Sungani SSH mu Ubuntu

Sayansi ya SSH (Safe Shell Shell) imathandiza kuti pulogalamu yamakono yotetezedwa ya kompyuta ikhale yotetezeka. SSH imatumizira mafayilo onse osamutsidwa, kuphatikizapo passwords, komanso imatumizira mwamtundu uliwonse ma protocol. Kuti chida chogwira ntchito bwino, m'pofunika kuyika izo, komanso kuti chiyike. Tikufuna tikambirane za zomwe tasintha mu nkhaniyi, potsanzira chitsanzo chaposachedwa cha machitidwe a Ubuntu omwe seva idzapezeka.

Sungani SSH mu Ubuntu

Ngati simunatsilize kukonza pa seva ndi PC makasitomala, muyenera kuchita poyamba, popeza njira yonseyo ndi yophweka ndipo sizitenga nthawi yochuluka. Kuti mudziwe zambiri pa mutuwu, onani nkhani yathu ina pazotsatira zotsatirazi. Zimasonyezanso njira yokonzekera fayilo yoyimitsa ndi kuyesa SSH, kotero lero tidzakhala ndi ntchito zina.

Werengani zambiri: Kuika SSH-server ku Ubuntu

Kupanga awiri ofunika a RSA

SSH yatsopano yongowonjezera ilibe mafungulo oyenerera kuti agwirizane kuchokera ku seva kupita kwa wothandizira komanso mosiyana. Zonsezi ziyenera kukhazikitsidwa mwachangu mwamsanga mutatha kuwonjezera zigawo zonse za protocol. Mgwirizanowu ukugwiritsira ntchito njira ya RSA (yochepa kwa maina a omwe akupanga Rivest, Shamir, ndi Adleman). Chifukwa cha makina awa, makiyi apadera amavutitsidwa pogwiritsira ntchito ndondomeko zamakono. Kuti mupange makanema awiri a anthu, muyenera kungolemba malamulo oyenerera pazondomekoyi ndikutsatira malangizo omwe akuwonekera.

  1. Pitani kukagwira nawo ntchito "Terminal" njira iliyonse yabwino, mwachitsanzo, potsegula kudzera mu menyu kapena kuphatikiza mafungulo Ctrl + Alt + T.

  2. Lowani lamulossh-keygenndiyeno pezani fungulo Lowani.

  3. Mudzapangidwira kupanga fayilo kumene mafungulo adzapulumutsidwa. Ngati mukufuna kuwasunga pamalo osasintha, dinani Lowani.

  4. Mfungulo wamtunduwu ukhoza kutetezedwa ndi mawu amodzi. Ngati mukufuna kugwiritsa ntchito njirayi, mzere woonekawo lembani mawu achinsinsi. Zithunzi zolembedwera sizidzawonetsedwa. Mzere watsopano udzafunika kubwereza.

  5. Komanso mudzawona chidziwitso kuti fungulolo lasungidwa, ndipo mudzatha kudziƔa bwino chithunzi chake chojambula.

Tsopano palinso mafungulo opangidwa - achinsinsi ndi otseguka, omwe angagwiritsidwe ntchito pa mgwirizano wambiri pakati pa makompyuta. Muyenera kungoyika fungulo pa seva kuti SSH kutsimikiziridwa ipambane.

Kujambula fungulo lachinsinsi ku seva

Pali njira zitatu zokopera makiyi. Mmodzi wa iwo adzakhala opambana muzochitika zosiyanasiyana, mwachitsanzo, njira imodzi siigwira ntchito kapena si yoyenera kwa wogwiritsa ntchito. Tikufuna kulingalira njira zitatu izi, kuyambira ndi zosavuta komanso zogwira mtima.

Njira 1: lamulo la ssh-id-id

Gulussh-copy-idyomangidwira m'dongosolo la opaleshoni, kotero kuti kukhazikitsidwa kwake sikuyenera kuyika zigawo zina zowonjezera. Tsatirani mawu ophatikizira ophweka kuti mupange chinsinsi. Mu "Terminal" ayenera kulowaDzina lomasulira la ssh-copy @ remote_hostkumene dzina la useri @ remote_host - dzina la kompyuta yakutali.

Mukangoyamba kugwirizana, mudzalandira mauthenga a chidziwitso:

Kutsimikiza kwa wokhala '203.0.113.1 (203.0.113.1)' sangathe kukhazikitsidwa.
ECDSA fingerprint key fd: fd: d4: f9: 77: fe: 73: 84: e1: 55: 00: ad: d6: 6d: 22: fe.
Mukutsimikiza kuti mukufuna kupitiriza kugwirizana (inde / ayi)? inde

Muyenera kufotokozera chinthu inde kuti mupitirize kugwirizana. Pambuyo pazimenezi, ntchitoyi idzafufuza mwachindunji makiyiwo ngati mawonekedwe.id_rsa.pubzomwe zinalengedwa kale. Pamapeto pake, zotsatira zotsatirazi zikuwonetsedwa:

/ usr / bin / ssh-copy-id: INFO: Ndayimika kale
/ usr / bin / ssh-copy-id: INFO: 1 makiyi (otsala) otsala kuti asungidwe
[email protected]'s password:

Tchulani mawu achinsinsi kuchokera kumalo akutali kuti ntchitoyo ingalowemo. Chidachi chikhoza kusungira deta kuchokera fayilo yachinsinsi. ~ / .ssh / id_rsa.pubndiyeno uthenga udzawonekera pazenera:

Number of key (s) added: 1

Tsopano yesani kulowa mu makina, ndi: "ssh '[email protected]" "
fufuzani.

Kuwonekera kwa malemba amenewa kumatanthauza kuti fungulolo linasulidwa bwinobwino ku kompyuta yakuda, ndipo tsopano sipadzakhala mavuto ndi kugwirizana.

Zosankha 2: Lembani chinsinsi cha anthu kudzera pa SSH

Ngati simungagwiritse ntchito zomwe tatchulidwa pamwambapa, koma mutsimikizire kuti mutsegule ku seva ya SSH yakutali, mungathe kutsegula mwakachetechete makina anu ogwiritsira ntchito, motero mutsimikiziranso kutsimikizirika kowonjezereka pamene mukugwirizanitsa. Amagwiritsidwa ntchito pa lamulo ili katchiyomwe idzawerengera deta kuchokera pa fayilo, ndiyeno idzatumizidwa ku seva. Mu console, muyenera kulowa mzere

katsitsi / /ssss / id_rsa.pub | ssh username @ remote_host "mkdir -p ~ / .ssh && touch ~ / .ssh / authorized_keys && chmod -R go = ~ / .ssh && cat >> ~ / .ssh / authorized_keys".

Uthenga ukawonekera

Kutsimikiza kwa wokhala '203.0.113.1 (203.0.113.1)' sangathe kukhazikitsidwa.
ECDSA fingerprint key fd: fd: d4: f9: 77: fe: 73: 84: e1: 55: 00: ad: d6: 6d: 22: fe.
Mukutsimikiza kuti mukufuna kupitiriza kugwirizana (inde / ayi)? inde

pitirizani kugwirizanitsa ndi kulowa mawu achinsinsi kuti mutsegule ku seva. Pambuyo pake, makiyi amtunduwo adzakopedwa kumapeto kwa fayilo yosinthidwa. authorized_keys.

Njira 3: Kujambula mwachinsinsi makiyi a anthu

Ngati mulibe mwayi wopita kumakompyuta akutali kudzera pa seva la SSH, masitepe onsewa ali opangidwa mwaluso. Kuti muchite izi, poyamba phunzirani za fungulo pa PC seva kupyolera mwa lamulokat ~ / .ssh / id_rsa.pub.

Chophimbacho chiwonetsa chinachake chonga ichi:Ssh-rsa + key monga khalidwe set == demo @ kuyesa. Pambuyo pake, pitani kuntchito ku chipangizo chakutali, kumene mungapange buku latsopanomkdir -p ~ / .ssh. Kuwonjezera apo imapanga fayilo.authorized_keys. Kenaka, ikani fungulo limene munaphunzira kaleLembani chingwe chachinsinsi cha anthu >> ~ / .ssh / authorized_keys. Pambuyo pake, mukhoza kuyesa kutsimikiza ndi seva popanda kugwiritsa ntchito pasepala.

Kutsimikizira pa seva kudzera mufungulo lopangidwa

M'gawo lapitalo, mudaphunzira za njira zitatu zomwe mungakoperezerere fungulo la kompyuta yakuya ku seva. Zomwezo zidzakuthandizani kugwirizana popanda kugwiritsa ntchito mawu achinsinsi. Ndondomekoyi imapangidwa kuchokera ku mzere wa malamulo ndi kulembashh ssh usernamekumene dzina la useri @ remote_host - dzina la mtumiki komanso makompyuta omwe mukufuna. Mukangoyamba kugwirizana, mudzadziwitsidwa za kugwirizana kosazolowereka ndipo mukhoza kupitiriza mwa kusankha kusankha inde.

Kulumikizana kumeneku kudzachitika pokhapokha ngati panthawi yofunika kwambiri chilengedwe chanenedwa sichinafotokozedwe. Popanda kutero, muyenera kuyamba kulowamo kuti mupitirize kugwira ntchito ndi SSH.

Khutsani kutsimikiziridwa kwachinsinsi

Kukonzekera kokometsetsa kwakukulu kumachitika ngati mutatha kulowa seva popanda kugwiritsa ntchito mawu achinsinsi. Komabe, kukhoza kutsimikizira mwanjira imeneyi kumapangitsa otsutsa kugwiritsa ntchito zipangizo kuti apeze achinsinsi ndi kulowa muzolumikizidwa mosamala. Kudziteteza ku milandu yotereyi kumalola kuletsa kwathunthu mawu achinsinsi mu fayilo la SSH. Izi zidzafuna:

  1. Mu "Terminal" Tsegulani fayilo yosinthika kupyolera mu editor pogwiritsa ntchito lamulosudo gedit / etc / ssh / sshd_config.

  2. Pezani mzere PasswordAuthentication ndi kuchotsa chizindikiro # kumayambiriro kuti musagwirizane nazo.

  3. Sinthani mtengo ku ayi ndipo sungani zosinthika zamakono.

  4. Tsekani mkonzi ndi kuyambanso seva.sudo systemctl kukhazikitsanso ssh.

Kutsimikiziridwa kwachinsinsi kudzalephereka, ndipo mudzatha kulowetsa ku seva pokhapokha mutagwiritsa ntchito makiyi omwe apangidwira izi ndi ndondomeko ya RSA.

Kukhazikitsa pulogalamu yotentha yamoto

Mu Ubuntu, chowotchedwa firewall chosatha ndiwotchedwa Firewall (UFW) yovuta. Ikulolani kuti mulole kugwirizana kwa mautumiki osankhidwa. Kugwiritsa ntchito kulikonse kumapanga mbiri yake mu chida ichi, ndipo UFW imayendetsa iwo mwa kulola kapena kukana kulumikizana. Kukonzekera mbiri ya SSH mwa kuwonjezera pa mndandanda wachitika motere:

  1. Tsegulani mndandanda wa mbiri za firewall pogwiritsa ntchito lamulosudo ufw mndandanda wa pulogalamu.

  2. Lowani mawu achinsinsi anu kuti muwonetse zambiri.

  3. Mudzawona mndandanda wa mapulogalamu omwe alipo, OpenSSH iyenera kukhala pakati pawo.

  4. Tsopano muyenera kulola kugwirizana pa SSH. Kuti muchite izi, yonjezerani ku mndandanda wa mauthenga omwe amaloledwa kugwiritsa ntchitosudo ufw amalola OpenSSH.

  5. Thandizani kowonjezera moto pomasintha malamulosudo ufw kuthandiza.

  6. Kuti muonetsetse kuti kugwirizana kukuloledwa, muyenera kulembasudo ufw chikhalidwe, ndiye mudzawona malo omwe amatumizirana.

Izi zikukwaniritsa malangizo athu a SSH a Ubuntu. Kukonzekera kwina kwa fayilo yosinthidwa ndi magawo ena akuchitidwa mwachindunji ndi aliyense wogwiritsa ntchito pansi pake. Mukhoza kudziwitsanso ntchito ya zigawo zonse za SSH muzinthu zovomerezeka zalamulo.

Posts Popular

https://termotools.com ny.termotools.com © Linux 2024