Kuphunzira SSH: SSH Config File Options ndi Parameters

Sakani Linux Post | | ofunsira, Maphunziro / Maupangiri / Malangizo

Palibe ndemanga

Kuphunzira SSH: SSH Config File Options ndi Parameters

Kuphunzira SSH: SSH Config File Options ndi Parameters

Mu gawo lathu laposachedwa pa Maphunziro a SSH Timathana ndi pafupifupi zonse Zosankha zamalamulo a SSH ndi magawo pulogalamu ya OpenSSH, zomwe zimapezeka mukamagwiritsa ntchito ssh lamulo pa terminal. Mmodzi wa iwo anali "-o njira", zomwe tikufotokoza zimalola gwiritsani ntchito zosankha zomwe zafotokozedwa mu OpenSSH kasinthidwe fayilo, ndiye fayilo "SSHConfig" (ssh_config).

Pachifukwachi, lero tifotokoza mwachidule zina mwa izi zosankha zotchulidwa ku OpenSSH kasinthidwe fayilo, kutipatsa lingaliro laling'ono komanso lothandiza la zomwe tingachite popereka lamulo la mtunduwo "ssh -o njira ...", kapena ingokonzani zathu seva yapafupi ya SSH (kasitomala).

Kuphunzira SSH: Zosankha ndi Zosintha Zosintha

Kuphunzira SSH: Zosankha ndi Zosintha Zosintha

Ndipo monga mwachizolowezi, musanalowe mumutu wamakono wokhudza zosankha ndi magawo omwe amapezeka mufayilo OpenSSH "SSH Config" (ssh_config), tidzasiya kwa omwe ali ndi chidwi maulalo otsatirawa kwa ena zolemba zokhudzana nazo m'mbuyomu:

Kuphunzira SSH: Zosankha ndi Zosintha Zosintha
Nkhani yowonjezera:
Kuphunzira SSH: Zosankha ndi Zosintha Zosintha - Gawo I
Nkhani yowonjezera:
Kuphunzira SSH: Kuyika ndi Kusintha Mafayilo

Zosankha za SSH Config ndi Parameters (ssh_config)

Zosankha za SSH Config ndi Parameters (ssh_config)

Kodi fayilo ya SSH Config (ssh_config) ya OpenSSH ndi chiyani?

OpenSSH ili ndi mafayilo 2 osintha. wina wotchedwa ssh_config za kasinthidwe ka phukusi la kasitomala ndi kuyitana kwina alireza kwa phukusi la seva, zonse zili munjira kapena chikwatu chotsatira: /etc/ssh.

ssh_config fayilo ya OpenSSH

Choncho, pamene ntchito pa kasinthidwe fayilo "SSH Config" (ssh_config) Tikuganiza kuti tikhala tikugwira ntchito pakompyuta yomwe imagwira ntchito ngati kasitomala wamtundu wamakasitomala, ndiye kuti, izichita. Kugwirizana kwa SSH ku gulu limodzi kapena angapo Ma seva okhala ndi SSH.

Mndandanda wazosankha zomwe zilipo ndi magawo mu fayilo ya ssh_config

Mndandanda wa zosankha zomwe zilipo ndi magawo

Pansipa pali zina mwazosankha kapena magawo omwe alipo mkati mwa kasinthidwe fayilo "SSH Config" (ssh_config), zambiri zomwe zingagwiritsidwe ntchito mkati mwa lamulo ngati "ssh -o njira ...".

host/machesi

Izi kapena parameter zikuwonetsa mkati mwa fayilo ya kasitomala wa SSH (ssh_config) kuti zolengeza zotsatirazi ndizoletsedwa (mpaka njira ina kapena parameter Host kapena Match anasonyeza), kotero kuti iwo ali okhawo makamu omwe amafanana ndi amodzi mwamachitidwe operekedwa pambuyo pa mawu osakira.

Ndiko kunena kuti izi njira imagwira ntchito ngati gawo logawa mkati mwa fayilo, monga njira ya Match. Choncho, onse akhoza kubwerezedwa kangapo mu wapamwamba. kukhazikitsa. Ndipo zikhalidwe zake, zitha kukhala mndandanda wamitundu, zomwe zimatsimikizira zomwe mungasankhe zimagwiranso ntchito pamalumikizidwe opangidwa ndi omwe akukhudzidwawo.

Mtengo * zikutanthauza "onse makamu”, pomwe mu Match mtengo wa “onse” umachita chimodzimodzi. Ndipo, ngati mitundu ingapo yaperekedwa, iyenera kulekanitsidwa ndi malo oyera. Kuyika kwapateni kunganyalanyazidwe poika patsogolo ndi chidindo ('!'), kotero kuti machesi osayanjanitsika akhale othandiza popereka zosiyana pamachesi a wildcard.

AddressFamily

Imakulolani kuti mutchule mtundu (banja) la ma adilesi oti mugwiritse ntchito polumikiza. Mitsutso yovomerezeka ndi: iliyonse (yosakhazikika), inet (gwiritsani ntchito IPv4 yokha), kapena inet6 (gwiritsani ntchito IPv6 yokha).

BatchMode

Imakulolani kuti muyimitse mawu achinsinsi ndikukhazikitsa makiyi otsimikizira pazolumikizana ndi ogwiritsa ntchito, ngati muyika mkangano wa "inde" kapena mtengo. Izi ndizothandiza m'malemba ndi ntchito zina zamagulu pomwe palibe wogwiritsa ntchito kuti agwirizane ndi SSH. Mtsutso uyenera kukhala "inde" kapena "ayi", pomwe "ayi" ndiye mtengo wokhazikika.

ExitOnForwardFailure

Parameter iyi imakupatsani mwayi woti munene ngati SSH iyenera kuyimitsa kulumikizanako, ngati siyingakhazikitse zonse zomwe zapemphedwa zosunthika, zapamsewu, zam'deralo komanso zakutali.

ForwardAgent

Parameter iyi imakulolani kuti muwonetsere ngati kugwirizana kwa wothandizira wovomerezeka (ngati kulipo) kudzatumizidwa ku makina akutali. Mtsutso ukhoza kukhala "inde", popeza "ayi" ndiye wokhazikika, ndipo kutumiza kwa wothandizira kuyenera kuyatsidwa mosamala. Popeza, ogwiritsa ntchito omwe ali ndi kuthekera kolambalala zilolezo zamafayilo pagulu lakutali amatha kulumikizana ndi wothandizira wakomweko kudzera pamalumikizidwe otumizidwa.

ForwardX11

Apa zikunenedwa ngati maulumikizidwe a X11 asinthidwanso kudzera panjira yotetezedwa ndi DISPLAY set. Mtsutso ukhoza kukhala "inde", popeza "ayi" ndiye mtengo wokhazikika.

ForwardX11Wodalirika

Apa mwakhazikitsa inde kuti ndi makasitomala ati akutali a X11 omwe azitha kupeza chiwonetsero choyambirira cha X11. Inde, Ngati njira iyi yakhazikitsidwa kukhala "inde", Makasitomala akutali a X11 azikhala ndi mwayi wofikira pazenera la X11 loyambirira. Pamene, indendidakhala kuti ayi (default), makasitomala akutali a X11 adzawonedwa ngati osadalirika ndipo adzalepheretsedwa kuba kapena kusokoneza deta yamakasitomala odalirika a X11.

HashKnownHosts

Amagwiritsidwa ntchito pouza SSH ku hashi mayina ndi ma adilesi akawonjezedwa ku ~/.ssh/known_hosts. Kuti mayina osungidwawa azitha kugwiritsidwa ntchito nthawi zonse ndi ssh ndi sshd, koma osawulula zidziwitso, ngati zomwe zili mufayilo zawululidwa.

GSSAPIAuthentication

Amagwiritsidwa ntchito pofotokoza mkati mwa SSH, kaya kutsimikizika kwa ogwiritsa ntchito ku GSSAPI ndikololedwa. GSSAPI imagwiritsidwa ntchito potsimikizira Kerberos, mwachitsanzo ndi Active Directory.

SendEnv

Amagwiritsidwa ntchito kutanthauza kuti ndi zosintha ziti zomwe zikuyenera kutumizidwa ku seva. Kuti izi zitheke bwino, seva iyeneranso kuthandizira, komanso kukonzedwa kuti ivomereze kusintha kwa chilengedwe. Zosintha zimatchulidwa ndi dzina, zomwe zimatha kukhala ndi zilembo zakutchire. Komanso, mitundu ingapo ya chilengedwe imatha kulekanitsidwa ndi malo oyera kapena kufalikira angapo malangizo amtunduwu (SendEnv).

Zambiri

Ndipo mu gawo lachinayi ili, kuti onjezerani zambiri izi ndikuphunzira chilichonse mwazosankha ndi magawo omwe alipo mkati mwa kasinthidwe fayilo "SSH Config" (ssh_config)Tikukulimbikitsani kuti muwone maulalo otsatirawa: Fayilo yosinthira ya SSH ya kasitomala wa OpenSSH y Mabuku Ovomerezeka a OpenSSH, m'Chingerezi. Ndipo monga m'magawo atatu apitawa, fufuzani zotsatirazi zovomerezeka ndi odalirika pa intaneti za SSH ndi OpenSSH:

  1. Wiki ya Debian
  2. Buku la Debian Administrator: Remote Login / SSH
  3. Debian Security Handbook: Mutu 5. Kuteteza mautumiki omwe akuyenda pa dongosolo lanu
Tsegulani Secure Shell (OpenSSH): Chilichonse chokhudza ukadaulo wa SSH
Nkhani yowonjezera:
Tsegulani Secure Shell (OpenSSH): Chilichonse chokhudza ukadaulo wa SSH
 OpenSSH imapereka zida zambiri zotetezedwa
Nkhani yowonjezera:
OpenSSH 8.5 ifika ndi UpdateHostKeys, kukonza ndi zina zambiri

Kuzungulira: Banner post 2021

Chidule

Mwachidule, gawo latsopanoli lili pa "Kuphunzira SSH" Ndithu, zolongosoledwazo zikhala zogwirizana kwambiri ndi zolemba zakale Zogwirizana ndi OpenSSH. Mwanjira yotere, kuchita bwino komanso zovuta kwambiri zolumikizira kutali. ndi kuthamanga makonda otetezeka komanso odalirika, pogwiritsa ntchito protocol yolumikizidwa yakutali komanso yotetezeka.

Ngati mudakonda positiyi, onetsetsani kuti mwayankhapo ndikugawana ndi ena. Ndipo kumbukirani, pitani kwathu «tsamba lakunyumba» kuti muwone zambiri, komanso kujowina njira yathu yovomerezeka ya Telegalamu yochokera ku DesdeLinux, Kumadzulo gulu kuti mumve zambiri pamutu wamasiku ano.


Zomwe zili m'nkhaniyi zikutsatira mfundo zathu za malamulo okonzekera. Kuti mufotokoze cholakwika dinani Apa.

Khalani oyamba kuyankha

Siyani ndemanga yanu

Anu email sati lofalitsidwa. Amafuna minda amalembedwa ndi *

*

*

  1. Wotsogolera pazosankhazi: Miguel Ángel Gatón
  2. Cholinga cha deta: Control SPAM, kasamalidwe ka ndemanga.
  3. Kukhazikitsa: Kuvomereza kwanu
  4. Kulumikizana kwa zomwe zafotokozedwazo: Zomwezo siziziwululidwa kwa anthu ena kupatula pakukakamizidwa mwalamulo.
  5. Zosunga: Zosungidwa ndi Occentus Networks (EU)
  6. Ufulu: Nthawi iliyonse mutha kuchepetsa, kuchira ndikuchotsa zidziwitso zanu.