Kwesinye isikhathi siyakudinga dlulisa idatha ngesokhethi phakathi kwemishini ehlukene, njengokuxhumeka kweTelnet, ukulanda ifayela le-FTP, umbuzo we-SQL noma olunye uhlobo lokudluliswa.
Leyo datha ihamba ngokuluhlaza ngenethiwekhi, ngakho-ke ukungavikeleki, okusho ukuthi bangabanjwa yinoma iyiphi i-node esendleleni phakathi komsuka nendawo okuyiwa kuyo, okungukuthi, kwebiwe.
Asikwazi ukuvimbela le datha ekuthwetshulweni, kepha esingakuvimbela ukuthi ihunyushwe futhi iqondwe ngabantu besithathu, ibethele ukuxhumana.
ssh ithuluzi elisivumela ukuthi sikwenze ukuxhumana okuphephile phakathi kwemishini. Ukusetshenziswa kwayo okujwayelekile ukuxhuma ukude kutolika womyalo.
Noma kunjalo, inikeza amanye amathuba, njengokudala imigudu ebethelwe phakathi kwemishini ehlukene.
Ake sithi sifuna i-telnet kusuka ku-Host1 kuya ku-Host2:
host1$ telnet host2
Lokhu ukuxhumana kuvulekile ngokuphelele futhi kungaba njalo kuthunyelwe. Ukuyivikela, sizoqondisa kabusha itheku elikhethwe ngokungenabulungisa (ngokwesibonelo 5000) ku-Host 1 kuya ku-port 23 (telnet) ku-host2.
Ngale ndlela sizothola yonke idatha ethunyelwe ethekwini 5000 ye-host1 ukuhamba ibethelwe ngomhubhe ovulwa yi-ssh nge-port 22 ye-host2 bese iqondiswa kabusha ethekwini 23 le-host2, ngaleyo ndlela ifinyelele lapho iya khona ekugcineni.
Ukuze senze lokhu, sidinga ukwazi igama lomsebenzisi nephasiwedi ye-host2.
Ukuvula umhubhe sibhala:
host1$ ssh -R 5000:localhost:23 usuariohost2@host2
Kulungile:
host1$ ssh -L 5000:host2:23 usuariohost2@host2
Zombili izinketho ziyalingana. Ukusungula ukuxhumana kwe-telnet, asisabhekisi ku-host2 kepha sithumela echwebeni elikhethiwe ku-Host1
host1$ telnet localhost 5000
Ngalokhu senza noma yikuphi ukuxhumana kuphephe, kungaba yinethiwekhi noma ngenye indlela. Ukuphenya kancane sizobona ukuthi sibonga amandla we ssh Lokhu kuqondiswa futhi kungenziwa emishinini yesithathu, engasivumela ukuthi ngendawo eyodwa yokungena sikwazi ukufinyelela ngokuphepha kusuka ku-LAN yonke kuya kwi-LAN ehlukile.
Umbono ubukeka uthakazelisa ngokwedlulele, kepha kungaba njalo kakhulu uma sibona icala elisebenzayo.
Kepha iqiniso ukuthi, yize ngangimfishane, ngangisithanda lesi sihloko.
mhlawumbe ubheka i-wiki uthola ugqozi https://wiki.archlinux.org/index.php/Secure_Shell#Forwarding_other_ports
futhi okufanayo, kepha isigaba se-autossh https://wiki.archlinux.org/index.php/Secure_Shell#Autossh_-_automatically_restarts_SSH_sessions_and_tunnels
Empeleni, ungathumela noma yini nge-ssh, kungaba ukusakaza, ukuxhumana nomsingathi. njll. ukuthi ngesizathu se-x ufuna ukuzifihla.
kanye nemithetho yesecurity
Kwesinye isikhathi ngisebenzisa i-SSH ezingeni eliyisisekelo. Imbobo ezenzakalelayo ingama-22, akunjalo?
Ngakho-ke, uma ngizwa kahle, i-pc yami isingatha u-1 futhi engifuna ukuyixhuma i-host2, lo mhubhe uzodala ukuxhumana phakathi kwetheku 5000 nechweba lawo lama-23, bese kugcina ku-port 22?
Kungani izizathu zokushintsha amachweba? Ungawakha umhubhe one-port 22?
I-athikili ethakazelisa kakhulu. Njengo-nano, ngifuna okuningi!
I-SSH iyisebenzisa ngempela i-port 22 ngokuzenzakalela (yize ingaguqulwa). Leli chweba yilona elizosetshenziswa ukuxhumana kwangempela phakathi kwale mikhosi emibili. Yiyona okufanele uqiniseke ukuthi ivulekile futhi akukho firewall eyinqumayo. Kepha kumsebenzisi kucace bha. Ungakhohlwa ngaye. Esibonelweni, ukuqondiswa kabusha kuphakathi kwamachweba 5000 no-23. Labo bobabili ukuphela kwabo okufanele ukhathazeke ngabo. Umsebenzisi uzobona ukuthi yonke into ayithumela ethekwini 5000 yomsingathi wakhe ivela kuma-23 ophethe indawo.
Ngokusobala, umsebenzisi ngamunye angaqondisa kabusha amachweba abona efanelekile.
Ngiyabonga ngemibono yenu. Lokhu engikuthumele okokuqala futhi imibono yakho izosiza ukwenza okulandelayo kube ngcono.
Ngabe lokho kungenziwa futhi ngeVPS?
Kulungile lokhu kuyicala lami, i-PC1 inokufinyelela kwiseva, kepha i-PC2 ayixhumani, yi-ssh, ngifuna ukufinyelela ku-PC2, kepha yiliphi ichweba le-PC1 engiliqondisa kabusha? uma empeleni engikufunayo ukufinyelela ethekwini leseva kusuka ku-PC2 nokuthi amaphakethe ane-PC1 njengomthombo wawo ip. ngiyaqonda?
Uzenza uqondwe. Kulokhu udinga i-PC1 ukuqondisa kabusha itheku le-PC2 liye ethekwini 22 leseva:
I-PC2 $ ssh -L 5000: Iseva: i-PC yomsebenzisi engu-22 @ PC1
futhi, ukugcina lokhu kuxhumana kuvulekile, kusuka kwesinye isiginali:
Umsebenzisi we-PC2 $ sshServer @ localhost -p 5000
futhi usuvele ungaphakathi.
Ekugcineni isisombululo esisebenzayo !! Ngiyabonga Getafix, unginike umhlaba wamathuba !!
Ngiyajabula!
Excelente artículo. Bienvenido a DesdeLinux 😀
Futhi yini okufanele uyenze uma sine-22 ivinjiwe? LOL ..
Ngiyabonga elav.
Uma ngabe i-port 22 ivinjiwe, mmmm, kuzofanele sibheke enye indlela yokugenca i-XD firewall
Futhi okubi kakhulu (okucatshangwayo): ukuthi ivinjelwe ngumhlinzeki we-VPS.
Ngisanda kwenza isivivinyo emahoreni ambalwa edlule ngemibuzo ngakho 😛
Ngeke ngisho ukuthi:
umphathi1 $ ssh -R 5000: i-localhost: 23 userhost2 @ host2
ilingana nomunye umugqa womyalo ... lowo one -L.
Njengoba -R kukhombisa ukuthi ichweba elivulelwe ukuxhumana okusha liseceleni elikude, okungukuthi, ohlangothini lweseva yakho ye-ssh; ngenkathi -L ivula itheku ohlangothini lwasendaweni, ohlangothini lweklayenti ukuthola ukuxhumana okusha.
Ukuhunyushwa kolayini:
umphathi1 $ ssh -R 5000: i-localhost: 23 userhost2 @ host2
Kungaba into enjengale: Ukuba ku-host1, xhuma kuseva ye-ssh (itheku 22) le-host2 nomsebenzisi wami womsebenzisi2 futhi udlulise ukuxhumana okuxhumeke esikhumulweni esikude esingu-5000 se-host2 kuya echwebeni 23 ku-Host1
Uma kungenjalo, ngilungise! 😉
-
Ngakolunye uhlangothi ... uma iseva ivimbele ukungena kokuxhuma ethekwini 22, okungukuthi, asikwazi ukuxhuma ukude kuseva ye-ssh; okungenziwa ukuthi; ukuthi kusuka kuseva (umngane sysadmin ngemuva kwe-firewall yohlelo olukude lwe-host2) kwenziwa umugqa womyalo:
umphathi2 $ nohup ssh -fN -R 6000: i-localhost: 22 userhost1 @ host1
-f Iya ngemuva
-N ayikhiphi umyalo kurimothi
i-nohup ivimbela ukwenziwa komyalo ekuphazanyisweni lapho uphuma ngemvume
umphathi1 $ ssh userhost2 @ localhost -p 6000
Ngale ndlela, kusuka ku-host1 sakha ukuxhumana ku-localhost (i-host1 efanayo) ethekwini 6000 okuzothumela ukuxhumana ku-port 22 yohlelo olukude host2, lapho sizongena ngemvume nomsebenzisi host2.
Lokhu kuzovumela (angikakuhloli, kepha kuzwakala sengathi kuyasebenza) ukungena kwiseva ye-ssh evinjelwe yi-firewal ngosizo oluncane oluvela ngaphakathi! 😀
Lesi sakamuva ngifunde encazelweni eyenziwe kumagazini iThe Geek Stuff
http://www.thegeekstuff.com/2013/11/reverse-ssh-tunnel/
Ngikuthanda kakhulu ukushicilelwa kwakho; Ngangiwafunda kaningi!
Ukubingelela
Ushaye khona. Kunephutha ku-athikili. Ukuqondisa kabusha akufani. Umyalo host1 $ ssh -R 5000: localhost: 23 userhost2 @ host2 Wenza ukuqondisa kabusha okuphambene nalokho, okusho ukuthi, iqondisa kabusha itheku elikude elingu-5000 liye endaweni engama-23, okuphambene nalokho okwenziwa umyalo nge -L.
Ngiyabonga ngokulungiswa.