Howto: Ïîäêëþ÷åíèå ê ðîóòåðó ÷åðåç putty è far áåç ïàðîëÿ (winscp+putty)

[angel_il]

Íå çíàþ áóäåò ëè â òåìó íî âûëîæó ïàðó ðåêîìåíäàöèé íà ñ÷åò far + winscp è putty.
Ïðåäïîëàãàåòñÿ ÷òî dropbear óæå óñòàíîâëåí âîò òàê

4) íàñòðîèòü SSH-ñåðâåð.
Ïîäêëþ÷èòüñÿ ê øåëëó ðîóòåðà ìîæíî ïî ïðîòîêîëó telnet ïðîãðàììîé putty (www.putty.nl), èìÿ äëÿ âõîäà "admin", ïàðîëü åñëè íå ìåíÿëè òàêîé æå. Çàéäÿ äàòü êîìàíäû:

Code:

mkdir -p /usr/local/etc/dropbear
dropbearkey -t dss -f /usr/local/etc/dropbear/dropbear_dss_host_key
dropbearkey -t rsa -f /usr/local/etc/dropbear/dropbear_rsa_host_key
mkdir -p /usr/local/sbin/
echo "#!/bin/sh" >> /usr/local/sbin/post-boot
cp /usr/local/sbin/post-boot /usr/local/sbin/post-firewall
cp /usr/local/sbin/post-boot /usr/local/sbin/post-mount
cp /usr/local/sbin/post-boot /usr/local/sbin/pre-shutdown
chmod +x /usr/local/sbin/p*
echo "dropbear > /dev/null 2>&1" >> /usr/local/sbin/post-boot
dropbear > /dev/null 2>&1
flashfs save
flashfs commit
flashfs enable

à ïåðåìåííàÿ LANG îïðåäåëåíà êàê ru_RU.UTF-8 .
äîïîëíèòåëüíî íåîáõîäèìî óñòàíîâèòü sftp-server èç êîìàíäíîé ñòðîêè (ñïàñèáî al37919 çà íàâîäêó).

Code:

ipkg install openssh-sftp-server

Ïîäêëþ÷åíèå ÷åðåç putty.
êà÷àåì ïîñëåäíþþ âåðñèþ putty íàðèìåð îòñþäà
à òàêæå Pageant è PuTTYgen. ÿ èõ îáû÷íî çàêèäûâàþ â ïàïêó windows, ÷òîáû ïîòîì íå èñêàòü
òåïåðü ñ ïîìîùüþ óòèëèòû PuTTYgen ãåíåðèðóåì ïðèâàòíûé êëþ÷, ïîñëå íàæàòèÿ êíîïêè Generate íåîáõîäèìî ïîâîäèòü ìûøêîé âíóòðè îêîøêà.
Ïîñëå ãåíåðàöèè êëþ÷à íóæíî ñîõðàíèòü íà äèñê 2 êëþ÷à public è private, ïðèâàòíûé êëþ÷ ÿ åãî çàêèíóë â ïàïêó windows\system32, ïðåäâàðèòåëüíî ââåäÿ êëþ÷åâóþ ôðàçó, à ïàáëèê êåé âûâåäåí â ïîëå "Public key for pasting..." ÿ åãî, ÷åðåç êëèïáîðä, ñîõðàíèë íà äèñêå c:\ ÷òîáû íå ïîòåðÿòü. Ïîòîì åãî íåîáõîäèìî áóäåò ñîõðàíèòü íà ðîóòåðå â ôàéëå /tmp/local/root/.ssh/authorized_keys.
íàïðèìåð òàêèì îáðàçîì:

Code:

mkdir /tmp/local/root/.ssh
touch /tmp/local/root/.ssh/authorized_keys
mcedit /tmp/local/root/.ssh/authorized_keys #åñëè óñòàíîâëåí mc

äàëåå âñòàâèòü èç êëèïáîðäà ïàáëèê êåé è ñîõðàíèòü ôàéë.
èëè êàêèì òî äðóãèì ñïîñîáîì ïîìåñòèòü ñîäåðæèìîå ïîëÿ "Public key for pasting..." â ôàéë /tmp/local/root/.ssh/authorized_keys. (åñòü êàê ìèíèìóì N ñïîñîáîâ ñäåëàòü ýòî
ïîñëå ýòîãî íåîáõîäèìî ñîõðàíèòü ýòîò êëþ÷

Code:

flashfs save
flashfs commit
flashfs enable

Òåïåðü çàïóñêàåì putty ñîçäàåì íîâóþ ñåññèþ è íà çàêëàäêå Window/Translation çàäàåì êîäèðîâêó UTF-8, íà çàêëàäêå Connection/Data çàäàåì èìÿ ïîëüçîâàòåëÿ admin, íà çàêëàäêå Connection/SSH/Auth â ïîëå Private key for ... óñòàíàâëèâàåì òîò ïðèâàòíûé êëþ÷ êîòîðûé ìû ñãåíåðèðîâàëè â íà÷àëå.
Ñîõðàíÿåì ñåññèþ, íà ýòîì ñ ïóòòè âñå.

PS: Åñëè ìû õîòèì, ÷òîáû ïðè ñîçäàíèè ñåññèè àâòîìàòè÷åñêè çàïóñêàëñÿ mc è ïðè ýòîì ïîñëå âûõîäà èç íåãî ñåññèÿ íå çàêðûâàëàñü, íåîáõîäèìî â ïîëå Remote command íà çàêëàäêå Connection/SSH âïèñàòü mc -c && /bin/sh

Òåïåðü Pagent:
òóò òîæå âñå ïðîñòî íàæèìàåì Add Key è âûáèðàåì ñâîé ïðèâàòíûé êëþ÷.
Òåïåðü ÷òîáû ñîåäèíèòüñÿ ñ ðîóòåðîì ÷åðåç ssh íàäî â òðåå ïî èêîíêå ñ pagent ùåëêíóòü ïðàâîé êëàâèøåé âûáðàòü Saved session ñâîþ ñåññèþ.
Ïîñëå ÷åãî óñòàíîâèòñÿ ñîåäèíåíèå ñ ñåðâåðîì ïðè ýòîì àâòîðèçàöèÿ áóäåò ïðîõîäèòü ïîñðåäñòâîì ïðîâåðêè êëþ÷åé è ïàðîëü è ëîãèí âáèâàòü íå ïðèäåòñÿ.
Ïîäêëþ÷åíèå ÷åðåç far ïëàãèí winscp.
íåîáõîäèìî ñêà÷àòü è óñòàíîâèòü ïîñëåäíþþ âåðñèþ ïëàãèíà winscp c ñàéòà àâòîðà ïëàãèíà òóò
òåïåðü íà îñíîâíîé çàêëàäêå íåîáõîäèìî óñòàíîâèòü òèï ïðîòîêîëà sftp (ñïàñèáî Oleg çà íàâîäêó)
à íà çàêëàäêå Environment UTF-8 encoding for filenames âêëþ÷èòü On.
NB: åñëè File protocol îïðåäåëåí êàê scp òî ðóññêîãî íå ó÷èäåòü, áóäóò êðàêîçÿáëèêè.

Êàðòèíêè ïðèëàãàþòñÿ

[angel_il]

ãåíåðàöèÿ êëþ÷åé

[angel_il]

íàñòðîéêè putty

[Nitrogen]

>>Ïðåäïîëàãàåòñÿ ÷òî dropbear óæå óñòàíîâëåí à ïåðåìåííàÿ LANG îïðåäåëåíà êàê ru_RU.UTF-8 .
à ìîæíî áåç ïðåäïîëîæåíèé? áûëî áû ïðèÿòíî óâèäåòü âñå â îäíîé òåìå, ñ íóëÿ, áåç "÷èòàé faq"

[angel_il]

>>Ïðåäïîëàãàåòñÿ ÷òî dropbear óæå óñòàíîâëåí à ïåðåìåííàÿ LANG îïðåäåëåíà êàê ru_RU.UTF-8 .
à ìîæíî áåç ïðåäïîëîæåíèé? áûëî áû ïðèÿòíî óâèäåòü âñå â îäíîé òåìå, ñ íóëÿ, áåç "÷èòàé faq"

ok ) óêðàäó èç òåìû "íàñòðîéêà ðîóòåðà ñ íóëÿ"

[37elena]

Âîò çäåñü äàëüøå íè êàê.

PHP Code:

ipkg install openssh
cp /opt/libexec/sftp-server /tmp
ipkg remove openssh
mv /tmp/sftp-server /opt/libexec
flashfs save
flashfs commit
flashfs enable 


Âîò ëîã.
[admin@wl500g root]$ ipkg install openssh
Installing openssh (4.7p1-1) to /opt/...
Downloading http://ipkg.nslu2-linux.org/feeds/op...1-1_mipsel.ipk
An error ocurred, return value: 2.
Collected errors:
Package openssh wants to install file /opt/bin/ssh
But that file is already provided by package dropbear
Package openssh wants to install file /opt/bin/scp
But that file is already provided by package dropbear
[admin@wl500g root]$ cp /opt/libexec/sftp-server /tmp
cp: /opt/libexec/sftp-server: No such file or directory
[admin@wl500g root]$ ipkg remove openssh
No packages removed.
Nothing to be done
Successfully terminated.
[admin@wl500g root]$ mv /tmp/sftp-server /opt/libexec
mv: unable to rename `/tmp/sftp-server': No such file or directory
[admin@wl500g root]$

È äàëåå íåò òàêîé ïàïêè äëÿ ñîõðàíåíèÿ êëþ÷à.
/tmp/local/root/.ssh/

[al37919]

åùå òàêîé âîïðîñ âîçíèê. Êàê îïåðèðîâàòü ñ êëþ÷àìè â putty --- äîñòàòî÷íî ïîíÿòíî ðàçæåâàíî. À êàê ìíå ñîçäàòü/ïîäêëþ÷èòü ïîäîáíûé êëþ÷åâîé ôàéë äëÿ ñîåäèíåíèé èç linux?

[angel_il]

åùå òàêîé âîïðîñ âîçíèê. Êàê îïåðèðîâàòü ñ êëþ÷àìè â putty --- äîñòàòî÷íî ïîíÿòíî ðàçæåâàíî. À êàê ìíå ñîçäàòü/ïîäêëþ÷èòü ïîäîáíûé êëþ÷åâîé ôàéë äëÿ ñîåäèíåíèé èç linux?

òðåáóåòñÿ ïîäêëþ÷àòüñÿ ÷åðåç ssh èç ïîä ëèíóêñà ê äðóãèì ëèíóêñîâûì ìàøèíàì?
ïðèìåðíî òàêæå, ìîãó íàïèñàòü êîíå÷íî íî â èíåòå åñòü èñ÷åðïûâàþùåå îïèñàíèå. ùàñ ñûëêó äàì.
http://www.opennet.ru/base/sec/ssh_pubkey_auth.txt.html

[al37919]

îòëè÷íàÿ ññûëêà --- âñå âûøëî. Ìîæåò åå òîæå íà ïåðâóþ ñòðàíèöó?

[PupsDRVR]

Ïðî÷èòàë âñþ âåòêó, íàñòðîèë áåç ïðîáëåì. Ïîäêëþ÷àåòñÿ WinSCP, î÷åíü óäîáíî. À âîò FAR äëÿ ÷åãî â äàííîé ñèòóàöèè? ß åãî òîæå ïîñòàâèë (FAR POWERPACK V1.06), âñïîìíèë ìîëîäîñòü . Íàäî åù¸ ÷òî-òî íàñòðàèâàòü äëÿ ïîäêëþ÷åíèÿ èëè îí äëÿ êàêèõ-òî äðóãèõ öåëåé? Ïîèñê â êîíôå ïî ñëîâó FAR íè÷åãî íå äàë, ïîèñê ÷òî ëè ñëîìàëñÿ... Ïðîñâåòèòå, êòî çíàåò, èíòåðåñíî î÷åíü.

[getikalex]

À çà÷åì FAR ?
Ïî ìíå - ïðîùå â TotalCommander îäèí ðàç çàïîìíèòü FTP ñîåäèíåíèå ñ óçëîì 192.168.1.1:21 è âñå ! äèñê ðîóòåðà íà ïàíåëè.
(ftp äóìàþ åñòü ó âñåõ)

Íà ñêðèíå ïîäêëþ÷åííûé 192.168.89.56 (òàêîé àäðåñ ó ìåíÿ)
 íàñòðîéêå ïîêàçàë 192.168.1.1 ÷òîá íå ïóòàòü ëþäåé-òàê ïî óìîë÷àíèþ (ðåàëüíî ó ìåíÿ ñòîèò 192.168.89.56:21 ÷òî è îòîáðàçèëîñü)

[kr1sed]

Dropbear — àâòîðèçàöèÿ ïî êëþ÷àì (íà ïðèìåðå Asus wl-500gp-v1)

Îñíîâíàÿ ïðè÷èíà ïî êîòîðîé ÿ ðåøèë íàñòðîèòü äîñòóï ê êîíñîëè ssh ñåðâåðà dropbear - ýòî ïîñòîÿííûé áðóò ìîåãî ñåðâåðà
(áîòû íå äàþò ïîêîÿ). Êàê òîëüêî â ëîãàõ ïðî÷íî çàêðåïèëñÿ îäèí IP èç ãåðìàíèè, êîòîðûé òùåòíî ïûòàëñÿ ïîäîáðàòü ïàðîëü
ê ìîåìó ðîóòåðó â òå÷åíèè äâóõ ñóòîê, òåðïåíèþ ïðèøåë êîíåö è ÿ ðåøèë âûäåëèòü âðåìÿ è ïðåêðàòèòü ýòîò áåñïðåäåë.

Íà óì ïðèøëî äâà âûõîäà:

1. Õèòðî íàñòðîèòü Iptables, ñ áåçæàëîñòíûì áàíîì âñåõ íàäîåäëèâûõ «êèòàéöåâ».
2. Äîñòóï ïî êëþ÷àì. ß âûáðàë âòîðîå — óäîáñòâî êóïå ñ áåçîïàñíîñòüþ.

Èòàê íà÷íåì. Íàì ïîíàäîáèòñÿ ðîóòåð Asus wl 500gp ñ àëüòåðíàòèâíîé ïðîøèâêîé íà áîðòó (ÿ èñïîëüçóþ ïðîøèâêó «Îëåãà»), ñàì dropbear,
êëèåíò putty, óòèëèòà äëÿ ãåíåðàöèè êëþ÷åé Puttygen, êëèåíò winscp, ïîæàëóé âñå, äà è çàáûë — ïðÿìûå ðóêè è õîëîäíûé ðàññóäîê

Ïîäêëþ÷àåìñÿ ÷åðåç Putty è ñîçäàåì êàòàëîã ñ ôàéëîì ïóáëè÷íîãî êëþ÷à äëÿ àâòîðèçàöèè.

Code:

# mkdir /tmp/local/root/.ssh
# touch /tmp/local/root/.ssh/authorized_keys
# mcedit /tmp/local/root/.ssh/authorized_keys

Ñ ïîìîùüþ Puttygen ãåíåðèðóåì ïóáëè÷íûé è ïðèâàòíûé êëþ÷è, ïóáëè÷íûé ñ ïîìîùüþ copy-paste âñòàâëÿåì
â ôàéë àâòîðèçîâàííûõ êëþ÷åé authorized_keys. Ïðèìåíÿåì íàñòðîéêè è ïåðåçàãðóæàåì ðîóòåð.

Code:

# flashfs save && flashfs commit && flashfs enable && reboot

Òåïåðü ïðîáóåì çàëîãèíèòüñÿ ñ ïîìîùüþ ïðèâàòíîãî êëþ÷à. Íàñòðîéêè ïðîèçâîäèì â êëèåíòå Putty.

-Session:

Îòêðûâåì Putty, âî âêëàäêå sessions óêàçûâàåì àäðåñ ñåðâåðà — IP èëè DNS èìÿ.

-Connection → Data:

 ïîëå «Login details» «Auto-login username» óêàçûâàåì íàø ëîãèí ïîä êîòîðûì ìû áóäåì ñîåäèíÿòñÿ (admin,root, etc)

-Connection → SSH → Auth

Îòêðûâàåì ôàéë ñ íàøèì ïðèâàòíûì êëþ÷îì äëÿ àâòîðèçàöèè.

-Session

Âïèñûâàåì èìÿ íàøåé ñåññèè è ñîõðàíÿåì (save).

Ïðîáóåì ñîåäèíèòüñÿ, åñëè âñå ïðîøëî óñïåøíî, ââîäèì ïàðîëüíóþ ôðàçó, åñëè óêàçûâàëè ïðè ãåíåðàöèè
ïðèâàòíîãî êëþ÷à (ðåêîìåíäóþ çàäàòü) ëèáî àâòîìàòè÷åñêè ïîäêëþ÷àåìñÿ, åñëè ïàðîëüíóþ ôðàçó íå çàäàâàëè.

Òåïåðü íóæíî èçìåíèòü ïðàâà äîñòóïà ê ôàéëó ñ ïóáëè÷íûì êëþ÷îì è çàïðåòèòü
ñåðâåðó dropbear ïðèíèìàòü ñîåäèíåíèÿ ïî ëîãèíó è ïàðîëþ.

Code:

# mcedit /usr/local/sbin/post-boot

Çàäàåì ïàðàìåòð -s äëÿ îòêëþ÷åíèÿ ðåãèñòðàöèè ïî ëîãèíó è ïàðîëþ:

Code:

dropbear -s -p 22

Èçìåíÿåì ïðàâà ê ôàéëó è ïàïêå:

Code:

# chmod 0700 /tmp/local/root/.ssh
# chmod 0600 /tmp/local/root/.ssh/authorized_keys

Ïðèìåíÿåì íàñòðîéêè è ïåðåçàãðóæàåìñÿ:

Code:

# flashfs save && flashfs commit && flashfs enable && reboot

http://bruteforcer.ru/index.php/2009...s-wl-500gp-v1/

[rstaganrog]

Ñîçäàíî íåñêîëüêî ðàçíûõ ôàéëîâ êîíôèãóðàöèè ìàðøðóòèçàòîðà ïîñðåäñòâîì web-èíòåðôåéñà "Àäìèíèñòðèðîâàíèå | Ñîõðàíåíèå" (ôàéëû Settings.CFG).

 çàâèñèìîñòè îò óñëîâèé íåñêîëüêî ðàç â äåíü òðåáóåòñÿ çàãðóæàòü â ðîóòåð îäèí èç ýòèõ ôàéëîâ êîíôèãóðàöèè. Âûïîëíÿòü ýòî ÷åðåç web-èíòåðôåéñ "Àäìèíèñòðèðîâàíèå | Âîññòàíîâëåíèå íàñòðîåê" ñëèøêîì äëèííî (âäîáàâîê íóæíî âûáèðàòü íàñòðîéêè â äèàëîãå âûáîðà ôàéëà).

Âñå äåéñòâèÿ ïðîèñõîäÿò â WinXP.

Äëÿ óïðîùåíèÿ ïðîöåññà è ìèíèìèçàöèè òðåáóåìîãî óðîâíÿ êâàëèôèêàöèè äëÿ âûïîëíåíèÿ ýòîé ïðîöåäóðû (âûïîëíÿòü å¸ áóäó íå òîëüêî ÿ) ïðåäïîëàãàåòñÿ ñîçäàòü íåñêîëüêî ÿðëûêîâ ñ ïàðàìåòðàìè, óêàçûâàþùèìè íà îïðåäåë¸ííûé ôàéë íàñòðîåê Settings.CFG.  ýòîì ñëó÷àå äëÿ èçìåíåíèÿ ïàðàìåòðîâ ìàðøðóòèçàòîðà îïåðàòîðó äîñòàòî÷íî áóäåò êëèêíóòü ìûøêîé íà òðåáóåìîì ÿðëûêå áåç íåîáõîäèìîñòè çàïóñêà web-èíòåðôåéñà è âîçìîæíîñòè îøèáèòüñÿ ïðè åãî èñïîëüçîâàíèè.

Çàäà÷à èìååò ðåøåíèå? Çàâèñèò ëè îíî îò ïðîøèâêè (ñòàíäàðòíàÿ èëè îò ýíòóçèàñòîâ)?

[tempik]

Ñîçäàíî íåñêîëüêî ðàçíûõ ôàéëîâ êîíôèãóðàöèè ìàðøðóòèçàòîðà ïîñðåäñòâîì web-èíòåðôåéñà "Àäìèíèñòðèðîâàíèå | Ñîõðàíåíèå" (ôàéëû Settings.CFG).

 çàâèñèìîñòè îò óñëîâèé íåñêîëüêî ðàç â äåíü òðåáóåòñÿ çàãðóæàòü â ðîóòåð îäèí èç ýòèõ ôàéëîâ êîíôèãóðàöèè. Âûïîëíÿòü ýòî ÷åðåç web-èíòåðôåéñ "Àäìèíèñòðèðîâàíèå | Âîññòàíîâëåíèå íàñòðîåê" ñëèøêîì äëèííî (âäîáàâîê íóæíî âûáèðàòü íàñòðîéêè â äèàëîãå âûáîðà ôàéëà).

Âñå äåéñòâèÿ ïðîèñõîäÿò â WinXP.

Äëÿ óïðîùåíèÿ ïðîöåññà è ìèíèìèçàöèè òðåáóåìîãî óðîâíÿ êâàëèôèêàöèè äëÿ âûïîëíåíèÿ ýòîé ïðîöåäóðû (âûïîëíÿòü å¸ áóäó íå òîëüêî ÿ) ïðåäïîëàãàåòñÿ ñîçäàòü íåñêîëüêî ÿðëûêîâ ñ ïàðàìåòðàìè, óêàçûâàþùèìè íà îïðåäåë¸ííûé ôàéë íàñòðîåê Settings.CFG.  ýòîì ñëó÷àå äëÿ èçìåíåíèÿ ïàðàìåòðîâ ìàðøðóòèçàòîðà îïåðàòîðó äîñòàòî÷íî áóäåò êëèêíóòü ìûøêîé íà òðåáóåìîì ÿðëûêå áåç íåîáõîäèìîñòè çàïóñêà web-èíòåðôåéñà è âîçìîæíîñòè îøèáèòüñÿ ïðè åãî èñïîëüçîâàíèè.

Çàäà÷à èìååò ðåøåíèå? Çàâèñèò ëè îíî îò ïðîøèâêè (ñòàíäàðòíàÿ èëè îò ýíòóçèàñòîâ)?

Ãîòîâîå ðåøåíèå ëåíü ðàñïèñûâàòü ... Ìîãó íàïðàâèòü íà ïóòü ... Ïðîøèâêà ýíòóçèàñòîâ -> ñêðèïò çàãðóæàþùèé íóæíóþ êîíôèãóðàöèþ -> Putty (SSH->Remote command->çàïóñê ñêðèïòà)->ÿðëûê äëÿ Putty àâòîëîãèíà ... Óäà÷è

[rstaganrog]

Ãîòîâîå ðåøåíèå ëåíü ðàñïèñûâàòü ... Ìîãó íàïðàâèòü íà ïóòü ... Ïðîøèâêà ýíòóçèàñòîâ -> ñêðèïò çàãðóæàþùèé íóæíóþ êîíôèãóðàöèþ -> Putty (SSH->Remote command->çàïóñê ñêðèïòà)->ÿðëûê äëÿ Putty àâòîëîãèíà ... Óäà÷è

Ïðàâèëüíî ëè ÿ ïîíèìàþ, ÷òî íà ðîäíîé ïðîøèâêå íåëüçÿ çàïóñòèòü telnet?