I-SSH yokufunda: Izinketho namapharamitha wokucushwa
Kulesi sitolimende sesithathu ku "Ukufunda i-SSH" sizoqala ukuhlola nolwazi lwe Izinketho zomyalo we-SSH namapharamitha yohlelo lwe-OpenSSH, etholakalayo ukuze isetshenziswe ngokusebenzisa umyalo kutheminali.
Okuzoba usizo kakhulu, ngoba, I-OpenSSH Iyona efakwe kakhulu futhi esetshenziswa kakhulu amaphrothokholi okuxhumana akude futhi avikelekile, cishe iningi le Izinhlelo ezisebenza mahhala futhi ezivulekile, njenge I-GNU / Linux.
I-SSH yokufunda: Amafayela Wokufaka kanye Nokumisa
Kodwa ngaphambi kokuqala lokhu ukwethula ukushicilelwa cishe izinketho zokumisa kanye nemingcele we Uhlelo lokusebenza lwe-OpenSSH, ukuqhubeka "Ukufunda i-SSH", sincoma ukuthi ekupheleni kokufunda lokhu, uhlole okulandelayo okuthunyelwe kwangaphambilini okuhlobene:
I-SSH yokufunda: Ibheke ekusetshenzisweni okuthuthukile kwephrothokholi
Ukufunda ngezinketho ze-SSH namapharamitha
Okuyisisekelo nokubalulekile mayelana nomyalo we-SSH ukwazi ukuthi ivumela ukuthi isetshenziswe kusetshenziswa okuthile izinketho noma imingcele, ezinjengokwazo imanuwali yomsebenzisi yamanje, Okulandelayo:
ssh [-46AaCfGgKkMnqsTtVvXxYy] [-B bind_interface] [-b bind_address] [-c cipher_spec] [-D [bind_address:] port] [-E log_file] [-e escape_char] [-F configkfile] [11] -i identity_file] [-J indawo] [-L ikheli] [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port] [-Q query_option] [-R ikheli] [ -S ctl_path] [-W host:port] [-w local_tun[:remote_tun]] indawo [umyalo [ingxabano ...]]
Ngakho-ke, ngokulandelayo sizohlola ezinye zezinto ezibaluleke kakhulu okufanele sizazi, sizijwayeze futhi sizisebenzise kahle, uma kudingekile noma ziwusizo nganoma yisiphi isikhathi. Futhi lokhu okulandelayo:
Izisekelo
- -4 kanye no-6: Iphoqa iphrothokholi ye-SSH ukuthi isebenzise kuphela amakheli e-IPv4 noma e-IPv6.
- -A kanye no-a: Nika amandla noma vala ukudlulisela phambili ukuxhumana kusuka kumenzeli wokuqinisekisa, njenge-ssh-ejenti.
- -C: Cela ukucindezelwa kwayo yonke idatha (okuhlanganisa i-stdin, i-stdout, i-stderr, nedatha yokuxhumana).
- -f: Ivumela izicelo ze-SSH ukuya ngasemuva ngaphambi nje kokwenza umyalo. Okusho ukuthi, ibeka iklayenti ngemuva ngaphambi kokwenziwa komyalo. NOMAwusizo ekungeneni amaphasiwedi angemuva.
- -G: Ikuvumela ukuthi uthole, njengempendulo evela kumsingathi wendawo, ukuphrinta kwakho ukucushwa kwendawo ye-SSH.
- -g: Ivumela abasingathi berimothi ukuthi baxhume kuzimbobo zasendaweni ezidluliselwe phambili. Uma isetshenziswa ekuxhumekeni okuphindaphindiwe, le nketho kufanele icaciswe kunqubo eyinhloko.
- -K kanye -k: Inika amandla noma ikhubaze ukuqinisekiswa kwe-GSSAPI nokudlulisela phambili izifakazelo ze-GSSAPI kuseva.
- -M: Ikuvumela ukuthi ubeke iklayenti le-SSH kumodi "eyinhloko" ukuze wabelane ngoxhumano lwe-TCP/IP namanye alandelayo.
- -N: Ikuvumela ukuthi uvimbele ukwenziwa kwemiyalo ekude. Iwusizo ekulungiseleleni ukudluliselwa kwembobo.
- -n: Iqondisa kabusha okokufaka okujwayelekile okuvela /dev/null. ewusizo for lapho i-SSH sfuthi igijima ngemuva.
- -q: Vula imodi ethulile. Ukubangela ukuthi imilayezo eminingi yesexwayiso neyokuxilonga icindezelwe.
- -s: Ikuvumela ukuthi ucele isicelo sesistimu engaphansi (isethi yomyalo wesilawuli kude) kusistimu ekude.
- -T kanye no-t: Ikhubaza futhi inike amandla ukumepha kwe-pseudo-terminal emshinini wesilawuli kude.
- -V: Ikuvumela ukuthi ubuke inombolo yenguqulo kwephakheji ye-OpenSSH efakiwe.
- -v: Ikuvumela ukuthi uvule i- imodi ye-verbose, pukuyibangela ukuthi iphrinte imilayezo yokususa iphutha mayelana nokuqhubeka kwayo.
- -X kanye no-x: Nika amandla futhi ukhubaze Ukudlulisela phambili iseva ye-X11, ukuze ufinyelele isikrini sendawo se-X11 sosokhaya oqhelile.
- -Y: Inika amandla ukudlulisela phambili kwe-X11, lokho azikho ngaphansi kwezilawuli zesandiso zokuphepha ze-X11.
- -y: Thumela imininingwane yokubhalisa usebenzisa i module yesistimu i-syslog.
Kuthuthukile
- -B hlanganisa_isixhumi esibonakalayo: Ivumela bopha ikheli le-IP kuxhumo lwe-SSH, ngaphambi kokuzama ukuxhuma kumsingathi wendawo. Yikuphi izosetshenziswa njengekheli lomthombo loxhumo lwe-SSH. Iwusizo kumasistimu anamakheli enethiwekhi angaphezu kwelilodwa.
- -b hlanganisa_ikheli: Ikuvumela ukuthi ucacise kumsingathi wasendaweni, isixhumi esibonakalayo senethiwekhi okuzoba ikheli lomthombo woxhumano. Iwusizo kumakhompyutha (amasistimu) anamakheli enethiwekhi yomthombo angaphezu kwelilodwa.
- -c cipher_spec: Ikuvumela ukuthi ukhethe ukucaciswa kwe-cipher okuzosetshenziswa ukubethela iseshini. Le (cipher_spec) iwuhlu oluhlukaniswe ngokhefana lwama-ciphers ahlelwe ngokulandelana kokuthandwayo.
- -D bopha_ikheli:imbobo: Ivumela futhiendaweni ucacise ukudluliselwa kwembobo okuguquguqukayo ezingeni lohlelo lokusebenza. Ukwaba isokhethi yokulalela imbobo ngasohlangothini lwasendaweni, eboshwe ekhelini lenethiwekhi elishiwo.
- -E log_file: Ivumelaengeza izingodo zokususa iphutha efayeleni lephutha, esikhundleni samaphutha ajwayelekile ajwayelekile asingathwa isistimu yokusebenza.
- -e-escape_char: Ikuvumela ukuthi usethe uhlamvu lokubaleka lwezikhathi zetheminali. Okuzenzakalelayo kuyi-tilde '
~'. Inani elithi "akekho" likhubaza noma yikuphi ukuphunyuka futhi lenza iseshini ibonakale ngokuphelele. - -F hlela ifayela: Ikuvumela ukuthi ucacise ifayela lokumisa lomunye umsebenzisi ngamunye. Uma eyodwa inikeziwe, ifayela lokucushwa elijwayelekile ( / etc / ssh / ssh_config ).
- - ngi pkcs11: Ikuvumela ukuthi ucacise ilabhulali eyabiwe ye-PKCS#11 okufanele i-SSH iyisebenzise ukuxhumana nethokheni ye-PKCS#11. Okusho ukuthi, i ukukhetha ifayela nge ukhiye oyimfihlo wokuqinisekisa ukhiye womphakathi.
- -J indawo: Ivumela futhiCacisa isiyalelo sokumisa se-ProxyJump, ku-cxhuma kumsingathi oqondiwe ngokuqala wenze uxhumano lwe-SSH nge-jump host echazwe ngu umsingathi wendawo.
- -L ikheli: Ivumela futhiCacisa ukuthi ukuxhumeka kwimbobo ye-TCP enikeziwe noma isokhethi ye-Unix kumsingathi wasendaweni (iklayenti) kuzodluliselwa kumsingathi onikeziwe kanye nembobo, noma isokhethi ye-Unix, ohlangothini olukude.
- -Igama_lokungena: Ikuvumela ukuthi ucacise umsebenzisi ukuthi angene emshinini wesilawuli kude. Lokhu futhi kungacaciswa umsingathi ngamunye kufayela lokucushwa.
- -m mac_spec: Ikuvumela ukuthi ucacise i-algorithms ye-MAC eyodwa noma ngaphezulu (ikhodi yokuqinisekisa umlayezo) ehlukaniswe ngokhefana ukuze isetshenziswe kuxhumo lwe-SSH oluzosetshenziswa.
- -Noma ctl_cmd: Lawula inqubo eyinhloko yokuphindaphinda phezu koxhumano olusebenzayo, ngokuvumela i-agumenti (ctl_cmd) ukuthi ihlukaniswe futhi idluliselwe kunqubo eyinhloko.
- -o inketho: Ivumela sebenzisa izinketho ezishiwo kufayela lokumisa. Lokhu kuyasiza ekucaciseni izinketho okungekho kuzo umyalo womugqa womyalo ohlukile.
- -p port: Ikuvumela ukuthi ucacise imbobo ongaxhumeka kuyo kumsingathi wesilawuli kude. Lokhu kungacaciswa umsingathi ngamunye kufayela lokumisa. Nokho, inani elizenzakalelayo lingu-22, okuyinani elijwayelekile lokuxhunywa kwe-SSH.
- -Q query_option: Ivumela ukwenza i-cBuza ngama-algorithms asekelwayo, okuhlanganisa: i-cipher, i-cipher-auth, usizo, i-mac, ukhiye, ukhiye-cert, ukhiye-plain, ukhiye-sig, inguqulo yephrothokholi, kanye nesig.
- -R ikheli: Ivumela futhiCacisa ukuthi ukuxhumeka kwimbobo ye-TCP enikeziwe noma isokhethi ye-Unix kusisingathi esikude (iseva) kufanele kudluliselwe ohlangothini lwasendaweni. Ukwabela isokhethi ukulalela imbobo/isokhethi ohlangothini olukude.
- -S ctl_path: Ikuvumela ukuthi ucacise indawo yesokhethi yokulawula yokwabelana ngoxhumano, noma iyunithi yezinhlamvu ethi "akekho" ukuze ukhubaze ukwabelana kokuxhumana.
- -W umphathi: ichweba: Icela ukuthi okokufaka okujwayelekile nokuphumayo okuvela kuklayenti kudluliselwe kumsingathi ngokusebenzisa imbobo ethile ngesiteshi esivikelekile.
- -w local_tun[:remote_tun]: Cela ukudluliselwa kwedivayisi yomhubhe ngamadivayisi ashiwo we-Tun phakathi kweklayenti (local_tun) neseva (remote_tun).
Ulwazi oluningi
Futhi kulesi sitolimende sesithathu for nwebisa lolu lwazi Sincoma ukuthi uhlole okulandelayo Ukuhamba nge-SSH, ngesiNgisi, ngaphezu kokuphrakthiza izibonelo ezithile ku-syntax yeminye imiyalo ye-SSH ku Chaza uShell. Futhi njengoba nje, esitolimendeni sokuqala nesesibili, siqhubeka nokuhlola okulandelayo okuqukethwe okusemthethweni futhi enokwethenjelwa ku-inthanethi mayelana I-SSH ne-OpenSSH:
- I-Debian Wiki
- Imanuwali Yomlawuli We-Debian: Ukungena Okukude / I-SSH
- I-Debian Security Handbook: Isahluko 5. Ukuvikela izinsiza ezisebenza kusistimu yakho
Isifingqo
Ngamafuphi, lesi sitolimende esisha sivuliwe "Ukufunda i-SSH" Izoba wusizo kakhulu kulabo basebenzisi be-Linux asebevele basebenza nohlelo olushiwo. Ngaphezu kwakho konke, ukucacisa ukungabaza okuthile mayelana ukuphathwa okuthuthukile, okusebenzayo kanye nokuphatha ngempumelelo yaleli thuluzi. Ukuze wenze lokhu, yenza ukuxhumana okukude okungcono nokuyinkimbinkimbi, bese ugijima izilungiselelo ezivikeleke kakhulu nezithembekile kumishini yabo nasezinkundleni zokuxhumana, besebenzisa iphrothokholi yokuxhumana ekude nevikelekile.
Siyethemba ukuthi lolu shicilelo luwusizo olukhulu kubo bonke «Comunidad de Software Libre, Código Abierto y GNU/Linux». Futhi qiniseka ukuthi uyabeka amazwana ngakho ngezansi, futhi wabelane ngakho nabanye kumawebhusayithi ayizintandokazi zakho, iziteshi, amaqembu, noma imiphakathi ezinkundleni zokuxhumana noma izinhlelo zemiyalezo. Futhi, khumbula ukuvakashela ikhasi lethu lasekhaya ku «DesdeLinux» ukuhlola izindaba eziningi. Futhi ujoyine isiteshi sethu esisemthethweni I-Telegram ye DesdeLinux ukuze uhlale unolwazi, noma iqembu ukuze uthole ulwazi olwengeziwe ngesihloko sanamuhla noma ezinye.