Harhadawa SSH akan Ubuntu

Pin
Send
Share
Send

Fasahar SSH (amintaccen Shell) tana ba ku damar sarrafa kwamfutarka ta atomatik ta hanyar ingantaccen haɗin kai. SSH yana ɓoye duk fayilolin da aka canjawa wuri, gami da kalmomin shiga, sannan kuma yana watsa duk hanyar sadarwa. Don kayan aiki don aiki daidai, dole ne a shigar dashi ba kawai, har ma a saita shi. Labari ne game da samfurin babban tsarin da muke so mu yi magana a kai a cikin tsarin wannan labarin, mu ɗauki misalign sabon salo na tsarin aikin Ubuntu wanda akan saiti zai kasance.

Sanya SSH a Ubuntu

Idan baku riga kun kammala aikin shigarwa akan uwar garke da PCs na abokin ciniki ba, ya kamata kuyi wannan da farko, tunda duk tsarin yana da sauki kuma baya ɗaukar lokaci mai yawa. Don cikakken jagora kan wannan batun, duba sauran rubutun a mahaɗin da ke tafe. Hakanan yana nuna hanya don gyara fayil ɗin sanyi da gwada aikin SSH, don haka a yau za mu mai da hankali kan wasu ƙananan ayyuka.

Kara karantawa: Sanya SSH-sabar a Ubuntu

Ingirƙirar RSA Maɓal

Sabuwar SSH da aka shigar yanzu bata da takamaiman maɓallai don haɗawa daga uwar garke zuwa abokin ciniki da mataimakin. Duk waɗannan sigogi dole ne a saita su kai tsaye bayan ƙara duk abubuwan haɗin aikin. Ma pairallan ma worksallan suna aiki ta amfani da RSA algorithm (gajerun sunayen masu haɓaka Rivest, Shamir da Adleman). Godiya ga wannan cryptosystem, maɓallan musamman ana rufaffen ta amfani da algorithms na musamman. Don ƙirƙirar lambobin maɓalilin jama'a, kuna buƙatar kawai shigar da dokokin da suka dace a cikin na'ura wasan bidiyo kuma bi umarnin da ya bayyana.

  1. Ku tafi aiki tare da "Terminal" kowane hanya mai dacewa, alal misali, buɗe ta cikin menu ko haɗaka maɓalli Ctrl + Alt + T.

  2. Shigar da umarnissh-keygensannan danna madannin Shigar.

  3. Za a zuga ku don ƙirƙirar fayil inda aka ajiye maɓallan. Idan kana son barin su a cikin tsoffin wuri, danna kan Shigar.

  4. Za'a iya kare maɓallin jama'a ta hanyar wucewa. Idan kana son amfani da wannan zabin, rubuta kalmar sirri a layin da ya bayyana. Haruffan da aka shigar ba za a nuna su ba. A cikin sabon layi, kuna buƙatar maimaita shi.

  5. Bayan haka, zaku ga sanarwa cewa an adana maɓallin, kuma kuna iya sanin kanku tare da hoton hoton hoto.

Yanzu akwai makullin da aka kirkira - na sirri da na jama'a, wanda za a yi amfani da shi don ci gaba da haɗi tsakanin kwamfutoci. Kuna buƙatar kawai sanya maɓallin a kan sabar don amincin SSH don cin nasara.

Kwafi maɓallin jama'a zuwa uwar garken

Akwai hanyoyi guda uku don yin maɓallan maɓallan. Kowannensu zai kasance mafi kyau duka a cikin yanayi daban-daban lokacin da, alal misali, ɗayan hanyoyin ba sa aiki ko bai dace da takamaiman mai amfani ba. Muna ba da shawarar la'akari da duk zaɓuɓɓuka guda uku, fara daga mafi sauƙi kuma mafi inganci.

Zabi 1: ssh-copy-id umarnin

.Ungiyarssh-kwafin-idAn gina shi a cikin tsarin aiki, don haka baku buƙatar shigar da wasu ƙarin kayan aikin don sarrafa shi. Bi madaidaicin fassarar rubutun don kwafin mabuɗi. A "Terminal" dole ya shigasunan mai amfani ssh-copy-id @ remote_hostina sunan mai amfani @ remote_host shi ne sunan kwamfutar da ke nesa.

Farkon lokacin da kuka haɗu, zaku karɓi rubutun sanarwa:

Ba za a iya tabbatar da amincin rundunar '203.0.113.1 (203.0.113.1)'.
Alamar yatsa ta ECDSA fd: fd: d4: f9: 77: fe: 73: 84: e1: 55: 00: ad: d6: 6d: 22: fe.
Ka tabbata kuna son ci gaba da haɗi (Ee / a'a)? eh

Dole ne a tantance zaɓi eh domin ci gaba da haɗi. Bayan haka, mai amfani zai bincika maɓallin a cikin ɗayan fayilid_rsa.pubwanda aka halitta a baya. Idan ya yi nasara, za a nuna sakamako mai zuwa:

/ usr / bin / ssh-copy-id: INFO: ƙoƙarin shiga tare da sabon maɓallin (s), don tace duk wasu abubuwan da aka riga aka shigar.
/ usr / bin / ssh-copy-id: INFO: 1 mabuɗan (s) ya kasance ana sanya shi - idan an sa muku yanzu shi ne shigar da sabbin maɓallan
sunan mai [email protected] kalmar sirri:

Saka kalmar sirri daga mai masaukin nesa don amfanin ya shiga ciki. Kayan aiki zai kwafa bayanai daga fayil din maɓallin jama'a ~ / .ssh / id_rsa.pub, kuma bayan wannan saƙo zai bayyana akan allon:

Lambobin makullin (kara) da aka kara: 1

Yanzu gwada shiga cikin injin, tare da: "ssh '[email protected]'"
sannan ka bincika ka tabbata cewa kawai mabuɗan da kake so aka ƙara.

Fitowar irin wannan rubutun yana nuna cewa an saukar da maɓallin cikin nasara zuwa kwamfutar da ke nesa, kuma yanzu ba za a sami matsalolin haɗin gwiwa ba.

Zabi na 2: Kwafi maɓallin jama'a ta hanyar SSH

Idan baku ikon yin amfani da fa'idar da aka ambata a sama ba, amma kuna da kalmar wucewa don shiga cikin uwar garken SSH na nesa, zaku iya shigar da maɓallin ku na hannu da hannu, don tabbatar da ingantaccen tabbaci lokacin haɗin. Anyi amfani da wannan umarnin cat, wanda zai karanta bayanai daga fayil ɗin, sannan sai a tura su ga sabar. Kuna buƙatar shigar da layin a cikin na'ura wasan bidiyo

cat ~ / .ssh / id_rsa.pub | ssh sunan mai amfani @ remote_host "mkdir -p ~ / .ssh && taɓa ~ / .ssh / izini_key && chmod -R go = ~ / .ssh && cat >> ~ / .ssh / izini_key".

Lokacin da sako ya bayyana

Ba za a iya tabbatar da amincin rundunar '203.0.113.1 (203.0.113.1)'.
Alamar yatsa ta ECDSA fd: fd: d4: f9: 77: fe: 73: 84: e1: 55: 00: ad: d6: 6d: 22: fe.
Ka tabbata kuna son ci gaba da haɗi (Ee / a'a)? eh

ci gaba da haɗi kuma shigar da kalmar wucewa don shigar da sabar. Bayan haka, maɓallin jama'a za a kwafa ta atomatik zuwa ƙarshen fayil ɗin sanyi. izini_key.

Zabi na 3: Manual Rubuta Maɓallin Maɓalli

Idan babu damar zuwa kwamfutarka mai nisa ta uwar garken SSH, ana yin duk matakan da ke sama da hannu. Don yin wannan, da farko gano mahimman bayanai akan PC ɗin uwar garke ta hanyar umarnicat ~ / .ssh / id_rsa.pub.

Za'a nuna layin mai zuwa akan allon:ssh-rsa + maɓallin saita maɓallin == demo @ gwajin. Bayan wannan, je zuwa aiki akan na'urar nesa, inda ƙirƙirar sabon jagorar tamkdir -p ~ / .ssh. Bugu da ƙari yana ƙirƙirar fayilizini_key. Bayan haka, saka madannin da kuka koya da farkoirin kumbunan + jama'a key >> ~ / .ssh / izini_key. Bayan haka, kuna iya ƙoƙarin gaskatawa tare da sabar ba tare da amfani da kalmomin shiga ba.

Tabbatarwa akan sabar ta amfani da mabuɗin da aka fito dashi

A cikin sashin da ya gabata, kun koya game da hanyoyi guda uku don kwafin maɓallin komputa mai nisa zuwa sabar. Irin waɗannan ayyukan zasu ba ku damar haɗi ba tare da amfani da kalmar sirri ba. Ana yin wannan hanyar ta layin umarni ta shigashh ssh sunan mai amfani @ remote_hostina sunan mai amfani @ remote_host - sunan mai amfani da kuma rundunar komputa da ake so. Farkon lokacin da kuka haɗu, za a sanar da ku game da haɗin da ba ku sani ba kuma za ku iya ci gaba ta zaɓa eh.

Haɗin zai faru ta atomatik idan ba a ƙayyade kalmar wucewa ba yayin ƙirƙirar maɓallan makullin. In ba haka ba, dole ne a fara shigar da shi don ci gaba da aiki tare da SSH.

Ana kashe kalmar sirri

An yi la'akari da ingantaccen tsari na kwafin maɓalli a cikin halin da ake ciki lokacin da zai yiwu a shigar da sabar ba tare da amfani da kalmar wucewa ba. Koyaya, ikon yin ingantaccen ta wannan hanyar yana bawa maharan damar amfani da kayan aikin fasa kwayar sirri tare da fasa wata hanyar sadarwa mai tsaro. Zai iya yiwuwa don kare kanka daga irin waɗannan maganganu ta hanyar kashe kayan shigar gaba ɗaya kalmar sirri a cikin fayil ɗin sanyi na SSH. Wannan zai buƙaci:

  1. A "Terminal" buɗe fayil ɗin sanyi ta hanyar editan ta amfani da umarninsudo gedit / sauransu / ssh / sshd_config.

  2. Nemo layin "Tabbatar kalmar sirri" kuma cire alamar # a farkon zuwa fara aiki da siga.

  3. Canza darajar zuwa a'a da ajiye ajiyar yanzu.

  4. Rufe edita ka kuma sake kunna uwar garkensudo systemctl sake kunnawa ssh.

Tabbatar kalmar shiga za a kashe, kuma zai yuwu a shigar da sabar ta amfani da maɓallan musamman da aka kirkira domin wannan tare da RSA algorithm.

Sanya daidaitaccen Tacewar zaɓi

A cikin Ubuntu, makamin gidan wuta shine Unclelicated Firewall (UFW). Yana ba ku damar ba da izinin haɗi don ayyukan da aka zaɓa. Kowane aikace-aikacen yana ƙirƙirar bayanin kansa a cikin wannan kayan aiki, kuma UFW yana sarrafa su, yana ba da damar ko lalata haɗin. Kafa bayanin martaba na SSH ta hanyar sanya shi a jerin kamar haka:

  1. Bude jerin bayanan bayanan gidan wuta ta hanyar umarnisudo ufw app list.

  2. Shigar da kalmar sirri ta asusunka don nuna bayanin.

  3. Za ku ga jerin aikace-aikacen da ke akwai, daga cikinsu ya zama OpenSSH.

  4. Yanzu ya kamata ku ba da izinin haɗi ta hanyar SSH. Don yin wannan, ƙara shi zuwa jerin bayanan martaba da aka yarda ta amfani dasudo ufw ba da damar OpenSSH.

  5. Kunna wuta ta hanyar sabunta dokokin,sudo ufw kunna.

  6. Don tabbatar da cewa an yarda haɗi, ya kamata a rubutamatsayin sudo ufw, bayan haka zaku ga halin cibiyar sadarwa.

Wannan ya kammala umarnin umarnin SSH a cikin Ubuntu. Settingsarin saitunan fayil ɗin sanyi da sauran sigogi ana aiwatar da su ta hanyar kowane mai amfani a ƙarƙashin buƙatunsa. Kuna iya samun masaniya game da aikin duk abubuwan haɗin na SSH a cikin aikin hukuma na yarjejeniya.

Pin
Send
Share
Send

Popular Posts

https://eifeg.com 2024