A cikin duniyarmu akwai sirri da yawa, da yawa ... A gaskiya bana tsammanin zan iya koyon isa in san mafi yawansu, kuma wannan ana bayar da shi ne ta hanyar sauki da cewa Linux na ba mu damar yin da yawa, amma abubuwa da yawa da da wahala mu san su duka.
A wannan lokacin zan bayyana yadda za a yi wani abu mai matukar amfani, wani abu da yawancin hanyoyin sadarwa ko masu kula da tsarin suka buƙaci yi, kuma mun sami wahala don kawai ba mu sami wata hanya mai sauƙi ba don cimma hakan:
Yadda ake kewaya masu amfani da ke haɗawa ta hanyar SSH
keji? TF WTF!
Ee Idan har wani dalili ya zama dole mu baiwa SSH damar zuwa ga wani abokinmu ta hanyar kwamfutar mu (ko kuma sabar ta), dole ne a koda yaushe mu kula da tsaro da kwanciyar hankali na kwamfutar mu ko kuma sabar mu.
Ya faru cewa kwanan nan muna so mu ba Perseus SSH damar shiga sabar namu, amma ba za mu iya ba shi kowane irin dama ba saboda muna da maganganu masu mahimmanci a can (mun tattara abubuwa da yawa, fakitin da muka girka daban-daban, da dai sauransu. .) kuma idan wanda baiyi Ko na yi kokarin kawo sauyi ko kadan a sabar ba, akwai yuwuwar komai zai tafi hehe.
Don haka, Yadda ake ƙirƙirar mai amfani da iyakoki masu iyaka, ta yadda ba zai iya fita daga kejin nasa ba (gida)?
Bari mu fara da zazzagewa makarya, kayan aiki wanda zai bamu damar yin hakan:
1. Da farko dole ne mu sauke sabar JailKit ɗinmu.
wget http://ftp.desdelinux.net/jailkit-2.14.tar.gz
2. Sannan dole ne mu zare kunshin kuma mu shigar da babban fayil din da ya bayyana:
tar xzf jailkit-2.14.tar.gz && cd jailkit-2.14
3. Daga baya mun ci gaba da tattarawa da girka software (Na bar muku hoto):
./configure
make
make install
4. Shirya, an riga an shigar da wannan. Yanzu muna ci gaba da ƙirƙirar kejin da zai ƙunshi masu amfani a nan gaba, a halin da nake ciki na ƙirƙiri shi ne: / opt / kuma na kira shi "kurkuku", don haka hanyar za ta kasance: / ficewa / kurkuku :
mkdir /opt/jail
chown root:root /opt/jail
5. An riga an ƙirƙiri keji, amma ba shi da duk kayan aikin da ake buƙata don masu amfani na nan gaba waɗanda za su kasance can su yi aiki ba tare da matsala ba. Ina nufin, har zuwa yanzu an ƙirƙiri keji, amma akwatin fanko ne kawai. Yanzu za mu sanya a cikin keji wasu kayan aikin da masu amfani da keɓaɓɓu za su buƙaci:
jk_init -v /opt/jail basicshell
jk_init -v /opt/jail editors
jk_init -v /opt/jail extendedshell
jk_init -v /opt/jail netutils
jk_init -v /opt/jail ssh
jk_init -v /opt/jail sftp
jk_init -v /opt/jail jk_lsh
6. Shirya, kejin ya wanzu kuma yana da kayan aikin da mai amfani zai iya amfani dasu ... yanzu kawai muna buƙatar ... mai amfani! Bari mu kirkiro mai amfani Kira kuma za mu sa shi a cikin keji:
adduser kira
jk_jailuser -m -j /opt/jail kira
cat /etc/passwd | grep jk_chroot
Idan kun lura cewa babu wani abu kamar sikirin da ya bayyana, tabbas kun yi kuskure. Bar tsokaci anan kuma zanyi farin cikin taimaka muku.
7. Kuma voila, mai amfani an riga an kulle shi ... amma, an killace shi da SO, don haka ba zai iya haɗawa da SSH ba, saboda lokacin da yake ƙoƙarin haɗa sabar ba ta barin shi:
8. Don bawa mai amfani damar haɗawa dole ne muyi wani mataki.
Dole ne mu shirya fayil ɗin etc / passwd na kejin, ma'ana, a cikin wannan yanayin zai zama / ficewa / kurkuku / sauransu / passwd , a ciki muna yin sharhi kan layin mai amfani da muka kirkira, kuma muna ƙara sabo kamar:
kira: x: 1003: 1003 :: / gida / kira: / bin / bash
Wato, zamu sami fayil kamar haka passwd:
tushen: x: 0: 0: tushen: / tushen: / bin / bash
#kira: x: 1003: 1003: ,,,: / fice / kurkuku /./ gida / kira: / usr / sbin / jk_lsh
kira: x: 1003: 1003 :: / gida / kira: / bin / bash
Lura da kyau alamun alamomin rubutu da sauransu, yana da mahimmanci kar a sauke kowane 🙂
Bayan yin wannan, mai amfani zai iya shiga ba tare da wata matsala ba 😀
Kuma wannan kenan.
Kayan aikin da muke amfani dashi don wannan duka (makarya) yi amfani da baya tsiro, wanda shine ainihin abin da kusan dukkanin koyarwar suke amfani dashi. Koyaya ta amfani da JailKit ya zama mafi sauki ga keji 😉
Idan wani ya gabatar da matsala ko wani abu baya tafiya daidai, bar cikakken bayani gwargwadon iko, ban dauki kaina gwani ba amma zan taimake ku gwargwadon iko.
to zai zama wani abu kamar izini a cikin FTP? mai ban sha'awa
koyaushe kuna fitowa da duk abin da baku san ko akwai shi ba, kamar masu amfani a cikin MySQL xD
Ba daidai bane, saboda SSH ba ɗaya bane da FTP. SSH harsashi ne, ma'ana, m ... za ku kasance a cikin tashar a kan wata kwamfutar ko sabar, kuna iya aiwatar da umarni, fara aiwatarwa, da sauransu ... za ku yi kamar yadda mai kula da sabar ya ba ku 😉
hahahahahaha nah zo, abin da ya faru shine na buga wasu abubuwan fasaha ... ma'ana, Ina son buga kananan abubuwa wadanda basu shahara ba kuma masu ban sha'awa. Misali, ni da kaina ban shirya buga wani abu ba a duk ranar da sabon Ubuntu ya fito, saboda nayi imanin cewa da yawa zasu riga sun yi magana game dashi ... amma, abinda kuka karanta anan cikin gidan, shin ba wani abu bane wanda ake karantawa kowane rana ko kuwa? 😀
Kyawawan gudummawa na gode
akwai kuma yarjejeniya da ake kira sftp wanda yake ftp da Secure Shell tare, kodayake ba daidai yake da gudanar da FTP akan SSH ba: \
gaisuwa
Ee eh da gaske, amma ta hanyar caging SSH na kera duk wanda ya hada shi ta hanyar amfani da SFTP, domin kamar yadda kake fada, SFTP a zahiri SSH + FTP 😀
gaisuwa
Hotunan ba za a iya gani ba !!! 🙁
Kuskuren kuskure na hehe, gaya min yanzu 😀
Shirya. Godiya 😀
yayi kyau sosai, Nina nuna ma wadanda nafi so su sameshi lokacin da nake bukata lol
Na gode, kowace tambaya ko matsaloli, muna nan don taimaka muku 🙂
Suna da Perseus a cikin keji. http://i.imgur.com/YjVv9.png
LOL
xD
Yaya kake.
Ka sani, magana ce wacce ban san ta sosai ba kuma na kasance ina bincika BSD (PC-BSD da Ghost BSD) kuma na ga abin ban sha'awa ne kuma tare da ayyukan da zasu iya da amfani sosai.
Zan ajiye shi don tunani kuma in duba shi akan dokin BSD. Godiya ga bayanin.
Ban ma san da wannan ba, saboda ban taɓa tunanin bawa wani SSH damar shiga kowane sabar ba haha, amma lokacin da na sami buƙatar yin hakan, ina so in ba da dama amma ba tare da yiwuwar wani ya yi kuskuren yin wani abu ba hakan bai wajaba ba 😀
Ban taɓa gwada wannan akan tsarin BSD ba, don haka ba zan iya ce muku zai yi aiki ba, amma idan kuna neman yadda ake chroot akan BSD, wani abu ya kamata ya fito 😉
Godiya ga mai sharhi aboki 🙂
Barka dai, Ina amfani da FreeBSD kuma tabbas gidan yari yana aiki a gaskiya wannan a cikin tashar jiragen ruwa
Kuna shigar da shi tare da wannan umarnin
cd / usr / tashar jiragen ruwa / bawo / jailkit / && sa shigar tsabta
Ko ta fakiti fakiti
pkg_add -r jailkit
Sai kawai a cikin sanyi (kira: x: 1003: 1003 :: / home / kira: / bin / bash)
Kuna buƙatar ƙara tcsh ko sh, sai dai idan kun shigar da bash kuma ƙara wannan hanyar
/ usr / na gari / bin / bash
Kuma wasu detailsan ƙarin bayanai, a cikin Ghost BSD yakamata ya zama irin wannan tsari ya ma fi sauƙi kamar yadda yake bisa FreeBSD
gaisuwa
Mai girma, Ina neman ta; Shin kun san ko yana aiki a Centos ?? godiya.
Ban gwada shi a kan Centos ba, amma a, ya kamata ya yi aiki :)
A hakikanin gaskiya na tuna cewa da yawa sun yi amfani da wannan kayan aikin a kan Centos da Red Hat sabobin 😉
Godiya mai yawa. Kai tsaye yana zuwa alamun shafi.
Na gode da ku don yin sharhi 🙂
Kyakkyawan "dabara", mai matuƙar amfani ga masu kulawa sys. Amma har ma mafi kyau, kyakkyawan rubutu sosai. Me za ku iya so.
Na gode da yawa don taimako.
Na gode, na gode sosai da bayaninka 😀
gaisuwa
Yaba SSH haha
Da zarar na yi ƙoƙarin yin kejin ssh amma a cikin salon gargajiya kuma gaskiyar ita ce ba ta taɓa fitowa daidai ba. Idan kejin yana aiki, to bashi ma da bash, ma'ana, ya haɗu kuma babu abin da ya rage haha, idan harsashi yana gudana, zai iya hawa a cikin kundin adireshi da yawancin quilombos mafi haha amma wannan siliki na mace ne, yana sarrafa waɗannan abubuwan ta atomatik ... An ba da shawarar sosai
haha godiya.
Ee, a zahiri SSH duk abin al'ajabi ne ga abin da yake ba mu dama, wanda ba komai ba ne face abin da tsarin yake ba don haka ... hooray don Linux! Ha haha.
Barka dai, tambaya!
me yasa za'a canza gida daga (1) / opt / ngalel / ./ gida / kira zuwa (2) / gida / kira
Dole ne mu shirya fayil ɗin da sauransu / passwd na kejin, wato, a wannan yanayin zai zama / opt / jail / etc / passwd, a ciki muna yin sharhi kan layin mai amfani da muka ƙirƙira, kuma ƙara sabon kamar:
kira: x: 1003: 1003 :: / gida / kira: / bin / bash
A takaice dai, fayil ɗin passwd zai yi kama da wannan:
tushen: x: 0: 0: tushen: / tushen: / bin / bash
(1) #kira: x: 1003: 1003: ,,,: / ficewa / kurkuku /./ gida / kira: / usr / sbin / jk_lsh
(2) kira: x: 1003: 1003 :: / gida / kira: / bin / bash
Barka dai 🙂
Idan ba a saita wannan ba, damar SSH ba ta aiki, mai amfani yana ƙoƙarin haɗawa amma an kore shi ta atomatik ... da alama matsala ce ko matsala tare da mai fassarar da JailKit ya kawo, saboda yayin yin wannan canjin yana nuna cewa yana amfani da al'ada bash na tsarin, komai yana aiki.
Har yanzu ina rufe zaman ssh: C
Girman 10.1 x64
Barka dai Na sanya wannan kuma yana aiki da hankali sosai a cikin centos = D.
amma addu'ata kamar baya ce don ƙara ƙarin umarni misali ga mai amfani da kurkuku
ba zai iya gudanar da umarnin svn ba http://pagina.com/carpeta
Ina nufin, wannan umarnin ba ya kasancewa ga masu amfani da kurkuku a wannan yanayin kamar baya don ƙara waɗannan umarnin zuwa gidan yarin kuma akwai ƙarin da yawa da nake buƙatar ƙarawa.
Barka dai, ya kake?
Idan kanaso ka kunna umarni «svn» a gidan yari kana da umarnin jk_cp
Wannan shine:
jk_cp / ficewa / kurkuku / / bin / svn
Wannan zaton svn binary ko zartarwa shine: / bin / svn
Kuma bari Kage / Kurkuku su zama: / ficewa / kurkuku /
Zaka samu umarni wadanda suka dogara da wasu, ma'ana, idan ka kara umarni «pepe» zaka ga cewa dole ne ka kara «federico», saboda «pepe» ya dogara da «federico» da za'a zartar, idan ka sami wannan to kun kara umarnin da ake bukata kuma tuni 😉
Hakan yayi kyau, Ina gwada shi yanzunnan, kuma ina gaya muku cewa hakan ta faru, na gode ƙwarai = D
Sa'a 😀
Na gudanar da abin da kuka gaya mani amma ta wannan hanyar kuma ta atomatik ya gano shi ba tare da wata matsala ba .. Wannan ita ce umarnin da nake amfani da shi don amfani da subverision.
jk_cp -j / gida / jaul svn
Da kyau ina amfani da centos xP kuma wataƙila ya bambanta amma mai kyau
yanzu zan so sanin ko wanene dakunan karatu kamar su svn amma yanzu zan so in tattara saboda a ce ina bukatar amfani da umarni kamar haka
./ sake fasali da alamar kuskure
./configure.lineno: layin 434: expr: ba a samo umarni ba
Ba zan iya sanin waɗanne ne laburari ɗin da na riga na girka mysql da sauransu ba idan ya tattara a waje da kurkukun amma ba cikin jaui ba.
yi hakuri da cikas.
ps: ya kamata ka sanya a cikin jagorar abin da na gaya maka game da umarnin da aka yi amfani da shi a centos =) gaisuwa.
Duba, lokacin da na gaya muku cewa ba zai iya samun umarni ba (kamar a nan) abu na farko shi ne neman umarnin:
whereis expr
Da zarar an samo (/ usr / bin / expr da / usr / bin / X11 / expr) sai mu kwafa shi zuwa gidan yari tare da jk_cp 😉
Gwada wannan don gani.
I, Na riga na gyara post ɗin kuma na ƙara cewa yana aiki a Centos 😀
Na gode sosai ((:
Na gode da shigarwar…
sannu, yaya kake?
Fuck dude! Daga Chile gaisuwata. Kuna da nisa kamar ni! LOL !. Ugsununi. Matsayinku ya kasance mai taimako a gare ni!
Na gode da bayaninka 😀
Na gode sosai da gidan, ya taimaka min sosai, amma abin takaici a cikin
/______________________________ // /////////, ////// /////////,
Dole ne mu shirya fayil ɗin da sauransu / passwd na kejin, wato, a wannan yanayin zai zama / opt / jail / etc / passwd, a ciki muna yin sharhi kan layin mai amfani da muka ƙirƙira, kuma ƙara sabon kamar:
kira: x: 1003: 1003 :: / gida / kira: / bin / bash
A takaice dai, fayil ɗin passwd zai yi kama da wannan:
tushen: x: 0: 0: tushen: / tushen: / bin / bash
#kira: x: 1003: 1003: ,,,: / ficewa / kurkuku /./ gida / kira: / usr / sbin / jk_lsh
kira: x: 1003: 1003 :: / gida / kira: / bin / bash
/______________________________ // /////////,
Yana haifar min da irin wannan kuskuren, ina nufin, na barshi yadda yake, kuma yana sanya ni daga tashar lokacin da nake haɗawa ,,, .., Nayi tsokaci akan layin kuma in ƙara ƙarin gyara shi kamar yadda kuka nuna, kuma shi ma takalma ni….
Shigar da sabon salo "jailkit-2.16.tar", har ma ƙirƙirar rubutun don adana lokaci, ga isasa:
/______________________________ // /////////,
#! / bin / bash
wget http://olivier.sessink.nl/jailkit/jailkit-2.16.tar.gz
tar -zxvf gidan yari-2.16.tar.gz
cd gidan yari-2.16
./configure
yi
yi shigar
fita
/______________________________ // /_______________________________
Babu shakka da farko sun shiga a matsayin "tushen" ...
Taya zan warware kuskuren aboki ????
Yi haƙuri, na riga na same shi, na yi kuskure game da Fayil ɗin Gidan, amma ina da babban shakku, ta yaya zan iya samun sa in bari in aiwatar da umarnin "allo", Ina ƙoƙarin yin amfani da shi (a cikin mai amfani da ke ciki) , amma ba ya aiki ... Wani abin kuma shi ne ,, ta yaya zan sami wannan mai amfani da keken don gudanar da shirin giya a kan wani tsohon da ya sanya kawai a cikin gidansa ,, yaya abin zai kasance?
hello, mai kyau tuto! Ni sabo ne ga waɗannan mahallan, ina da tambaya ...
Game da tsaro, na ga asalinta yana da manyan fayiloli, shin suna da mahimmanci? Ina so kawai ya sami damar zuwa babban fayil din sa (ftp-upload da ssh-execute) don gudanar da aikace-aikace, wadanne manyan fayiloli zai iya gogewa daga asalinsu? ko ba ya wakiltar wani haɗari a gare ni? Ina godiya da taimakonku a gaba, gaisuwa!
@ KZKG ^ Gaara, na gode da kyau da kuka sanya kuskuren rai amma tare da sigar jailkit-2.16.tar.gz da kuka ba da shawara sun gyara shi
http://olivier.sessink.nl/jailkit/jailkit-2.16.tar.gz
Ina tsammanin zan ba da shi zuwa ga PDF, jojo .. zuwa keji da godiya wn 😀
Assalamu alaikum aboki, ina da tambaya:
A ce muna da wani mai amfani mai suna "gwaji".
Tambayar ita ce, fayil /home/test/.ssh/known_hosts wanda ke cikin gidan wancan mai amfanin, shin fayel ɗin ɗaya ne ko ba mai amfani da shi bane?
Gwada wannan. Zai yiwu tare da wannan hanyar don taƙaita kewayawa zuwa ɗayan gidan na sauran masu amfani.
Da farko dai, godiya ga sakon! Yana da matukar amfani a gare ni; amma ina da shakku biyu, kuma waɗannan suna faruwa ne daga yanayin da nake da shi:
Ina buƙatar ƙirƙirar masu amfani da N tare da samun dama mai zaman kansa da na gida, kowane mai amfani zai iya isa ga gidansa kawai don ajiya, gyara da share fayilolin da ke ciki ba tare da matsawa zuwa wasu ba (Dama ina da wannan ma'anar). Baya buƙatar samun dama ta hanyar ssh.
1. Shin dole ne ka kirkiri keji ga kowane mai amfani, ko kuwa akwai hanyar da zaka samu mabambantan masu amfani a cikin keji daya amma kowanne yana da kundin adireshin "na sirri"?
2. Lokacin shiga (ta hanyar abokin cinikin FTP) ana nuna duk kundayen adireshin da kayan aikin suka kirkira Shin akwai hanyar da za'a nuna jakar a hanya mai tsafta? Ko na yi wani abu ba daidai ba a hanya?
Kyakkyawan koyawa! Ya kasance babban taimako a gare ni, Ina gwada shi da sigar 2.17 akan Ubuntu 14.04 kuma yana aiki sosai. Yanzu ina da kalubale mai zuwa, da zarar an yi amfani da mai amfani ta yadda ba zai iya matsawa zuwa kowace hanya ba, ina so kawai ya iya ganin abin da ke cikin fayil ɗin da ke cikin wata hanyar. Na gwada ta hanyar mahada ta alama amma yayin kokarin yin wutsiya ko kyanwa zuwa wannan fayil din sai ta fada min cewa babu shi kodayake yayin isa ga mai amfani zan iya lissafa wannan fayil din a cikin gidan keji
Idan za ku iya taimaka min zan yi matukar godiya, na gode a gaba
Barka dai, Na bi duk littafin kuma lokacin shiga tare da ssh yana rufe ta atomatik, alamun:
Dec 4 19:20:09 toby sshd [27701]: An karɓa kalmar shiga don gwaji daga 172.16.60.22 tashar 62009 ssh2
Dis 4 19: 20: 09 toby sshd [27701]: pam_unix (sshd: zaman): an buɗe zaman don gwajin mai amfani ta (uid = 0)
Dec 4 19:20:09 toby jk_chrootsh [27864]: yanzu shiga kurkuku / fita / kurkuku don gwajin mai amfani (1004) tare da hujjoji
Dec 4 19:20:09 toby sshd [27701]: pam_unix (sshd: zaman): an rufe zaman don gwajin mai amfani
Gracias
Ba lokacin da nayi mataki na ƙarshe na bawa ssh damar yin amfani da mai amfani ba, har yanzu yana rufe haɗin 🙁
Shin wataƙila daga wannan mai amfani ƙirƙirar canji zuwa tushe? roarjinka? baya barina. Yaya zata kasance? Na gode da taimakon ku
Na gode sosai da darasin, Ina bukatan shi don ƙirƙirar mai amfani wanda zai iya amfani da clonezilla don yin hoto da kwafe shi zuwa sabar baƙon amma amma ba zai iya zagayawa duk inda yake so ba
Yayi kyau! Ina bukatar sanin wani abu.
Shin zai yuwu a shiga Akidar ta amfani da FTP kuma ana samun wadannan izini, don gudanar dashi ta FTP ba tare da SSH ba? Bari mu ce kamar ƙirƙirar haɗi, yanayin rami ko wani abu makamancin haka. Yaya ake yi? Kafa fayil ɗin VSFTPD?
Na gode sosai!