Kwanan nan Masu haɓaka OpenSSH kawai sun sanar da wannan sigar 8.0 na wannan kayan aikin tsaro don haɗin nesa tare da yarjejeniyar SSH an kusa shiryawa.
Damian Miller, ɗayan manyan masu haɓaka aikin, wanda ake kira al'umma mai amfani na wannan kayan aiki don haka zasu iya gwadawa tun, tare da isassun idanu, ana iya kamo duk kurakurai cikin lokaci.
Mutanen da suka yanke shawarar amfani da wannan sabon sigar zasu iya Ba wai kawai zasu taimaka muku gwada aikin da gano kwari ba tare da gazawa ba, zaku kuma sami damar gano sabbin kayan haɓakawa daga umarni daban-daban.
A matakin tsaro, misali, an gabatar da matakan rage kaifin lamuran scp a wannan sabon sigar na OpenSSH.
A aikace, kwafe fayiloli tare da scp zai zama mafi aminci a cikin OpenSSH 8.0 saboda yin kwafin fayiloli daga kundin adireshi mai nisa zuwa kundin adireshi na cikin gida zai haifar da scp duba idan fayilolin da sabar ta aiko ta dace da buƙatar da aka bayar.
Idan ba a aiwatar da wannan hanyar ba, uwar garken kai hari na iya, a ka'idar, katse bukatar ta hanyar isar da mugayen fayiloli maimakon wadanda aka nema da farko.
Koyaya, duk da waɗannan matakan ragewa, OpenSSH ba ya ba da shawarar yin amfani da yarjejeniyar scp, saboda "ta daɗe, ba ta da sassauci, kuma tana da wahalar warwarewa."
"Muna ba da shawarar yin amfani da ladabi na zamani kamar sftp da rsync don canja wurin fayil," Miller ya gargaɗi.
Menene wannan sabon sigar na OpenSSH zai bayar?
A cikin kunshin «Labarai» na wannan sabon sigar ya haɗa da canje-canje da yawa waɗanda zasu iya shafar abubuwan daidaitawa.
Alal misali, a matakin da aka ambata na yarjejeniyar scp, tunda wannan yarjejeniyar ta dogara ne akan harsashi mai nisa, babu tabbatacciyar hanyar da fayilolin da aka ɗora daga abokin ciniki suka dace da ɗaya daga sabar.
Idan akwai bambanci tsakanin abokin ciniki na gaba da haɓaka sabar, abokin ciniki na iya ƙin fayiloli daga sabar.
A dalilin haka, kungiyar OpenSSH ta samarda scp da sabuwar tutar "-T" wanda ke dakatar da binciken kwastomomi don sake gabatar da harin da aka bayyana a sama.
A matakin sshd na dimokuradiyya: kungiyar OpenSSH ta cire tallafi ga rusassun tsarin "host / port".
Addedara mai karɓar baƙi / tashar jirgin ruwa da aka raba a cikin 2001 a madadin "rundunar: tashar jiragen ruwa" ginin kalma don masu amfani da IPv6.
A yau slash tsari yana rikicewa tare da sanarwar CIDR, wanda kuma ya dace da OpenSSH.
Sauran labarai
Sabili da haka, yana da kyau a cire sanarwar ba da labari daga ListenAddress da PermitOpen. Baya ga waɗannan canje-canje, muna da sababbin abubuwan da aka ƙara zuwa OpenSSH 8.0. Wadannan sun hada da:
Hanyar gwaji ta musayar maɓallan komputan komputa wanda ya bayyana a cikin wannan sigar.
Dalilin wannan aikin shine a warware matsalolin tsaro da zasu iya faruwa yayin rarraba maɓallan tsakanin ɓangarorin, saboda barazanar ci gaban fasaha, kamar ƙaruwar ƙarfin sarrafa kwamfuta, da sabbin algorithms na komputa.
Don yin wannan, wannan hanyar ta dogara da maganin rarraba maɓallin jimla (gajarta ta QKD a Turanci).
Wannan maganin yana amfani da kayan adadi don musayar bayanan sirri, kamar maɓallin kewayawa.
A ka'ida, auna tsarin jimla yana canza tsarin. Bugu da ƙari kuma, idan dan gwanin kwamfuta ya yi ƙoƙari ya katse maɓallin kewayawa wanda aka bayar ta hanyar aiwatar da QKD, babu makawa zai bar zanan yatsun da za'a iya ganowa ga OepnSSH.
A gefe guda, madaidaicin girman maɓallin RSA wanda aka sabunta zuwa rago 3072.
Daga cikin sauran labaran da aka ruwaito sune masu zuwa:
- Supportara tallafi don maɓallan ECDSA a cikin alamun PKCS
- izinin "PKCS11Provide = babu" don ƙetare abubuwan da suka biyo baya na PKCS11Samar da umarnin a ssh_config.
- Ana kara sakon log don yanayin inda mahada ta karye bayan kokarin gudanar da umarni yayin da sshd_config ForceCommand = cikas na cikin-sftp ke aiki.
Don ƙarin cikakkun bayanai, ana samun cikakken jerin sauran abubuwan ƙari da gyaran bug a shafi na hukuma.
Don gwada wannan sabon sigar zaku iya tafiya zuwa mahada mai zuwa.