Tsegulani Secure Shell (OpenSSH): Chilichonse chokhudza ukadaulo wa SSH

Sakani Linux Post | | ofunsira, GNU / Linux

2 Comments

Tsegulani Secure Shell (OpenSSH): Chilichonse chokhudza ukadaulo wa SSH

Tsegulani Secure Shell (OpenSSH): Chilichonse chokhudza ukadaulo wa SSH

Popeza pafupifupi wogwiritsa ntchito GNU/Linux Nthawi zambiri amakhala munthu wotsogola, wodziwika bwino kapena wodziwa bwino ntchitoyo. dziko la sayansi yamakompyuta, izi zimakukakamizani kuti mugwiritse ntchito ndikuwongolera zida kapena matekinoloje apadera. Chitsanzo chabwino cha izi ndi kulumikizana kwakutali ndi makompyuta ena kapena zida, mojambula kapena ndi terminal. Mwachitsanzo, a pafupifupi wogwiritsa ntchito linux, SysAdmins kapena DevOps, nthawi zambiri kuchokera pa netiweki (kunyumba, bizinesi kapena pamtambo), amalumikizana patali ndi makompyuta ena kudzera munjira zosiyanasiyana kapena matekinoloje omwe alipo, monga, RDP, Telnet, SSH, ndi ena ambiri.

ndi zambiri Ogwira ntchito za IT tikudziwa kale, chifukwa cha izi pali zida zambiri zamapulogalamu. Komabe, zikafika Machitidwe a GNU / Linux, makamaka ponena za Seva, chofunikira kwambiri komanso chofunikira kwambiri, ndi luso la chida chomwe chimadziwika kuti OpenSecureShell (OpenSSH). Chifukwa chake, lero tiyamba ndi gawo loyamba la SSH.

Zochita zabwino ndi OpenSSH

Ndipo monga mwachizolowezi, tisanalowe mumutu wamasiku ano wa pulogalamuyi «Tsegulani Chipolopolo Chotetezedwa» (OpenSSH), kuti tifotokoze mozama za izo, tidzasiyira amene ali ndi chidwi maulalo otsatirawa a zofalitsa zina za m’mbuyomo. M’njira yakuti azitha kuzifufuza mosavuta, ngati n’koyenera, akamaliza kuŵerenga bukhuli:

"Ogwiritsa ntchito ena angaganize kuti njira zabwino ziyenera kugwiritsidwa ntchito pa maseva okha, ndipo sizili choncho. Zogawa zambiri za GNU/Linux zikuphatikiza OpenSSH mwachisawawa ndipo pali zinthu zingapo zomwe muyenera kukumbukira". Zochita zabwino ndi OpenSSH

OpenSSH imapereka zida zambiri zotetezedwa
Nkhani yowonjezera:
OpenSSH 8.5 ifika ndi UpdateHostKeys, kukonza ndi zina zambiri

 OpenSSH imapereka zida zambiri zotetezedwa
Nkhani yowonjezera:
OpenSSH 8.4 yamasulidwa kale, dziwani zosintha zake zofunika kwambiri

Tsegulani Chipolopolo Chotetezedwa (OpenSSH): Kuwongolera Kulowera Kwakutali

Tsegulani Chipolopolo Chotetezedwa (OpenSSH): Kasamalidwe ka malowedwe akutali

Kodi SSH ndi chiyani?

Dzinalo la "SSH" luso amachokera ku chidule cha mawu achingerezi "Secure Shell", zomwe m'Chisipanishi zikutanthauza, "Secure Shell" o "Secure Order Interpreter". Komabe, kuti tifotokoze zenizeni komanso zathunthu komanso kutanthauzira, titha kutchula ndime zotsatirazi:

"SSH imayimira Secure Shell ndi njira yolowera kutali ndi mautumiki ena otetezedwa pamaneti osatetezeka. Ponena za matekinoloje a SSH, OpenSSH ndiyodziwika kwambiri komanso yogwiritsidwa ntchito. SSH imalowa m'malo mwa mautumiki osalembedwa ngati Telnet, RLogin, ndi RSH ndikuwonjezera zina zambiri. " Wiki ya Debian

"Protocol ya SSH idapangidwa ndi chitetezo komanso kudalirika. Malumikizidwe ogwiritsira ntchito SSH ndi otetezeka, gulu lina ndilotsimikizika, ndipo deta yonse yosinthidwa imasungidwa. SSH imaperekanso ntchito ziwiri zosinthira mafayilo; imodzi ndi SCP, yomwe ndi chida chomaliza chomwe chingagwiritsidwe ntchito ngati lamulo la CP; ndipo ina ndi SFTP, yomwe ndi pulogalamu yolumikizirana yofanana ndi FTP”. Buku la Debian Administrator

"Pakadali pano pali ma daemoni atatu omwe amagwiritsidwa ntchito kwambiri a SSH, SSH1, SSH2, ndi OpenSSH kuchokera kwa anthu a OpenBSD. SSH1 inali daemon yoyamba ya SSH kupezeka ndipo ndiyomwe imagwiritsidwa ntchito kwambiri. SSH2 ili ndi maubwino ambiri kuposa SSH1, koma imagawidwa pansi pa layisensi yosakanikirana yotsekedwa yotseka. Pomwe, OpenSSH ndi daemon yaulere kwathunthu yomwe imathandizira SSH1 ndi SSH2. Ndipo ndiye, mtundu womwe umayikidwa pa Debian GNU/Linux, posankha kukhazikitsa phukusi la 'SSH'. Debian Security Handbook

Chifukwa chiyani mumagwiritsa ntchito ukadaulo wa SSH?

Chifukwa, SSH ndi Network protocol zomwe zimatsimikizira a kusinthana kwa data (chidziwitso/mafayilo) m'njira otetezeka komanso amphamvu, kuchokera pakompyuta ya kasitomala kupita pa kompyuta ya seva.

Komanso, teknoloji iyi imapereka njira yomwe imatengedwa kuti ndi yodalirika kwambiri, chifukwa m'menemo, mafayilo kapena malamulo omwe amatumizidwa ku kompyuta komwe akupita amabisidwa. Ndipo zonsezi, kutsimikizira kuti kutumiza kwa deta kukuchitika m'njira yabwino kwambiri, motero kuchepetsa kusintha kulikonse komwe kungatheke panthawi ya kuphedwa, kutumiza ndi kulandira.

Pomaliza, ndi bwino kuzindikira zimenezo SSH imaperekanso njira yomwe imaphatikizapo kapena imafuna kutsimikizika kwa wogwiritsa ntchito aliyense wakutali, kuti zitsimikizire kuti ndizololedwa kulankhulana ndi kompyuta yomwe ikupita (seva). Kuphatikiza apo, njirayi nthawi zambiri, mwachisawawa, imachitika pamlingo wogwiritsa ntchito ma terminals kapena ma consoles, ndiye kuti, kudzera m'malo a I.Command Line Interface (CLI).

Kodi Open Secure Shell (OpenSSH) ndi chiyani?

Malingana ndi OpenSSH tsamba lovomerezeka, pulogalamuyi yaulere ndi yotseguka ikufotokozedwa motere:

"OpenSSH ndiye chida cholumikizira cholumikizira chakutali pogwiritsa ntchito protocol ya SSH. Imabisa magalimoto onse kuti athetse kumvera, kubera ma intaneti, ndi zina. Kuphatikiza apo, OpenSSH imapereka zida zambiri zotetezedwa, njira zingapo zotsimikizira, ndi masinthidwe apamwamba kwambiri. ”

Ndipo zotsatirazi zikuwonjezedwa ndikufotokozedwa mwatsatanetsatane:

"OpenSSH suite ili ndi zida zotsatirazi: Ntchito zakutali zimachitika kudzera pa ssh, scp, ndi sftp; ndi gkasamalidwe kofunikira kumayendera ndi ssh-add, ssh-keysign, ssh-keyscan ndi ssh-keygen; ndi service side imagwira ntchito ndi sshd, sftp-server ndi ssh-agent phukusi".

OpenSSH 9.0: Chatsopano ndi Zokonza Zowonongeka

Ndikoyenera kuzindikira kuti panopa OpenSSH ili pamtundu wake 9.0. Mtundu womwe watulutsidwa posachedwapa (08/04/2022) zomwe zatsopano zake ndi izi:

  • SSH ndi SSHd: Pogwiritsa ntchito Streamlined NTRU Prime + x25519 hybrid key monga njira yosinthira ("sntrup761x25519-sha512@openssh.com").
  • SFTP-Seva: Kuthandizira kukulitsa kwa "copy-data" kuti mulole makope am'mbali mwa Seva a mafayilo/data, kutsatira kapangidwe ka draft-ietf-secsh-filexfer-extensions-00.
  • SFTP: Anawonjezera lamulo la "cp" kuti alole mafayilo amtundu wa seva kuti agwire ntchito pa kasitomala wa sftp.

Kuti mudziwe zambiri kapena zambiri za izi nkhani, kukonza zolakwika ndi data yonyamula, mutha kupeza zotsatirazi kulumikizana.

"NTRU aligorivimu imakhulupirira kuti imakana kuukiridwa ndi makompyuta am'tsogolo ndipo imaphatikizidwa ndi X25519 ECDH key exchange (zosakhazikika zakale) monga zosunga zobwezeretsera ku zofooka zilizonse mu NTRU Prime zomwe zingadziwike mtsogolo.".

Komwe mungaphunzire zambiri za SSH

Komwe mungaphunzire zambiri za SSH

Mpaka pano, tafika chiphunzitso chofunikira kwambiri kuti mudziwe za SSH ndi OpenSSH. Komabe, m'magawo amtsogolo pamutuwu, tidzasanthula ndikusintha zomwe zafotokozedwa kale m'nkhani zam'mbuyomu. Koma zake kukhazikitsa, wanu magawo osinthika, ndi machitidwe abwino apano (malangizi), popanga zoikamo zofunika ndi zapamwamba. Komanso bwanji perekani malamulo osavuta komanso ovuta kudzera muukadaulo womwewo.

Komabe, ya onjezani izi Timalimbikitsa kufufuza zotsatirazi zovomerezeka ndi zodalirika pa intaneti:

  1. Wiki ya Debian
  2. Buku la Debian Administrator: Remote Login / SSH
  3. Debian Security Handbook: Mutu 5. Kuteteza mautumiki omwe akuyenda pa dongosolo lanu

Kuzungulira: Banner post 2021

Chidule

Mwachidule, SSH luso, kawirikawiri, ndi luso lamakono komanso losavuta lomwe, ngati litakhazikitsidwa bwino, limapereka a kulumikizidwa kodalirika komanso kotetezeka komanso makina olowera kwa ena magulu akutali, kuti mupeze mautumiki ndi magwiridwe antchito operekedwa mkati mwake. Ndipo kufanana kwake kwaulere ndi kotseguka, ndiko kuti, «Tsegulani Chipolopolo Chotetezedwa» (OpenSSH) ndi zodabwitsa zaulere komanso zotseguka zofanana, zopezeka kwambiri komanso zogwiritsidwa ntchito pazonse Kugawa kwa GNU / Linux zamakono

Tikukhulupirira kuti bukuli ndi lothandiza kwambiri kwa anthu onse «Comunidad de Software Libre, Código Abierto y GNU/Linux». Ndipo osayiwala kuyankhapo pa izi pansipa, ndikugawana ndi ena pamasamba omwe mumakonda, ma tchanelo, magulu kapena madera a malo ochezera kapena mauthenga. Pomaliza, pitani patsamba lathu lanyumba pa «KuchokeraLinux» kuti muwone zambiri, ndikulowa nawo njira yathu yovomerezeka Telegalamu yochokera ku DesdeLinux, Kumadzulo gulu kuti mudziwe zambiri pankhaniyi.


Zomwe zili m'nkhaniyi zikutsatira mfundo zathu za malamulo okonzekera. Kuti mufotokoze cholakwika dinani Apa.

Ndemanga za 2, siyani anu

Siyani ndemanga yanu

Anu email sati lofalitsidwa. Amafuna minda amalembedwa ndi *

*

*

  1. Wotsogolera pazosankhazi: Miguel Ángel Gatón
  2. Cholinga cha deta: Control SPAM, kasamalidwe ka ndemanga.
  3. Kukhazikitsa: Kuvomereza kwanu
  4. Kulumikizana kwa zomwe zafotokozedwazo: Zomwezo siziziwululidwa kwa anthu ena kupatula pakukakamizidwa mwalamulo.
  5. Zosunga: Zosungidwa ndi Occentus Networks (EU)
  6. Ufulu: Nthawi iliyonse mutha kuchepetsa, kuchira ndikuchotsa zidziwitso zanu.

  1.   alireza anati
    amapanga Miyezi 11

    Zikomo kwambiri !!
    Ndikhala tcheru ku zofalitsa zotsatirazi
    Kodi mutha kuyendetsa ma graphical applications pogwiritsa ntchito seva ndikuyendetsa pa kasitomala?

    Yankhani ku khourt
    1.    Sakani Linux Post anati
      amapanga Miyezi 11

      Zikomo, Khourt. Zikomo chifukwa cha ndemanga yanu. Sindikutsimikiza, zidapanga kuti mutha kugwiritsa ntchito zithunzi kudzera pa ssh pa chandamale chandamale, koma osati pulogalamu ya seva yomwe mukufuna. Ndikhala ndikuyang'ana mu izo.

      Yankhani ku Linux Post Install