Ukukhishwa kwe-OpenSSH 9.0, ukuqaliswa okuvulekile kweklayenti neseva yokusebenza kusetshenziswa izivumelwano ze-SSH 2.0 ne-SFTP, kwethulwe. Enguqulweni entsha, insiza ye-scp ishintshwe ngokuzenzakalelayo ukuze isebenzise i-SFTP esikhundleni sephrothokholi ye-SCP/RCP ephelelwe yisikhathi.
I-SFTP isebenzisa izindlela zokuphatha amagama ezibikezelwe kakhudlwana futhi ayisebenzisi ukucutshungulwa kwegobolondo lamaphethini eglobhu emagameni wefayela ngakolunye uhlangothi lomsingathi, okudala izinkinga zokuphepha. Ikakhulukazi, lapho kusetshenziswa i-SCP ne-RCP, iseva inquma ukuthi yimaphi amafayela nezinkomba okufanele zithunyelwe kuklayenti, futhi iklayenti lihlola kuphela ukunemba kwamagama ezinto ezibuyisiwe, okuthi, lapho kungabikho amasheke afanele ohlangothini lweklayenti, avumele iseva ukudlulisa amanye amagama amafayela ahlukile kulawo aceliwe.
ΠΡΠΎΡΠΎΠΊΠΎΠ» SFTP Π»ΠΈΡΡΠ½ ΡΠΊΠ°Π·Π°Π½Π½ΡΡ ΠΏΡΠΎΠ±Π»Π΅ΠΌ, Π½ΠΎ Π½Π΅ ΠΏΠΎΠ΄Π΄Π΅ΡΠΆΠΈΠ²Π°Π΅Ρ ΡΠ°ΡΠΊΡΡΡΠΈΠ΅ ΡΠΏΠ΅ΡΠΏΡΡΠ΅ΠΉ, ΡΠ°ΠΊΠΈΡ ΠΊΠ°ΠΊ Β«~/Β». ΠΠ»Ρ ΡΡΡΡΠ°Π½Π΅Π½ΠΈΡ Π΄Π°Π½Π½ΠΎΠ³ΠΎ ΡΠ°Π·Π»ΠΈΡΠΈΡ Π½Π°ΡΠΈΠ½Π°Ρ Ρ OpenSSH 8.7 Π² ΡΠ΅Π°Π»ΠΈΠ·Π°ΡΠΈΠΈ SFTP-ΡΠ΅ΡΠ²Π΅ΡΠ° ΠΏΠΎΠ΄Π΄Π΅ΡΠΆΠΈΠ²Π°Π΅ΡΡΡ ΡΠ°ΡΡΠΈΡΠ΅Π½ΠΈΠ΅ ΠΏΡΠΎΡΠΎΠΊΠΎΠ»Π° Β«[i-imeyili ivikelwe]" ukukhulisa ~/ kanye ~umsebenzisi/ izindlela.
Uma usebenzisa i-SFTP, abasebenzisi bangase futhi bahlangabezane nokungahambelani okubangelwa isidingo sokubalekela kabili izinhlamvu zokunweba zendlela ekhethekile kuzicelo ze-SCP ne-RCP zokuvimbela ukutolikwa kwazo ngohlangothi olukude. Ku-SFTP, ukweqa okunjalo akudingekile futhi izingcaphuno ezengeziwe zingaholela ephutheni lokudlulisa idatha. Ngasikhathi sinye, abathuthukisi be-OpenSSH benqabile ukungeza isandiso ukuze baphindaphinde ukuziphatha kwe-scp kuleli cala, ngakho ukuphunyuka kabili kuthathwa njengephutha elingenangqondo ukuphinda.
Ezinye izinguquko ekukhishweni okusha:
- I-Ssh ne-sshd zine-algorithm yokushintshanisa ukhiye oyi-hybrid enikwe amandla ngokuzenzakalelayo "[i-imeyili ivikelwe]"(ECDH/x25519 + NTRU Prime), imelana nokukhetha amakhompyutha e-quantum futhi kuhlanganiswe ne-ECDH/x25519 ukuvimba izinkinga ezingaba khona ku-NTRU Prime ezingase zivele esikhathini esizayo. Ohlwini lwe-KexAlgorithms, olunquma indlela okukhethwa ngayo izindlela zokushintshanisa ukhiye, i-algorithm eshiwo manje isibekwe kuqala futhi inokubaluleka okuphezulu kune-ECDH ne-DH algorithms.
Amakhompiyutha e-Quantum awakakafinyeleli ezingeni lokuqhekeza okhiye bendabuko, kodwa ukusebenzisa ukuphepha kwe-hybrid kuzovikela abasebenzisi ekuhlaselweni okubandakanya ukugcinwa kwamaseshini e-SSH anqanyuliwe ngethemba lokuthi angasuswa ukubethela ngokuzayo lapho amakhompyutha e-quantum adingekayo etholakala.
- Isandiso esithi "copy-data" sengezwe kuseva ye-sftp, ekuvumela ukuthi ukopishe idatha ohlangothini lweseva, ngaphandle kokuyidlulisela kuklayenti, uma umthombo namafayela okuhlosiwe akuseva efanayo.
- Umyalo we-"cp" ungeziwe ensizeni ye-sftp ukuqalisa iklayenti ukukopisha amafayela ohlangothini lweseva.
Source: opennet.ru