diff --git a/src/modules/network_element/service/ne_host.impl.go b/src/modules/network_element/service/ne_host.impl.go
index 101c3c10..fa5fee26 100644
--- a/src/modules/network_element/service/ne_host.impl.go
+++ b/src/modules/network_element/service/ne_host.impl.go
@@ -3,6 +3,9 @@ package service
 import (
 	"fmt"
 
+	"be.ems/src/framework/config"
+	"be.ems/src/framework/logger"
+	"be.ems/src/framework/utils/crypto"
 	"be.ems/src/modules/network_element/model"
 	"be.ems/src/modules/network_element/repository"
 )
@@ -30,12 +33,39 @@ func (r *NeHostImpl) SelectList(neHost model.NeHost) []model.NeHost {
 
 // SelectByIds 通过ID查询
 func (r *NeHostImpl) SelectById(hostId string) model.NeHost {
+	neHost := model.NeHost{}
 	if hostId == "" {
-		return model.NeHost{}
+		return neHost
 	}
 	neHosts := r.neHostRepository.SelectByIds([]string{hostId})
 	if len(neHosts) > 0 {
-		return neHosts[0]
+		neHost := neHosts[0]
+		hostKey := config.Get("aes.hostKey").(string)
+		if neHost.Password != "" {
+			passwordDe, err := crypto.AESDecryptBase64(neHost.Password, hostKey)
+			if err != nil {
+				logger.Errorf("select encrypt: %v", err.Error())
+				return neHost
+			}
+			neHost.Password = passwordDe
+		}
+		if neHost.PrivateKey != "" {
+			privateKeyDe, err := crypto.AESDecryptBase64(neHost.PrivateKey, hostKey)
+			if err != nil {
+				logger.Errorf("select encrypt: %v", err.Error())
+				return neHost
+			}
+			neHost.PrivateKey = privateKeyDe
+		}
+		if neHost.PassPhrase != "" {
+			passPhraseDe, err := crypto.AESDecryptBase64(neHost.PassPhrase, hostKey)
+			if err != nil {
+				logger.Errorf("select encrypt: %v", err.Error())
+				return neHost
+			}
+			neHost.PassPhrase = passPhraseDe
+		}
+		return neHost
 	}
 	return model.NeHost{}
 }
@@ -54,11 +84,61 @@ func (r *NeHostImpl) Inserts(neHosts []model.NeHost) int64 {
 
 // Insert 新增信息
 func (r *NeHostImpl) Insert(neHost model.NeHost) string {
+	hostKey := config.Get("aes.hostKey").(string)
+	if neHost.Password != "" {
+		passwordEn, err := crypto.AESEncryptBase64(neHost.Password, hostKey)
+		if err != nil {
+			logger.Errorf("insert encrypt: %v", err.Error())
+			return ""
+		}
+		neHost.Password = passwordEn
+	}
+	if neHost.PrivateKey != "" {
+		privateKeyEn, err := crypto.AESEncryptBase64(neHost.PrivateKey, hostKey)
+		if err != nil {
+			logger.Errorf("insert encrypt: %v", err.Error())
+			return ""
+		}
+		neHost.PrivateKey = privateKeyEn
+	}
+	if neHost.PassPhrase != "" {
+		passPhraseEn, err := crypto.AESEncryptBase64(neHost.PassPhrase, hostKey)
+		if err != nil {
+			logger.Errorf("insert encrypt: %v", err.Error())
+			return ""
+		}
+		neHost.PassPhrase = passPhraseEn
+	}
 	return r.neHostRepository.Insert(neHost)
 }
 
 // Update 修改信息
 func (r *NeHostImpl) Update(neHost model.NeHost) int64 {
+	hostKey := config.Get("aes.hostKey").(string)
+	if neHost.Password != "" {
+		passwordEn, err := crypto.AESEncryptBase64(neHost.Password, hostKey)
+		if err != nil {
+			logger.Errorf("update password encrypt: %v", err.Error())
+			return 0
+		}
+		neHost.Password = passwordEn
+	}
+	if neHost.PrivateKey != "" {
+		privateKeyEn, err := crypto.AESEncryptBase64(neHost.PrivateKey, hostKey)
+		if err != nil {
+			logger.Errorf("update private key encrypt: %v", err.Error())
+			return 0
+		}
+		neHost.PrivateKey = privateKeyEn
+	}
+	if neHost.PassPhrase != "" {
+		passPhraseEn, err := crypto.AESEncryptBase64(neHost.PassPhrase, hostKey)
+		if err != nil {
+			logger.Errorf("update pass phrase encrypt: %v", err.Error())
+			return 0
+		}
+		neHost.PassPhrase = passPhraseEn
+	}
 	return r.neHostRepository.Update(neHost)
 }
 
diff --git a/src/modules/network_element/service/ne_info.impl.go b/src/modules/network_element/service/ne_info.impl.go
index d6e73ec6..25ac2968 100644
--- a/src/modules/network_element/service/ne_info.impl.go
+++ b/src/modules/network_element/service/ne_info.impl.go
@@ -185,7 +185,17 @@ func (r *NeInfoImpl) bandNeHosts(arr *[]model.NeInfo) {
 	for i := range *arr {
 		v := (*arr)[i]
 		if v.HostIDs != "" {
-			(*arr)[i].Hosts = NewNeHostImpl.neHostRepository.SelectByIds(strings.Split(v.HostIDs, ","))
+			hostIds := strings.Split(v.HostIDs, ",")
+			if len(hostIds) <= 1 {
+				continue
+			}
+			for _, hostId := range hostIds {
+				neHost := NewNeHostImpl.SelectById(hostId)
+				if neHost.HostID == "" || neHost.HostID != hostId {
+					continue
+				}
+				(*arr)[i].Hosts = append((*arr)[i].Hosts, neHost)
+			}
 		}
 	}
 }
@@ -199,12 +209,11 @@ func (r *NeInfoImpl) SelectById(infoId string, bandHost bool) model.NeInfo {
 	}
 	neInfos := r.neInfoRepository.SelectByIds([]string{infoId})
 	if len(neInfos) > 0 {
-		neInfo := neInfos[0]
 		// 带主机信息
-		if neInfo.HostIDs != "" && bandHost {
-			neInfo.Hosts = NewNeHostImpl.neHostRepository.SelectByIds(strings.Split(neInfo.HostIDs, ","))
+		if neInfos[0].HostIDs != "" && bandHost {
+			r.bandNeHosts(&neInfos)
 		}
-		return neInfo
+		return neInfos[0]
 	}
 	return model.NeInfo{}
 }
@@ -312,12 +321,17 @@ func (r *NeInfoImpl) NeRunSSHClient(neType, neId string) (*ssh.ConnSSH, error) {
 		logger.Errorf("NeRunSSHClient NeType:%s NeID:%s hostId not found", neType, neId)
 		return nil, fmt.Errorf("neinfo hostId not found")
 	}
-	neInfo.Hosts = NewNeHostImpl.neHostRepository.SelectByIds(strings.Split(neInfo.HostIDs, ","))
-	if len(neInfo.Hosts) <= 0 {
-		logger.Errorf("NeRunSSHClient Hosts %s not found", neInfo.HostIDs)
+	hostIds := strings.Split(neInfo.HostIDs, ",")
+	if len(hostIds) <= 1 {
+		logger.Errorf("NeRunTelnetClient hosts id %s not found", neInfo.HostIDs)
+		return nil, fmt.Errorf("neinfo host id not found")
+	}
+	hostId := hostIds[0] // 网元主机ssh 0：22
+	neHost := NewNeHostImpl.SelectById(hostId)
+	if neHost.HostID == "" || neHost.HostID != hostId {
+		logger.Errorf("NeRunTelnetClient Hosts %s not found", neInfo.HostIDs)
 		return nil, fmt.Errorf("neinfo host not found")
 	}
-	neHost := neInfo.Hosts[0] // 网元主机ssh 0：22
 	if neHost.HostType != "ssh" {
 		logger.Errorf("NeRunSSHClient Hosts first HostType %s not ssh", neHost.HostType)
 		return nil, fmt.Errorf("neinfo host type not ssh")
@@ -369,12 +383,17 @@ func (r *NeInfoImpl) NeRunTelnetClient(neType, neId string, num int) (*telnet.Co
 		logger.Errorf("NeRunTelnetClient NeType:%s NeID:%s hostId not found", neType, neId)
 		return nil, fmt.Errorf("neinfo hostId not found")
 	}
-	neInfo.Hosts = NewNeHostImpl.neHostRepository.SelectByIds(strings.Split(neInfo.HostIDs, ","))
-	if len(neInfo.Hosts) <= 0 {
+	hostIds := strings.Split(neInfo.HostIDs, ",")
+	if len(hostIds) <= 1 {
+		logger.Errorf("NeRunTelnetClient hosts id %s not found", neInfo.HostIDs)
+		return nil, fmt.Errorf("neinfo host id not found")
+	}
+	hostId := hostIds[num] // 网元主机telnet 1：4100 2：5200
+	neHost := NewNeHostImpl.SelectById(hostId)
+	if neHost.HostID == "" || neHost.HostID != hostId {
 		logger.Errorf("NeRunTelnetClient Hosts %s not found", neInfo.HostIDs)
 		return nil, fmt.Errorf("neinfo host not found")
 	}
-	neHost := neInfo.Hosts[num]
 
 	// 创建链接Telnet客户端
 	var connTelnet telnet.ConnTelnet