Faʻatonutonuina o tagata faʻaoga ma kulupu i le lotoifale - SME network

Faʻasino lautele o le faʻasologa: Fesootaiga komepiuta mo SMEs: Faatomuaga

Talofa uo ma uo!

Lenei tusitusiga o le faʻaauauina o Squid + PAM Faʻamaonia i CentOS 7- SMB Networks.

UNIX / Linux faʻagaioiga polokalama ofoina atu se MONI tele-faʻaaoga siʻosiʻomaga, lea e tele tagata faʻaaoga mafai ona galulue i le taimi e tasi i luga o le tutusa faiga ma fefaʻasoaaʻi punaoa e pei o masini gaosi, malo faigata, manatuaina, fesoʻotaʻiga fesoʻotaʻiga, masini faʻaofiina i le faiga, ma isi.

Mo lenei mafuaʻaga, System Administrators e tatau ona faʻaauau pea ona faʻatonutonu tagata faʻaoga ma kulupu o le polokalama ma ia fausia ma faʻatino se lelei pulega taʻiala.

Le isi mea o le a tatou vaʻaia manino manino ai i le lautele vaega o lenei taua gaioiga i le Linux Systems Administration.

O isi taimi e sili ai le ofoina atu Utility ona Manaʻomia lea.

Lenei o se faʻataʻitaʻiga masani o lena faʻatonuga. Muamua matou faʻaali faʻafefea ona faʻatinoina se 'auʻaunaga Initaneti sui ma Squid ma tagata faʻaoga i le lotoifale. O lenei e tatau ona tatou fesili ifo ia i tatou lava:

• ¿faʻafefea ona ou faʻaogaina fesoʻotaʻiga tautua luga o le UNIX / Linux LAN mai tagata faʻaoga i totonu ma faatasi ai ma le saogalemu taliaina?.

E le afaina lena mea, i se faʻaopopoga, Windows client o loʻo fesoʻotaʻi atu i lenei upega. Naʻo le manaʻoga e manaʻomia ai tautua e manaʻomia e le SME Network ma o le a le faigofie ma le taugofie e faʻatino ai mataupu.

• ¿Masalo o le faʻamaoniga faiga i le fanau mai o le ARPANET, Initoneti ma isi fesoʻotaʻiga Wide Area Network o Lmanuʻa Area Network mataʻitusi sa faʻavae i luga LDAP, Auaunaga Faʻasino, po o le Microsoft LSASS, po o le Active Directory, pe e ala i Kerberos?, tau lava ina taʻua ni nai.

O se fesili lelei e tatau i tagata uma ona sailia a latou tali. Ou te valaaulia oe e saili mo le faaupuga «authentication»I luga o Wikipedia i le Igilisi, o le sili ona maeʻa ma tumau i tulaga o uluaʻi anotusi -i le Igilisi-.

E tusa ai ma Talafaʻasolopito ua maeʻa talatala, muamua o le Authentication y Faʻatagana totonugalemumulimuli ane NIS Network System Faʻamatalaga atiaʻe e le Sun Microsystem ma ua lauiloa foi Yellow Pages o yp, ae teʻi ane LDAP Malosiaga Faʻasalalau Faʻasalalau Faʻasalalau.

Ae a le "Puipuiga taliaina»E sau ona o le tele o taimi tatou te popole ai i le saogalemu o la tatou upega tafaʻilagi, a o tatou faʻaaogaina le Facebook, Gmail, Yahoo, ma isi. Ma vaʻai i le tele numera o tusitusiga ma pepa faʻamaumauga e faatatau i le Leai se mea lilo i luga ole initaneti o loʻo i ai

Faʻaaliga luga CentOS ma Debian

CentOS / Red Hat ma Debian ei ai a latou lava filosofia i le faʻafefea ona faʻatino le puipuiga, lea e le matua eseʻese lava. Peitai, matou te taʻutino atu o uma e matua mausali, saogalemu ma talitonuina. Mo se faʻataʻitaʻiga, i le CentOS o le SELinux mataupu ua mafai ai e ala ona le mafai. I Debian e tatau ona tatou faʻapipiʻi le afifi selinux-faʻavae faʻavae, lea e faʻailoa mai ai e mafai foʻi ona tatou faʻaaogaina SELinux.

I le CentOS, FreeBSD, ma isi faʻagaioiga, ua fausia le -system- group uili ia faʻatagaina le ulufale atu pei o aʻa naʻo i latou e faʻaaogaina le vaega lea. Faitau /usr/share/doc/pam-1.1.8/html/Linux-PAM_SAG.htmlma /usr/share/doc/pam-1.1.8/html/Linux-PAM_SAG.html. E le faʻaofia e Debian se kulupu uili.

Matua faila ma tulafono

Faletupe

O faila autu e fesoʻotaʻi ma le faʻatonutonuina o tagata e faʻaaoga i le lotoifale i le Linux operating system o:

CentOS ma Debian

• / etc / passwd: tagata faʻamatalaga teuga tupe.
• / etc / ata lafoia- Faʻamatalaga puipuiga o le teuga tupe a le tagata.
• / etc / kulupu: kulupu faʻamatalaga faʻamatalaga.
• / etc / gshadow- Faʻamatalaga saogalemu mo teuga tupe.
• / etc / default / useradd: faʻatulagaina le aoga mo le faia o teuga tupe.
• / etc / skel /: tusi faʻamaumauga o loʻo iai faila faʻaletonu o le a tuʻufaʻatasia i le HOME faʻasino o le tagata fou.
• /etc/login.defs- Upu puipuia saogalemu setiina.

Debian

• /etc/adduser.conf: faʻatulagaina le aoga mo le faia o teuga tupe.

Poloaiga i le CentOS ma Debian

[Root @ linuxbox ~] # chpasswd -h # Faʻafouina passwords i le batch mode
Faʻaogaina auala: chpasswd [filifiliga] Filifiliga: -c, --crypt-metotia METHOD le crypt metotia (tasi o NONE DES MD5 SHA256 SHA512) -e, --faʻailogaina ia na maua ai passwords o loʻo faʻamauina --h, --help faʻaalia lenei fesoasoani vave ma le faʻaiuga -m, --md5 encrypts upu faʻamau i le manino faʻaaogaina MD5 algorithm -R, --root CHROOT_DIR tusi faʻasino e chroot i totonu -s, --sha-taamilosaga numera o SHA taʻamilosaga mo SHA faʻailoga algorithms * # lotoa- Faʻatonu tulafono pe a faʻatagaina le avega o le tino. I nisi upu # pe a paʻu le averesi avega i lalo 0.8 poʻo le tau faʻamaotiina i le talosagaina # le atd faʻatonuga. Nisi faʻamatalaga tamaloa faaputuga.

[Root @ linuxbox ~] # gpasswd -h # Faʻailoa Pule i / etc / kulupu ma / etc / gshadow
Faʻafefea ona faʻaaoga: gpasswd [filifiliga] GROUP Filifiliga: -a, --add USER faʻaopopo USER i GROUP -d, --faʻamuta USER aveese USER mai GROUP -h, --help faʻaalia lenei fesoasoani feau ma iʻuga -Q, - - Root CHROOT_DIR tusitaiala e sosoʻo i totonu i le, --faʻamutaina le upu faʻaupupu aveʻese le password a le GROUP -R, - faʻatapulaʻa le ulufale i GROUP i ona sui -M, --members USER, ... seti le lisi o sui o GROUP - A, --ad administrators ADMIN, ... seti le lisi o GROUP pule Faʻapitoa Vagana mo le -A ma -M filifiliga, e le mafai ona tuʻufaʻatasia filifiliga.

[Root @ linuxbox ~] # kulupu -h    # Fausia se vaega fou
Faʻafefea ona faʻaaoga: groupadd [filifiliga] GROUP Filifiliga: -f, --force faʻamuta pe a fai o loʻo i ai le kulupu, ma faaleaoga -g pe a fai o le GID ua maeʻa faʻaaogaina -g, --gid GID faʻaaoga GID mo fou kulupu - h, - fesoasoani faʻaali lenei fesoasoani feʻau ma faʻaiuga -K, --key KEY = VALUE soʻosoʻo le aoga le taua o le "/etc/login.defs" -o, - leai-tulaga ese faʻatagaina oe e fausia ni kulupu ma GIDs (le tulaga ese) kopi faʻalua --p, --password PASSWORD faʻaaoga le upega tafailagi faʻailogaina lea mo le vaega fou -r, --system fausia se system account -R, --roro CHROOT_DIR tusi faʻasologa e sosolo i totonu

[Root @ linuxbox ~] # kulupu -h # Aveese se kulupu o iai
Faʻafefea ona faʻaaoga: groupdel [filifiliga] GROUP Filifiliga: -h, --help faʻaali lenei fesoasoani feʻau ma faʻamutaina -R, --roro CHROOT_DIR faʻasino e suʻe ai i totonu

[Root @ linuxbox ~] # kulupu -h # Faʻalauiloa Pule i le vaega muamua a le tagata faʻaaoga
Faʻafefea ona faʻaaoga: groupmems [filifiliga] [gaioiga] Filifiliga: -g, - kulupu GROUP suia le igoa o le kulupu ae le o le kulupu a le tagata (e mafai ona faia e le pule) -R, --roro CHROOT_DIR faʻasino e chroot i Gaioiga: -a, --dd USER faʻaopopo USER i kulupu sui usufono -d, - aveese USER aveʻese USER mai kulupu sui lisi -h, - fesoasoani faʻaalia lenei fesoasoani feʻau ma faʻamutaina -p, - faamama faʻamama uma sui vaega - l, - lisi lisi lisi o tagata o le kulupu

[Root @ linuxbox ~] # kulupu -h # Fesuiaʻi le faʻauigaina o se kulupu
Faʻafefea ona faʻaaoga: groupmod [filifiliga] GROUP Filifiliga: -g, --gid GID suia le faʻailoaina vaega i le GID -h, - fesoasoani faʻaalia lenei fesoasoani feau ma faʻaiʻu -n, - igoa fou NEW_Group suia igoa a NEW_GROUP - o, --non-tulaga ese faʻatagaina e faʻaaoga se kopi GID (le tuʻufaʻatasi -p, - password PASSWORD suia le upu fai upu i le PASSWORD (faʻailogaina) -R, --root CHROOT_DIR faʻasino e suʻe i totonu

[Root @ linuxbox ~] # grpck -h # Siaki le faʻamaoni o se kulupu kulupu
Faʻafefea ona faʻaaoga: grpck [filifiliga] [kulupu [gshadow]] Filifiliga: -h, --help faʻaali lenei fesoasoani feʻau ma alu ese mai i fafo, --o le faitauga-na o le faʻaalia o mea sese ma lapataiga ae aua le suia faila -R, - - Root CHROOT_DIR tusi faʻasino e sosolo i totonu -s, - faʻavasega faʻasologa o tala e UID

[Root @ linuxbox ~] # grpconv
# Polokalame fesoʻotaʻi: pwconv, pwunconv, grpconv, grpunconv
# Faʻaaoga e faʻaliliu ai ma mai ata lafoia ma kulupu
# O tulafono e fa e faʻagaioia faila / etc / passwd, / etc / kulupu, / etc / ata lafoia, 
# ma / etc / gshadow. Mo nisi faʻamatalaga tamaloa grpconv.

[Root @ linuxbox ~] # sg -h # Faʻatonu se faʻatonuga ma se eseʻese kulupu ID poʻo le GID
Faʻafefea ona faʻaaoga: sg kulupu [[-c] okaina]

[Root @ linuxbox ~] # newgrp -h # Suia le taimi nei GID i le taimi o se login
Faʻafefea ona faʻaaoga: newgrp [-] [kulupu]

[Root @ linuxbox ~] # fou -h # Faʻafouina ma fausia ni tagata fou faʻaaoga i le faaputuga auala
Faʻaogaina auala: newusers [filifiliga] Filifiliga: -c, --crypt-metotia METHOD le crypt metotia (tasi o NONE DES MD5 SHA256 SHA512) -h, --help faʻaali lenei fesoasoani feʻau ma alu ese ese mai, --system fausia system teuga tusi -R, --root CHROOT_DIR faʻasino e chroot i totonu -s, --sha-Round numera o SHA taʻamilosaga mo SHA faʻailoga algorithms *

[Root @ linuxbox ~] # pwck -h # Siaki le faʻamaoni o faila faila
Faʻafefea ona faʻaaoga: pwck [filifiliga] [passwd [ata]] Filifiliga: -h, --help faʻaali lenei fesoasoani feʻau ma alu ese -q, --quiet lipoti na o mea sese, - 'aua neʻi suia faila -R, --roro CHROOT_DIR faʻasino e suʻe ai i totonu -s, - faʻavasega mea na tusia e UID

[Root @ linuxbox ~] # tagata faʻaoga -h # Fausia se fou tagata faʻaaoga pe faʻafou le le masani # faʻamatalaga a le tagata fou
Faʻafefea ona faʻaaoga: useradd [filifiliga] USER useradd -D useradd -D [filifiliga] Filifiliga: -b, --base-dir BAS_DIR faʻavae faʻavae mo le fale lisi o le tala fou -c, --comment COMEC GECOS fanua o le fou teugatupe -d, --le fale-dir PERSONAL_DIR tusi fou o fale teuga -D, --faʻavae lolomi pe suia le faʻavasega tulaga o useradd -e, --faʻaaoga le EXPIRY_DATE faʻamutaina aso o le teugatupe fou -f, - le toaga INACTIVE vaitaimi o le le toaga o le password o le tala fou
faʻaopoopo
  -g, --gid GROUP igoa poʻo faʻailoga o le vaega muamua o le teugatupe fou -G, --faʻatasiga GROUPS lisi o vaega faʻaopoopo o le teugatupe fou -h, - fesoasoani faʻaalia lenei fesoasoani feʻau ma faʻaiuga -k, - skel O loʻo faʻaaogaina e le DIR_SKEL le isi lisi "skeleton" -K, --key KEY = VALUE o loʻo soʻosoʻoina le aoga o "/etc/login.defs" -l, --no-log-init e le faʻaopoopoina le tagata faʻaaoga i faʻamatalaga mai lastlog ma faillog -m, --fausia-fale fausiaina le fale lisi o tagata e faʻaaoga -M, --no-fausia-fale le fausiaina le fale lisi o tagata e faʻaaoga -N, - leai-tagata-kulupu e le fausiaina se kulupu e iai a latou igoa tutusa ma le tagata faʻaaoga -o, - leai-tutasi faʻatagaina le fausiaina o tagata e faʻaaoga (le-tutasi) faʻailo (UID) -p, --password PASSWORD upu faʻailogaina o le teugatupe fou -r, --system faatupu o se teuga tupe o le system -R, --roro CHROOT_DIR faʻasino e chroot into -s, --shell CONSOLE console faʻaaogaina le teugatupe fou -u, --ua faʻaaogaina e le tagata faʻaaogaina UID le teugatupe fou -U, --user-group faiao se kulupu e tutusa a latou igoa ma le tagata faʻaaoga -Z, --selinux-tagata faʻaaoga USER_SE faʻaaogaina le tagata faʻaoga faʻapitoa mo le SELinux tagata faʻaoga

[Root @ linuxbox ~] # tagata faʻaoga -h # Aveese se teugatupe a le tagata faʻaoga ma faila e fesoʻotaʻi
Faʻaoga auala: userdel [filifiliga] USER Filifiliga: -f, --fosi faamalosi nisi gaioiga e ono le ausia se isi faʻataʻitaʻiga - aveʻesega o le tagata faʻaaoga o loʻo ulufale i totonu poʻo faila, tusa lava pe le o le tagata e faʻaoga -h, - fesoasoani faʻaalia lenei feau Fesoasoani ma faʻamaeʻaina -r, - aveʻese aveʻese tusi fale ma pusameli -R, --roro CHROOT_DIR faʻasino e alu i totonu -Z, --selinux-tagata faʻaaoga aveese soʻoga SELinux tagata faʻaoga mo le tagata faʻaaoga

[Root @ linuxbox ~] # faleoloa -h # Fesuiaʻi se teuga tupe faʻaaoga
Faʻafefea ona faʻaaoga: usermod [filifiliga] USER Filifiliga: -c, --comment COMMENT fou aoga o le fanua GECOS -d, --le fale PERSONAL_DIR fou faʻamaumauga a le tagata lava ia o le tagata fou -e, --expiredate EXPIR_DATE seti le faʻamutaina aso teuga ia EXPIRED_DATE -f, --inactive INACTIVE seti taimi le aoga peʻa maeʻa le tala i le INACTIVE -g, --Gid GROUP faʻamalosia le faʻaaogaina o GROUP mo fou tagata faʻaaoga teugatupe -G, --faʻatasiga GROUPS lisi o faʻaopoopoga kulupu -, faʻaopoopo faʻaopoopoga le tagata faʻaaoga i le GROUPS faʻaopoopo na taʻua e le -G filifiliga e aunoa ma le aveʻesea o ia mai isi kulupu -h, --help faʻaali lenei fesoasoani feʻau ma faʻamuta -l, --login NAME toe igoa mo tagata -L, - loka loka tagata faʻaaoga teugatupe -m, --momoe-fale aveese mea i totonu o le fale faʻasino i se lisi fou (faʻaaoga naʻo le faʻatasi ma -d) -o, --non-tulaga ese faʻatagaina e faʻaaoga ai Faalua (le tulaga ese) UIDs -p, --password PASSWORD faʻaaoga faʻaupuga upu faʻailoga mo le teugatupe fou -R, --roro CHR OOT_DIR tusi faʻatonutonu e chroot i totonu -s, --shell CONSOLE fou avanoa faʻamafanafana mo tagata faʻaaoga teugatupe -u, --faatonu UID faʻamalosia faʻaaogaina o UID mo fou tagata faʻaaoga teugatupe - SEUSER faʻafanua fou a SELinux faʻaaoga mo le teuga tupe a le tagata

Poloaiga i Debian

E eseʻese Debian tagata faʻaoga y vaisu. Fautuaina e faʻaaoga e le Administrators System vaisu.

aʻa @ sysadmin: / fale / xeon # vaisu -h # Faʻaopopo se tagata faʻaaoga i le polokalama
aʻa @ sysadmin: / fale / xeon # faʻaopoopoga -h # Faʻaopopo se kulupu i le polokalama
adduser [--home DIRECTORY] [--shell SHELL] [--no-create-home] [--uid ID] [--firstuid ID] [--lastuid ID] [--gecos GECOS] [--ingroup Kulupu | --gid ID] [--disabled-password] [--disabled-login] USER Faʻaopopo se mea faʻaopopo masani tagata faʻaaoga --system [--home DIRECTORY] [--shell SHELL] [--no-create-home] [ --uid ID] [--gecos GECOS] [--group | --faʻatasiga kulupu | --gid ID] [--disabled-password] [--disabled-login] USER Faʻaopopo se faʻaaoga tagata faʻaaoga --group [--gid ID] GROUP addgroup [--gid ID] GROUP Faʻaopopo se vaega faʻaopoopo vaega system [--gid ID] GROUP Faʻaopopo se faʻaopoopo kulupu faʻaopoopo GROUP USER Faʻaopopo se tagata o loʻo iai i se kulupu masani a vaega: --quiet | -q aua le faʻaalia faʻamatalaga gaioiga luga masani faʻatulagaina --force-badname faʻatagaina igoa o tagata e le fetaui ma le fetuʻunaʻiga fesuiaʻiga NAME_REGEX - fesoasoani | -h faʻaaogaina feʻau --malaga | -v lomiga numera ma puletaofia --conf | -c FAI FAʻA FAʻAILIE faila faʻatulagaina

aʻa @ sysadmin: / fale / xeon # faʻasese -h # Aveʻese se tagata faʻaoga masani mai le polokalama
aʻa @ sysadmin: / fale / xeon # faʻaopoopo -h # Aveese se kulupu masani mai le polokalama
aveese USER aveʻese se masani tagata faʻaoga mai le faʻataʻitaʻiga faʻataʻitaʻiga: deluser miguel --remove-home aveese le tagata faʻaoga fale lisi ma le meli laina - aveese-uma-faila aveese uma faila umiaina e le tagata faʻaaoga. --backup backs up faila i luma o le tape. --faʻasologa-i tusi faʻasino nofoaga mo backups. O le faʻasino taimi nei o loʻo faʻaaogaina e ala i le le mafai. --e faʻaaogaina le system pe afai o oe o se tagata faʻaaoga faiga. delgroup GROUP deluser --group GROUP aveʻese se kulupu mai le faʻataʻitaʻiga faʻataʻitaʻiga: deluser --group tamaiti aʻoga --e faʻamutaina e le system peʻa o se kulupu mai le polokalama. - naʻo-pe-leai se aoga na o le aveʻesea pe a fai e le toe i ai ni o latou sui. aveese USER GROUP aveese le tagata faʻaaoga mai le vaega faʻataʻitaʻiga: deluser miguel tamaiti aʻoga filifiliga lautele: --quiet | -q aua le tuʻuina atu faʻasologa faʻamatalaga luga stdout --help | -h faʻaaogaina feʻau --malaga | -v lomiga numera ma puletaofia --conf | -c FAI FAʻA FAʻAILIE faila faʻatulagaina

Aiaiga

E lua ituaiga o aiaiga faʻavae e tatau ona tatou mafaufau iai pe a fausia ni tagata e faʻaaoga tupe:

• Aiaiga Faʻavae o Tupe Faʻaaoga
• Upu faʻatupu matua tausaga

Aiaiga Faʻavae o Tupe Faʻaaoga

I le faʻataʻitaʻiga, o vaega taua e faʻailoa ai le teuga tupe a tagata e faʻaaogaina:

• Igoa ole tagata faʻaoga - tagata e faʻaaogaina LOGIN, le o le igoa ma faaiu.
• Tagata faʻaoga id - UID.
• Vaega autu e ana ia - GI.
• Numera e le iloa e sesi - numera e le iloa e sesi.
• Pemita ulufale - avanoa faʻatagaina.

O mea taua e tatau ona mafaufau i ai pe a fatuina se teuga tupe faʻaaoga a:

• O le umi o le taimi o le a faʻaaoga ai le tagata faʻaaoga i le faila faila ma punaoa.
• Le aofaʻi o taimi e tatau ai i le tagata faʻaaoga ona suia a latou password - taimi - mo puipuiga mafuaʻaga.
• O le umi o le taimi o le login -login- o le a tumau malosi.

Faʻapea foi, pe a tofiaina se tagata faʻaaoga lana UID y numera e le iloa e sesi, e tatau ona tatou manatuaina o:

• O le numera aofaʻi UID e tatau ona tutasi ae le leaga.
• El numera e le iloa e sesi e tatau ona lava le umi ma faigata ina ia faigata ona faʻamatalaina.

Upu faʻatupu matua tausaga

I luga o le Linux system, o le numera e le iloa e sesi o se tagata faʻaoga e le tofiaina se faʻaletonu taimi faamutaina. Afai matou te faʻaaogaina le faʻatupulaia o upu faʻavae, e mafai ona matou suia amioga le masani ai ma a o faia ni tagata faʻaoga, o le a faʻauigaina aiaiga faʻavae.

I le faʻataʻitaʻiga, e lua mea taua e te mafaufau ai pe a seti le tausaga o le password:

• Saogalēmū
• Tagata faʻafaigofieina.

O se upu faʻapipiʻi e sili atu ona mautu le puʻupuʻu o lona taimi faʻamuta. E i ai le laititi aʻafiaga o le faʻailoaina i isi tagata faʻaoga.

Ina ia seti le upu faʻatupu matua tausaga, e mafai ona tatou faʻaaogaina le faʻatonuga pese:

[root @ linuxbox ~] # avanoa
Faʻaoga auala: chage [filifiliga] USER Filifiliga: -d, --lastday LAST_DAY seti le aso o le mulimuli password suia i LAST_DAY -E, --expiredate CAD_DATE seti le aso faʻamutaina i le CAD_DATE -h, --help faʻaali lenei fesoasoani fesoasoani ma faʻamuta I, --E le faʻagaoioia GALUEGA faʻaleaogaina le teuga tupe ina ua mavae INACTIVE aso mai le aso faʻamutaina -l, - lisi faʻaalia ai le tala tausaga tausaga -m, --Faʻaaliga MINDAYS seti le numera aso laʻititi ae le i suia le faʻaupuga i MIN_DAYS -M, --maxAYS MAX_DAYS seti le aofaʻiga maualuga o aso a o le i suia le faʻaupuga upu i le MAX_DAYS -R, --roro CHROOT_DIR tusi faʻasologa e sosolo i totonu -W, - Aso Lua WARNING_DAYS seti aso o le faʻamutaina faʻasilasilaga ia DAYS_NOTICE

I le tusitusiga muamua na matou faia ai ni tagata faʻaaoga e fai ma faʻataʻitaʻiga. Afai matou te mananaʻo e iloa le tausaga taua o le tagata faʻaoga aitalafu ma LOGIN galadriel:

[root @ linuxbox ~] # chage - lisi galadriel
Suʻesuʻega mulimuli o le password: Ape 21, 2017 O le a faʻamuta le upu fai upu: aua lava neʻi e le o faʻaaoga le password: e le uma le Account: e leʻo Maualalo le aofaʻi o aso i le va o le password password: 0 Le aofaʻi maualuga o aso i le va o le password password: 99999 Aofaʻi o aso ole faʻasilasilaga ae le i uma le password

O tulaga taua na sa i ai i le faiga o mea pe a matou fausia le teuga tupe a le aufaʻaoga e faʻaaoga ai le faʻafanua pulega aoga "Tagata faʻaaoga ma kulupu":

 

Ina ia suia upu faʻatulagaina tuai o upu, e fautuaina e faʻasaʻo le faila /etc/login.defs y fesuiaʻi le laʻititi aofaʻi o aofaʻiga tatou manaʻomia. I lena faila o le a matou suia na o mea taua:

# Faʻatonutonu aga a le matua o upu: # # PASS_MAX_DAYS Le aofaʻi maualuga o aso e mafai ona faʻaaoga ai se password # PASS_MIN_DAYS Aofai maualalo o aso faʻatagaina i le va o suiga upu faʻaupuga. # PASS_MIN_LEN Aofai maualalo taliaina password umi. # PASS_WARN_AGE Aofaʻiga o aso lapatai na tuʻuina atu aʻo leʻi uma le upu pasi. # PASS_MAX_DAYS 99999 #! Sili atu i le 273 tausaga! PASS_MIN_DAYS 0 PASS_MIN_LEN 5 PASS_WARN_AGE 7

mo mea taua na matou filifilia e tusa ma a matou faʻavae ma manaʻoga:

PASS_MAX_DAYS 42 # 42 aso faʻaauau e mafai ona e faʻaaogaina le numera e le iloa e sesi
PASS_MIN_DAYS 0 # upu fai upu mafai ona suia i soo se taimi PASS_MIN_LEN 8 # laʻititi le umi o le password PASS_WARN_AGE 7 # Aofaʻiga o aso e lapataia ai oe e le polokalama e # suia le upu faʻaupuga ae le i uma.

Matou te tuʻua le toega o le faila e pei ona i ai ma matou fautuaina le aua nei suia isi tapulaʻa seʻia matou iloa lelei le mea o matou faia.

O le fou taua o le a amanaʻia pe a tatou fausiaina ni tagata faʻaaoga fou. Afai matou te suia le faʻaupuga a se tagata ua maeʻa ona faia, o le a faʻatauaina le aofaʻi o le tapulaa laititi o le umi. Afai tatou te faʻaaogaina le faʻatonuga sese nai lo le aoga kalafi ma matou tusia o le upu faataga o le a «legolas17«, O le faiga faitioga pei o le kalafi meafaigaluega« Tagata faʻaaoga ma kulupu »ma e tali mai e«Ae ui i lea o le upu faiupu faitau le igoa igoa»E ui lava i le iuga ou te taliaina le upu faʻavaivai vaivai.

[root @ linuxbox ~] # passwd legolas
Suia le upu pasi o le legolas tagata faʻaaoga. Upu Fou: tagata e tausinio               # e itiiti ifo i le 7 mataitusi
LE MAFAI FAʻAMATALAGA TUSI: Upu e laʻititi ifo i le 8 mataitusi Toe tata le upu fou legolas17
Upu faataga e le tutusa               # Saʻo tala feagai?
Faʻamatalaga fou: legolas17
LE MAFAI ONA FAAFAIFEAU: I se isi itu, o le upu faiupu faitau le igoa ole tagata faʻaaoga Toe kiliki le upu fou: legolas17
passwd: uma faʻailoga faʻamaonia na faʻafouina ma le manuia.

Matou te aʻafia "le vaivaiga" o le faʻalauiloaina o se password e aofia ai le LOGIN tagata faʻaaoga O se le fautuaina le faiga lena. O le auala saʻo o le:

[root @ linuxbox ~] # passwd legolas
Suia le upu pasi o le legolas tagata faʻaaoga. Upu Fou: mauga maualuluga01
Toe lolomi le faʻaupuga fou: mauga maualuluga01
passwd: uma faʻailoga faʻamaonia na faʻafouina ma le manuia.

Ia suia le aoga faʻamutaina o le numera e le iloa e sesi de galadriel, matou te faʻaaogaina le chage command, ma e tatau ona matou suia le tau o PASS_MAX_ASO mai le 99999 i le 42:

[root @ linuxbox ~] # chage -M 42 galadriel
[root @ linuxbox ~] # chage -l galadriel
Suʻesuʻega mulimuli o le password: Ape 21, 2017 O le a faʻamutaina le upu pasi: Jun 02, 2017 Le gagana faʻagaoioia: e le uma le Teugatupe: aua lava Minimum numera Aofai o aso i le va o le suiga password: 0 Aofaʻi aofaʻi o aso i le va o le suiga upu upu: 42
Aofaʻi o aso o faʻasilasilaga ae le i uma le upu pasi: 7

Ma isi mea, e mafai ona matou suia passwords a tagata faʻaoga ua uma ona fausiaina ma latou faʻamutaina faʻatauaina lima, faʻaaogaina le ata meafaigaluega «Tagata faʻaoga ma kulupu», poʻo le faʻaaogaina o se tusitusiga - tusilima e otometi ai nisi o le le fesoʻotaʻi galuega.

• I lenei auala, afai matou te fausiaina le au faʻaoga i le lotoifale i se auala e le fautuaina e le masani ai masani e tusa ai ma le puipuiga, e mafai ona tatou suia lena amioga ae leʻi faʻaauau pea ona faʻatinoina atili PAM-faʻavae auaunaga..

Afai matou te fausiaina le tagata faʻaaoga moni i LOGIN «moni»Ma upu faataga«O le Upufai»O le a matou mauaina le iʻuga o loʻo mulimuli mai:

[root @ linuxbox ~] # useradd anduin
[root @ linuxbox ~] # passwd anduin
Suiga o le upu faʻamau a le tagata faʻaaoga anduin. Upu Fou: O le Upufai
LE MAFAI ONA FAAFAIFULAGA: E le pasia e le upu faʻamaonia se faʻamatalaga i luga o le lolomifefiloi - E faʻavae i luga o le upu i le lolomifefiloi. Toe lolomi le faʻaupuga fou: O le Upufai
passwd - O faʻailoga faʻamaonia uma na faʻafouina ma le manuia.

I nisi upu, o le faiga e lava le agavaʻa e faʻailoa ai vaivaiga o se upu faʻapolopolo.

[root @ linuxbox ~] # passwd anduin
Suiga o le upu faʻamau a le tagata faʻaaoga anduin. Upu Fou: mauga maualuluga02
Toe lolomi le faʻaupuga fou: mauga maualuluga02
passwd - O faʻailoga faʻamaonia uma na faʻafouina ma le manuia.

Aotelega o Faiga Faʻavae

• E manino lava, o le upu faʻafuaseʻi tulafono faigata, faʻapea foi ma le laʻititi maualalo o le 5 mataitusi, ua mafai e ala i le le mautinoa i le CentOS. I luga o Debian, o le faigata laia siaki galue mo masani tagata faʻaoga pe a latou taumafai e suia a latou password e ala i le talosagaina o le faʻatonuga sese. Mo le tagata faʻaaoga aʻa, e leai ni tapulaʻa faʻatapulaʻaina.
• E taua le iloa o filifiliga eseʻese e mafai ona matou faʻalauiloaina i le faila /etc/login.defs faʻaaogaina ole poloaʻiga tamaloa login.defs.
• Faʻapea foi, siaki le aano o faila / etc / default / useradd, faʻapea foʻi ma Debian /etc/adduser.conf.

Faʻaoga Tagata ma Kulupu

I le faʻagasologa o le faʻapipiʻiina o le faʻagaioiga polokalama, o se atoa faʻasologa o tagata faʻaoga ma kulupu na fausiaina, tasi tusitusiga valaʻauina Standard Tagata faʻaoga ma le isi Faʻaoga Tagata Faʻaoga. Matou te mananaʻo e valaʻau i latou System Users ma Groups.

I le avea ai o se tulafono, o tagata faʻaaoga faiga a UID <1000 ma o au teuga tupe e faʻaaogaina e eseese talosaga o le operating system. Mo se faʻataʻitaʻiga, o le teugatupe faʻaaoga «o siva»E faʻaaogaina e le polokalame a le Squid, ae o le« lp »teuga tupe e faʻaaoga mo le lolomiga mai upu poʻo faʻatonutonu tusitusiga.

Afai matou te mananaʻo e lisi na tagata faʻaaoga ma kulupu, e mafai ona matou faia e faʻaaoga ai tulafono:

[Root @ linuxbox ~] # pusi / etc / passwd
[Root @ linuxbox ~] # pusi / etc / kulupu

E le fautuaina lava e suia le au faʻaoga ma kulupu o le polokalama. 😉

Ona o lona taua, matou te toe fai atu ai i le CentOS, FreeBSD, ma isi faʻagaioiga, ua fausia le -system- group uili ia faʻatagaina le ulufale atu pei o aʻa naʻo i latou e faʻaaogaina le vaega lea. Faitau /usr/share/doc/pam-1.1.8/html/Linux-PAM_SAG.htmlma /usr/share/doc/pam-1.1.8/html/Linux-PAM_SAG.html. E le faʻaofia e Debian se kulupu uili.

Puleaina o teuga tupe ma faʻamatalaga a vaega

O le auala sili e aʻoaʻo ai pe faʻafefea ona faʻatonutonu tagata faʻaoga ma kulupu o le:

• Faʻataʻitaʻia le faʻaogaina o poloaʻiga o loʻo lisi atu i luga, sili ile masini masini ma muamua o le faʻaaogaina o meafaʻata kalafi.
• Faʻatalanoaina tusi poʻo tamaloa itulau o faʻatonuga taʻitasi ae le i suʻea nisi faʻamatalaga i luga ole Initaneti.

O le faʻataʻitaʻi o le sili lea ona lelei o le mea moni.

Aotelega

I se mamao, o se tasi tusitusiga faʻapitoa mo le Faʻatautaia o le lotoifale Tagata faʻaoga ma kulupu e le lava. O le tikeri o le poto e maua e taʻitasi Faʻatonu o le a faʻalagolago i le tagata lava ia fiafia i le aʻoaʻoina ma le loloto o lenei mataupu ma isi mataupu fesoʻotaʻi. E tutusa lava ma vaega uma na matou atiaʻe i le faʻasologa o tusitusiga SME Fesootaiga. I le tutusa auala e mafai ona e fiafia i lenei lomiga i le pdf ii

Le tilivaina atu

O le a faʻaauau pea ona matou faʻaogaina tautua ma le faʻamaoniga e faʻasaga i tagata o loʻo faʻaaogaina. O le a matou faʻapipiʻiina se vave feau tautua faʻavae i luga o le polokalama Prosody.

Feiloai vavej!