Mushure memwedzi mina yekukura kuburitswa kweshanduro nyowani yeOpenSSH 8.7 yaunzwa mariri muedzo wekuchinjisa dhata wakawedzerwa kuita scp uchishandisa iyo SFTP protocol pachinzvimbo chetsika dzinoshandiswa SCP / RCP protocol.
SFTP shandisa imwe nzira inofungidzirwa yekubata mazita uye haishandisi glob shell template kugadzirisa kune rimwe divi revaenzi, iro rinomutsa nyaya yekuchengetedza, uye mureza '-s' wakarongedzerwa kugonesa SFTP mu scp, asi zvakarongerwa kuchinja mune ramangwana kune iyi protocol ne default.
Imwe shanduko inomira iri mu sftp-server iyo inoshandisa SFTP yekuwedzera kuwedzera nzira ~ / uye ~ user /, izvo zvinodiwa kune scp. Zvinobatsira scp yachinja hunhu kana uchiteedzera mafaera pakati pevaviri vari kure mauto, izvo zvino zvaitwa nekukasira kuburikidza neyepakati wepakati host. Maitiro aya anodzivirira kuendesa kweasina basa marezenisi kune wekutanga mushanyi uye katatu kududzirwa kwemazita emafaira muShell (pane sosi, tarisiro uye yemuno maseru system), uyezve kana uchishandisa SFTP, inobvumidza iwe kushandisa nzira dzese kusimbisa kana kuwana magedhi ari kure, uye kwete nzira dzisiri dzekudyidzana
Uyewo, zvese ssh uye sshd vafambisa vese mutengi uye sevha kuti vashandise faira mushambadzi Yekugadzirisa zvakanyanya kuomarara uchishandisa Shell mitemo kubata makotesheni, nzvimbo, uye kupukunyuka mavara.
Iyo nyowani nyowani zvakare haifuratidze zvakapfuudzwa fungidziro, sekusiya nharo musarudzo (semuenzaniso, ikozvino haugone kusiya iyo DenyUsers rairo isina chinhu), asina kuvharwa makotesheni, uye kudoma akawanda "=" zviratidzo.
Paunenge uchishandisa DNS SSHFP zvinyorwa kuongorora makiyi, ssh ikozvino inosimbisa zvese zvinowirirana zvinyorwa, kwete izvo chete izvo zvine imwe mhando yerinadhi siginicha. Mu ssh-keygen, kana uchigadzira kiyi yeFIDO ne--Ochallenge sarudzo, iyo yakavakirwa-mukati danda ikozvino yashandiswa kuhashing, pachinzvimbo che libfido2 maturusi, achikubvumidza iwe kushandisa makwikwi akateedzana akakura kana asingasvike makumi matatu nemaviri mabheti. Mu sshd, painogadziriswa nharaunda = "..." rairo mune mvumo_keys mafaera, mutambo wekutanga wagamuchirwa zvino uye muganho wemazita gumi nematanhatu emamiriro ekunze ari kushanda.
Vagadziri veOpenSSH zvakare kuyambiro nezve kuchinjirwa kuchikamu cheakare algorithms uchishandisa SHA-1 hashes, nekuda kwekugona kukuru kwekurovera kurwisa neakapihwa chirevo chekutanga (mutengo wesarudzo yekusangana unofungidzirwa ungangoita madhora zviuru makumi mashanu).
Mukusunungurwa kunotevera, zvakarongerwa kuremadza nekutadza kugona kushandisa iyo "ssh-rsa" yeruzhinji kiyi yedhijitari siginari algorithm, iyo inotaurwa mune yekutanga RFC yeiyo SSH protocol uye ichiri kushandiswa zvakanyanya mukuita.
Kuti uedze kushandiswa kwe ssh-rsa pane masisitimu, unogona kuedza kubatanidza kuburikidza nessh nesarudzo "-oHostKeyAlgorithms = -ssh-rsa". Panguva imwecheteyo, kuremadza "ssh-rsa" masiginecha edhijitari nekutadza hazvireve kuramba zvachose kushandiswa kweRSA makiyi, nekuti kuwedzera kuSHA-1, SSH protocol inobvumidza kushandiswa kwemamwe maalgorithms ekuverenga hashes. Kunyanya, pamusoro pe "ssh-rsa", zvichave nyore kushandisa zvinongedzo "rsa-sha2-256" (RSA / SHA256) uye "rsa-sha2-512" (RSA / SHA512).
Kuti unyatso shandura shanduko kune itsva algorithms muOpenSSH, iyo KugadziridzaHostKeys kumisikidza kwaimbove kwakagoneswa nekusarongeka, zvichikubvumidza iwe kungo shandura vatengi kune mamwe akavimbika algorithms.
Chekupedzisira, kana iwe uchifarira kuziva zvakawanda nezve iyi nyowani vhezheni, unogona kutarisa ruzivo nekuenda kunotevera chinongedzo.
Maitiro ekuisa OpenSSH 8.7 paLinux?
Kune avo vanofarira kugona kuisa iyi nyowani vhezheni yeOpenSSH pane avo masisitimu, nekuti izvozvi vanogona kuzviita kurodha pasi kodhi kodhi yeiyi uye vachiita muunganidzwa pamakomputa avo.
Izvi zvinodaro nekuti iyo vhezheni nyowani haisati yaverengerwa mumachengeterwo ezvekutanga zvekuparadzirwa kweLinux. Kuti uwane iyo kodhi kodhi, iwe unogona kuita kubva ku next link.
Waita kurodha pasi, ikozvino tava kuzobvisa pasuru yacho nemirairo inotevera
tar -xvf openssh-8.7.tar.gz
Isu tinopinda dhairekitori rakagadzirwa:
cd openssh-8.7
Y tinogona kuumbiridza ne inotevera mirairo:
./configure --prefix=/opt --sysconfdir=/etc/ssh make make install