Kamar yadda kuka sani, bude SSH Face SSH yana ba ku damar haɗa kai tsaye zuwa takamaiman kwamfuta da kuma watsa bayanai ta hanyar zaɓin da aka zaɓa. Wannan yana ba ku damar aiwatar da sarrafa na'urar da aka zaɓa, tabbatar da ingancin musayar mahimman bayanai har ma da kalmomin shiga. Wani lokacin masu amfani suna da buƙatar shigar da SSH, amma ƙari don shigar da amfani kanta, ya zama dole don samar da ƙarin saiti. Muna son magana game da shi a yau, ɗaukar rarraba bania ga misalin.
Tsara SSH a Debian
Mun rarraba tsarin tsari zuwa matakai da yawa, tunda kowannen kowannensu yana da alhakin aiwatar da takamaiman magidano kuma yana iya zama da amfani ga abubuwan da aka zaba. Bari mu fara da cewa dukkan ayyukan za a yi a cikin wasan bidiyo kuma yana buƙatar tabbatar da haƙƙin Superuser, don haka shirya wannan a gaba.Sanya SSH-Server da SSH-Abokin ciniki
Ta hanyar tsoho, an haɗa SSH a cikin daidaitaccen tsarin amfani da tsarin tsarin tsarin tsarin tsarin aikin tsarin aiki, duk da haka, saboda kowane fasali na iya zama shayarwa ko kuma a lokacin da mai amfani da hannu ya haifar da entalal. Idan kana buƙatar shigar da SSH-sabar SSH da SSH-abokin ciniki, bi umarnin masu zuwa:
- Bude menu na fara kuma fara tashar daga can. Za'a iya yi wannan ta hanyar daidaiton maɓallin Ctrl + Alt + T.
- Anan kuna da sha'awar sudo Apt shigar da Bukatar Buɗewar da ke da alhakin shigar da sashin uwar garke. Shigar da shi kuma danna kan shiga don kunna.
- Kamar yadda ka riga ka sani, ayyukan da aka yi tare da hujjojin Sudo na Sudo suna buƙatar an kunna ta hanyar tantance kalmar wucewa ta Superurer. Yi la'akari da cewa haruffan da aka shigar a cikin wannan layin ba su nuna ba.
- Za a sanar da ku cewa ana ƙara fakiti ko sabuntawa. Idan an riga an shigar da SSH-sabar a Debian, saƙo ta bayyana akan gaban kunshin da aka ƙayyade.
- Na gaba, zaku buƙaci ƙara zuwa tsarin da abokin ciniki sashi, amma ga komputa wanda za'a haɗa shi nan gaba. Don yin wannan, yi amfani da irin wannan sudo apt-samun shigar da umarnin buɗe-abokin ciniki.
Babu sauran ƙarin kayan haɗin don shigar da kowane ƙarin kayan haɗin, za ku iya lafiya zuwa ga masu haɗin uwar garke don ƙirƙirar maɓallan don tebur mai nisa.
Gudanar da sabar kuma duba aikinsa
A takaice bari mu mai da hankali kan yadda aka gudanar da sabar da aka shigar kuma duba aikin sa. Dole ne a yi kafin sauya zuwa saitin don tabbatar da cewa aikin abubuwan haɗin da aka haɗa daidai ne.
- Yi amfani da tsarin Sashd Umurnin don ƙara sabar zuwa Autoload, idan baya faruwa ta atomatik. Idan kana buƙatar soke ƙaddamar da tsarin aiki, yi amfani da tsarin kashe Sshd. Sa'an nan kuma fara farawa za a buƙaci don tantance tsarin fara sshd.
- Duk waɗannan ayyukan gaba ɗaya dole ne a yi a madadin Superuser, don haka kuna buƙatar shigar da kalmar sirri.
- Shigar da umarnin SSH Localhost don bincika sabar don aikin. Sauya lochath zuwa adireshin komputa na gida.
- Lokacin da kuka haɗu da farko, za a sanar da ku cewa ba a tabbatar da tushen ba. Wannan na faruwa ne saboda ba mu saita saitunan tsaro ba. Yanzu kawai tabbatar da ci gaba da haɗin ta shiga Ee.
Dingara Maɓallan RSA
Haɗa daga sabar zuwa abokin ciniki da akasi ta hanyar shigar da SSH ta hanyar shigar da kalmar wucewa, duk da haka, ana bada shawara don ƙirƙirar maɓallan RSA algorithms. Wannan nau'in rufaffiyar zai sa ya yiwu a ƙirƙiri ingantaccen kariya, wanda zai zama da wahala a kewaye mahallin lokacin ƙoƙarin hack. Don ƙara maɓallan 'yan mintoci kaɗan, kuma kamar wannan tsari:
- Bude kalmar "tashar" kuma shigar da SSH-keygen a can.
- Zaka iya zabi wani wuri inda kake son adana hanyar zuwa mabuɗin. Idan babu sha'awar canza shi, kawai danna maɓallin Shigar.
- Yanzu an ƙirƙiri maɓallin buɗewa. Ana iya kiyaye shi ta hanyar lambar lamba. Shigar da shi a cikin kirtani da aka nuna ko kuma barin komai idan baka son kunna wannan zabin.
- Lokacin shigar da kalmar nan kalmar za ta sake tantance ta don tabbatarwa.
- Sanarwa na kirkirar maɓallin jama'a zai bayyana. Kamar yadda kake gani, an sanya shi saitin alamun bazuwar, kuma an kirkiro hoto akan algorithms na yau da kullun.
Godiya ga aikin da aka yi, an ƙirƙiri kalmar sirri da maɓallin jama'a. Za su shiga cikin haɗi tsakanin na'urori. Yanzu dole ne ka kwafe maɓallin jama'a zuwa sabar, kuma zaka iya yin wannan ta hanyoyi daban-daban.
Kwafi Buza Buza don Server
A dena, akwai zaɓuɓɓuka uku waɗanda zaka iya kwafa mabuɗin jama'a zuwa sabar. Muna ba da shawarar nan da nan ta san kanku da dukkan su don zaɓar mafi kyau duka a nan gaba. Wannan ya dace da waɗancan yanayi inda ɗayan hanyoyin ba su dace ba ko ba biyan bukatun mai amfani ba.
Hanyar 1: Teamungiyar SSH-Copy-ID
Bari mu fara da zabi mafi sauki wanda ke nuna amfani da umarnin SSH-Kwafi. Ta hanyar tsoho, wannan amfani an riga an gina shi cikin OS, don haka ba buƙatar shigarwa ba. SynTax kuma shine mafi sauƙin yawa kamar yadda zai yiwu, kuma kuna buƙatar yin irin waɗannan ayyukan:
- A cikin na'ura wasan bidiyo, shigar da umarnin SSH-Kwafi zuwa Sunan mai amfani @ Mushote_she da kuma kunna shi. Sauya sunan mai amfani @ nagarta_she ga adireshin komputa na manufa saboda aikawa ya wuce cikin nasara.
- Lokacin da kuka fara ƙoƙarin haɗawa, za ku ga saƙon "amincin Mai watsa shiri '203.0.113.1 (203.0.11)' 77: F9: 77: Fe: 73 : 84: E1: 00: AD: D6: 6D: 22: Fe. Ka tabbata kana son ci gaba da hadawa (Ee / a'a)? Ee. " Zaɓi amsa mai kyau don ci gaba da haɗin.
- Bayan haka, da amfani zai yi aiki da kansa kamar bincike da kwafa maɓallin. A sakamakon haka, idan komai ya tafi cikin nasara, sanarwar "/ USR / Bin / SSH-Copy-ID" zai bayyana akan sabon key (SP), don tace duk wanda ya kasance aladun Sanya / USR / Bin / SSH-Copy-ID: Bayani: Key (s) ya kasance don shigar da sabon maɓallan mai [email protected]'s: ". Wannan yana nuna cewa zaku iya shigar da kalmar wucewa da matsawa zuwa sarrafa tsarin mai nisa na nesa.
Bugu da ƙari, zan ƙayyade wannan bayan izini na farko na cin nasara a cikin wasan bidiyo, halayyar ta gaba za ta bayyana:
Yawan maɓallin (s) ƙara: 1
Yanzu gwada shiga cikin injin, tare da: "SSH 'sunan mai amfani [email protected]"
Kuma duba don tabbatar da cewa kawai mabuɗin (s) wanda aka so an ƙara.
Ya ce an yi nasarar da aka yi nasarar da aka kara zuwa komputa mai nisa kuma ba wasu matsaloli za su taso lokacin da kuka yi kokarin haɗi.
Hanyar 2: maɓallin fitarwa ta hanyar SSH
Kamar yadda kuka sani, maɓallin maɓallin jama'a zai ba ku damar haɗi zuwa uwar garken da aka ƙayyade ba tare da shigar da kalmar wucewa ba. Yanzu, yayin da maɓallin ba tukuna a kan kwamfutar da aka yi niyya, zaku iya haɗa ta hanyar SSH ta hanyar shigar da kalmar sirri don fayil ɗin da ake so. Don yin wannan, a cikin medole za ku shigar da Cat ~ / .Sh / Id_rsa.p | SSH mai amfani da SSH @ menst "Mkdir -p ~ / .Sh && taba ~ /
Sanarwar dole ne ya bayyana akan allon.
Da amincin rundunar '203.0.111.1 (203.0.113)' Ba za a iya kiyaye su ba.
EcdSA Key yatsa shine FD: FD: F9: 77: 8: 00: e1: 6D: 22: fe.
Shin kun tabbata kuna son ci gaba da haɗi (Ee / A'a)?.
Tabbatar da shi don ci gaba da haɗin. Za'a iya kwafa maɓallin jama'a ta atomatik zuwa ƙarshen fayil ɗin sanyi na izini_Ka. A kan wannan tsarin fitarwa, yana yiwuwa a gama.
Hanyar 3: Key Kwafi Kwafi
Wannan hanyar za ta dace da waɗancan masu amfani da waɗanda ba su da ikon ƙirƙirar haɗin nesa zuwa kwamfutar da aka yi niyya, amma akwai damar zahiri zuwa gare ta. A wannan yanayin, dole ne a canza mabuɗin da kansa. Don farawa, tantance bayanin game da shi akan PLC Via cat ~ / .SSH / Id_rsa.p.
Bikin wasan ya kamata ya bayyana SSH-RSA + Mabuɗin SSH-RSA a matsayin saitin haruffa == demo @ gwaji. Yanzu zaku iya zuwa wani kwamfutar, inda ya kamata ku ƙirƙiri wani sabon jagorar ta shigar da MKDir -P ~ / .Sh. Hakanan yana ƙara fayil na rubutu da ake kira izini_keys. Ya rage kawai kawai a cikin mabuɗin da ya gabata ta hanyar ECO + LOG na Maɓallin jama'a >> ~ / .SSH / Izini_Ka. Bayan haka, ingantaccen tsari zai kasance ba tare da shigarwa ba shigarwa. Ana yin wannan ta hanyar sunan mai amfani da SSH @ Maraɗa umarni, inda sunan mai amfani @ menta ya kamata a maye gurbinsa da sunan rundunar da ake buƙata.
Anyi la'akari da hanyoyin da aka yarda don canja wurin maɓallin jama'a zuwa sabon na'ura don sa ya yiwu a haɗa kalmar sirri, amma yanzu ana nuna fom ɗin akan shigarwa. Irin wannan matsayin abubuwa yana ba da damar maharan don samun damar desktop na nesa, kawai kalmar wucewa. Nan gaba muna samarwa don tabbatar da tsaro ta hanyar samar da wasu saituna.
Kashe kalmar sirri
Kamar yadda aka ambata a baya, da yiwuwar tabbatar da kalmar sirri na iya zama hanyar haɗi ba a cikin amincin haɗin nesa, tunda akwai hanyoyin nuna wannan makullin. Muna ba da shawarar nakasassu wannan zaɓi idan kuna sha'awar matsar da kariyar uwar garken. Kuna iya yi kamar haka:
- Bude / sauransu / ssh / sshd_config sanyi fayilori ta kowane editan rubutu mai dacewa, yana iya zama, misali, GEDIT ko Nano.
- A cikin jerin da ke buɗe, nemo kalmar sirri "kalmar sirri" ta cire alamar # don yin wannan umarnin aiki. Canza darajar Ee zuwa A'a don kashe zaɓi.
- Bayan kammala, latsa CTRL + o don adana canje-canje.
- Kada ku canza sunan fayil ɗin, amma kawai danna Latsa don amfani da saiti.
- Kuna iya barin edita na rubutu ta danna kan Ctrl + X.
- Dukkanin canje-canje zasuyi aiki kawai bayan sake kunna sabis ɗin SSH, don haka yi shi nan da nan ta hanyar Samfurin Samfurin SSH.
A sakamakon ayyuka, da yiwuwar tabbatar da kalmar sirri zai zama mai rauni, kuma za a samu shigarwar kawai bayan wasu 'yan wasan Rana. Yi la'akari da wannan lokacin da aka tsara irin wannan.
Tabbatar da sigar hanyar wuta
A karshen kayan yau, muna son gaya game da tsarin haɗin wuta, wanda za a yi amfani da izini ko hana al'amuran mahadi. Za mu iya wucewa da manyan abubuwan, suna ɗaukar firewall ɗin da ba a haɗa su ba (UFW).
- Da farko, bari mu bincika jerin bayanan bayanan da ake ciki. Shigar da jerin abubuwan da Ufw UFW kuma danna Shigar.
- Tabbatar da aikin ta hanyar tantance kalmar wucewa ta Superuser.
- Lay Ssh a cikin jerin. Idan wannan layin yana can, yana nufin cewa komai ayyuka daidai.
- Bada izinin haɗin ta wannan amfani ta hanyar rubuta sudo UFW ya ba da izinin OpenSSH.
- Kunna wuta don sabunta dokoki. Ana yin wannan ne ta hanyar wahalar da UFW UFW.
- Kuna iya bincika matsayin na yanzu na Wutar a kowane lokaci ta hanyar shigar da matsayin sudo ufw.
A kan wannan tsari, tsarin SSH a Devian cikakke ne. Kamar yadda kake gani, akwai wasu abubuwa daban-daban da ƙa'idodi da ke buƙatar lura. Tabbas, cikin tsarin labarin guda, ba shi yiwuwa a ga cikakken bayani game da duk bayanan, don haka kawai muke shafa a kan bayanai na asali. Idan kuna da sha'awar samun ƙarin bayanai masu zurfi game da wannan amfani, muna ba ku shawara ku san kanku da tsarin aikinta na hukuma.