Research And Implementation Of Operation And Maintenance Audit Agent Based On OpenSSH

With the rapid development of the information network,the scope and scale of the company's internal network continues to expand,and the security issues of the information system also follow.Faced with attacks from insiders on the network and theft of confidential data files,it is particularly important to strengthen access control and communication security to access the server.The remote login of network equipment mainly uses protocols such as Telnet and FTP.Although the login is authenticated by the user name and password,the two devices use plaintext for communication,which is a risk of leaking important server information,and not being compatible with character systems.Based on the network security of the above information system,this paper analyzes the threats faced by the current enterprise internal network.This article designs an operation and maintenance(O&M)audit system based on OpenSSH,which has functions such as authentication,O&M session proxy,O&M session audit,and log management.The function modules are implemented in code.This system integrates the company's daily O&M management with the security of the server equipment,and uses the SSH protocol proxy to take over the communication between the two devices,prohibits the O&M personnel from directly connecting to the O&M server equipment.Based on the username and password verification,the data communication process uses the SSH protocol for encryption processing,and at the same time,DES encryption algorithm is used to encrypt the log file to prevent the system from being attacked and causing important information to be leaked to ensure the security of the data file.The system controls the O&M personnel's authority and security policy to prevent malicious attacks and illegal access on the network,and filters the operation commands to ensure the security of server operation.Modify the OpenSSH source code to make it act as an SSH agent,support data forwarding and log recording,achieve compatibility with all character-type operating system servers within the company,and further improve network information security.This system has been fully tested in the actual O&M work of a number of companies,and the system function is running well.