User Tools

Site Tools


сервис_ssh

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Last revision Both sides next revision
сервис_ssh [2024/02/08 10:54]
val [SSH вместо VPN (привязка к порту сервера)]
сервис_ssh [2024/05/15 13:02]
val [Использование SSH Chroot]
Line 40: Line 40:
 ===== Настройка ssh сервера ===== ===== Настройка ssh сервера =====
 <​code>​ <​code>​
-gate# cat /​etc/​ssh/​sshd_config+gate# cat /​etc/​ssh/​sshd_config.d/my.conf
 </​code><​code>​ </​code><​code>​
-... 
 Port 2222 Port 2222
-...+
 DenyUsers "​user*"​ DenyUsers "​user*"​
-...+
 PermitRootLogin yes PermitRootLogin yes
-...+
 #​KexAlgorithms +diffie-hellman-group1-sha1,​diffie-hellman-group-exchange-sha1 #​KexAlgorithms +diffie-hellman-group1-sha1,​diffie-hellman-group-exchange-sha1
 #​HostkeyAlgorithms +ssh-dss,​ssh-rsa #​HostkeyAlgorithms +ssh-dss,​ssh-rsa
-... 
 </​code>​ </​code>​
  
Line 73: Line 71:
 $ mkdir .ssh/ $ mkdir .ssh/
  
-$ cat .ssh/config+$ cat ~/.ssh/config
 </​code><​code>​ </​code><​code>​
 Host * Host *
Line 88: Line 86:
 #        StrictHostKeyChecking=no #        StrictHostKeyChecking=no
 #        LogLevel ERROR #        LogLevel ERROR
 +
 +###    HostKeyAlgorithms +ssh-rsa
 +###    PubkeyAcceptedKeyTypes +ssh-rsa
 </​code>​ </​code>​
  
Line 111: Line 112:
  
 ==== SSH вместо RCP (SCP) ==== ==== SSH вместо RCP (SCP) ====
 +==== SCP ====
 <​code>​ <​code>​
 $ scp -P 2222 val@radio.specialist.ru:/​usr/​local/​www/​apache22/​data/​unix/​virus.zip . $ scp -P 2222 val@radio.specialist.ru:/​usr/​local/​www/​apache22/​data/​unix/​virus.zip .
Line 117: Line 119:
  
 server# sshpass -p cisco scp switchN:​running-config /​srv/​tftp/​switchN-running-config server# sshpass -p cisco scp switchN:​running-config /​srv/​tftp/​switchN-running-config
 +
 +server# scp -3 192.168.X.101:/​etc/​docker/​daemon.json gate:/​etc/​docker/​daemon.json
 </​code>​ </​code>​
  
Line 124: Line 128:
  
 <​code>​ <​code>​
-www# cat /​etc/​ssh/​sshd_config+# cat /​etc/​ssh/​sshd_config
 </​code><​code>​ </​code><​code>​
 ... ...
Line 131: Line 135:
 ... ...
 Match group user1 Match group user1
 +#Match group group1
        ​ChrootDirectory %h        ​ChrootDirectory %h
        ​ForceCommand internal-sftp        ​ForceCommand internal-sftp
 </​code><​code>​ </​code><​code>​
-www# chown root ~user1/+# chown root ~user1/
  
-www# mkdir ~user1/​public_html+# mkdir ~user1/​public_html ​&& chown user1:user1 ~user1/​public_html/​
  
-www# chown -R user1:user1 ~user1/public_html/+mkdir ~user1/mail && ​chown user1:user1 ~user1/mail/
 </​code>​ </​code>​
  
Line 182: Line 187:
 </​code><​code>​ </​code><​code>​
 # cat /​proc/​sys/​net/​ipv4/​ip_local_port_range # cat /​proc/​sys/​net/​ipv4/​ip_local_port_range
 +  или
 +# sysctl net.ipv4.ip_local_port_range
 +
 +lan# ssh -N -R 61022:​localhost:​22 -o ServerAliveInterval=60 student@server.corpX.un
 +
 +lan# ssh -N -R 61389:​192.168.100+X.1NN:​3389 student@server.corpX.un
  
-lan# ssh -N -R 61022:localhost:22 -o ServerAliveInterval=60 user1@server.corpX.un+mobaxterm> ​ssh -N -R 61389:localhost:3389 student@server.corpX.un
  
-lan# ssh -N -R 3101:192.168.100+X.101:3389 user1@server.corpX.un+mobaxterm> ​ssh -N -R 0:localhost:5500 student@server.corpX.un
 </​code>​ </​code>​
  
Line 225: Line 236:
  
 <​code>​ <​code>​
-node1:~# cat .ssh/config+node1:~# cat ~/.ssh/config
 </​code><​code>​ </​code><​code>​
 Host * Host *
сервис_ssh.txt · Last modified: 2024/06/19 12:22 by val