本文介绍如何使用strace和gdb工具查找Linux系统中sshd服务的实际配置文件位置及读取其配置信息。
参考:
https://yq.aliyun.com/articles/57916
假设我们不知道当前机器的sshd用的是哪个配置文件,sshd使用了哪些配置。由于sshd没有提供显示当前sshd的配置的接口,所以当我们需要了解它的配置时,就需要通过其他的方式。
本次通过strace和gdb来获取当前配置
安装工具
yum install strace gdb yum-utils -y获取sshd当前的配置文件
strace -e open -ostrace.out /usr/sbin/sshd查看结果,找出sshd_config
[root@centos-7-1 ~]# cat strace.out
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libfipscheck.so.1", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libwrap.so.0", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libaudit.so.1", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libpam.so.0", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libcrypto.so.10", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libldap-2.4.so.2", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/liblber-2.4.so.2", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libutil.so.1", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libz.so.1", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libnsl.so.1", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libcrypt.so.1", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libresolv.so.2", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libgssapi_krb5.so.2", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libkrb5.so.3", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libk5crypto.so.3", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libcom_err.so.2", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libpcre.so.1", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/liblzma.so.5", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libsasl2.so.3", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libssl3.so", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libsmime3.so", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libnss3.so", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libnssutil3.so", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libplds4.so", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libplc4.so", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libnspr4.so", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libfreebl3.so", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libkrb5support.so.0", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libkeyutils.so.1", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/librt.so.1", O_RDONLY|O_CLOEXEC) = 3
open("/proc/filesystems", O_RDONLY) = 3
open("/etc/pki/tls/openssl.cnf", O_RDONLY) = 3
open("/dev/null", O_RDWR) = 3
open("/etc/ssh/sshd_config", O_RDONLY) = 3
open("/dev/urandom", O_RDONLY) = 3
open("/etc/gai.conf", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 3
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 3
open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
open("/etc/ssh/ssh_host_rsa_key", O_RDONLY) = 3
open("/etc/group", O_RDONLY|O_CLOEXEC) = 4
open("/etc/ssh/ssh_host_rsa_key", O_RDONLY) = 3
open("/etc/ssh/ssh_host_rsa_key", O_RDONLY) = 3
open("/etc/ssh/ssh_host_rsa_key", O_RDONLY) = 3
open("/etc/ssh/ssh_host_rsa_key.pub", O_RDONLY) = 3
open("/etc/ssh/ssh_host_ecdsa_key", O_RDONLY) = 3
open("/etc/group", O_RDONLY|O_CLOEXEC) = 4
open("/etc/ssh/ssh_host_ecdsa_key", O_RDONLY) = 3
open("/etc/ssh/ssh_host_ecdsa_key", O_RDONLY) = 3
open("/etc/ssh/ssh_host_ecdsa_key", O_RDONLY) = 3
open("/etc/ssh/ssh_host_ecdsa_key.pub", O_RDONLY) = 3
open("/etc/ssh/ssh_host_ed25519_key", O_RDONLY) = 3
open("/etc/group", O_RDONLY|O_CLOEXEC) = 4
open("/etc/ssh/ssh_host_ed25519_key", O_RDONLY) = 3
open("/etc/ssh/ssh_host_ed25519_key", O_RDONLY) = 3
open("/etc/ssh/ssh_host_ed25519_key", O_RDONLY) = 3
open("/etc/ssh/ssh_host_ed25519_key.pub", O_RDONLY) = 3
+++ exited with 0 +++可以看到,里面有一项open(“/etc/ssh/sshd_config”, O_RDONLY) = 3,配置文件就找到了。
查看当前的sshd配置
1.通过ps找出sshd进程
[root@centos-7-1 ~]# ps uax | grep sshd
root 1122 0.0 0.0 82552 3580 ? Ss 13:53 0:00 /usr/sbin/sshd -D
root 1744 0.0 0.1 143544 5508 ? Ss 13:53 0:01 sshd: root@pts/0
root 3538 0.0 0.0 112648 956 pts/0 S+ 15:09 0:00 grep --color=auto sshd可以看到当前的sshd进程是1122
2.使用gcore 将pid的memory dump出来
gcore 11223.使用gdb 分析
gdb -core=core.1122 /usr/sbin/sshd如果提示:
Missing separate debuginfos, use: debuginfo-install openssh-server-6.6.1p1-25.el7_2.x86_64
安装下对应的debuginfo包
debuginfo-install openssh-server-6.6.1p1-25.el7_2.x86_64重新gdb,提示需要其他的debug包,继续安装
debuginfo-install cyrus-sasl-lib-2.1.26-20.el7_2.x86_64 keyutils-libs-1.5.8-3.el7.x86_64 nspr-4.10.8-2.el7_1.x86_64 nss-3.19.1-19.el7_2.x86_64 nss-softokn-freebl-3.16.2.3-13.el7_1.x86_64 nss-util-3.19.1-9.el7_2.x86_64 pcre-8.32-15.el7.x86_64 xz-libs-5.1.2-12alpha.el7.x86_64这里包比较多,安装时间会长一点,可以先去喝一杯咖啡。
安装完成后,再次进入
gdb -core=core.1122 /usr/sbin/sshd打印options查看选项,这些就是当前sshd进程的配置了
(gdb) print options
$1 = {num_ports = 1, ports_from_cmdline = 0, ports = {22, 0 <repeats 255 times>}, listen_addr = 0x0, listen_addrs = 0x7f069bc6e7e0, address_family = 0, host_key_files = {
0x7f069bc72460 "/etc/ssh/ssh_host_rsa_key", 0x7f069bc72490 "/etc/ssh/ssh_host_ecdsa_key", 0x7f069bc724c0 "/etc/ssh/ssh_host_ed25519_key", 0x0 <repeats 253 times>},
num_host_key_files = 3, host_cert_files = {0x0 <repeats 256 times>}, num_host_cert_files = 0, host_key_agent = 0x0, pid_file = 0x7f069a462b8e "/var/run/sshd.pid",
server_key_bits = 1024, login_grace_time = 120, key_regeneration_time = 3600, permit_root_login = 3, ignore_rhosts = 1, ignore_user_known_hosts = 0, print_motd = 1, print_lastlog = 1,
x11_forwarding = 1, x11_display_offset = 10, x11_use_localhost = 1, xauth_location = 0x7f069a462ba0 "/usr/bin/xauth", permit_tty = 1, strict_modes = 1, tcp_keep_alive = 1,
ip_qos_interactive = 16, ip_qos_bulk = 8, ciphers = 0x0, macs = 0x0, kex_algorithms = 0x0, protocol = 4, gateway_ports = 0, log_facility = SYSLOG_FACILITY_LOCAL0,
log_level = SYSLOG_LEVEL_INFO, rhosts_rsa_authentication = 0, hostbased_authentication = 0, hostbased_uses_name_from_packet_only = 0, rsa_authentication = 1, pubkey_authentication = 1,
kerberos_authentication = 0, kerberos_or_local_passwd = 1, kerberos_ticket_cleanup = 1, kerberos_get_afs_token = 0, gss_authentication = 1, gss_keyex = 0, gss_cleanup_creds = 0,
gss_strict_acceptor = 1, gss_store_rekey = 0, gss_kex_algorithms = 0x7f069bc6e8d0 "gss-gex-sha1-,gss-group1-sha1-,gss-group14-sha1-", password_authentication = 1,
kbd_interactive_authentication = 0, challenge_response_authentication = 0, permit_empty_passwd = 0, permit_user_env = 0, use_login = 0, compression = 2, allow_tcp_forwarding = 3,
allow_agent_forwarding = 1, num_allow_users = 0, allow_users = {0x0 <repeats 256 times>}, num_deny_users = 0, deny_users = {0x0 <repeats 256 times>}, num_allow_groups = 0,
allow_groups = {0x0 <repeats 256 times>}, num_deny_groups = 0, deny_groups = {0x0 <repeats 256 times>}, num_subsystems = 1, subsystem_name = {0x7f069bc72710 "sftp",
0x0 <repeats 255 times>}, subsystem_command = {0x7f069bc72730 "/usr/libexec/openssh/sftp-server", 0x0 <repeats 255 times>}, subsystem_args = {
0x7f069bc72760 "/usr/libexec/openssh/sftp-server", 0x0 <repeats 255 times>}, num_accept_env = 16, accept_env = {0x7f069bc72510 "LANG", 0x7f069bc72530 "LC_CTYPE",
0x7f069bc72550 "LC_NUMERIC", 0x7f069bc72570 "LC_TIME", 0x7f069bc72590 "LC_COLLATE", 0x7f069bc725b0 "LC_MONETARY", 0x7f069bc725d0 "LC_MESSAGES", 0x7f069bc725f0 "LC_PAPER",
0x7f069bc72610 "LC_NAME", 0x7f069bc72630 "LC_ADDRESS", 0x7f069bc72650 "LC_TELEPHONE", 0x7f069bc72670 "LC_MEASUREMENT", 0x7f069bc72690 "LC_IDENTIFICATION", 0x7f069bc726b0 "LC_ALL",
0x7f069bc726d0 "LANGUAGE", 0x7f069bc726f0 "XMODIFIERS", 0x0 <repeats 240 times>}, max_startups_begin = 10, max_startups_rate = 30, max_startups = 100, max_authtries = 6,
max_sessions = 10, banner = 0x0, show_patchlevel = 0, use_dns = 1, client_alive_interval = 0, client_alive_count_max = 3, num_authkeys_files = 1, authorized_keys_files = {
0x7f069bc724f0 ".ssh/authorized_keys", 0x0 <repeats 255 times>}, adm_forced_command = 0x0, use_pam = 1, permit_tun = 0, num_permitted_opens = -1, use_kuserok = 1, enable_k5users = 0,
chroot_directory = 0x0, revoked_keys_file = 0x0, trusted_user_ca_keys = 0x0, authorized_principals_file = 0x0, authorized_keys_command = 0x0, authorized_keys_command_user = 0x0,
rekey_limit = 0, rekey_interval = 0, version_addendum = 0x7f069bc6e910 "", num_auth_methods = 0, auth_methods = {0x0 <repeats 256 times>}}我们可以调整参数来测试下。
比如,当前的值如下:
max_startups_begin = 10, max_startups_rate = 30, max_startups = 100使用sshd -T 查看下:
[root@centos-7-1 ~]# sshd -T | grep maxstartups
maxstartups 10:30:100可以看到值是一致的。
修改/etc/ssh/sshd_config,在末尾添加如下配置:
MaxStartups 100:30:300测试下配置是否正确:
[root@centos-7-1 ~]# sshd -T | grep maxstartups
maxstartups 100:30:300重启下sshd:
[root@centos-7-1 ~]# systemctl restart sshd这时pid变了,现在是5376
[root@centos-7-1 ~]# ps aux | grep sshd
root 1744 0.0 0.2 143544 8068 ? Ss 13:53 0:04 sshd: root@pts/0
root 5200 0.0 0.1 143400 5508 ? Ss 19:18 0:00 sshd: root@pts/1
root 5376 0.0 0.0 82552 3580 ? Ss 19:22 0:00 /usr/sbin/sshd -D
root 5686 0.0 0.0 112648 956 pts/0 S+ 19:43 0:00 grep --color=auto sshd再次使用gcore 将pid的memory dump出来:
gcore 537通过gdb进入,查看选项
[root@centos-7-1 ~]# gdb -core=core.5376 /usr/sbin/sshd
GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-80.el7
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/sbin/sshd...Reading symbols from /usr/lib/debug/usr/sbin/sshd.debug...done.
done.
[New LWP 5376]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `/usr/sbin/sshd'.
#0 0x00007f5457319993 in __select_nocancel () at ../sysdeps/unix/syscall-template.S:81
81 T_PSEUDO (SYSCALL_SYMBOL, SYSCALL_NAME, SYSCALL_NARGS)可以看到相关的值已经改了
(gdb) print options
$1 = {num_ports = 1, ports_from_cmdline = 0, ports = {22, 0 <repeats 255 times>}, listen_addr = 0x0, listen_addrs = 0x7f3bc8de9a80, address_family = 0, host_key_files = {
0x7f3bc8ded770 "/etc/ssh/ssh_host_rsa_key", 0x7f3bc8ded7a0 "/etc/ssh/ssh_host_ecdsa_key", 0x7f3bc8ded7d0 "/etc/ssh/ssh_host_ed25519_key", 0x0 <repeats 253 times>},
num_host_key_files = 3, host_cert_files = {0x0 <repeats 256 times>}, num_host_cert_files = 0, host_key_agent = 0x0, pid_file = 0x7f3bc88eeb8e "/var/run/sshd.pid",
server_key_bits = 1024, login_grace_time = 120, key_regeneration_time = 3600, permit_root_login = 3, ignore_rhosts = 1, ignore_user_known_hosts = 0, print_motd = 1, print_lastlog = 1,
x11_forwarding = 1, x11_display_offset = 10, x11_use_localhost = 1, xauth_location = 0x7f3bc88eeba0 "/usr/bin/xauth", permit_tty = 1, strict_modes = 1, tcp_keep_alive = 1,
ip_qos_interactive = 16, ip_qos_bulk = 8, ciphers = 0x0, macs = 0x0, kex_algorithms = 0x0, protocol = 4, gateway_ports = 0, log_facility = SYSLOG_FACILITY_LOCAL0,
log_level = SYSLOG_LEVEL_INFO, rhosts_rsa_authentication = 0, hostbased_authentication = 0, hostbased_uses_name_from_packet_only = 0, rsa_authentication = 1, pubkey_authentication = 1,
kerberos_authentication = 0, kerberos_or_local_passwd = 1, kerberos_ticket_cleanup = 1, kerberos_get_afs_token = 0, gss_authentication = 1, gss_keyex = 0, gss_cleanup_creds = 0,
gss_strict_acceptor = 1, gss_store_rekey = 0, gss_kex_algorithms = 0x7f3bc8ded560 "gss-gex-sha1-,gss-group1-sha1-,gss-group14-sha1-", password_authentication = 1,
kbd_interactive_authentication = 0, challenge_response_authentication = 0, permit_empty_passwd = 0, permit_user_env = 0, use_login = 0, compression = 2, allow_tcp_forwarding = 3,
allow_agent_forwarding = 1, num_allow_users = 0, allow_users = {0x0 <repeats 256 times>}, num_deny_users = 0, deny_users = {0x0 <repeats 256 times>}, num_allow_groups = 0,
allow_groups = {0x0 <repeats 256 times>}, num_deny_groups = 0, deny_groups = {0x0 <repeats 256 times>}, num_subsystems = 1, subsystem_name = {0x7f3bc8de9a00 "sftp",
0x0 <repeats 255 times>}, subsystem_command = {0x7f3bc8de9a20 "/usr/libexec/openssh/sftp-server", 0x0 <repeats 255 times>}, subsystem_args = {
0x7f3bc8de9a50 "/usr/libexec/openssh/sftp-server", 0x0 <repeats 255 times>}, num_accept_env = 16, accept_env = {0x7f3bc8de9800 "LANG", 0x7f3bc8de9820 "LC_CTYPE",
0x7f3bc8de9840 "LC_NUMERIC", 0x7f3bc8de9860 "LC_TIME", 0x7f3bc8de9880 "LC_COLLATE", 0x7f3bc8de98a0 "LC_MONETARY", 0x7f3bc8de98c0 "LC_MESSAGES", 0x7f3bc8de98e0 "LC_PAPER",
0x7f3bc8de9900 "LC_NAME", 0x7f3bc8de9920 "LC_ADDRESS", 0x7f3bc8de9940 "LC_TELEPHONE", 0x7f3bc8de9960 "LC_MEASUREMENT", 0x7f3bc8de9980 "LC_IDENTIFICATION", 0x7f3bc8de99a0 "LC_ALL",
0x7f3bc8de99c0 "LANGUAGE", 0x7f3bc8de99e0 "XMODIFIERS", 0x0 <repeats 240 times>}, max_startups_begin = 100, max_startups_rate = 30, max_startups = 300, max_authtries = 6,
max_sessions = 10, banner = 0x0, show_patchlevel = 0, use_dns = 1, client_alive_interval = 0, client_alive_count_max = 3, num_authkeys_files = 1, authorized_keys_files = {
0x7f3bc8de97e0 ".ssh/authorized_keys", 0x0 <repeats 255 times>}, adm_forced_command = 0x0, use_pam = 1, permit_tun = 0, num_permitted_opens = -1, use_kuserok = 1, enable_k5users = 0,
chroot_directory = 0x0, revoked_keys_file = 0x0, trusted_user_ca_keys = 0x0, authorized_principals_file = 0x0, authorized_keys_command = 0x0, authorized_keys_command_user = 0x0,
rekey_limit = 0, rekey_interval = 0, version_addendum = 0x7f3bc8ded5a0 "", num_auth_methods = 0, auth_methods = {0x0 <repeats 256 times>}}
扫一扫
920
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
