Kuv ib txwm ntxhov siab los ntawm kev txuas mus rau Windows tshuab. Tsis yog, Kuv tsis yog tus neeg tawm tsam lossis tus txhawb nqa ntawm Microsoft thiab lawv cov khoom. Txhua yam khoom muaj rau nws tus kheej lub hom phiaj, tab sis qhov tsis yog qhov no yog hais txog.
Nws yeej ib txwm ua rau kuv mob siab rau txuas rau Windows servers, vim tias cov kev sib txuas no tau teeb tsa los ntawm ib qho chaw (nyob zoo WinRM nrog HTTPS) lossis tsis ua haujlwm ruaj khov (nyob zoo RDP rau cov tshuab virtual txawv teb chaws).
Yog li ntawd, muaj xwm txheej tuaj hla qhov project , Kuv txiav txim siab los qhia kuv qhov kev teeb tsa. Tej zaum qhov cuab yeej no yuav cawm tau ib tug neeg ntau ntawm cov hlab ntsha.
Installation xaiv:
- Los ntawm cov Chocolatey
- Ntawm Ansible, piv txwv li lub luag haujlwm
Tom ntej no, kuv yuav tham txog thawj lub ntsiab lus, txij li txhua yam yog ntau dua los yog tsawg dua nrog cov seem.
Kuv xav kom nco ntsoov tias qhov project no tseem nyob rau theem beta, yog li nws tsis pom zoo kom siv nws hauv kev tsim khoom.
Yog li ntawd, download tau qhov tseeb tso tawm, lub caij nws yog . Muaj cov versions rau ob qho tib si 32 thiab 64 ntsis tshuab.
Tshem tawm hauv C: Program FilesOpenSSH
Lub ntsiab lus tseem ceeb rau kev ua haujlwm kom raug: tsuas yog lub SYSTEM thiab admin pab pawg.
Txhim kho cov kev pabcuam siv tsab ntawv nruab-sshd.ps1 nyob rau hauv phau ntawv no
powershell.exe -ExecutionPolicy Bypass -File install-sshd.ps1Tso cai nkag mus rau ntawm chaw nres nkoj 22:
New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22Kev piav qhia: applet New-NetFirewallRule siv rau Windows Server 2012 thiab tom qab ntawd. Hauv cov tshuab qub tshaj plaws (lossis desktop) koj tuaj yeem siv cov lus txib:
netsh advfirewall firewall add rule name=sshd dir=in action=allow protocol=TCP localport=22
Cia peb pib qhov kev pabcuam:
net start sshdThaum pib, tus tswv lag luam yuav raug tsim tawm (yog tias ploj lawm) hauv %programdata%ssh
Peb tuaj yeem ua kom autostart ntawm qhov kev pabcuam thaum lub kaw lus pib nrog cov lus txib:
Set-Service sshd -StartupType AutomaticKoj tseem tuaj yeem hloov pauv lub plhaub tau hais tseg (tom qab kev teeb tsa, lub neej ntawd yog cmd):
New-ItemProperty -Path "HKLM:SOFTWAREOpenSSH" -Name DefaultShell -Value "C:WindowsSystem32WindowsPowerShellv1.0powershell.exe" -PropertyType String -ForceLus Qhia: Koj yuav tsum qhia kom meej ib txoj hauv kev.
Yuav ua li cas yog tom ntej no?
Thiab ces peb teeb nws sshd_config, uas peb yuav tso rau hauv C: Program Data. Piv txwv li:
PasswordAuthentication no
PubkeyAuthentication yesThiab tsim ib daim ntawv teev npe hauv cov neeg siv ntawv tais ceev tseg .ssh ua, thiab hauv nws cov ntaub ntawv tso cai_keys. Peb sau cov yuam sij pej xeem nyob ntawd.
Cov lus qhia tseem ceeb: tsuas yog tus neeg siv hauv nws phau ntawv teev npe ntawm cov ntaub ntawv yuav tsum muaj cai sau rau cov ntaub ntawv no.
Tab sis yog tias koj muaj teeb meem nrog qhov no, koj tuaj yeem kaw txoj cai tshawb xyuas hauv kev teeb tsa:
StrictModes noLos ntawm txoj kev, hauv C: Program FilesOpenSSH muaj 2 scripts (FixHostFilePermissions.ps1, FixUserFilePermissions.ps1), uas yuav tsum tab sis tsis tas yuav kho cov cai, suav nrog tso cai_keys, tab sis rau qee yam lawv tsis sau npe.
Tsis txhob hnov ββββqab rov pib qhov kev pabcuam sshd tom qab siv cov kev hloov pauv.
ru-mbp-666:infrastructure$ ssh [email protected] -i ~/.ssh/id_rsa
Windows PowerShell
Copyright (C) 2016 Microsoft Corporation. All rights reserved.
PS C:UsersAdministrator> Get-Host
Name : ConsoleHost
Version : 5.1.14393.2791
InstanceId : 653210bd-6f58-445e-80a0-66f66666f6f6
UI : System.Management.Automation.Internal.Host.InternalHostUserInterface
CurrentCulture : en-US
CurrentUICulture : en-US
PrivateData : Microsoft.PowerShell.ConsoleHost+ConsoleColorProxy
DebuggerEnabled : True
IsRunspacePushed : False
Runspace : System.Management.Automation.Runspaces.LocalRunspace
PS C:UsersAdministrator>Subjective pros/cons.
Tshaj:
- Standard mus kom ze rau kev txuas mus rau servers.
Thaum muaj ob peb lub tshuab Windows, nws tsis yooj yim heev thaum:
Yog li, ntawm no peb mus ntawm ssh, thiab ntawm no peb siv rdp,
thiab feem ntau, qhov zoo tshaj plaws-kev coj ua nrog bastions yog thawj qhov ssh qhov, thiab RDP los ntawm nws. - Yooj yim ntawm kev teeb tsa
Kuv xav tias qhov no yog qhov tseeb. - Kev ceev ntawm kev sib txuas thiab ua haujlwm nrog lub tshuab tej thaj chaw deb
Tsis muaj graphical plhaub, txuag ob lub server kev pab thiab tus nqi ntawm cov ntaub ntawv xa mus.
Txais:
- Tsis tas hloov RDP.
Tsis yog txhua yam tuaj yeem ua tiav los ntawm console, alas. Kuv txhais tau tias cov xwm txheej yuav tsum muaj GUI.
Cov ntaub ntawv siv hauv kab lus:
Installation xaiv yog shamelessly theej los ntawm .
Tau qhov twg los: www.hab.com