Bii o ṣe le Fi sii Server OpenSSH 8.0 lati Orisun ni Lainos
OpenSSH jẹ orisun ọfẹ ati ṣiṣi, imuse kikun ti ilana SSH 2.0. O pese nọmba awọn irinṣẹ fun iraye si ni aabo ati iṣakoso awọn eto kọmputa latọna jijin, ati ṣiṣakoso awọn bọtini idanimọ, bii ssh (rirọpo to ni aabo fun telnet), ssh-keygen, ssh-copy-id, ssh-add, ati siwaju sii.
Laipe OpenSSH 8.0 ti tu silẹ ati awọn ọkọ oju omi pẹlu ọpọlọpọ awọn ẹya tuntun ati awọn atunṣe kokoro; o le ka awọn akọsilẹ idasilẹ fun alaye diẹ sii.
Ninu akọle yii, a yoo ṣalaye bi o ṣe le fi sori ẹrọ ati tunto ẹya tuntun ti olupin OpenSSH 8.0 ati alabara lori eto Linux lati awọn orisun. A ro pe o ni fifi sori ẹrọ tẹlẹ ti suite OpenSSH.
- Eto Debian/Ubuntu tabi RHEL/CentOS Linux eto
- C alakojo
- Zlib 1.1.4 tabi 1.2.1.2 tabi tobi
- LibreSSL tabi OpenSSL> = 1.0.1 <1.1.0
Fi sii OpenSSH Server ati Onibara ni Lainos
Ṣaaju fifi ẹya tuntun ti SSH sori ẹrọ, rii daju lati ṣayẹwo ẹya lọwọlọwọ ti SSH ti a fi sori ẹrọ lori ẹrọ rẹ nipa lilo pipaṣẹ atẹle.
$ ssh -V OpenSSH_7.7p2 Ubuntu-4ubuntu2.5, OpenSSL 1.0.2g 1 Mar 2016
Lati abajade ti o wa loke, ẹya OpenSSH ti a fi sori ẹrọ jẹ 7.7, lati fi ẹya OpenSSH tuntun sori ẹrọ, akọkọ o nilo lati fi awọn igbẹkẹle diẹ sii, ie awọn irinṣẹ idagbasoke tabi kọ awọn nkan pataki ati awọn idii miiran ti o nilo, gẹgẹbi atẹle.
-------------- CentOS/RHEL 7/6-------------- $ sudo yum group install 'Development Tools' $ sudo yum install zlib-devel openssl-devel -------------- RHEL 8 and Fedora 22+ -------------- $ sudo dnf group install 'Development Tools' $ sudo dnf install zlib-devel openssl-devel -------------- Debian/Ubuntu -------------- $ sudo apt update $ sudo apt install build-essential zlib1g-dev libssl-dev
Lati ṣẹda agbegbe ti o yẹ fun fifi sori ẹrọ olupin OpenSSH version 8.0, a nilo lati ṣẹda olumulo eto tuntun ati ẹgbẹ ti a npè ni “sshd”, ati aaye aabo kan si chroot.
Akiyesi: Ni gbogbogbo, ti o ba ni fifi sori ẹrọ tẹlẹ, agbegbe yii yẹ ki o wa ni ipo tẹlẹ, o le foju apakan yii ki o lọ si atẹle. Bibẹẹkọ, ṣiṣe awọn ofin wọnyi lati ṣeto rẹ.
$ sudo mkdir /var/lib/sshd $ sudo chmod -R 700 /var/lib/sshd/ $ sudo chown -R root:sys /var/lib/sshd/ $ sudo useradd -r -U -d /var/lib/sshd/ -c "sshd privsep" -s /bin/false sshd
Ti n ṣalaye awọn asia ni aṣẹ useradd loke:
- -r - sọ fun useradd lati ṣẹda olumulo eto
- -U - kọ ọ lati ṣẹda ẹgbẹ kan pẹlu orukọ kanna ati ID ẹgbẹ
- -d - ṣalaye itọsọna awọn olumulo
- -c - lo lati ṣafikun ọrọ asọye kan
- -s - ṣalaye ikarahun olumulo
Nisisiyi, ṣe igbasilẹ tarball ti ẹya OpenSSH 8.0 lati eyikeyi aṣẹ wget lati ṣe igbasilẹ taara ni ebute rẹ.
$ wget -c https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.0p1.tar.gz $ tar -xzf openssh-8.0p1.tar.gz $ cd openssh-8.0p1/
Bayi a yoo kọ ati fi sori ẹrọ olupin OpenSSH nipa lilo --with-md5-passwords
, --with-privsep-path
ati --sysconfdir
awọn aṣayan, eyi ti yoo fi gbogbo awọn faili sii ni/usr/agbegbe/(eyi ni fifi sori ẹrọ aiyipada PREFIX).
O le wo gbogbo awọn aṣayan to wa nipa ṣiṣe ./configure -h
ki o ṣe akanṣe fifi sori rẹ siwaju.
$ ./configure -h
Fun apẹẹrẹ, lati jẹki atilẹyin SELinux, ṣafikun awọn --with-pam
ati --with-selinux
awọn aṣayan, lẹsẹsẹ, o nilo lati fi sori ẹrọ gbogbo awọn faili akọle pataki fun wọn lati ṣiṣẹ.
## Install PAM and SELinux Headers ## $ sudo apt install libpam0g-dev libselinux1-dev [On Debian/Ubuntu] $ sudo yum install pam-devel libselinux-devel [On CentOS/RHEL] ## Compile and Install SSH from Sources ## $ ./configure --with-md5-passwords --with-pam --with-selinux --with-privsep-path=/var/lib/sshd/ --sysconfdir=/etc/ssh $ make $ sudo make install
Lọgan ti o ba ti fi sii OpenSSH, tun bẹrẹ SSH tabi ṣii awọn window ebute miiran ati ṣayẹwo ẹya ti OpenSSH ti fi sori ẹrọ bayi lori ẹrọ rẹ.
$ ssh -V OpenSSH_8.0p1, OpenSSL 1.1.0g 2 Nov 2017
Awọn faili iṣeto OpenSSH oriṣiriṣi wa ni:
- ~/.ssh/* - itọsọna yii tọjú olumulo awọn atunto alabara ssh kan pato (awọn ali ali ssh) ati awọn bọtini.
- /etc/ssh/ssh_config - faili yii ni awọn atunto alabara ssh jakejado ni eto.
- /ati be be/ssh/sshd_config - ni awọn atunto iṣẹ sshd ninu.
Lati tunto awọn aliasi ssh, wo: Bii o ṣe le Tunto Awọn isopọ SSH Aṣa lati Ṣedasilẹ Wiwọle Latọna jijin
O tun le fẹ lati ka wọnyi atẹle awọn nkan ti o jọmọ SSH.
- Bii o ṣe Ṣẹda eefin SSH tabi Gbigbe Ibudo ni Linux
- Bii o ṣe le Yi Ibudo SSH Aiyipada pada si Ibudo Aṣa ni Linux
- Awọn ọna 4 lati Titẹ Awọn isopọ SSH ni Linux Bii a ṣe le Wa Gbogbo Awọn igbiyanju Wiwọle SSH Ti kuna Ni Lainos
- Bii o ṣe le Mu Wiwọle Gbongbo SSH ṣiṣẹ ni Linux
O n niyen! Ninu nkan yii, a ti ṣalaye bi o ṣe le fi sori ẹrọ ati tunto ẹya tuntun ti olupin OpenSSH ati alabara lori eto Linux. Ti o ba ni ibeere tabi awọn asọye eyikeyi, lo fọọmu esi ni isalẹ lati de ọdọ wa.