Yadda ake Shigar da Sanya uwar garken OpenSSH A cikin Linux

Kasancewa mai gudanar da cibiyar sadarwa yana buƙatar zurfin ilimi game da ka'idojin shiga na nesa kamar rlogin, telnet da ssh. Abinda zan tattauna a wannan labarin shine ssh, amintacciyar yarjejeniya ta nesa wacce ake amfani da ita don yin aiki daga nesa akan wasu injina ko canja wurin bayanai tsakanin kwamfutoci ta amfani da umarnin SCP (Secure Copy). Amma, menene OpenSSH kuma yadda ake shigar dashi a cikin rarraba Linux ɗin ku?

Menene OpenSSH?

OpenSSH shine saitin buɗaɗɗen tushen kayan aikin kwamfuta da ake amfani da shi don samar da amintaccen kuma rufaffen sadarwa akan hanyar sadarwar kwamfuta ta amfani da ka'idar ssh. Mutane da yawa, sababbi ga kwamfutoci da ka'idoji, suna haifar da rashin fahimta game da OpenSSH, suna tsammanin yarjejeniya ce, amma ba haka bane, saitin shirye-shiryen kwamfuta ne da ke amfani da ka'idar ssh.

OpenSSH ƙungiyar Buɗaɗɗen BSD ce ta haɓaka kuma ana fitar da ita ƙarƙashin Lasisin BSD Sauƙaƙe. Babban abin da ya ba da damar OpenSSH a yi amfani da shi sosai a tsakanin masu gudanar da tsarin shine iyawar dandamali da yawa da kyawawan fasalulluka masu amfani da yake da su. Sabuwar sigar ita ce OpenSSH 6.4 wacce aka saki ranar 8 ga Nuwamba, 2013.

Wannan sigar OpenSSH ta zo da sabbin abubuwa da faci da yawa, don haka idan kun riga kun yi amfani da OpenSSH don sarrafa injin ku, ina ba ku shawarar yin haɓakawa.

Me yasa ake amfani da OpenSSH Kuma Sama da Telnet ko Ftp?

Babban dalilin da ya sa ya kamata a yi amfani da kayan aikin OpenSSH akan ftp da telnet shine cewa duk hanyoyin sadarwa da bayanan mai amfani da ke amfani da OpenSSH an ɓoye su, kuma an kare su daga mutum a tsakiyar harin. Idan wani ɓangare na uku ya yi ƙoƙarin kutse haɗin haɗin ku, OpenSSH yana gano shi kuma ya sanar da ku game da hakan.

Menene Wasu Fasalolin OpenSSH?

  1. Tsarin Sadarwa
  2. Ƙarfin boye-boye (3DES, Blowfish, AES, Arcfour)
  3. X11 Ana turawa (encrypt X Window System traffic)
  4. Tsarin tashar jiragen ruwa (tashoshi rufaffiyar don ka'idojin gado)
  5. Ƙarfin Tabbatarwa (Maɓallin Jama'a, Kalmar wucewa ta lokaci ɗaya da Tabbatar da Kerberos)
  6. Mai Gabatar da Wakili (Sign-Shine)
  7. Interoperability (Yin yarda da SSH 1.3, 1.5, da 2.0 ka'idojin yarjejeniya)
  8. Abokin ciniki na SFTP da goyan bayan uwar garke a duka ka'idojin SSH1 da SSH2.
  9. Kerberos da Gudun Tikitin AFS
  10. Tsarin bayanai

Shigar da OpenSSH a cikin Linux

Don shigar da OpenSSH, buɗe tasha kuma gudanar da umarni masu zuwa tare da izinin mai amfani.

$ sudo apt-get install openssh-server openssh-client

Buga umarnin yum mai zuwa don shigar da openssh abokin ciniki da uwar garken.

# yum -y install openssh-server openssh-clients

Kanfigareshan OpenSSH

Lokaci ya yi da za a daidaita halayenmu na OpenSSH ta hanyar fayil ɗin ssh, amma kafin gyara fayil ɗin /etc/ssh/sshd_config muna buƙatar ajiye kwafinsa, don haka idan muka yi kuskure muna da ainihin kwafin.

Buɗe tasha kuma gudanar da umarni mai zuwa don yin kwafin ainihin fayil ɗin sshd na asali.

$ sudo cp /etc/ssh/sshd_config  /etc/ssh/sshd_config.original_copy

Kamar yadda kuke gani daga umarnin da na buga, na ƙara suffix original_copy, don haka duk lokacin da na ga wannan fayil na san asalin kwafin fayil ɗin sshd ne.

Ta yaya zan Haɗa zuwa OpenSSH

Kafin mu ci gaba, muna buƙatar tabbatar da ko uwar garken openssh ɗinmu yana aiki ko a'a. Yadda za a yi haka? Kuna iya ƙoƙarin haɗawa zuwa uwar garken openssh daga localhost ta hanyar abokin ciniki na openssh ko yin portscan tare da nmap, amma ina so in yi amfani da ƙaramin kayan aiki da ake kira netcat, wanda kuma aka sani da wuka na TCP/IP Swiss. Ina son yin aiki da wannan kayan aiki mai ban mamaki akan injina, don haka bari in nuna muku.

# nc -v -z 127.0.0.1 22

Dangane da sakamakon netcat, sabis na ssh yana gudana akan tashar jiragen ruwa 22 akan injina. Yayi kyau sosai! Idan muna son amfani da wata tashar jiragen ruwa, maimakon 22 fa? Za mu iya yin hakan ta hanyar gyara fayil ɗin sanyi na sshd.

Saita OpenSSH ɗin ku don sauraron tashar TCP 13 maimakon TCP tashar jiragen ruwa 22. Buɗe fayil ɗin sshd_config tare da editan rubutu da kuka fi so kuma canza umarnin tashar zuwa 13.

# What ports, IPs and protocols we listen for
Port 13

Sake kunna uwar garken OpenSSH don haka canje-canje a cikin fayil ɗin daidaitawa na iya faruwa ta hanyar buga umarni mai zuwa kuma gudanar da netcat don tabbatar da ko tashar da kuka saita don sauraro a buɗe take ko a'a.

$ sudo /etc/init.d/ssh restart

Ya kamata mu tabbatar cewa uwar garken openssh ɗinmu tana sauraron tashar jiragen ruwa 13, ko a'a?. Wannan tabbaci ya zama dole, don haka ina kiran kayan aiki mai kyau netcat don taimaka mini yin aikin.

# nc -v -z 127.0.0.1 13

Shin kuna son sanya uwar garken openssh ɗinku ta nuna kyakkyawan banner ɗin shiga? Kuna iya yin ta ta hanyar gyara abun ciki na /etc/issue.net fayil da ƙara layin mai zuwa a cikin fayil ɗin sanyi na sshd.

Banner /etc/issue.net

Kammalawa

Akwai abubuwa da yawa da za ku iya yi tare da kayan aikin openssh idan ya zo ga yadda kuke saita uwar garken openssh ɗinku, zan iya cewa tunanin ku shine iyaka!.

Karanta Hakanan: 5 Mafi kyawun Ayyuka don Aminta da Kare Sabar OpenSSH