes request.
In practical applications, remotely executing function can be execute function, include following parameter in execute function: The target identification information of target the second class server to be visited, long-range execution order and target user's information;That is, int Execute (hostname, user, command, sysuser), wherein hostname can be the second class of target server Target identification information, specifically, identification information can be server name etc.;User can be to want access target the second class server Target user's information;Command can execute order to be long-range;It can also include sysuser, sysuser is to be visited User information in target the second class server.
S102: judge locally whether be stored with the corresponding relationship of target user's information and target identification information, if so, holding Row S103.
Specifically, if the corresponding relationship of target user's information and target identification information is locally stored, then it represents that the mesh Mark user has the permission of second class server of the access with the target identification information;If local not stored target user's information With the corresponding relationship of target identification information, then it represents that the target user does not access the clothes of the second class with the target identification information It is engaged in the permission of device, in this case, not the second class of access target server.
S103: the corresponding target private key information of target user's information is searched.
S104: the corresponding target private key information of target user's information and long-range execution order are sent to target identification Target the second class server of information so that target the second class server by the corresponding target private key information of target user's information with The public key information of itself storage is matched, if successful matching, target the second class server executes the long-range execution order.
Illustrated embodiment of the present invention can apply SSH agreement, private key be stored in first kind server, in the second class service Storage of public keys in device, the second class server, which executes, after public and private key successful matching remotely executes order.
It is illustrated with above-mentioned example, it is assumed that receive target user A transmission remotely executes request, and the long-range execution is asked Target identification information A2 in asking including target the second class server to be visited, order is remotely executed (such as in target second A file is created in class server) and target user's information A1.
First kind server judges locally whether be stored with the pass corresponding with target identification information A2 target user's information A1 System, judging result is yes.First kind server searches the corresponding target private key information A3 of target user's information A1, by A3 and remotely It executes order (for example creating a file in target the second class server) and is sent to the mesh with target identification information A2 Mark the second class server.
It will be appreciated by persons skilled in the art that illustrated embodiment of the present invention application SSH agreement, second class of target clothes Business device matches the corresponding target private key information A3 of target user's information A1 received the public key information stored with itself. If successful matching, execute the long-range execution order: target the second class server is localling create a file.
In practical applications, private key information can be stored in the NFS share directory of first kind server, which passes through Cryptographic protocol carries out network transmission communication, the same of private key can be shared between cluster server with carry in cluster server When ensure that private key transmission safety.In addition, public key information is stored in the second class server, if the second class server is protected There is public key information X, then it represents that user corresponding with the private key information of public key information X pairing, which has, accesses the second class server Permission.Only in the case where public private key information successful matching, target the second class server executes the long-range execution order.
Using embodiment illustrated in fig. 1 of the present invention, it is previously stored with user information in first kind server and the user believes Ceasing has the corresponding relationship of the identification information of the second class server of access authority and the corresponding private key letter of the user information Breath;The target identification information including target the second class server to be visited of first kind server reception target user's transmission, Long-range execution order and the long-range of target user's information execute request;First kind server judges that the local target that whether is stored with is used The corresponding relationship of family information and target identification information, if so, locally searching the corresponding target private key letter of target user's information Breath;The target private key information found and long-range execution order are sent to target the second class server by first kind server;Mesh This will be executed and long-range execute life after the public key information itself stored and the successful matching of target private key information by marking the second class server It enables.It can be seen that not needing the environment for configuring multiple IT O&M automation tools using illustrated embodiment of the present invention Realize different user to the requirements for access of different remote servers.
Fig. 2 is second of flow diagram of remote execution method provided in an embodiment of the present invention, real shown in Fig. 2 of the present invention On the basis of applying example embodiment shown in Fig. 1, increase S105.
S105: it is corresponding to receive the long-range execution order that target the second class server is sent after executing long-range execution order Data export content, and data output content is sent to target user.
It is corresponded to specifically, receiving the long-range execution order that target the second class server is sent after executing long-range execution order Data export content, and by data output content be sent to target user, can pass through call data receiver function, receive mesh It marks the second class server and is executing the long-range corresponding data output content of long-range execution order for executing and sending after order, and will count Target user is sent to according to output content.
In practical applications, which can be one file of creation etc. on target the second class server Order, or some data, such as CPU usage etc. of request target the second class server.
It is also illustrated with above-mentioned example, it is assumed that the long-range execution order is that one is created on target the second class server File, target the second class server is executing the long-range execution order, can be remote by this after localling create a file Journey holds the corresponding data output content of line command and is sent to first kind server.
The first kind server receives the data output content of target the second class server transmission, and the data are defeated Content is sent to target user A out.
Assuming that the long-range execution order is the CPU usage of the second class of request target server, target the second class server The long-range execution order is being executed, it, can will be in the corresponding data output of the long-range execution order after obtaining itself CPU usage Hold (i.e. itself CPU usage) and is sent to first kind server.
The data that the first kind server receives target the second class server transmission export content, and (i.e. itself CPU makes With rate), and data output content is sent to target user A.
Using embodiment illustrated in fig. 2 of the present invention, receives target the second class server and sent after executing long-range execution order Long-range execution order corresponding data to export content, and data output content is sent to target user, further realizes use Requirements for access of the family to remote server.
Fig. 3 is the third flow diagram of remote execution method provided in an embodiment of the present invention, real shown in Fig. 3 of the present invention On the basis of applying example embodiment shown in Fig. 2, before S105, increase S106: by calling condition monitoring function, monitoring is long-range The execution state of execution method judges execution state to execute and completing in still execution.
S105 may include: S105A and S105B, when the execution state for monitoring remote execution method is completed to execute, Execute S105A;When the execution state for monitoring remote execution method is in execution, S105B is executed.
S105A: by calling the first data receiver function, target the second class server is received in execution and remotely executes order Corresponding data output content is ordered in the long-range execution sent afterwards, and data output content is sent to target user.
S105B: by calling the second data receiver function, target the second class server is received in execution and remotely executes order Corresponding data output content is ordered in the long-range execution sent afterwards, and data output content is sent to target user.
In practical applications, condition monitoring function can be status function, and the first data receiver function can be GetLog function, the second data receiver function can be pullLog function.
By calling status function to monitor the execution state of the remote execution method, when this method, which executes, to be completed, lead to It crosses calling getLog function, receives the total data that target the second class server is sent and export content, and by total data data Content is sent to target user;When the execution state of this method is in execution, passes through and call pullLog function, receives target The real-time partial data that second class server is sent exports content, and the real-time partial data output content is sent to mesh Mark user.
Holding for remote execution method can be monitored by calling condition monitoring function using embodiment illustrated in fig. 3 of the present invention Row state, user experience is more preferably;When the execution state of remote execution method is to execute to complete, by calling the first data receiver Function receives the long-range execution that target the second class server is sent after executing long-range execution order and orders corresponding data output Content, and data output content is sent to target user;When the execution state of remote execution method is in execution, pass through tune With the second data receiver function, target the second class server is received what execution was remotely sent after execution is ordered and remotely executes order Corresponding data export content, and data output content is sent to target user, realize in varied situations, with different Long-range execute is ordered corresponding data output content to be sent to user by mode.
Corresponding with above-mentioned embodiment of the method, the embodiment of the present invention also provides a kind of long-range executive device.
Fig. 4 is the first structural schematic diagram of long-range executive device provided in an embodiment of the present invention, comprising:
First receiving module 201, receive target user's transmission remotely executes request, includes in the long-range execution request The target identification information of target the second class server to be visited, long-range execution order and target user's information;
In practical applications, the first receiving module 201, specifically can be used for:
By calling long-range execution function, receive target user's transmission remotely executes request.
Judgment module 202, for judging locally whether be stored with target user's information and the target identification information Corresponding relationship;
Searching module 203, for searching target user's information when 202 judging result of judgment module, which is, is Corresponding target private key information;
Sending module 204, for by the corresponding target private key information of target user's information and described long-range executing life Order is sent to the target the second class server with the target identification information, so that the target the second class server will The public key information that the corresponding target private key information of target user's information is stored with itself matches, if successful matching, Target the second class server executes the long-range execution order.
Using embodiment illustrated in fig. 4 of the present invention, it is previously stored with user information in first kind server and the user believes Ceasing has the corresponding relationship of the identification information of the second class server of access authority and the corresponding private key letter of the user information Breath;The target identification information including target the second class server to be visited of first kind server reception target user's transmission, Long-range execution order and the long-range of target user's information execute request;First kind server judges that the local target that whether is stored with is used The corresponding relationship of family information and target identification information, if so, locally searching the corresponding target private key letter of target user's information Breath;The target private key information found and long-range execution order are sent to target the second class server by first kind server;Mesh This will be executed and long-range execute life after the public key information itself stored and the successful matching of target private key information by marking the second class server It enables.It can be seen that not needing the environment for configuring multiple IT O&M automation tools using illustrated embodiment of the present invention Realize different user to the requirements for access of different remote servers.
Fig. 5 is second of structural schematic diagram of long-range executive device provided in an embodiment of the present invention, real shown in Fig. 5 of the present invention It applies example on the basis of the embodiment shown in fig. 4, can also include:
Second receiving module 205, for receiving target the second class server after executing the long-range execution order The corresponding data of the long-range execution order sent export content, and data output content is sent to the target and is used Family.
In practical applications, the second receiving module 205, specifically can be used for:
By calling data receiver function, target the second class server is received after executing the long-range execution order The corresponding data of the long-range execution order sent export content, and data output content is sent to the target and is used Family.
Using embodiment illustrated in fig. 5 of the present invention, receives target the second class server and sent after executing long-range execution order Long-range execution order corresponding data to export content, and data output content is sent to target user, further realizes use Requirements for access of the family to remote server.
Fig. 6 is the third structural schematic diagram of long-range executive device provided in an embodiment of the present invention, real shown in Fig. 6 of the present invention On the basis of applying example embodiment shown in Fig. 5, can also include:
Monitoring module 206, for monitoring the execution state of the remote execution method by calling condition monitoring function.
Second receiving module 205 may include the first receiving submodule 205A and the second receiving submodule 205B.
First receiving submodule 205A, for monitoring the execution state of the remote execution method when monitoring module 206 When completing to execute, by calling the first data receiver function, it is described long-range in execution to receive target the second class server The corresponding data output content of the long-range execution order sent after order is executed, and data output content is sent to The target user;
Second receiving submodule 205B, for monitoring the execution state of the remote execution method when monitoring module 206 When in executing, by calling the second data receiver function, receives target the second class server and described remotely hold executing The corresponding data output content of the long-range execution order sent after line command, and data output content is sent to institute State target user.
Holding for remote execution method can be monitored by calling condition monitoring function using embodiment illustrated in fig. 6 of the present invention Row state, user experience is more preferably;When the execution state of remote execution method is to execute to complete, by calling the first data receiver Function receives the long-range execution that target the second class server is sent after executing long-range execution order and orders corresponding data output Content, and data output content is sent to target user;When the execution state of remote execution method is in execution, pass through tune With the second data receiver function, target the second class server is received what execution was remotely sent after execution is ordered and remotely executes order Corresponding data export content, and data output content is sent to target user, realize in varied situations, with different Long-range execute is ordered corresponding data output content to be sent to user by mode.
It should be noted that, in this document, relational terms such as first and second and the like are used merely to a reality Body or operation are distinguished with another entity or operation, are deposited without necessarily requiring or implying between these entities or operation In any actual relationship or order or sequence.Moreover, the terms "include", "comprise" or its any other variant are intended to Non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those Element, but also including other elements that are not explicitly listed, or further include for this process, method, article or equipment Intrinsic element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that There is also other identical elements in process, method, article or equipment including the element.
Each embodiment in this specification is all made of relevant mode and describes, same and similar portion between each embodiment Dividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for device reality For applying example, since it is substantially similar to the method embodiment, so being described relatively simple, related place is referring to embodiment of the method Part explanation.
Those of ordinary skill in the art will appreciate that all or part of the steps in realization above method embodiment is can It is completed with instructing relevant hardware by program, the program can store in computer-readable storage medium, The storage medium designated herein obtained, such as: ROM/RAM, magnetic disk, CD.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the scope of the present invention.It is all Any modification, equivalent replacement, improvement and so within the spirit and principles in the present invention, are all contained in protection scope of the present invention It is interior.

Claims (12)

1. a kind of remote execution method, which is characterized in that be applied to first kind server, the first kind server is matched at one Set the identification information that the second class server of user information and the user information with access authority is previously stored under environment Corresponding relationship and the corresponding private key information of the user information, the private key information be based on SSH agreement be stored in described first Under one configuration surroundings of class server;The described method includes:
Receive target user's transmission remotely executes request, includes that the second class of target to be visited takes in the long-range execution request The target identification information of business device, long-range execution order and target user's information;
Judge the local corresponding relationship for whether being stored with target user's information and the target identification information;
If so, searching the corresponding target private key information of target user's information;
The corresponding target private key information of target user's information and the long-range execution order are sent to the target The target the second class server of identification information, so that the target the second class server is corresponding by target user's information The public key information that is stored with itself of target private key information matched, if successful matching, the second class of target server Execute the long-range execution order;The public key information is based on SSH agreement and is stored in the second class server.
2. the method according to claim 1, wherein further include:
Receive the long-range execution order pair that target the second class server is sent after executing the long-range execution order The data output content answered, and data output content is sent to the target user.
3. the method according to claim 1, wherein it is described receive target user send remotely execute request, Include:
By calling long-range execution function, receive target user's transmission remotely executes request.
4. according to the method described in claim 2, it is characterized in that, described receive target the second class server in execution institute State it is long-range execute the corresponding data output content of the long-range execution order of send after order described, and the data are exported into content It is sent to the target user, comprising:
By calling data receiver function, receives target the second class server and sent after executing the long-range execution order The corresponding data of the long-range execution order export content, and data output content is sent to the target user.
5. according to the method described in claim 2, it is characterized by further comprising:
By calling condition monitoring function, the execution state of the remote execution method is monitored.
6. according to the method described in claim 5, it is characterized in that, described receive target the second class server in execution institute State it is long-range execute the corresponding data output content of the long-range execution order of send after order described, and the data are exported into content It is sent to the target user, comprising:
When the execution state for monitoring the remote execution method is completed to execute, by calling the first data receiver function, It is corresponding to receive the long-range execution order that target the second class server is sent after executing the long-range execution order Data export content, and data output content is sent to the target user;
When the execution state for monitoring the remote execution method is in execution, by calling the second data receiver function, connect The corresponding number of the long-range execution order for receiving that target the second class server sends after executing the long-range execution order The target user is sent to according to output content, and by data output content.
7. a kind of long-range executive device, which is characterized in that be applied to first kind server, the first kind server is matched at one Set the identification information that the second class server of user information and the user information with access authority is previously stored under environment Corresponding relationship and the corresponding private key information of the user information, the private key information be based on SSH agreement be stored in described first Under one configuration surroundings of class server;Described device includes:
First receiving module, it includes to be visited in the long-range execution request that receive target user's transmission, which remotely executes request, Target the second class server target identification information, long-range execute order and target user's information;
Judgment module, for judging locally whether be stored with target user's information pass corresponding with the target identification information System;
Searching module, for searching the corresponding target of target user's information when the judgment module judging result, which is, is Private key information;
Sending module, for the corresponding target private key information of target user's information and the long-range execution order to be sent to The target the second class server with the target identification information, so that the target the second class server is by the target The public key information that the corresponding target private key information of user information is stored with itself is matched, if successful matching, the target Second class server executes the long-range execution order;The public key information is based on SSH agreement and is stored in the second class service In device.
8. device according to claim 7, which is characterized in that further include:
Second receiving module, the institute sent after executing the long-range execution order for receiving target the second class server It states long-range execute and orders corresponding data output content, and data output content is sent to the target user.
9. device according to claim 7, which is characterized in that first receiving module is specifically used for:
By calling long-range execution function, receive target user's transmission remotely executes request.
10. device according to claim 8, which is characterized in that second receiving module is specifically used for:
By calling data receiver function, receives target the second class server and sent after executing the long-range execution order The corresponding data of the long-range execution order export content, and data output content is sent to the target user.
11. device according to claim 8, which is characterized in that described device further include:
Monitoring module, for monitoring the execution state of the remote execution method by calling condition monitoring function.
12. device according to claim 11, which is characterized in that second receiving module, comprising:
First receiving submodule, the execution state for monitoring the remote execution method when the monitoring module are to have executed Cheng Shi receives target the second class server and is executing the long-range execution order by calling the first data receiver function The corresponding data output content of the long-range execution order sent afterwards, and data output content is sent to the target User;
Second receiving submodule, for monitoring the execution state of the remote execution method when the monitoring module as in execution When, by calling the second data receiver function, target the second class server is received after executing the long-range execution order The corresponding data of the long-range execution order sent export content, and data output content is sent to the target and is used Family.
CN201610200642.5A 2016-03-31 2016-03-31 A kind of remote execution method and device Active CN105872059B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610200642.5A CN105872059B (en) 2016-03-31 2016-03-31 A kind of remote execution method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610200642.5A CN105872059B (en) 2016-03-31 2016-03-31 A kind of remote execution method and device

Publications (2)

Publication Number Publication Date
CN105872059A CN105872059A (en) 2016-08-17
CN105872059B true CN105872059B (en) 2019-08-09

Family

ID=56627105

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610200642.5A Active CN105872059B (en) 2016-03-31 2016-03-31 A kind of remote execution method and device

Country Status (1)

Country Link
CN (1) CN105872059B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107204843B (en) * 2017-04-11 2020-10-27 北京奇艺世纪科技有限公司 Public key processing method and device
CN107342999A (en) * 2017-07-04 2017-11-10 郑州云海信息技术有限公司 A kind of system and method based on agent protection certificate is strengthened
CN109728957B (en) * 2019-01-31 2021-08-03 网宿科技股份有限公司 Interactive operation and maintenance method and device
CN112333244A (en) * 2020-10-16 2021-02-05 济南浪潮数据技术有限公司 Cluster mutual trust method, system, equipment and computer readable storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101119368A (en) * 2007-08-14 2008-02-06 北京佳讯飞鸿电气股份有限公司 Method for implementing wireless network safety communication
CN101453394A (en) * 2007-12-03 2009-06-10 华为技术有限公司 Method, system and equipment for access control
CN102571698A (en) * 2010-12-17 2012-07-11 ***通信集团公司 Access authority control method, system and device for virtual machine
CN103051628A (en) * 2012-12-21 2013-04-17 微梦创科网络科技(中国)有限公司 Method and system for obtaining authentication token based on servers

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012047997A1 (en) * 2010-10-05 2012-04-12 Citrix Systems, Inc. Display management for native user experiences

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101119368A (en) * 2007-08-14 2008-02-06 北京佳讯飞鸿电气股份有限公司 Method for implementing wireless network safety communication
CN101453394A (en) * 2007-12-03 2009-06-10 华为技术有限公司 Method, system and equipment for access control
CN102571698A (en) * 2010-12-17 2012-07-11 ***通信集团公司 Access authority control method, system and device for virtual machine
CN103051628A (en) * 2012-12-21 2013-04-17 微梦创科网络科技(中国)有限公司 Method and system for obtaining authentication token based on servers

Also Published As

Publication number Publication date
CN105872059A (en) 2016-08-17

Similar Documents

Publication Publication Date Title
CN105872059B (en) A kind of remote execution method and device
CN1688996B (en) Method to remotely query, safely measure, and securely communicate configuration information of a networked computational device
KR101862965B1 (en) Management system, gateway apparatus, server apparatus, management method, gateway method and management process execution method
CN101090402B (en) Thin client system using session managing server and session managing method
US20070203972A1 (en) Remote application publication and communication system
CN102045337A (en) Apparatus and methods for managing network resources
CN105761340A (en) Network control method and network control device for door lock, server and PMS (Property Management System)
US8762725B2 (en) Secure machine-to-machine communication protocol
CN100433645C (en) Network device management method and network management system
CN106022128B (en) Method, device and mobile terminal for detection procedure access authority
CN103891257B (en) For monitoring the central processing unit of at least one sensor
US20160337328A1 (en) Enterprise computing environment with continuous user authentication
CN104135378A (en) Method of management control of Internet of Things gateways and management control entity for Internet of Things gateways
CN105933374A (en) Mobile terminal data backup method, system and mobile terminal
CN103796343B (en) M2M gateway devices and its application process
CN110727938A (en) Configuration method and device of intelligent equipment, electronic equipment and storage medium
CN113973275A (en) Data processing method, apparatus and medium
CN100442711C (en) File managing system and method in digital household network
CN102281302A (en) resource access processing method and system
CN109947844B (en) Medical data management system based on medical block chain
US8655334B2 (en) System and method for configuring a communication device
CN113094157A (en) Generation method and device for calling topological graph, storage medium and electronic device
CN102591742A (en) Portable device, data storage method and data storage system
CN105959292A (en) Device using authority identification method and system, and management server
US20150242501A1 (en) Social network address book

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant