Mo ti nigbagbogbo ni ibanujẹ nipa sisopọ si awọn ẹrọ Windows. Rara, Emi kii ṣe alatako tabi alatilẹyin ti Microsoft ati awọn ọja wọn. Ọja kọọkan wa fun idi tirẹ, ṣugbọn kii ṣe ohun ti eyi jẹ nipa.
O ti jẹ irora pupọ nigbagbogbo fun mi lati sopọ si awọn olupin Windows, nitori pe awọn asopọ wọnyi jẹ tunto nipasẹ aaye kan (hello WinRM pẹlu HTTPS) tabi ko ṣiṣẹ ni iduroṣinṣin (hello RDP si awọn ẹrọ foju okeokun).
Nitorina, nini lairotẹlẹ wa kọja ise agbese , Mo pinnu lati pin iriri iṣeto mi. Boya ọpa yii yoo gba ẹnikan ni ọpọlọpọ awọn iṣan.
Awọn aṣayan fifi sori ẹrọ:
- Nipasẹ Chocolatey
- Nipasẹ Ansible, fun apẹẹrẹ ipa
Nigbamii ti, Emi yoo sọrọ nipa aaye akọkọ, niwon ohun gbogbo jẹ diẹ sii tabi kere si pẹlu iyokù.
Emi yoo fẹ lati ṣe akiyesi pe iṣẹ akanṣe yii tun wa ni ipele beta, nitorinaa ko ṣe iṣeduro lati lo ni iṣelọpọ.
Nitorinaa, ṣe igbasilẹ idasilẹ tuntun, ni akoko ti o jẹ . Awọn ẹya wa fun awọn ọna ṣiṣe 32 ati 64 bit.
Yọọ sinu C: Awọn faili Eto ṢiiSSH
A dandan ojuami fun o tọ isẹ: nikan ni Ilana ati ẹgbẹ abojuto.
Awọn iṣẹ fifi sori ẹrọ nipa lilo iwe afọwọkọ kan fi sori ẹrọ-sshd.ps1 be ni yi liana
powershell.exe -ExecutionPolicy Bypass -File install-sshd.ps1Gba awọn asopọ ti nwọle ni ibudo 22:
New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22Alaye: applet New-NetFirewallOfin lo lori Windows Server 2012 ati ki o nigbamii. Ninu awọn eto atijọ (tabi tabili tabili) o le lo aṣẹ naa:
netsh advfirewall firewall add rule name=sshd dir=in action=allow protocol=TCP localport=22
Jẹ ki a bẹrẹ iṣẹ naa:
net start sshdNi ibẹrẹ, awọn bọtini ogun yoo ṣe ipilẹṣẹ laifọwọyi (ti o ba sonu) sinu %data eto%ssh
A le mu iṣẹ ṣiṣe adaṣe ṣiṣẹ nigbati eto ba bẹrẹ pẹlu aṣẹ:
Set-Service sshd -StartupType AutomaticO tun le yi ikarahun pipaṣẹ aiyipada pada (lẹhin fifi sori ẹrọ, aiyipada jẹ cmd):
New-ItemProperty -Path "HKLM:SOFTWAREOpenSSH" -Name DefaultShell -Value "C:WindowsSystem32WindowsPowerShellv1.0powershell.exe" -PropertyType String -ForceAlaye: O gbọdọ pato ọna pipe.
Ohun ti ni tókàn?
Ati lẹhinna a ṣeto soke sshd_config, eyi ti a yoo gbe sinu C: Data Eto. Fun apẹẹrẹ:
PasswordAuthentication no
PubkeyAuthentication yesKi o si ṣẹda liana ninu folda olumulo .ssh, ati ninu rẹ faili awọn bọtini_aṣẹ. A kọ si isalẹ awọn àkọsílẹ bọtini nibẹ.
Alaye pataki: nikan olumulo ninu eyiti faili ti o wa ninu itọsọna rẹ wa ni ẹtọ lati kọ si faili yii.
Ṣugbọn ti o ba ni awọn iṣoro pẹlu eyi, o le nigbagbogbo pa awọn ẹtọ ẹtọ ni atunto:
StrictModes noNipa ọna, ni C: Awọn faili Eto ṢiiSSH awọn iwe afọwọkọ 2 wa (FixHostFilePermissions.ps1, FixUserFilePermissions.ps1), eyiti o yẹ ṣugbọn kii ṣe rọ lati ṣatunṣe awọn ẹtọ, pẹlu pẹlu awọn bọtini_aṣẹ, ṣugbọn fun diẹ ninu awọn idi ti won ko ba ko forukọsilẹ.
Maṣe gbagbe lati tun iṣẹ naa bẹrẹ ssh lẹhin lilo awọn ayipada.
ru-mbp-666:infrastructure$ ssh [email protected] -i ~/.ssh/id_rsa
Windows PowerShell
Copyright (C) 2016 Microsoft Corporation. All rights reserved.
PS C:UsersAdministrator> Get-Host
Name : ConsoleHost
Version : 5.1.14393.2791
InstanceId : 653210bd-6f58-445e-80a0-66f66666f6f6
UI : System.Management.Automation.Internal.Host.InternalHostUserInterface
CurrentCulture : en-US
CurrentUICulture : en-US
PrivateData : Microsoft.PowerShell.ConsoleHost+ConsoleColorProxy
DebuggerEnabled : True
IsRunspacePushed : False
Runspace : System.Management.Automation.Runspaces.LocalRunspace
PS C:UsersAdministrator>Aleebu / konsi.
Aleebu:
- Standard ona lati sopọ si olupin.
Nigbati awọn ẹrọ Windows diẹ ba wa, o jẹ inira pupọ nigbati:
Nitorinaa, nibi a lọ nipasẹ ssh, ati nihin a lo rdp,
ati ni gbogbogbo, adaṣe ti o dara julọ pẹlu awọn bastions jẹ oju eefin ssh akọkọ, ati RDP nipasẹ rẹ. - Rọrun lati ṣeto
Mo ro pe eyi jẹ kedere. - Iyara asopọ ati ṣiṣẹ pẹlu ẹrọ isakoṣo latọna jijin
Ko si ikarahun ayaworan, fifipamọ awọn orisun olupin mejeeji ati iye data ti o tan kaakiri.
Konsi:
- Ko ni rọpo RDP patapata.
Ko ohun gbogbo le ṣee ṣe lati console, alas. Mo tumọ si awọn ipo nibiti GUI ti nilo.
Awọn ohun elo ti a lo ninu nkan naa:
Awọn aṣayan fifi sori ẹrọ ni a daakọ laisi itiju lati .
orisun: www.habr.com