Lungiselela i-SSH ukuze ifinyelele ngaphandle kwephasiwedi

Willy Klew

Imizuzu ye-3

ssh

ssh, noma i-Secure Shell, igobolondo eliphephile elisetshenziselwa ifayela le- ukufinyelela okukude kusuka kuzo zonke izinhlobo zamadivayisi kuya kumaseva, ngomgudu ogudwiniwe futhi uvikelwe ngokubethela, okukunikeza ukuphepha okuvimbela, noma okungenani kukwenze kube nzima kakhulu, ukuthi abantu besithathu bangathola igama lomsebenzisi noma iphasiwedi. Endabeni ye- * Nix, sinayo le protocol etholakala nge-OpenSSH, iqoqo lezixazululo zeseva yamakhasimende ezitholakala kukho konke ukusatshalaliswa kweLinux namapulatifomu ahlobene njenge * BSD.

Manje, uma i-SSH isinikeza ngezinga elihle kakhulu lezokuphepha, kungani singafuna ukuyisebenzisa ngaphandle kwesidingo sokufaka iphasiwedi? Kungaba nezizathu eziningana, kepha esisodwa esivame ukugqama njenge-generator yisidingo sokungena ngemvume kude ngokusebenzisa imibhalo nokwenza imisebenzi ye-superuser, futhi ukuthi njengoba sazi kahle ukuthi akukwaziswa ukufaka leyo datha kunoma yisiphi iskripthi. Ukuxazulula le nkinga sizobona Ungazikhiqiza kanjani okhiye be-SSH ukuze ukwazi ukungena ngemvume kude ngaphandle kwesidingo sephasiwedi.

Lokhu kudinga thina yenza ukhiye osesidlangalaleni nokhiye oyimfihlo: eyokuqala izogcinwa kuseva esizofinyelela kuyo futhi njengoba igama layo likhombisa ukuthi singayithumela noma sabelane ngayo, kanti eyesibili izogcinwa kudivayisi (ikhompyutha, i-smartphone, ithebhulethi) esizoya kuyo ukufinyelela kusho iseva, futhi kufanele kube kugcinwe ngokucophelela futhi isetshenziswa yithi kuphela noma abantu esibathembayo.

Ngenxa yalokhu okushiwo endimeni edlule, kubalulekile ukuphawula ukuthi lolu hlobo lwesixazululo ludinga umthwalo omkhulu wemfanelo ekunakekelweni kwamadivayisi esizongena kuwo kuseva, futhi lokho kungukuthi noma ngubani okwazi ukufinyelela bazokwazi ukuyifaka ngaphandle kwesidingo sokwazi iphasiwedi, okuyingozi enkulu kakhulu yezokuphepha. Ngalokhu kucacisiwe, ake sibone ukuthi singaqala kanjani, futhi kulokhu into yokuqala ukuthi kufakwe i-daemon ye-SSH kuseva:

# thola ukufaka i-openssh-server

Manje kufanele sakhe umkhombandlela we-.ssh enkombeni yomsebenzisi:

# mkdir -p $ IKHAYA / .ssh

# chmod 0700 $ IKHAYA / .ssh

# thinta ama- $ HOME / .ssh / keys_keys

Sihlela ifayela / njll / ssh / sshd_config futhi siqinisekisa ukuthi imigqa elandelayo injengoba injalo:

Ukuqinisekiswa kwe-Pubkey yebo

AuthorizedKeysFile% h / .ssh / Author_keys

Manje siya kwiklayenti bese sisebenzisa:

ssh-keygen -t rsa

Sizotshelwa ukuthi ukhiye uyakhiwa, futhi sizocelwa ukuthi sifake ifayela elizogcinwa kulo (ngokuzenzakalela lizoba semzini wethu, kufolda ebizwa nge / .ssh/id_rsa). Singacindezela u-Enter ngoba leyo ndawo isisebenzela kahle, bese sicindezela u-Enter futhi izikhathi ezimbili esiceliwe ngazo faka umushwana wokungena ngoba, khumbula, sizongena kude ngaphandle kokufaka noma iyiphi idatha ngakho-ke asifuni nomusho.

Manje njengoba sesinokhiye womphakathi, kufanele sabelane ngawo nalawo makhompyutha esizoxhuma kuwo. Uma ucabanga ukuthi iseva esikhuluma ngayo inekheli 192.168.1.100, okumele ukwenze yile:

ssh-copy-id -i $ IKHAYA / .ssh / id_rsa.pub (Imeyile ikhuselwe)

Ngemuva kokukopisha, sizomenywa yenza ukungena ngemvume okukude ukuhlola okhiye, futhi kufanele kucatshangwe ukuthi kulokhu izimpande Yi-akhawunti esizofinyelela kuyo iseva, ngakho-ke uma sifuna ukuyenza nomunye umsebenzisi kufanele siguqule izimpande ze-akhawunti yomsebenzisi esizokwenza ngayo ukufinyelela nge-SSH.

Manje kufanele siqale kabusha iseva ye-SSH ukuze ithathe ukumiswa okusha:

# /etc/init.d/ssh qala kabusha

Kusukela manje kuqhubeke, uma sifuna ukufinyelela kuseva yesibili futhi sikwenza lokho ngaphandle kokufaka iphasiwedi, kufanele simthumele ukhiye womphakathi, esimane siphindaphinde ngawo isinyathelo sokugcina, sishintshe ikheli lomsebenzisi ne-IP lapho kudingeka:

ssh-copy-id -i $ IKHAYA / .ssh / id_rsa.pub admin@192.168.1.228


Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.

  1.   okomisa kusho
    kwenza iminyaka 4

    Siyabonga ngolwazi kodwa lutho… ayikho indlela….
    Kade ngangizama ekuseni futhi ihlala icela iphasiwedi yami.
    Esikhathini esithile esedlule ngazama futhi ngakushiya kungenakwenzeka ngesizathu esifanayo….
    Ngakha ukhiye wami ku-Macbook yami, ngiyikopishele ku-raspberry wami ku ~ / .ssh /uthorKeys
    Ngilungiselela i-sshd.conf ngokufakazelwa ubuqiniso komphakathi futhi ngiyaqinisekisa ukuthi umkhombandlela wokhiye ulapho izinkinobho zikhona ngqo. Ngiqala kabusha okusajingijolo futhi lapho ngiyaxhuma kungibuza futhi iphasiwedi
    Yini engahluleka?

    Phendula komisi
    1.    okomisa kusho
      kwenza iminyaka 4

      Ngemuva kwamahora amaningana ngizama izinto eziningi, ngithole ukuthi ngomsebenzisi wami odaliwe akaze asebenze, kepha ngomsebenzisi ozenzakalelayo obizwa nge- "ubuntu" usebenza okokuqala.
      Noma yikuphi ukucaciselwa kokuthi kungani lokhu kungenzeka?
      Ukubingelela nokubonga

      Phendula komisi