Sannu,
Anan zaku ga yadda ake haɗuwa da PC daga nesa ta hanyar SSH Shigar da kalmar wucewa kawai a karon farko, to koda mun sake kunna kwamfutocin duka, ba za a sake tambayarmu kalmar sirri ba.
Amma, bari mu fara ganin takaitaccen bayani game da menene SSH:
SSH yarjejeniya ce, hanya ce ta sadarwa tsakanin kwamfutoci biyu. Yana ba mu damar sarrafa ƙungiyar ta nesa. Lokacin da muka sami damar shiga wata kwamfutar ta hanyar SSH, za a zartar da umarnin da muka shigar a waccan tashar akan ɗayan kwamfutar, ta wannan hanyar muke sarrafawa / sarrafa shi.
Duk abin da ake watsa ta SSH, an ɓoye shi kuma tare da kyakkyawan tsaro.
Yanzu, zamu ga yadda zamuyi amfani da matakai guda uku Kwamfuta # 1 don samun dama Kwamfuta # 2 ba tare da shigar da kalmar sirri ba:
Muna da halin da ake ciki:
Kwamfuta # 1 - » Kuna so ku haɗa zuwa Kwamfuta # 2, ba tare da shigar da kalmar wucewa ba duk lokacin da kuka yi kokarin haɗi zuwa wannan PC ɗin.
Kwamfuta # 2 - » Kun shigar da sabar SSH. Wannan shine daya Kwamfuta # 1 zai hade, kuma zai yi hakan ba tare da shigar da kalmar sirri ba. A wannan PC ɗin akwai wani mai amfani mai suna tushen.
Bari mu fara…
1. En Kwamfuta # 1 mun rubuta masu zuwa:
- ssh -keygen -b 4096 -t rsa
Wannan zai haifar da maɓallin jama'a. Don kar a sami rudani da "mabuɗan jama'a da masu zaman kansu", zan bayyana shi a sauƙaƙe.
A ce kana da makullin gidanka guda biyu a aljihunka, ɗaya ka bai wa budurwarka tunda kuna zaune tare, ɗayan kuma an bar ku shi kaɗai, ba ku ba kowa ba. Da kyau, wannan mabuɗin da kuka ba wa budurwar ku zai ba ta izinin shiga gidanku ba tare da ta gaya muku ba, ba tare da neman izininka ba, ko? wannan mabuɗin jama'a ne, "maɓalli" wanda ke bawa PC ɗaya damar samun dama ga wani ba tare da neman izininka ba (ma'ana, ba tare da shigar da sunan mai amfani + kalmar wucewa ba)
Lokacin da suka sanya wannan umarnin, wannan zai bayyana:
2. Kawai latsa [Shiga], na biyu daga baya mun sake latsawa [Shiga], kuma na biyu daga baya mun sake latsawa sau ɗaya [Shiga]. Ina nufin, za mu danna [Shiga] jimlar sau uku (3), muna latsa shi kawai ... ba mu rubuta komai 🙂
Idan muka yi haka, wani abu mai kama da mai zuwa zai bayyana:
Shirya, dama muna da maɓallin jama'a ... yanzu muna buƙatar bawa wanda muke so (misali, a ba budurwarmu haha)
Abin da muke so shi ne Kwamfuta # 1 haɗa zuwa Kwamfuta # 2, riga a ciki Kwamfuta # 1 mun yi duk na sama, a cikin Kwamfuta # 2 Ba mu yi komai ba. Yayi kyau, Kwamfuta # 2 yana da adireshin IP misali 10.10.0.5.
3. Mun saka a ciki Kwamfuta # 1 na gaba:
- ssh-copy-id tushen @ 10.10.0.5
Abin da wannan ke yi kawai ba ku mabuɗin jama'a na Kwamfuta # 1 a Kwamfuta # 2, ma'ana, yana bayarwa ga Kwamfuta # 2 mabuɗin jama'a na Kwamfuta # 1yayin da Kwamfuta # 1 yana rike da madannin nasa, ka sani; wancan mabuɗin da ba a ba kowa ba. Yana da mahimmanci kada ayi kuskure tare da mai amfani, ma'ana, idan mai amfani “tushen"Babu shi a cikin PC # 2, zai ba mu kuskure, yana da muhimmanci a bayyana a cikin wane mai amfani da za mu yi amfani da shi don wannan, ban da gaskiyar cewa wannan mai amfani da muke tsara hanya da shi ba tare da kalmar sirri ba, zai zama daidai da wanda za mu iya samun damar zuwa a nan gaba. Da zarar an gama wannan, ya kamata ya zama kamar wannan:
A matakin da ya gabata, dole ne su sanya kalmar shiga ta mai amfani a ciki Kwamfuta # 2.
Kuma voila ... komai an daidaita shi 😀
Hakanan ya bayyana a gare mu a cikin tashar, bari mu gwada idan komai yayi aiki da gaske 100% Yayi. Don gwadawa, mun sanya:
- ssh tushen@10.10.0.5
Idan suna son samun damar wata kwamfutar suma ba tare da koyaushe suna shigar da kalmar sirri ba (Kwamfuta # 3 misali), kawai muna ba shi mabuɗinmu na jama'a kuma shi ke nan, ma'ana, da zarar mun yi matakin #1 y #2 ba za mu sake yi ba. Idan muna son shiga Kwamfuta # 3 misali, wanda yake da IP 10.10.99.156 mun sanya kawai:
- ssh tushen@10.10.99.156
Ya zuwa yanzu koyawa.
Yi bayanin cewa matakin tsaro lokacin da muke magana game da SSH yana da girma sosai, kwatancen da na bayyana wasu matakai (ba mabudin budurwarmu) bazai zama haha mafi dacewa ba, tunda budurwarmu zata iya ba mabuɗin wani. Lokacin da muke magana game da SSH, ƙa'idodin tsaro suna da saukin bayani, lokacin da muke ƙoƙarin samun damar kwamfutar mu (Kwamfuta # 1) duba idan a cikin PC # 2 akwai mabuɗin jama'a na kwamfutarmu (a wannan yanayin akwai, saboda mun saita shi ta wannan hanyar), to, idan akwai ɗaya, yana da sauƙi, bincika idan wannan mabuɗin jama'a daidai yake da maɓallin keɓaɓɓenmu (wanda ba mu ba wa kowa ba). Idan mabuɗan suna kama ɗaya yana ba mu damar isa ga, in ba haka ba kuma a matsayin matakan tsaro, ba ya ba mu damar nesa da sauran kwamfutar ba.
Don haka yanzu kun sani ... bawa budurwarmu maɓallin gida ba abu mafi aminci bane, amma raba maɓallan da samun dama ga wata kwamfuta ta nesa ta hanyar SSH ba lafiya ^ _ ^
Shakka ko tambayoyi, korafi ko shawarwari bari na sani.
Gaisuwa ga kowa.
Gaskiya ban fahimci yadda kuke rashin hankali game da tsaro kuke aikata wannan kuskuren ba. Idan a cikin mataki inda ya ce:
Enter passphrase (empty for no passphrase)Ba mu rubuta komai ba, mun ɓace idan mai amfani ya sami damar shiga PC ɗin mu kuma ya buɗe tashar, tunda yana aiwatar da shi ta atomatik:
ssh root@10.10.0.5Zai shiga ba tare da neman kalmar sirri ba.
Idan wani ya sami damar zuwa kwamfutar tafi-da-gidanka, ee, za su iya samun damar PC # 2 ba tare da shigar da kalmar sirri ba, duk da haka, kamar yadda kuka ce, ni mara izgili ne game da tsaro, shin da gaske kuna tunanin samun damar zuwa kwamfutar tafi-da-gidanka wani abu ne da sauki? HAHA.
Lokacin da na tashi koyaushe, koyaushe ina kulle allo, in ba haka ba bayan sakan 30 na babu aiki a linzamin kwamfutar tafi-da-gidanka ko madannin kwamfuta, zai kulle still
Idan wani ya saci kwamfutar tafi-da-gidanka, komai yawan kullewar zaman da kake da shi, samun damar fayiloli ba shi da muhimmanci, al'amari ne na mintuna 5 tare da Linux mai ɗora daga USB. Kuma da zarar an sami damar yin amfani da fayilolin, kamar yadda maɓallin keɓaɓɓu ba shi da kariya, za ku iya amfani da shi kai tsaye, ko mafi kyawun kwafa shi da samun damar kowane sabar naku da kyau daga gidanku. A gaskiya, aikin yana da sauri da ba za ku sani ba. A cikin mintuna 5 kun shiga banɗaki ko ma menene, ana iya yin komai.
Hanya mafi aminci ita ce sanya kalmar wucewa a kan maɓallin keɓaɓɓu, sannan amfani da ssh-wakili don ya tuna da kalmar sirri don duka zaman (kawai ssh-add). Ta wannan hanyar, kawai zai nemi kalmar sirri a karon farko, kuma a aikace za a sami haɗin kai ba tare da kalmar sirri ba kashi 90% na lokacin, ban da kariya daga sata ko kutse.
Shin ba komai bane don samun damar fayiloli? Shin kun taɓa jin cikakken ɓoyayyen faifai? (luks + kwankwasiyya)
Haka ne, tabbas, idan kuna da abin da aka ɓoye faɗinsa wani labari ne, amma kashi 90% na masu amfani ba sa yin hakan saboda ba su san yadda ake yin sa ba kuma a lokuta da yawa ba ya biyan su. Sabanin haka, rashin adana kalmomin shiga da ba asirce ba ko maɓallan sirri masu zaman kansu zuwa faifai abu ne da kowa zai iya yi, kuma kyakkyawan aiki ne gaba ɗaya.
Ajiye mabuɗan keɓaɓɓu a kan ɓoyayyen faifai kamar yin ajiyar motarka ne ka bar ƙofofin a buɗe, amma ɗaukar hayar mai tsaro tare da Doberman don kare ta. Yana aiki, ee, amma ya fi sauƙi da inganci don kulle shi kai tsaye.
MMm ba suyi yawa ga busa ƙaho ba, kodayake suna iya ƙirƙirar keɓaɓɓiyar hanyar sadarwa, sanya IP kuma su haɗa kai da waccan IP ɗin, don haka koda sun cire mabuɗin ba za su sami mashin ɗin ba saboda maɓallin yana aiki ne kawai na wani IP. Hakanan ya dogara da abin da suke so, yana aiki daidai a gare ni kamar yadda abokin ya bayyana shi, Ina da sabar sirri a cikin gidana bana buƙatar ƙara tsaro saboda yana da VPN saita.
Kuma shin duk wannan ana iya amfani dashi akan tashar windows wanda dole ne ya haɗa da * NIXs da yawa?
Ina da putty amma zan iya amfani da Securecrt (yanzu ina da rubutu)
A cikin tashar Windows (cmd) na gamsu da cewa a'a, ba zai yiwu a can ba.
Koyaya idan kuna amfani da Putty kuna iya gwada shi, zai iya aiki.
Gaisuwa da maraba zuwa shafinmu 😀
Putty ya riga ya karɓi ma'aunin -pw a cikin ƙarin umarnin. (misali: -pw12345)
A zahiri, Super Putty ya fi sanyi fiye da kawai Putty bayyananne. (Hanya ce ga Putty)
Don haka ba lallai bane ku sanya shi.
Godiya ga gidan, yana da amfani sosai. Abune mai ɗan gajiyar shiga cikin SSH don komai.
Barka dai ina godiya sosai da ziyararka and
Babu wani aboki, jin daɗin sanin cewa yana da taimako ... idan za mu iya taimaka muku ta kowace hanya, muna da farin ciki 😉
Gaisuwa da maraba zuwa shafin.
Ina buƙatar haɗi zuwa pc na windonws daga Linux dina kamar yadda nake yi daga tashar ta
Madalla .. abun yana matukar bani kwarin gwiwa ganin irin wannan koyarwar, hakan yana bani damar bayarda gudummawar abubuwan dana riga nayi sauki domin al'umma suyi amfani dasu. Na gode sosai daga El Salvador.
Ina haɗawa da inji tare da ubuntu zuwa wanda yake da debian amma yana ba ni kuskure wanda ba zai iya tantancewa ba saboda haka yana tambayata kalmar sirri .. me yasa wannan zai faru? Shin sigar ssh-keygen za ta bambanta ko me ke faruwa?
Sanya kuskuren da zai baka a nan don ya iya taimaka maka sosai 😉
Hakanan, zaku iya gwada saka wannan a cikin tashar:
sudo mv $HOME/.ssh/known_hosts /opt/Abin da wannan keyi shine tsabtace haɗin (tarihin haɗi) SSH da kuka samu.
Kuma idan ina so in yi amfani da maɓallin jama'a iri ɗaya don sabobin da yawa, zan iya yin shi, ko kuwa dole ne in ƙirƙiri maɓalli don kowane sabar da nake son shiga? Zan gwada ta wata hanya, amma akan wasu sabar da bata da amfani don kar in lalata wani abu mai amfani.
Godiya da jinjina.
Kamar yadda nayi a kwamfutar tafi-da-gidanka, mabuɗin daban ne ga kowane sabar, a zahiri, ina tsammanin ba zai yiwu a yi amfani da maɓalli iri ɗaya ba da yawa ... saboda ID ɗin kowane sabar na musamman ce, kamar zanan yatsa 🙂
gaisuwa
Sannu ubangijin yashi. Ina karanta makullin kuma na gano cewa mabuɗan mabuɗan (na jama'a da masu zaman kansu) suna amfani da uwar garken don aikawa da karɓar ƙalubale kuma ta haka ne suka fahimci juna, don haka ba shi da alaƙa da kalmar sirri da kuke amfani da ita don samun damar saba, ana amfani da na karshen don "liƙa" maɓallin jama'a a cikin sabar da aka aminta. Don haka zaka iya amfani da shi ta yadda kake so ko kake buƙata.
Ban sani ba idan na bayyana kaina, amma wargi shine cewa don amfani da maɓallan ku na biyu akan wasu sabobin, bayan bin koyarwar ku, dole kawai kuyi:
ssh-kwafin-id sauran.user@otra.ip
rubuta kalmar wucewa ta wannan sabar
Kuma a shirye.
gaisuwa
Barka dai, godiya ga jagorar, shi kadai ne ya taimake ni. Yanzu ina son yin shi a kan wasu kwamfutoci na sami abubuwa masu zuwa:
$ssh-kwafin-id -p 4000 lm11@148.218.32.91
Mara kyau tashar jirgin ruwa 'umask 077; gwajin -d ~ / .ssh || mkdir ~ / .ssh; kyanwa >> ~ / .ssh / izini-jaka '
Na gode da taimakon ku.
Na yi abin da kuka gaya mana, amma yana ci gaba da tambayata kalmar sirrin. Na fayyace wannan haɗin da nake yi tsakanin wasu sabbin kayan kwalliyar kwalliyar Linux ... me kuma zai iya zama?
Na riga na kalli / etc / ssh / sshd_config
Na riga na sake rebooting duka sabobin
PC2 = linzamin jar hula Linux 6.4
PC2 = linzamin jar hula Linux 5.1
Dole ne a daidaita sabis ɗin ssh daidai (/ sauransu / ssh / sshd_config akan PC2) don ya yi aiki.
gyara…
PC1 = Centos 6.4
PC2 = Jar Hat 5.1
Barka dai abokan aiki, Ina da buƙatar kafa alaƙar amana tsakanin uwar garken 1 Linux Centos 5.3 da Unix Sco5.7 amma ina da matsalar cewa yayin yin mataki na 3 na kwafin mabuɗin daga Linux zuwa Unix na sami saƙo / usr / bin / ssh-copy-id: ERROR: Ba a gano asalinsu ba, me ya sa ya zama haka?
Gracias
Na bi koyawa mataki-mataki. Ba ya ba ni wani kuskure, amma a ƙarshen lokacin da na haɗu daga PC1 zuwa PC2 yana ci gaba da tambayata kalmar sirri duk lokacin da na haɗa.
Shin wani yana tunanin abin da zai iya zama?
Da alama bayan ƙirƙirar mabuɗin dole ne ku aiwatar da ssh-add don wakilin tabbatarwa zai iya amfani da shi.
Yayinda nake share mabudin isowa, baya gane wani abu da aka yiwa kutse, taimako, baya shiga komai
Na gode sosai, ya yi aiki daidai
Na gode sosai don jagorar! Abu ne mai sauqi kuma ya zo da sauki don lokacin da kake da sabobinka a wajen suna tafiya ba tare da shigar da makullin ba don haka sanya abubuwa kai tsaye
Gode.
Ban san amfani da ssh-copy-id ba kuma ya zama atomatik.
Gaskiyar ita ce, na kasance har zuwa lokacin rubuta kalmar sirri, don haka abin da zan yi shi ne adana shi tare da maimaita fasalin, wanda aka kiyaye yayin zaman.
Ban damu da rubuta shi sau ɗaya a duk lokacin da na kunna kwamfutar ba, dole ne a sanya abin a duk lokacin da ya yanke ko abubuwa kamar haka
SSH Babu Jutsu!
hola
mai kyau koyawa ... amma idan ina so in wuce bayani ??? yaya zan iya yi?
Barka dai, gudummawarku tana da ban sha'awa sosai, amma ina da shakku game da irin wannan batun
Hello.
Gwada matakan da ke sama, amma lokacin ƙoƙarin kwafin mabuɗin zuwa uwar garken 2 (PC2) yana gaya mani cewa umarnin bai wanzu ba.
bash: ssh-copy-id: ba a samo umarni ba
Zan iya kwafar makullin da hannu?
Madalla !! Ina neman bayani mai sauki kuma yayi aiki daidai
na gode
Kyakkyawan taimako.
Na gode sosai, ya taimaka min sosai.
Barka dai, Ina so in san ko akwai wata hanya ta yin wannan umarnin na ssh-copy-id. Tunda na girka Bude ssh don Windows, ssh yayi min aiki a cikin DOS amma bashi da wannan umarnin ssh-copy-id. Ina so in san yadda za a aika wannan mabuɗin jama'a zuwa sauran uwar garken Linux (uwar garken Linux). Godiya mai yawa.
Barka dai. Ina buƙatar kafa dangantakar aminci tsakanin uwar garken Linux da na'urar Windows. Shigar da SSH na Windows kuma yana min aiki. Amma wannan umarnin ssh-copy-id babu shi a cikin wannan kayan aikin.
Sun san wata hanyar da zasu yi ba tare da amfani da ssh-copy-id ba.
Na gode sosai da ra'ayoyin ku.
Amma tambayar wannan ita ce iya haɗawa ba tare da kalmar wucewa ba, idan muka sanya fassarar kalmar wucewa za ta tambaye mu wannan izinin haɗawa kuma ba makasudin wannan bane
Ya kasance yana da amfani a gare ni sosai game da tsarin fp na na kwamfuta, na gode 🙂
Na gode!!!
Wasu suna damuwa game da yadda abin haushi zai zama dole ne a shigar da kalmar wucewa (passphrase), don wannan, kamar yadda suka ce a sama, yana da «mai amfani-Agent» kuma cewa ni ma an saita shi tare da Keepass da aikinsa na Nau'in Nau'in, don haka ni kawai Ina kiran tashar da kuma tare da mabuɗan maɓallan da suka tsara shirye, nima ina da "laƙabi" ga kowane buƙata kuma komai yana da sauƙi.
Kyakkyawan koyawa.
Yi farin ciki da yawa !!
Kyakkyawan bayani 🙂 amma ina da tambaya ...
Ina da PC10 wanda anan ne na ajiye bayanan, an aiko bayanin daga pc1 - pc2 - pc3, zuwa PC10, ta yaya zan iya yin pc1, pc da pc3 suyi amfani da maɓalli ɗaya don samun damar PC10 ba tare da maɓalli ba.
Murna…
Ta yaya zan iya lissafa abin da ke kan na'ura1 a cikin mashin2, ba tare da zuwa ssh ip @ runduna zuwa mashin1 ba. Ban sani ba idan na fahimci xD
Shekaru 10 sun shude tun daga wannan littafin kuma ina ci gaba da ziyartarsa duk lokacin da nake bukata. Kamar wasu koyaswa akan anan sun tsaya gwajin lokaci. Godiya da gaisuwa!