- Perbedaan SSH dan FTPSSH :a. Berfungsi untuk melakukan remote server untuk suatu keperluan misalnya administrasi user.b. SSH adalah protokol jaringanc. SSH memungkinkan berbagai aplikasid. SSH menggunakan enkripsi ketika membangun koneksi antara server dan kliene. SSH secara inheren tidak aman
FTP :
a. Untuk mentransfer file antara dua
host yang terdapat dalam jaringan.
b. FTP adalah protokol transfer file
c. FTP hanya memungkinkan kontrol file
d. FTP tidak mengandung indikasi
tentang keamanan karena dirancang di usia di mana keamanan tidak
benar-benar penting
- Membuat SSH Server- SSH server ada di IP 172.16.17.217
- Client ada di IP
172.16.17.185
- Konfigurasi
| # Package generated configuration file
# See the sshd_config(5) manpage for details # What ports, IPs and protocols we listen for Port 22 # Use these options to restrict which interfaces/protocols sshd will bind to #ListenAddress :: #ListenAddress 0.0.0.0 Protocol 2 # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key HostKey /etc/ssh/ssh_host_ecdsa_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 ServerKeyBits 768 # Logging SyslogFacility AUTH LogLevel INFO # Authentication: LoginGraceTime 120 PermitRootLogin yes StrictModes yes RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes # To enable empty passwords, change to yes (NOT RECOMMENDED) PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Change to no to disable tunnelled clear text passwords #PasswordAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosGetAFSToken no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes X11Forwarding yes X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net # Allow client to pass locale environment variables AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM yes |
- Cek Koneksi
→ Gambar tersebut membuktikan bahwa
koneksi sudah tersambung.
- Mengkoneksikan ke
komputer server
→Perintah untuk meremote komputer
server.
- Membuat FTP ServerSSH server ada di IP 172.16.17.195client ada di IP 172.16.17.185
- Cek Koneksi
- Untuk menghubungkan
antar 2 komputer:
→ Komputer sudah terhubung.
- Melihat isi direktori komputer yang di remote:
- untuk mendownload file yang ada di ftp serverfile yang akan di download adalah file mau yang ada di folder suka
- Lembar Kerja Hal 431. ketik sudo nano /etc/vsftpd/vsftpd.conf lalu cari #idle_sesion_timeout 600. Hilangkan tanda pagarnya dan save. Lalu restart dengan cara sudo /etc/init.d/vsftpd restart2. max_client (jumlah maksimum user)3. nano /etc/ssh/sshd_config
→ file berhasil di transfer dari
komputer server ke komputer client.
No comments:
Post a Comment