RorohikoTaputapu

Me pēhea te ki te whirihora me te whakamahi i te tauranga SSH? Hipanga i te aratohu taahiraa

Haumaru Anga, haapotohia rite SSH ranei, ko reira tetahi o nga hangarau tiaki raraunga tino matatau i roto i te tuku. Ko te whakamahi o te tikanga pērā i runga i te pouara taua taea kore anake te munatanga o ngā pārongo tuku, engari ano hoki ki te tere ake te utu o pākete. Heoi, e matau ana tae noa ki ki te whakatuwhera i te tauranga SSH kore katoa, a he tika he aha tenei katoa. I roto i tenei take, ko te mea e tika ana ki te hoatu i te whakamārama whai hua.

Port SSH: he aha te mea reira me te aha e hiahia ana tatou?

Mai e korero tatou e pā ana ki te haumarutanga, i roto i tenei take, i raro i te tauranga SSH ki kia mohio ki hongere i whakatapua i roto i te puka o te kauhanga, e whakarato whakamunatanga raraunga.

Ko te kaupapa tino tahito o tenei kauhanga ko e he tuwhera SSH-tauranga whakamahia e taunoa ki whakamuna raraunga i te pūtake me te wetemunatanga i runga i te, koirä. Ka taea te faataa tenei e whai ake nei: ahakoa rite koe i te reira ranei e kore e, tuku waka, pērā i te IPSec, whakamuna i raro i te faaheporaa, me te tauranga putanga o te whatunga, ka i te taha whiwhi o te tomokanga. Hei wetemuna te mōhiohio tuku i runga i tenei hongere, whakamahi te kāpeka te fariiraa i te kī motuhake. I roto i te mau parau te tahi atu, ki te wawao i te whakawhiti takahi i te tapatahi o te raraunga tuku i te kau kotahi taea kore kahore te kī ranei.

Just te whakatuwhera SSH-tauranga i runga i tetahi pouara mā te whakamahi i te tautuhinga tika o te kiritaki atu ranei te taunekeneke tika ki te SSH-tūmau, ka taea ki a koe tino whakamahi i te āhuatanga katoa o ngā pūnaha haumaru whatunga hou. Ko matou i konei i runga i te āhua o ki te whakamahi i te tauranga whakaritea e te e tautuhinga taunoa ritenga ranei. Enei tawhā i roto i te tono kia titiro uaua, engari e kore te mea nui, kahore he matauranga o te whakahaere o te hononga taua.

tauranga SSH Paerewa

Ki te, pono, e hāngai ana i runga i nga tawhā o tetahi o te pouara kia tuatahi whakatau i te tikanga, he aha te ahua o te pūmanawa, ka e whakamahia mō te whakahohe i tēnei hono. I roto i te meka, Ka taea e whai tautuhinga rerekē te tauranga SSH taunoa. Tei mea katoa i runga i te mea tikanga whakamahia te i te kau (hononga tika ki te tūmau, tāuta atu whakamua tauranga kiritaki, me te pera i runga i. D.).

Hei tauira, ki te whakamahia te kiritaki Jabber, mo hononga tika, whakamunatanga, me raraunga whakawhiti tauranga 443 ko ki te kia whakamahia, ahakoa kua whakaturia te ahua i roto i te tauranga paerewa 22.

Ki te tautuhi anō i te pouara ki te tohatoha hoki te hōtaka ngā tukatuka i te tikanga e tika ana i ki te mahi ranei whakamua tauranga SSH. He aha te mea te reira? Ko reira te whakaaro o te whai wāhi ngā ki te hōtaka kotahi e whakamahi ana i te hononga Ipurangi, ahakoa o nei tautuhinga he nāianei utu kawa raraunga (IPv4 IPv6 ranei).

tika hangarau

e kore te paerewa tauranga SSH 22 whakamahia tonu rite ko reira kua mārama. Heoi, i konei ko reira e tika ana ki te tohatoha i te tahi o nga āhuatanga me ngā tautuhinga whakamahia i roto i te tatūnga.

Aha whakamuna kawa matatapu raraunga tā te whakamahi o SSH rite te pono waho (te āheinga) tauranga kaiwhakamahi? Otiia anake te mea tono poka te taea reira te whakamahi o te anga mamao pera-ka karanga (SSH), ki te riro te uru ki te whakahaere kāpeka roto takiuru mamao (slogin), ka tono te tukanga tārua mamao (SCP).

I tua atu, e taea te whakahohe SSH-tauranga i roto i te take i reira ko tika te kaiwhakamahi ki te mahia hōtuhi mamao X Windows, i roto i te take māmā ko e he whakawhiti o ngā mōhiohio i tetahi mīhini ki tetahi, kua rite kua mea, ki te whakamunatanga takoha o raraunga. I roto i taua āhuatanga, ka te tika tino whakamahi i runga i te hātepe AES. Ko te hātepe whakamunatanga hangarite, i whakaratohia tuatahi i roto i te hangarau SSH tenei. A te whakamahi i taea te reira e kore anake e tika ana, engari.

History o te iteraa

Kua puta te hangarau mō te wa roa. Kia waiho peka tatou te pātai o te pehea, ki te hanga tauranga huka SSH, ka arotahi ki te pehea reira mahi katoa.

Ko te tikanga mai te reira ki raro ki, ki te whakamahi i te takawaenga i runga i te kaupapa o Tōkena ranei te whakamahi i VPN poka. I roto i te take e taea etahi tono pūmanawa mahi ki VPN, pai ki te whiriwhiri i tēnei kōwhiringa. Ko te meka e whakamahi hōtaka mohiotia tata katoa i tenei ra i te waka Ipurangi, ka taea e te VPN mahi, engari e kore te mea ngāwari ararere whirihoranga. Tenei, kia rite i roto i te take o te tūmau takawaenga, ka taea ki te waiho i te wāhitau waho o te tauranga i nei te hua tēnei wā i roto i te kupenga putanga, mōhiotia. Ko te take ki te wāhitau takawaenga e te huri tonu, a ka noho tonu VPN putanga tonu ki te warea o etahi he rohe, i tua atu i te kotahi te wahi i reira ko te kanga ki runga ki te uru.

Ko te tino taua hangarau e tuku SSH tauranga, i whakawhanakehia i roto i 1995 i roto i te University o Technology i Finland (SSH-1). I roto i te 1996, whakapai ake kua tapiritia i roto i te puka o SSH-2 kawa, i i tino whānui i roto i te wāhi pou-Soviet, ahakoa mo tenei, kia rite ki te pai rite i roto i te tahi mau whenua Pākehā Western, he reira ētahi wā e tika ana ki te whiwhi whakaaetanga ki te whakamahi i tenei kauhanga, me i ngā tari kāwanatanga.

Ko te painga matua o te whakatuwheratanga SSH-tauranga, rite te ātete ki te telnet RLogin ranei, ko te whakamahi o ngā waitohu mamati RSA DSA (te whakamahi o te rua o tuwhera, me te kī tanumia) ranei. I tua atu, i roto i tenei āhuatanga ka taea e koe te whakamahi i te kī wātū pera-ka karanga i runga i Diffie-Hellman hātepe, e whai wāhi te whakamahi o te putanga whakamunatanga hangarite, ahakoa kahore ekore te whakamahi o hātepe whakamunatanga hangarite i roto i te tuku raraunga, me te fariiraa i tetahi atu mīhini.

Tūmau me anga

I te Windows ranei Linux tuwhera SSH-tauranga e kore te mea pera uaua. Ko te pātai anake, ko te, he aha te ahua o taputapu mo tenei whakaaro ka e whakamahia.

I roto i tenei tikanga ko reira e tika ana ki te aro ki te take o te kōrero tuku me te motuhēhēnga. Tuatahi, ko te kawa ake e makona tiakina e te hongi pera-ka karanga, e te mea te tino mua "wiretapping" o hokohoko. whakamatauria SSH-1 ki te kia whakaraerae ki whakaeke. Pokanoa i roto i te tukanga o te whakawhiti raraunga i roto i te puka o te kaupapa o "te tangata i roto i te waenganui" i ona hua. noa i taea e Information te haukoti a kīa rawa māmā. Ko kua te putanga tuarua (SSH-2) kua ārai ki tenei ahua o te wawaotanga, e mohiotia ana ko wātū hijacking, whakawhetai ki te mea he tino rongonui.

ūhia ki haumarutanga

Ko te haumarutanga i te faatura o te raraunga tuku, ka riro, i te whakahaere o hononga whakapumautia ki te whakamahi o taua hangarau taea te karo i te raruraru e whai ake nei:

  • kī tautuhi ki te ope i te taahiraa tuku, ka he "hopuāhua» tapumati;
  • Tautoko mō te Windows me ngā pūnaha UNIX-rite;
  • whakauru o IP me wāhitau DNS (spoofing);
  • intercepting tuwhera kupuhipa ki te uru-tinana ki te hongere raraunga.

Mau, hanga te whakahaere katoa o te pūnaha taua kei i runga i te parau tumu o "kiritaki-tūmau", e ko, te tuatahi o te rorohiko katoa o te kaiwhakamahi i roto i te hōtaka motuhake ranei waea tāpiri-i roto i ki te tūmau, e hua he anō hāngai.

poka

haere te reira i waho e mea e me tāuta te whakatinanatanga o te hononga o tenei ahua i roto i te taraiwa motuhake i runga i te pūnaha.

Tikanga, i roto i ngā pūnaha-e hāngai ana Windows te hanga ki te taraiwa anga hōtaka Microsoft Teredo, i te mea he ahua o te tikanga hae mariko o IPv6 i whatunga tautoko IPv4 anake. he kaha whāurutau Tunnel taunoa. I roto i te kaupapa o te kore e pā ana ki taua mea, ka taea e hanga e koe noa te tīmata pūnaha ranei te mahi i te whakaweto, me te tīmata anō whakahau i te papatohu whakahau. Hei wetehohe E whakamahia taua rārangi:

  • netsh;
  • monokia atanga kāwanatanga teredo huinga;
  • atanga isatap whakaturia kāwanatanga monokia.

I muri tomo i te whakahau kia tīmata anō. Hei anō-taea ai te pūurutau me tirohia te tūnga o mono hei utu o te tukua e te rēhita whakahohea, i muri nei, ano, kia tīmata anō te pūnaha katoa.

SSH-tūmau

Na kia kite a pehea whakamahia te tauranga SSH te rite te matua, timata mai i te kaupapa "kiritaki-tūmau". Kei te nuinga o te taunoa tono 22 meneti tauranga, engari, ka rite ki whakahuatia i runga ake, e taea te whakamahi me te 443rd. Ko te pātai anake i roto i te hiahia o te tūmau iho.

whakaaro te tino noa SSH-tūmau te ki hei te whai ake:

  • hoki Windows: Tectia SSH Tūmau, OpenSSH ki Cygwin, MobaSSH, KpyM telnet / Tūmau SSH, WinSSHD, copssh, freeSSHd;
  • hoki FreeBSD: OpenSSH;
  • hoki Linux: Tectia SSH Tūmau, SSH, OpenSSH-tūmau, Lsh-tūmau, dropbear.

He noa katoa o nga tūmau. Heoi, ka taea e kitea e koe, ka utua ratonga e whakarato taumata ara nui o haumaru, i te mea faufaa mo te whakahaere o te whai wāhi whatunga me te haumarutanga mōhiohio i roto i hinonga. E kore te te utu o taua ratonga kōrero. Otiia i roto i te whānui taea tatou te mea e he reira āhua ngāwari, ara i roto i rite ki te tāutanga o te pūmanawa motuhake ranei pātūahi "pūmārō".

SSH-kiritaki

Ka taea te hanga Huri SSH tauranga i runga i te pūtake o te hōtaka kiritaki ranei te tautuhinga e tika ana, ka whakamua tauranga i runga i tou pouara.

Heoi, ki te pa ki a koutou te anga kiritaki, taea te whakamahi i te hua pūmanawa e whai ake nei mō te ngā pūnaha:

  • Windows - SecureCRT, PuTTY \ Kitty, Axessh, ShellGuard, SSHWindows, ZOC, XShell, ProSSHD aha;..
  • Mac OS X: iTerm2, vSSH, NiftyTelnet SSH;
  • Linux ko BSD: Lsh-kiritaki, kdessh, OpenSSH-kiritaki, vinagre, putty.

hāngai motuhēhē te i runga i te kī tūmatanui, me te huri i te tauranga

Na he torutoru kupu e pā ana ki te āhua o te whakaū me te whakatū i te tūmau. I roto i te take māmā, me te whakamahi koe i te kōnae whirihoranga (sshd_config). Heoi, e taea e koe i waho reira, hei tauira, i roto i te take o ngā hōtaka pērā i PuTTY. Huri SSH tauranga i te uara taunoa (22) ki tetahi atu ko te tino timatanga.

Ko te mea matua - e kore e ki te whakatuwhera i te tau tauranga nui te uara o 65535 (tauranga teitei kore noa e te tīariari i roto i te natura). I tua atu, kia whakarongo ki etahi tauranga tuwhera i taunoa, e taea te whakamahi e te kiritaki rite MySQL FTPD ranei pātengi. Ki te whakapūtā koe ratou mo te whirihoranga SSH, o te akoranga, ratou mutu noa te mahi.

He mea utu te tuhituhi e me te kiritaki Jabber taua kia rere i roto i te taiao taua te whakamahi i SSH-tūmau, mo te tauira, i runga i te mīhini mariko. A ka hiahia te nuinga o tūmau localhost ki tautapa i te uara ki te 4430 (hei utu o 443, ka rite ki whakahuatia i runga ake). Ka taea te whakamahi i tēnei whirihoranga, ka whai wāhi ki te jabber.example.com kōnae matua āraia e te pātūahi.

I te tahi atu te ringa, e taea e te tauranga whakawhiti i runga i te pouara mā te whakamahi i te whirihoranga o tona atanga ki te hanga o okotahi ki te ture. I roto i te nuinga o ngā tauira tāuru i roto i ngā wāhitau tāuru timata ki 192,168 i kō atu ki 0.1 1.1 ranei, engari pouara te whakakotahi kaha ADSL-pouwhanga rite Mikrotik, wāhitau mutunga tā te whakamahi o 88,1.

I roto i tenei take, te waihanga i tētahi ture hou, ka whakaturia nga tawhā tika, hei tauira, ki te tāuta i te hononga waho dst-nat, me te kore e raro i te tautuhinga whānui, me te i roto i te wāhanga o ngā manakohanga Activism (Mahi) tauranga whakaritea ā. Kahore rawa uaua konei. Ko te mea matua - ki te whakapūtā te uara e hiahiatia ana o tautuhinga, ka whakaturia te tauranga tika. Na roto i te taunoa, ka taea e koe te whakamahi i tauranga 22, engari ki te whakamahi i te kiritaki te motuhake (etahi o te runga ake mō ngā pūnaha rerekē), ka taea te huri i te uara takirihia, engari anake kia kore e nui ake i tēnei tawhā te uara whakaaturia, i runga nei e noa tau tauranga kore e wātea ana.

A, no te whakaturia ake koutou hononga kia utu ano whakarongo ki nga tawhā o te hōtaka kiritaki. kia pai kia te reira e i roto i ona tautuhinga i ki te tautuhi i te roa iti o te kī (512), ahakoa i te nuinga o te taunoa whakaturia 768. he minaminatia ki te whakaturia te wāhiki ki te takiuru runga ki te taumata o 600 hēkona me te whakaaetanga uru mamao ki tika pakiaka hoki reira. I muri te faaohiparaa i teie tautuhinga, e hiahia ana koe ki te tukua hoki te whakamahi o ngā tika motuhēhēnga katoa, i tua atu i te hunga i runga i te whakamahi .rhost (engari ko te reira e tika ana anake ki kaiwhakahaere pūnaha).

I roto i te tahi atu mea, ki te rēhita i te ingoa kaiwhakamahi i roto i te pūnaha, e kore te taua rite whakaurua i te kau, me te tohua reira āta whakamahi i te ariki whakahau SSH kaiwhakamahi ki te whakataki o ngā tawhā atu (mo te hunga e matau he aha te mea i tĭtĭ).

Ka taea te whakamahi Team ~ / .ssh / id_dsa mo huringa o te kī, me te tikanga whakamunatanga (ranei RSA). Hei waihanga i tētahi kī tūmatanui whakamahia e te faafariuraa te whakamahi i te rārangi ~ / .ssh / identity.pub (engari e kore e tika). Ko, rite whakaaturanga mahi, te huarahi māmā ki te whakamahi i whakahau ano he SSH-keygen. Here iti te ngako o te take kei te anake ki te meka, ki te tāpiri i te kī ki te taputapu motuhēhēnga e wātea ana (~ / .ssh / authorized_keys).

Otiia kua haere matou matara rawa. Ki te haere koe hoki ki te take tautuhinga tauranga SSH, e kore te mea pera uaua rite kua mārama tauranga huringa SSH. Heoi, i roto i te tahi mau āhuatanga, e mea ratou, ka whai ki te werawera, no te mea tango i te hiahia ki te ki pūkete uara katoa o ngā tawhā matua. Ko te toenga o te take whirihoranga whewhe ki raro ki te kuwaha o tetahi hōtaka tūmau kiritaki ranei (ki te te whakaratohia reira tuatahi), ranei ki te whakamahi i whakamua tauranga i runga i te pouara. Otiia ara i roto i te take o te huringa o te tauranga 22, te taunoa, ki te 443rd taua, kia mohio ki mārama e kore e mahi tonu te kaupapa taua, engari anake i roto i te take o te tāuta i te taua tāpiri-i roto i Jabber (taea atu analogs whakahohe me o ratou tauranga mahi, rere ke te reira i te paerewa). I tua atu, kia homai e tokanga makehe tawhā tautuhinga SSH-kiritaki, e tika e te taunekeneke ki te SSH-tūmau, ki te te tino mahara ai ki te whakamahi i te hononga o nāianei.

Ko te era atu, ki te kahore te te whakamua tauranga whakaratohia tuatahi (ahakoa he reira e minaminatia ki te mahi i taua mahi), tautuhinga, me ngā kōwhiringa mō te whai wāhi mā SSH, koutou e taea e kore te huri. He tetahi raruraru ka hanga he hononga, me ona whakamahi atu, i roto i te whānui, e kore e tūmanakohia (te kore, o te akoranga, e kore e whakamahi ā whirihora i te tūmau-e hāngai ana whirihoranga me kiritaki). Ko te okotahi tino noa ki te hanganga o ngā ture ki runga ki te pouara taea ki a koe te whakatika i tetahi raruraru ranei karo ratou.

Similar articles

 

 

 

 

Trending Now

 

 

 

 

Newest

Copyright © 2018 mi.delachieve.com. Theme powered by WordPress.