{"id":7704,"date":"2022-07-25T09:32:10","date_gmt":"2022-07-25T01:32:10","guid":{"rendered":"http:\/\/lrxjmw.cn\/?p=7704"},"modified":"2022-07-25T13:35:59","modified_gmt":"2022-07-25T05:35:59","slug":"openssh-7-2","status":"publish","type":"post","link":"https:\/\/lrxjmw.cn\/openssh-7-2.html","title":{"rendered":"OpenSSH 7.2\u5c06\u652f\u6301 SHA-256\/512 \u7684 RSA \u7b7e\u540d"},"content":{"rendered":"

\"openssh\"
\n\u6839\u636e\u5185\u90e8\u53d1\u5e03\u516c\u544a\uff0cOpenSSH 7.2 \u4e3b\u8981\u662f bug \u4fee\u590d\uff0c\u4fee\u6539\u4e86\u81ea OpenSSH 7.1p2 \u4ee5\u6765\u7531\u7528\u6237\u62a5\u544a\u548c\u5f00\u53d1\u56e2\u961f\u53d1\u73b0\u7684\u95ee\u9898\uff0c\u4f46\u662f\u6211\u4eec\u53ef\u4ee5\u770b\u5230\u51e0\u4e2a\u65b0\u529f\u80fd\u3002<\/p>\n

\u8fd9\u5176\u4e2d\u6211\u4eec\u53ef\u4ee5\u63d0\u5230\u4f7f\u7528\u4e86 SHA-256 \u6216\u8005 SHA-256 512 \u54c8\u5e0c\u7b97\u6cd5\u7684 RSA \u7b7e\u540d\uff1b\u589e\u52a0\u4e86\u4e00\u4e2a AddKeysToAgent \u5ba2\u6237\u7aef\u9009\u9879\uff0c\u4ee5\u6dfb\u52a0\u7528\u4e8e\u8eab\u4efd\u9a8c\u8bc1\u7684 ssh-agent \u7684\u79c1\u94a5\uff1b\u548c\u5b9e\u73b0\u4e86\u4e00\u4e2a\u201crestrict\u201d\u7ea7\u522b\u7684 authorized_keys \u9009\u9879\uff0c\u7528\u4e8e\u5b58\u50a8\u5bc6\u94a5\u9650\u5236\u3002<\/p>\n

\u6b64\u5916\u73b0\u5728 ssh_config \u4e2d CertificateFile \u9009\u9879\u53ef\u4ee5\u660e\u786e\u5217\u51fa\u8bc1\u4e66\uff0cssh-keygen \u73b0\u5728\u80fd\u591f\u6539\u53d8\u6240\u6709\u652f\u6301\u7684\u683c\u5f0f\u7684\u5bc6\u94a5\u6ce8\u91ca\u3001\u5bc6\u94a5\u6307\u7eb9\u73b0\u5728\u53ef\u4ee5\u6765\u81ea\u6807\u51c6\u8f93\u5165\uff0c\u591a\u4e2a\u516c\u94a5\u53ef\u4ee5\u653e\u5230\u4e00\u4e2a\u6587\u4ef6\u3002<\/p>\n

ssh-keygen \u73b0\u5728\u652f\u6301\u591a\u8bc1\u4e66<\/strong><\/div>\n

\u9664\u4e86\u4e0a\u9762\u63d0\u5230\u7684\uff0cOpenSSH 7.2 \u589e\u52a0\u4e86 ssh-keygen \u591a\u8bc1\u4e66\u7684\u652f\u6301\uff0c\u4e00\u4e2a\u4e00\u884c\uff0c\u5b9e\u73b0\u4e86 sshd_config ChrootDirectory \u53caForeground \u7684\u201cnone\u201d\u53c2\u6570\uff0c\u201c-c\u201d\u6807\u5fd7\u5141\u8bb8 ssh-keyscan \u83b7\u53d6\u8bc1\u4e66\u800c\u4e0d\u662f\u6587\u672c\u5bc6\u94a5\u3002<\/p>\n

\u6700\u540e\u4f46\u5e76\u975e\u6700\u4e0d\u91cd\u8981\u7684\uff0cOpenSSH 7.3 \u4e0d\u518d\u9ed8\u8ba4\u542f\u7528 rijndael-cbc\uff08\u5373 AES\uff09\uff0cblowfish-cbc\u3001cast128-cbc \u7b49\u53e4\u8001\u7684\u7b97\u6cd5\uff0c\u540c\u6837\u7684\u8fd8\u6709\u57fa\u4e8e MD5 \u548c\u622a\u65ad\u7684 HMAC \u7b97\u6cd5\u3002\u5728 Linux \u4e2d\u652f\u6301 getrandom() \u7cfb\u7edf\u8c03\u7528\u3002\u4e0b\u8f7d OpenSSH 7.2<\/a> \u5e76\u67e5\u770b\u66f4\u65b0\u65e5\u5fd7<\/a>\u4e2d\u7684\u66f4\u591a\u7ec6\u8282\u3002<\/p>\n

\n

\u672c\u6587\u5730\u5740\uff1ahttp:\/\/lrxjmw.cn\/openssh-7-2.html<\/a>\u7f16\u8f91\uff1a\u51af\u632f\u534e\uff0c\u5ba1\u6838\u5458\uff1a\u5218\u9044<\/span><\/p>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"

\u6839\u636e\u5185\u90e8\u53d1\u5e03\u516c\u544a\uff0cOpenSSH 7.2 \u4e3b\u8981\u662f bug \u4fee\u590d\uff0c\u4fee\u6539\u4e86\u81ea OpenSSH 7.1p2 \u4ee5\u6765\u7531\u7528 […]<\/p>\n","protected":false},"author":309,"featured_media":7706,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[21],"tags":[],"class_list":["post-7704","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"acf":[],"_links":{"self":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/7704","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/users\/309"}],"replies":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/comments?post=7704"}],"version-history":[{"count":4,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/7704\/revisions"}],"predecessor-version":[{"id":248781,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/7704\/revisions\/248781"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/media\/7706"}],"wp:attachment":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/media?parent=7704"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/categories?post=7704"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/tags?post=7704"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}