Kungekudala Abaphuhlisi be-OpenSSH babhengeze le nguqulo 8.0 Esi sixhobo sokhuseleko kunxibelelwano olukude kunye neprothokholi ye-SSH phantse ilungele ukupapashwa.
UDamien Miller, omnye wabaphuhlisi abaphambili beprojekthi, ebizwa nje ngokuba ngumphakathi woluntu kwesi sixhobo ukuze bazame kuba, ngamehlo aneleyo, zonke iimpazamo zinokubanjwa ngexesha.
Abantu abagqiba ukusebenzisa le nguqulo intsha baya kuba nakho Ayizukukunceda kuphela ukuvavanya ukusebenza kunye nokufumanisa iibhugs ngaphandle kokungaphumeleli, uya kuba nakho ukufumana izongezo ezintsha kwii-odolo ezahlukeneyo.
Kwinqanaba lokhuseleko, Umzekelo, amanyathelo okunciphisa ukusilela kwe-protocol ye-scp angenisiwe kule nguqulo intsha ye-OpenSSH.
Ukuziqhelanisa nokukopa iifayile kunye ne-scp kuya kukhuseleka ngakumbi kwi-OpenSSH 8.0 kuba ukukopa iifayile ukusuka kulawulo olukude ukuya kulawulo lwasekhaya kuya kubangela ukuba i-scp ijonge ukuba ngaba iifayile ezithunyelwe ngumncedisi ziyahambelana nesicelo esikhutshiweyo.
Ukuba obu buchwephesha abuzalisekiswanga, umncedisi wohlaselo unokuthi, kwithiyori, athabathe isicelo ngokuhambisa iifayile ezinobungozi endaweni yezo beziceliwe kuqala.
Nangona kunjalo, ngaphandle kwala manyathelo okunciphisa, i-OpenSSH ayikukhuthazi ukusetyenziswa kweprotocol ye-scp, kuba "iphelelwe lixesha, ayinakuguqulwa, kwaye kunzima ukuyisombulula."
"Sicebisa ukuba kusetyenziswe iiprothokholi zala maxesha ezinje nge-sftp kunye ne-rsync yokuhambisa iifayile," uMiller ulumkisile.
Iyintoni le nguqulo intsha ye-OpenSSH?
Kwiphakheji «Iindaba» zale nguqulo intsha ibandakanya inani lotshintsho olunokuchaphazela ubumbeko esele lukhona.
Ngokomzekelo, Kweli nqanaba sele likhankanyiwe kule nkqubo ye-scp, kuba lo mgaqo-nkqubo usekwe kwiqokobhe elikude, akukho ndlela iqinisekileyo yokuba iifayile zihanjisiwe zivela kumxhasi zihambelana naleyo isuka kwiseva.
Ukuba kukho umahluko phakathi komthengi oqhelekileyo kunye nolwandiso lweseva, umxhasi angazala iifayile ezivela kwiserver.
Ngesi sizathu, iqela le-OpenSSH linike i-scp iflegi entsha "-T" ekhubaza ukukhangela kwicala labathengi ukuphinda-phinda uhlaselo oluchazwe apha ngasentla.
Kwinqanaba le-sondd ye-demond: iqela le-OpenSSH lisuse inkxaso ye-syntax ehlileyo "yokubamba / izibuko".
Umamkeli / isibuko esahlulwehlulwehlulwe songezwa ngo-2001 endaweni ye "host: port" syntax yabasebenzisi be-IPv6.
Namhlanje i-slash syntax ididekile ngokulula kunye nokubhalwa kwe-CIDR, ekwahambelana ne-OpenSSH.
Ezinye izinto ezintsha
Ke kuyacetyiswa ukuba ususe umphambili weslash ngaphambili kwi-ListenAddress kunye nePermitOpen. Ukongeza kolu tshintsho, sinezinto ezintsha ezongezwe kwi-OpenSSH 8.0. Oku kubandakanya:
Indlela yovavanyo lotshintshiselwano oluphambili kwiikhompyuter ze-quantum ezivele kule nguqulo.
Injongo yalo msebenzi kukusombulula iingxaki zokhuseleko ezinokuvela xa kusasazwa amaqhosha phakathi kwamaqela, kunikwe izoyikiso kwinkqubela phambili yetekhnoloji, njengokunyuka kwamandla ekhompyuter oomatshini, ii-algorithms ezintsha zeekhompyuter ze-quantum.
Ukwenza oku, le ndlela ixhomekeke kwisisombululo sokuhambisa isitshixo (esifinyeziweyo se-QKD ngesiNgesi).
Esi sisombululo sisebenzisa iipropathi ze-quantum ukutshintshiselana ngolwazi oluyimfihlo, njengesitshixo se-cryptographic.
Ngokomgaqo, ukulinganisa inkqubo ye-quantum kuguqula inkqubo. Kananjalo, ukuba umgqekezi angazama ukubamba isitshixo se-cryptographic esikhutshwe ngophumezo lwe-QKD, ngokuqinisekileyo iyakushiya iminwe ebonakalayo ye-OepnSSH.
Ngakolunye uhlangothi, ubungakanani obungagqibekanga kwesitshixo seRSA esihlaziyiweyo sangama-3072 amasuntswana.
Kwezinye iindaba ezixeliweyo zezi zilandelayo:
- Yongeza inkxaso kumaqhosha e-ECDSA kwiithokheni ze-PKCS
- imvume ye "PKCS11Provide = none" yokujonga ngaphezulu kweemeko ezilandelayo ze-PKCS11Nika umkhombandlela kwi-ssh_config.
- Umyalezo welog wongezwa kwiimeko apho uqhagamshelo lwaphukile emva kokuzama ukuqhuba umthetho ngelixa i-sshd_config ForceCommand = isithintelo sangaphakathi sftp sisebenza.
Ngolwazi oluthe kratya, uluhlu olupheleleyo lwezinye izongezo kunye nokulungiswa kwe-bug luyafumaneka kwiphepha elisemthethweni.
Ukuzama le nguqulo intsha ungaya kule khonkco ilandelayo.