Munguva pfupi yapfuura kuburitswa kweshanduro nyowani yeakaonda server uye SSH mutengi "Dropbear 2020.79" yakaunzwa, iyo inosimbisa kumwe kuitiswa kweinogadziridzwa yedigital siginari algorithms, pamwe nezvimwe zvibvumirano zvitsva.
Kune avo vasingazive nezveDropbear, vanofanirwa kuziva kuti iyi software package iyo inopa Yakachengeteka Shell inoenderana server uye mutengi. Is yakagadzirirwa sechinotsiva OpenSSH yakajairwa nharaunda ine yakaderera ndangariro uye processor zviwanikwa, senge zvakadzamidzirwa masisitimu. Icho chikamu chepakati cheOverWrt uye kumwe kugoverwa kwetauta.
Nezve Dropbear
Iyi pasuru inogoverwa pasi peMIT rezinesi. dropbear inozivikanwa neakaderera ndangariro kushandiswa .
dropbear inotsigira X11 redirection, inotsigira OpenSSH kiyi faira (~ / .ssh / Authorizedkeys) uye inogona kugadzira kubatana kwakawanda nekutungamira kuburikidza ne passthru host.
dropbear inoshandisa iyo yakazara SSH vhezheni 2 protocol kune vese mutengi uye sevha. Izvo hazvienderane neshanduro 1 yeSSH inoenderana nekumberi kuitira kuchengetedza nzvimbo uye zviwanikwa, uye kudzivirira kusagadzikana kwekuchengetedzeka kunoitika mushanduro yeSSH inoitwawo.
SFTP rutsigiro rwakavakirwa pane bhaisikopo faira iro rinogona kupihwa neOpenSSH kana zvimwe zvirongwa. FISH inoshanda chero zvodii uye inoenderana neKonqueror.
Nhau huru dzeDropbear 2020.79
Mune iyi vhezheni itsva, zvinomira pachena mhinduro yekusagadzikana CVE-2018-20685, iyo yakagadziriswa muSCP, iyo inobvumidzwa kuchinja kodzero yekuwana kune dhairekitori rekuenda apo server yakadzosa dhairekitori ine zita risina chinhu kana nguva. Pakugamuchira rairo "D0777 0 \ n" kana "D0777 0. \ N" kubva kuseva, mutengi akashandisa shanduko yekodzero dzekuwana kune dhairekitori razvino.
Nezve shanduko dzakapihwa, tinogona kuzviwana yakawedzera rutsigiro rweEd25519 digital siginicha algorithm pamakiyi ekubatira uye makiyi anotenderwa.
Yakawedzerwa rutsigiro rweChaCha20 rwizi encryption algorithm yakavakirwa yechokwadi protocol uye Poly1305 meseji yekusimbiswa yakasimudzwa naDaniel Bernstein.
Naizvozvowo tsigiro yeiyo rsa-sha2 yedhijitari siginicha fomati, iyo, nekuda kwekumiswa kwessh-1 rutsigiro, ichave ichimanikidzwa kuOpenSSH (makiyi eRSA aripo anogona kushanda nemafomati matsva pasina kushandura makiyi ekugashira / makiyi_key).
Yeimwe shanduko ayo anounzwa mushanduro iyi nyowani:
- Kuitwa kwe curve25519 kwakatsiviwa necompact vhezheni yeTweetNaCl chirongwa.
- Wakawedzera rutsigiro rweAES GCM (yakaremara nekutadza).
- CBC, 3DES, hmac-sha1-96, uye x11 redirect cipher dzakaremara nekutadza.
- Yakagadziriswa nyaya dzekuenderana neIRRIX inoshanda sisitimu.
- Yakawedzera API kutsanangura veruzhinji makiyi panzvimbo pekushandisa mvumo_kiyi.
Pakupedzisira, kana iwe uchifarira kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo rwekutanga uku nekutungamira Kune inotevera link
Maitiro ekuisa Dropbear paLinux?
Kune avo vanofarira kugona kuisa iyi package pane yavo system, ivo vanofanirwa kuziva izvo iyo yazvino vhezheni inowanikwa chete mune sosi kodhi yekurodha pasi nekuunganidza.
Kana iwe uchida kuzvibatanidza iwe, iwe unogona kuwana iyo sosi kodhi kubva chinotevera chinongedzo.
Kunyangwe, zvakakoshawo kutaura izvozvo pasuru iri mukati meimwe yekuparadzirwa kweLinux, izvo zvisingatore nguva kuti zvigadziriswe (nyaya yemazuva).
Muchiitiko cheavo vari vashandisi veArch Linux, pamwe nezvinobva mariri (senge Manjaro, Arco Linux, ArchBang, Netrunner, nezvimwewo).
Ivo vanogona kuisa pasuru zvakananga kubva kuArch Linux zvinyorwa, unogona kuita izvi nekutaipa unotevera kuraira:
sudo pacman -S dropbear
Kana iri Debian, Ubuntu uye zvigadzirwa zveizvi:
sudo apt install dropbear
Panyaya yeavo vari Vashandisi veFedora:
sudo dnf install dropbear
Sawa,
zita racho harina kunaka. Dropbear iri rakatetepa server, kwete mutengi.
Thanks.