import os
import subprocess

# 检查SSH配置
def check_ssh_config():
    ssh_config = subprocess.run(['sshd', '-T'], capture_output=True, text=True)
    if 'PermitRootLogin no' in ssh_config.stdout:
        return 'SSH root login is disabled.'
    else:
        return 'SSH root login is enabled. This is a security risk.'

# 检查防火墙配置
def check_firewall():
    firewall_status = subprocess.run(['ufw', 'status'], capture_output=True, text=True)
    if 'Status: active' in firewall_status.stdout:
        return 'Firewall is active.'
    else:
        return 'Firewall is inactive. This is a security risk.'

# 生成安全报告
def generate_report():
    report = []
    report.append(check_ssh_config())
    report.append(check_firewall())
    with open('security_report.txt', 'w') as f:
        for line in report:
            f.write(line + '\n')
    print('Security report generated.')

generate_report()