Ungayishintsha kanjani imbobo ye-SSH kuFedora 23 nokuthi uyisebenzisa kanjani i-firewall yakho

el_robertucho

Imizuzu ye-2

Ku-Fedora 23 kungenzeka ukuthi ushintshe imbobo ye-SSH ezenzakalelayo (22) iye kokunye okukhethile okungaphezu kwe-1024, nokuthi okuphambene nalokho ungabeka enye itheku yokuxhuma kwangaphandle.

fedora-23

Lapho uzoshintsha ichweba le-SSH eFedora 23 kufanele sikhumbule imigomo emithathu

  • Ukucushwa kwe-sshd daemon okuzonikezwa ethekwini.
  • Amasethingi e-firewall ukuze ikwazi ukubopha kulelo chweba elisha.
  • Futhi lungiselela i-selinux (uma isebenza) ukulungisa inqubomgomo yokusetshenziswa kwalelo chweba.

Manje-ke, ake sibone ukuthi ichweba liguqulwa kanjani ekucushweni kwe-SSH

Sivula ukuphela bese ku / etc / ssh / sshd_config bese senza okulandelayo

Sinqamula i-port futhi sabela enye inombolo, singabeka namachweba amaningana

ukuze i-sshd ilalele amachweba amaningi>

Ichweba

Ukwakhiwa kwamachweba amaningana kungaba lusizo ekuhlolweni, sishiya itheku 22 naleso esisenzile, ngakho-ke singaqiniseka ukuthi itheku elisha liyasebenza futhi uma itheku elisha lingasebenzi noma lingalungiselelwe kahle, xhuma kabusha imbobo 22.

Manje ukwengeza ushintsho ku-selinux

I-Semanage port -a -t ssh_port_t -p tcp

Manje sihamba nodonga lomlilo

i-firewall1

KuFedora 23 i-firewall iphethwe nge i-firewall-cmd.

Uma sidinga ukubona izindawo ezenziwe zasebenza:

firewall-cmd-uhlu-konke

Ngemuva kwalokho izobuyisa into enjengale:

I-FedoraServer (okuzenzakalelayo, esebenzayo) izixhumi ezibonakalayo: imithombo: services: amachweba: ama-protocols: masquerade: forward-port: icmp-blocks: imithetho ecebile:

Kepha uma lokho esikudingayo ukusitshela ukuthi iyiphi indawo ezenzakalelayo, sizobhala lokhu:

i-firewall-cmd -get-default-zone FedoraServer

Ngemuva kwalokhu singangeza itheku elisha ku-firewall

Ukufaka i-port yohlobo tcp kuzoni ye-firewall sizobhala lo mugqa womyalo:

i-firewall-cmd-ehlala njalo-indawo = -Engeza-itheku = / tcp

Kumele sikhumbule ukuthi uma lokho esifuna ukukwenza ukuhlolwa kwesikhashana, sizokuyeka -Ngokwaphakade, kepha uma kungokwesikhashana, akufanele ubone ushintsho lapho ubheka imithetho ye-firewall.

linux_network

Ake sibheke ukuthi ngabe itheku livulekile ngokuzenzakalela ku-firewall ngalo myalo:

i-firewall-cmd -umbuzo-itheku = / tcp

Uma sikwenze kahle futhi uma kuvuliwe, kuzokukhombisa ngo- "yebo"

Lokhu kumiswa okufanayo kungasetshenziswa kumaseva amaningi we-Apache http.


Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.

  1.   وبسرويس پيامک kusho
    kwenza iminyaka 8

    okuthunyelwe okuhle ngiyabonga ngokwabelana

    Phendula ku-وبسرويس پيامک
  2.   تور دبی kusho
    kwenza iminyaka 8

    ngiyabonga ngendatshana yakho enhle

    Phendula ku- تور دبی
  3.   futhi سفارت kusho
    kwenza iminyaka 7

    i-tanx kakhulu

    Phendula ku-وقت سفارت
  4.   جرثقیل سقفی kusho
    kwenza iminyaka 6

    ngiyabonga ngokwabelana ngokuthunyelwe…

    Phendula ku- جرثقیل سقفی