OpenSSH 9.4 yakatoburitswa uye idzi ndidzo nhau dzayo

Darkcrizt

4 maminitsi

kuvhura

OpenSSH seti yezvishandiso inobvumira kuvharirwa kutaurirana pamusoro petiweki, uchishandisa iyo SSH protocol.

Yakavhurwa palkuburitswa kweiyo vhezheni itsva yeOpenSSH 9.4, vhezheni umo nhevedzano yegadziriso uye diki gadziriso dzakaitwa, pakati peiyo tsigiro yema tag ekugadzirisa, tsigiro yeKRL yekuwedzera uye nezvimwe.

Kune avo vasingazive nezve OpenSSH (Vhura Yakachengeteka Shell) vanofanirwa kuziva izvo iyi seti yezvishandiso inobvumidza yakavharidzirwa kutaurirana pamusoro penetiweki, uchishandisa SSH protocol. Yakagadzirwa senge yemahara uye yakavhurika imwe nzira kune Yakachengeteka Shell chirongwa, inova yepfuma software.

Main nyowani maficha eOpenSSH 9.4

Muiyi vhezheni nyowani yeOpenSSH 9.4 kuitiswa, imwe yeayo makuru matsva ndeye tsigiro yema tag ekugadzirisa kuti ssh kuburikidza ne "Tag" kuraira  uye Match tag oparesheni kune ssh_config configuration faira kubvumira ma tag kushandiswa kutsanangura mamiriro ekusarudza kune yakatarwa dhizaini block.

Imwe shanduko yakamira mushanduro itsva iyi ndeyekuti sshd, iyo AuthorizedPrincipalsCommand neAuthorizedKeysCommand mirairo inotsigira maviri ekuwedzera akatevedzana, anoti "% - uye %D" kutsiva kero yegedhi nzira iyo chikamu chazvino uye "% C" kutsiva kero uye nhamba dzechiteshi chenzvimbo uye kure kure kwekubatanidza

Pamusoro peizvi, zvinoratidzwa zvakare kuti mune iyi vhezheni itsva yeOpenSSH 9.4 kumashure kuenderana ne libcrypto kunobviswa. Izvo, kutanga neOpenSSH 9.4, shanduro dzepamusoro pane LibreSSL 3.1.0 uye OpenSSL 1.1.1 dzinodiwa.

Zvakare imwe yekusapindirana-inokonzera shanduko uye seimwe nzira yekuwedzera yekuvharira kusagadzikana kwakabatana nekugona kurodha PKCS # 11 modules mu ssh-agent, zvinorambidzwa kudoma hama uye isina kukwana nzira kumamodule (kare, iyo dlopen basa yaitaridzika. yemodule ine zita mudhairekitori reraibhurari).

Kune rimwe divi, zvinoratidzwa izvo yakawedzera rutsigiro rwekubatanidza mawedzero muKRL fomati kune ssh, sshd uye ssh-keygen. Iwo ekuwedzera pachawo haasati awanikwa panguva ino yekuvandudza.

Zvakare, mune yakasarudzika ssh-keygen utility, nhamba yekutenderera mu bcrypt basa yakawedzera ne50% painogadzira makiyi e symmetric faira encryption ine password-yakachengetedzwa makiyi.

Of the dzimwe shanduko dzinomira pachena yeiyi vhezheni itsva:

  • Iyo ssh utility inobvumira redirection kune imwe Unix socket host uchishandisa iyo "ssh -W" kuraira.
  • Yakawedzera mutambo wenzvimbo yenetwork kushanda kune ssh iyo inobvumira kero kuti ienderane pane inowanikwa network nzvimbo uye inogona kushandiswa kusiyanisa inoshanda mutengi kumisikidzwa zvichienderana nenzvimbo yetiweki.
  • sshd inopa kutsiva kweSELinux matchpathcon () basa, iro rakadzimwa.
  • Kugadzirisa kusanganisa kweiyo sk-dummy.so FIDO mupi wemodule
    inoshandiswa mune dzimwe bvunzo.
  • ssh-agent inovandudza kuzviparadzanisa pakati peakaremerwa PKCS#11 modules
    nekumhanya kwakasiyana ssh-pkcs11-vabatsiri kune mumwe nemumwe mupi akaremerwa.
  • Mu sshd, ssh, uye ssh-keygen, tsigiro yakasara yeKRL siginicha inobviswa. Izvi
    vhezheni inobvisa kodhi yakaiswa zvishoma kuti utarise maKRL.
  • ssh-keygen inogadzirisa hapana kutaura kusiri kuratidzwa kana uchimhanya `ssh-keygen -l` pane akawanda makiyi apo munhu ane chekutaura uye anotevera makiyi haaite.
  • Yakagadziridza iyo ftruncate () logic kubata maseva ekuronga patsva zvikumbiro. Pakutanga, kana sevha yakarongedza zvikumbiro, ipapo faira raizobuda raizoderedzwa nekukanganisa.

Finalmente kana iwe uchifarira kuziva zvakawanda nezvazvo nezve iyi vhezheni nyowani, iwe unogona kutarisa iyo ruzivo nekuenda kunotevera chinongedzo.

Maitiro ekuisa OpenSSH 9.4 paLinux?

Kune avo vanofarira kugona kuisa iyi nyowani vhezheni yeOpenSSH pane avo masisitimu, nekuti izvozvi vanogona kuzviita kurodha pasi kodhi kodhi yeiyi uye vachiita muunganidzwa pamakomputa avo.

Izvi zvinodaro nekuti iyo vhezheni nyowani haisati yaverengerwa mumachengeterwo ezvekutanga zvekuparadzirwa kweLinux. Kuti uwane iyo kodhi kodhi, iwe unogona kuita kubva ku next link.

Waita kurodha pasi, ikozvino tava kuzobvisa pasuru yacho nemirairo inotevera

tar -xvf openssh-9.4.tar.gz

Isu tinopinda dhairekitori rakagadzirwa:

cd openssh-9.4

Y tinogona kuumbiridza ne inotevera mirairo:

./configure --prefix=/opt --sysconfdir=/etc/ssh
make
make install

Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa. Raida minda anozivikanwa ne *

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako