Had iyo jeer waan ka xumaan jiray ku xidhidhiyaha mishiinada Windows. Maya, anigu ma ihi mucaarad ama taageere Microsoft iyo alaabtooda. Alaab kastaa waxay u jirtaa ujeedadeeda, laakiin taasi maaha waxa ay tani ku saabsan tahay.
Had iyo jeer aad bay iigu xanuun badnayd in aan ku xidho adeegayaasha Windows, sababtoo ah xidhiidhadan waxa lagu habeeyay hal meel (hello WinRM oo leh HTTPS) ama ma shaqeeyaan si aad u deggan (hello RDP mashiinnada casriga ah ee dibedda).
Sidaa darteed, adigoo si lama filaan ah ula kulmay mashruuca , Waxaan go'aansaday inaan la wadaago waayo-aragnimadayda dejinta. Waxaa laga yaabaa in qalabkani uu badbaadin doono qof badan oo dareemayaasha.
Ikhtiyaarada rakibida:
- Iyadoo loo marayo Chocolatey
- Via Ansible, tusaale ahaan doorka
Marka xigta, waxaan ka hadli doonaa qodobka koowaad, maadaama wax walba ay badan yihiin ama ka yar yihiin kuwa kale oo cad.
Waxaan jeclaan lahaa in aan ogaado in mashruucani uu weli ku jiro heerka beta, sidaas darteed laguma talinayo in loo isticmaalo wax soo saarka.
Markaa, soo deji siideyntii ugu dambeysay, waqtigan la joogo . Waxaa jira versions loogu talagalay nidaamka 32 iyo 64-bit labadaba.
Soo fur C: Faylasha Barnaamijka FuranSSH
Barta qasabka ah ee hawlgalka saxda ah: kaliya SYSTEM iyo kooxda maamulka.
Ku rakibida adeegyada adoo isticmaalaya qoraal rakib-sshd.ps1 ku yaal tusahan
powershell.exe -ExecutionPolicy Bypass -File install-sshd.ps1Oggolow isku xidhka soo socda ee dekeda 22:
New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22Caddeyn: tufaaxa New-NetFirewallRule loo isticmaalo Windows Server 2012 iyo wixii ka dambeeya. Nidaamyada ugu da'da weyn (ama desktop) waxaad isticmaali kartaa amarka:
netsh advfirewall firewall add rule name=sshd dir=in action=allow protocol=TCP localport=22
Aan bilowno adeega:
net start sshdBilawga, furayaasha martigeliyaha si toos ah ayaa loo soo saari doonaa (haddii la waayo) gudaha %programdata%ssh
Waxaan awood u siin karnaa autostart adeegga marka nidaamku ku bilowdo amarka:
Set-Service sshd -StartupType AutomaticWaxa kale oo aad bedeli kartaa qolofka amarka caadiga ah (ka dib marka la rakibo, default waa cmd):
New-ItemProperty -Path "HKLM:SOFTWAREOpenSSH" -Name DefaultShell -Value "C:WindowsSystem32WindowsPowerShellv1.0powershell.exe" -PropertyType String -ForceCaddayn: Waa inaad qeexdaa waddo dhammaystiran.
Maxaa ku xiga?
Ka dibna waanu dejinay sshd_config, kaas oo aanu ku dhejin doono C: Xogta Barnaamijka. Tusaale ahaan:
PasswordAuthentication no
PubkeyAuthentication yesOo ka dhex abuur tusaha galka isticmaalaha .ssh, iyo waxa ku jira faylka furayaal_ idman. Waxaan ku qornaa furayaasha dadweynaha halkaas.
Caddeyn muhiim ah: kaliya isticmaalaha tusaha uu faylka ku yaalo waa inuu xaq u leeyahay inuu wax ku qoro faylkan.
Laakin haddii aad dhibaato kala kulanto tan, waxaad had iyo jeer damin kartaa hubinta xuquuqda qaabeynta:
StrictModes noBy habka, in C: Faylasha Barnaamijka FuranSSH waxaa jira 2 scripts (FixHostFilePermissions.ps1, FixUserFilePermissions.ps1), kuwaas oo ay tahay laakiin aan waajib ku ahayn inay hagaajiyaan xuquuqaha, oo ay ku jiraan furayaal_ idman, laakiin sababo jira awgeed ma diiwaangeliyaan.
Ha ilaawin inaad dib u bilowdo adeega sshd ka dib si loo dabaqo isbeddelada.
ru-mbp-666:infrastructure$ ssh [email protected] -i ~/.ssh/id_rsa
Windows PowerShell
Copyright (C) 2016 Microsoft Corporation. All rights reserved.
PS C:UsersAdministrator> Get-Host
Name : ConsoleHost
Version : 5.1.14393.2791
InstanceId : 653210bd-6f58-445e-80a0-66f66666f6f6
UI : System.Management.Automation.Internal.Host.InternalHostUserInterface
CurrentCulture : en-US
CurrentUICulture : en-US
PrivateData : Microsoft.PowerShell.ConsoleHost+ConsoleColorProxy
DebuggerEnabled : True
IsRunspacePushed : False
Runspace : System.Management.Automation.Runspaces.LocalRunspace
PS C:UsersAdministrator>Faa'iidooyinka/khasaaro-xumada la xidhiidha.
Faa'iido:
- Habka caadiga ah ee isku xirka server-yada.
Marka ay jiraan mashiinnada Windows-ka oo yar, aad bay u dhib badan tahay marka:
Marka, halkan waxaan ku mareynaa ssh, oo halkan waxaan isticmaalnaa rdp,
iyo guud ahaan, dhaqanka ugu fiican ee leh basions waa marka hore tunnel ssh, iyo RDP iyada oo loo marayo. - Fudud in la dejiyo
Waxaan filayaa in tani ay caddahay. - Xawaaraha isku xirka iyo shaqada mashiinka fog
Ma jiro qolof garaafeed, badbaadinaysa labadaba agabka serverka iyo cadadka xogta la kala qaado.
Ogolaansho:
- Si buuxda uma beddelo RDP.
Wax walba lagama samayn karo console-ka, hoogay. Waxaan ula jeedaa xaaladaha GUI looga baahan yahay.
Qalabka loo isticmaalo maqaalka:
Xulashada rakibidda si xishood la'aan ah ayaa laga soo min guuriyay .
Source: www.habr.com