Pulogalamu ya ProHoster > Blog > Ulamuliro > Kulumikiza ku Windows kudzera pa SSH ngati Linux

Kulumikiza ku Windows kudzera pa SSH ngati Linux

Nthawi zonse ndakhala ndikukhumudwa polumikizana ndi makina a Windows. Ayi, sindine wotsutsa kapena wothandizira Microsoft ndi malonda awo. Chilichonse chimakhala ndi cholinga chake, koma izi sizikutanthauza chiyani.
Zakhala zowawa kwambiri kuti ndilumikizane ndi ma seva a Windows, chifukwa maulumikizidwe awa amapangidwa kudzera pamalo amodzi (hello WinRM ndi HTTPS) kapena sagwira ntchito mokhazikika (moni RDP kumakina akunja akunja).

Chifukwa chake, mwangozi kukumana ndi polojekitiyi Win32-OpenSSH, ndinaganiza zogawana zomwe ndakhala ndikukhazikitsa. Mwina chida ichi adzapulumutsa munthu zambiri misempha.

Kulumikiza ku Windows kudzera pa SSH ngati Linux

Zosankha zoyika:

  1. Manja
  2. Kupyolera mwa phukusi Chokoley
  3. Via Ansible, mwachitsanzo udindo jborean93.win_openssh

Kenako, ndilankhula za mfundo yoyamba, popeza zonse zimamveka bwino ndi zina zonse.

Ndikufuna kudziwa kuti ntchitoyi idakali pa beta, kotero sikulimbikitsidwa kuigwiritsa ntchito popanga.

Chifukwa chake, tsitsani kumasulidwa kwaposachedwa, pakadali pano 7.9.0.0p1-beta. Pali mitundu yonse ya 32 ndi 64 bit.

Tulutsani mkati C: Program FilesOpenSSH
Mfundo yofunikira kuti igwire bwino ntchito: kokha SYSTEM ndi gulu la admin.

Kuyika ntchito pogwiritsa ntchito script install-sshd.ps1 ili m'ndandanda iyi

powershell.exe -ExecutionPolicy Bypass -File install-sshd.ps1

Lolani kulumikizana komwe kukubwera padoko 22:

New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22

Kufotokozera: applet New-NetFirewallRule amagwiritsidwa ntchito pa Windows Server 2012 ndi pambuyo pake. M'makina akale kwambiri (kapena apakompyuta) mutha kugwiritsa ntchito lamulo:

netsh advfirewall firewall add rule name=sshd dir=in action=allow protocol=TCP localport=22

Tiyeni tiyambe ntchito:

net start sshd

Poyambira, makiyi olandila adzapangidwa okha (ngati akusowa) mkati %programdata%ssh

Titha kuloleza autostart yautumiki pomwe dongosolo liyamba ndi lamulo:

Set-Service sshd -StartupType Automatic

Mutha kusinthanso chipolopolo chokhazikika (mutatha kukhazikitsa, chokhazikika ndi cmd):

New-ItemProperty -Path "HKLM:SOFTWAREOpenSSH" -Name DefaultShell -Value "C:WindowsSystem32WindowsPowerShellv1.0powershell.exe" -PropertyType String -Force

Kufotokozera: Muyenera kufotokoza njira yeniyeni.

Kodi yotsatira?

Ndiyeno ife tinayiyika iyo alireza, zomwe tiyikamo C: Zambiri za Pulogalamu. Mwachitsanzo:

PasswordAuthentication no
PubkeyAuthentication yes

Ndipo pangani chikwatu mufoda ya ogwiritsa .ssh, ndi momwemo fayilo authorized_keys. Timalemba makiyi a anthu onse pamenepo.

Kufotokozera kofunika: wogwiritsa ntchito yemwe fayiloyo ili m'ndandanda wake ayenera kukhala ndi ufulu wolembera fayiloyi.

Koma ngati muli ndi vuto ndi izi, mutha kuzimitsa nthawi zonse kuyang'ana maufulu mu config:

StrictModes no

Mwa njira, in C: Program FilesOpenSSH pali 2 scripts (FixHostFilePermissions.ps1, FixUserFilePermissions.ps1), zomwe ziyenera koma osakakamizika kukonza ufulu, kuphatikiza ndi authorized_keys, koma pazifukwa zina samalembetsa.

Osayiwala kuyambitsanso ntchito sshd mutatha kugwiritsa ntchito zosinthazo.

ru-mbp-666:infrastructure$ ssh [email protected] -i ~/.ssh/id_rsa
Windows PowerShell
Copyright (C) 2016 Microsoft Corporation. All rights reserved.

PS C:UsersAdministrator> Get-Host


Name             : ConsoleHost
Version          : 5.1.14393.2791
InstanceId       : 653210bd-6f58-445e-80a0-66f66666f6f6
UI               : System.Management.Automation.Internal.Host.InternalHostUserInterface
CurrentCulture   : en-US
CurrentUICulture : en-US
PrivateData      : Microsoft.PowerShell.ConsoleHost+ConsoleColorProxy
DebuggerEnabled  : True
IsRunspacePushed : False
Runspace         : System.Management.Automation.Runspaces.LocalRunspace

PS C:UsersAdministrator>

Subjective ubwino / kuipa.

Zotsatira:

  • Njira yokhazikika yolumikizira ma seva.
    Pakakhala makina ochepa a Windows, zimakhala zovuta kwambiri ngati:
    Chifukwa chake, apa tikudutsa ssh, ndipo apa timagwiritsa ntchito rdp,
    ndipo nthawi zambiri, njira yabwino kwambiri yokhala ndi mabatani ndi ssh tunnel, ndi RDP kudutsamo.
  • Zosavuta kukhazikitsa
    Ndikuganiza kuti izi ndizodziwikiratu.
  • Kuthamanga kwa kulumikizana ndikugwira ntchito ndi makina akutali
    Palibe chipolopolo chojambulira, kupulumutsa zonse zothandizira seva komanso kuchuluka kwa data yotumizidwa.

Wotsatsa:

  • Sikulowa m'malo mwa RDP.
    Sizinthu zonse zomwe zingatheke kuchokera ku console, kalanga. Ndikutanthauza nthawi zomwe GUI ikufunika.

Zida zomwe zimagwiritsidwa ntchito m'nkhaniyi:
Lumikizani ku polojekiti yokha
Zosankha zoyika zimakopera mopanda manyazi Ansible docs.

Source: www.habr.com

Kuwonjezera ndemanga