Koyon SSH: SSHD Saita Zaɓuɓɓukan Fayil da Ma'auni

Koyon SSH: SSHD Saita Zaɓuɓɓukan Fayil da Ma'auni

Koyon SSH: SSHD Saita Zaɓuɓɓukan Fayil da Ma'auni

a baya (na hudu) kashi-kashi na wannan jerin posts on Koyon SSH muna magana da zažužžukan da aka ƙayyade a Buɗe fayil ɗin sanyi naSSH wanda aka sarrafa a gefen Abokin ciniki na SSH, wato fayil "SSHConfig" (ssh_config).

Don haka, a yau za mu ci gaba a cikin wannan bayarwa na biyar kuma na biyar, tare da zaɓuɓɓukan da aka ƙayyade a cikin Buɗe fayil ɗin sanyi naSSH wanda aka sarrafa a gefen ssh-uwar garke, wato fayil "SSHD Config" (sshd_config).

Koyon SSH: SSH Saita Fayil Zaɓuɓɓuka da Ma'auni

Koyon SSH: SSH Saita Fayil Zaɓuɓɓuka da Ma'auni

Kuma, kafin fara batun yau, game da abun ciki mai sarrafa fayil ɗin BudeSSH "SSHD Config" (sshd_config), za mu bar wasu links na posts masu alaƙa:

Koyon SSH: SSH Saita Fayil Zaɓuɓɓuka da Ma'auni
Labari mai dangantaka:
Koyon SSH: SSH Saita Fayil Zaɓuɓɓuka da Ma'auni

Koyon SSH: Zaɓuɓɓuka da Ma'aunin Kanfigareshan
Labari mai dangantaka:
Koyan SSH: Zaɓuɓɓuka da Ma'auni na Kanfigareshan - Sashe na I

SSHD Saita Zaɓuɓɓukan Fayil da Ma'auni (sshd_config)

SSHD Saita Zaɓuɓɓukan Fayil da Ma'auni (sshd_config)

Menene fayil ɗin SSHD Config (sshd_config) don OpenSSH?

Kamar yadda muka bayyana a koyawa ta baya, OpenSSH tana da fayilolin daidaitawa guda 2. wanda ake kira ssh_config don daidaitawa na SSH abokin ciniki da kuma wani kiran sshd_config don daidaitawar gefe ssh-uwar garke. Dukansu, suna cikin hanya mai zuwa ko kundin adireshi: /da sauransu/ssh.

Saboda haka, wannan yawanci ya fi mahimmanci ko dacewa, tun da yake yana ba mu damar amintattun hanyoyin haɗin SSH cewa za mu ba da izini a cikin Sabar mu. Wanda galibi yana cikin wani abu da aka sani da shi Ƙarfafa uwar garken.

Menene fayil ɗin SSHD Config (sshd_config) don OpenSSH?

Saboda wannan dalili, a yau za mu nuna abin da yawancin zaɓuɓɓuka da sigogin da ke cikin fayil ɗin da aka ce, a cikin mu kashi na karshe da na shida na wannan silsilar bayarwa karin shawarwari masu amfani da gaske yadda ake yin irin waɗannan gyare-gyare ko canje-canje ta hanyar irin waɗannan zaɓuɓɓuka da sigogi.

Jerin zaɓuɓɓukan da ke akwai da sigogi

Jerin zaɓuɓɓukan da ke akwai da sigogi

kamar a cikin fayil "SSH Config" (ssh_config), fayil ɗin "SSHD Config" (sshd_config) yana da zaɓuɓɓuka da sigogi da yawa, amma ɗaya daga cikin mafi sani, amfani ko mahimmanci Su ne masu biyowa:

Masu amfani / Masu Amfani

Wannan zaɓi ko siga yawanci ba a haɗa ta ta tsohuwa a cikin wannan fayil ɗin ba, amma an saka shi a ciki, gabaɗaya a ƙarshensa, yana ba da yuwuwar nuna wanda ko wane (masu amfani) zasu iya shiga uwar garken ta hanyar haɗin SSH.

Don haka, ana amfani da wannan zaɓi ko siga tare da a jerin tsarin sunan mai amfani, rabu da sarari. Don haka, idan an ƙayyade, shiga, to, iri ɗaya kawai za a yarda don sunayen masu amfani waɗanda suka dace da ɗaya daga cikin alamu.

Lura cewa ta tsohuwa, ana ba da izinin shiga ga duk masu amfani akan kowane mai masaukin baki. Duk da haka, idan an saita tsarin kamar haka "USER@HOST", saboda haka USER da HOST an tabbatar da su daban, wanda ke ƙuntata shiga ga wasu masu amfani daga takamaiman runduna.

Kuma ga HOST, adireshi a cikin tsari na Adireshin IP/Mask. A ƙarshe, Masu Amfani za a iya maye gurbinsu da Masu Amfani don ƙaryata tsarin mai amfani iri ɗaya.

SaurariAdress

Yana ba ku damar tantance adireshin IP na gida (maɓallin cibiyar sadarwar gida na na'urar uwar garken) wanda shirin sshd ya kamata ya saurare shi. Kuma don wannan, ana iya amfani da waɗannan nau'ikan sanyi:

  • Saurari Address sunan mai masauki | Adireshin IPv4/IPv6 [yankin]
  • ListenAddress sunan mai masauki: tashar jiragen ruwa [yanki]
  • ListenAdress IPv4/IPv6 adireshin: tashar jiragen ruwa [yankin]
  • ListenAdress [sunan mai masauki | Adireshin IPv4/IPv6]: tashar jiragen ruwa [yankin]

LoginGraceTime

Ba ka damar saka a zaman lafiya, bayan haka, uwar garken ta katse, idan mai amfani da ke ƙoƙarin yin haɗin SSH bai yi nasara ba. Idan darajar sifili (0), an saita cewa babu iyaka lokacin, yayin An saita tsoho zuwa 120 seconds.

Matsayin Log

Yana ba ku damar tantance matakin magana don saƙonnin log ɗin sshd. shi kumaƘimar da za a iya sarrafawa sune: SAUKI, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, da DEBUG3. Yayin, kumaTsohuwar ƙimar ita ce INFO.

MaxAuthTries

Yana ƙayyadad da matsakaicin adadin yunƙurin tabbatarwa da aka yarda ta kowace haɗi. Ta hanyar tsoho, an saita ƙimar sa zuwa 6.

MaxSessions

Yana ba ku damar ƙididdige matsakaicin adadin buɗe zaman Shell kowane haɗin cibiyar sadarwa da aka kafa, ko dai ta hanyar shiga ko ta tsarin da aka yi amfani da shi, misali ta sftp. Esaita darajarta zuwa 1 zai haifar da kashe yawan juzu'i, yayin saita shi zuwa 0 zai toshe duk nau'ikan haɗin gwiwa da zaman. Ta hanyar tsoho, an saita ƙimar sa zuwa 10.

MaxStartups

Yana ba ku damar tantancewa Matsakaicin adadin haɗin kai mara inganci na lokaci ɗaya zuwa daemon SSH, watau adadin haɗin SSH da za a iya buɗe kowane IP/ Mai watsa shiri. Tsohuwar ƙimar sa yawanci 10, 30, ko 100 ne, wanda galibi ana ɗaukarsa babba, don haka ana ba da shawarar ƙaramin ƙima.

Tabbatar da kalmar wucewa

Yana ƙayyade ko za a buƙaci tantance kalmar sirri. Ta hanyar tsoho, an saita ƙimar sa zuwa "Ee".

IzininEmptyPasswords

Yana ƙayyadaddun ko uwar garken zai amince (ba da izini) shiga cikin asusun mai amfani tare da igiyoyin kalmar sirri mara komai. Ta hanyar tsoho, ana saita ƙimarta zuwa "A'a".

Samun RoginShigowa

Yana ba ku damar tantance ko uwar garken zai amince (ba da izini) fara zaman shiga akan asusun mai amfani. Ko da yake, dTa hanyar tsoho, an saita ƙimar sa zuwa "haramta-kalmar sirri", daidaitaccen saita zuwa "A'a", wanda ya tsara hakan ba a yarda mai amfani da tushe ya fara zaman SSH ba.

Port

Yana ba ku damar tantancewa lambar tashar jiragen ruwa ta hanyar da shirin sshd zai kasance yana sauraron duk buƙatun haɗin SSH. Ta hanyar tsoho, an saita ƙimar sa zuwa "22".

Yankuna masu tsauri

Yana ƙayyadaddun ko shirin SSH ya kamata ya tabbatar da yanayin fayil da mallakin kundin adireshin gida da fayilolin mai amfani kafin karɓar shiga. Ta hanyar tsoho, an saita ƙimar sa zuwa "Ee".

SyslogFacility

Yana ba da damar lambar shigarwa da ake amfani da ita lokacin shiga saƙon daga shirin SSH. Ta hanyar tsoho, ana saita ƙimarta zuwa "Izinin" (AUTH).

Note: Dangane da SysAdmin da kuma buƙatun tsaro na kowane dandamali na fasaha, wasu zaɓuɓɓuka da yawa na iya zama masu amfani ko mahimmanci. Kamar yadda za mu gani a cikin sakonmu na gaba da na ƙarshe a cikin wannan jerin, inda za mu mayar da hankali kan ayyuka masu kyau (nasihu da shawarwari) akan SSH, don amfani da duk abin da aka nuna zuwa yanzu.

Ƙarin bayani game da SSH

Karin bayani

Kuma a cikin wannan kashi na hudu, zuwa fadada wannan bayanin da kuma nazarin kowane ɗayan zaɓuɓɓuka da sigogi da ake samu a cikin fayil din daidaitawa "SSHD Config" (sshd_config)Muna ba da shawarar bincika hanyoyin haɗin gwiwa: Fayil ɗin daidaitawar SSH don OpenSSH Server y Littattafan Buɗaɗɗen SSH na hukuma, cikin Turanci. Kuma kamar yadda a cikin kashi ukun da suka gabata, bincika waɗannan abubuwan abun ciki na hukuma kuma amintacce akan layi akan SSH da OpenSSH:

  1. Wiki na Debian
  2. Littafin Jagoran Debian: Login Nesa / SSH
  3. Littafin Tsaro na Debian: Babi na 5. Sabis na Tsaro
Labari mai dangantaka:
Koyan SSH: Shigarwa da Fayilolin Kanfigareshan
Buɗe Secure Shell (OpenSSH): Kadan daga cikin komai game da fasahar SSH
Labari mai dangantaka:
Buɗe Secure Shell (OpenSSH): Kadan daga cikin komai game da fasahar SSH

Zagaye: Banner post 2021

Tsaya

A takaice, tare da wannan sabon kashi a kunne "Koyan SSH" muna kusan kammala bayanin bayanin akan duk abin da ya shafi BUDE, ta hanyar ba da mahimman bayanai game da fayilolin daidaitawa "SSHD Config" (sshd_config) y "SSH Config" (ssh_config). Saboda haka, muna fatan cewa yana da amfani ga mutane da yawa, na sirri da kuma na sana'a.

Idan kuna son wannan post ɗin, ku tabbata kuyi sharhi akansa kuma kuyi sharing zuwa wasu. Kuma ku tuna, ziyarci mu «shafin gida» don bincika ƙarin labarai, da shiga tashar tashar mu ta hukuma Sakon waya daga FromLinux, Yamma rukuni don ƙarin bayani kan batun yau.


Abubuwan da ke cikin labarin suna bin ka'idodinmu na ka'idojin edita. Don yin rahoton kuskure danna a nan.

Kasance na farko don yin sharhi

Bar tsokaci

Your email address ba za a buga.

*

*

  1. Mai alhakin bayanan: Miguel Ángel Gatón
  2. Dalilin bayanan: Gudanar da SPAM, gudanar da sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.