久久久久久久视色,久久电影免费精品,中文亚洲欧美乱码在线观看,在线免费播放AV片

<center id="vfaef"><input id="vfaef"><table id="vfaef"></table></input></center>
    <p id="vfaef"><kbd id="vfaef"></kbd></p>
    

    <pre id="vfaef"><u id="vfaef"></u></pre>
      <thead id="vfaef"><input id="vfaef"></input></thead>
      

    1. 

      
	
      
				
      站長資訊網(wǎng)

      最全最豐富的資訊網(wǎng)站
      		
				
						
			
      

      
	

      
	
      
	
      
				
      
			
      RHEL7.4下實現(xiàn)SSH免密碼登錄
                         
      
			
                          
      
				2019-08-02
												分類:服務器技術(shù)
				閱讀(1299)				評論(0)
				
			
      
		
      
				
      
						
      ssh是記錄你密碼信息的, 沒有登錄過root (或是沒有執(zhí)行過ssh-keygen命令),是沒有.ssh 文件夾的
      

      需求:當你需要訪問一臺linux服務器或兩臺服務器互相免密訪問時,ssh keys這時需要,創(chuàng)建辦法是當前主機上執(zhí)行命令:
      

      

      ssh-keygen  或  ssh-keygen -t rsa  或 ssh-keygen -t dsa
      

      

      AB機器,如果A訪問B免密,就把A的公鑰給B,反之亦然
      

      執(zhí)行后會在當前用戶登錄目錄下生成.ssh目錄和兩個文件
      

      RHEL7.4下實現(xiàn)SSH免密碼登錄
      

      使用ssh-keygen生成私鑰和公鑰
      

      命令如下:
      

      

      ssh-keygen -t rsa
      

      

      參數(shù) -t rsa 表示使用rsa算法進行加密,執(zhí)行后,會在/root當前用戶/.ssh目錄下找到id_rsa(私鑰)和id_rsa.pub(公鑰)
      

      也可以使用 dsa 加密算法進行加密,命令如下:
      

      

      ssh-keygen -t dsa
      

      

      id_rsa.pub里是公鑰,如果需要登錄到遠程主機,需要到遠程主機/root/root/.ssh目錄下,新建authorized_keys文件,并將id_rsa.pub里的內(nèi)容復制進去:
      

      

      # touch /root/.ssh/authorized_keys
      

      

      這個操作看要不要登錄到遠程的機器上,如果需要,就添加,不需要,可以不建。
      

      

      注意:新建后,需要更改authorized_keys文件的用戶權(quán)限,不然文件無法生效,ssh公鑰生效需滿足至少下面兩個條件:  1、 .ssh目錄的權(quán)限必須是700  2 、.ssh/authorized_keys文件權(quán)限必須是600
      

      

      執(zhí)行下面命令
      

      

      chmod 600 ~/.ssh/authorized_keys
      

      

      RHEL7.4下實現(xiàn)SSH免密碼登錄
      

      遠程免密登錄
      

      常用以下幾種方法:
      

      3臺rhel7.4
      

      


      
HOSTNAME
IP
ROLE

      
      


      
server1
192.168.2.3
Master

      

      
server2
192.168.2.5
Slave1

      

      
server3
192.168.2.10
Slave2

      
      

      

      2.1 通過ssh-copy-id的方式:
      

      命令: ssh-copy-id -i ~/.ssh/id_rsa.pub <romte_ip>
      

      舉例:
      

      

      root用戶登錄遠程root用戶(第一次需要密碼登錄)  [root@linuxidc ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.2.5  /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"  /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed  /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys  root@192.168.2.5's password:   Number of key(s) added: 1  Now try logging into the machine, with:   "ssh '192.168.2.2'"  and check to make sure that only the key(s) you wanted were added.  [root@linuxidc ~]#   [root@linuxidc ~]# ssh root@192.168.2.5  Last login: Thu Nov 15 16:23:42 2018 from 192.168.2.3  [root@D ~]#    常見錯誤:  [root@test ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.2.5  -bash: ssh-copy-id: command not found //提示命令不存在  解決辦法:yum -y install openssh-clients      root用戶遠程非root用戶(普通用戶),第一次需要密碼登錄  [root@linuxidcjustyumserver ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub test@192.168.2.2  /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"  /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed  /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys  test@192.168.2.2's password:     Number of key(s) added: 1    Now try logging into the machine, with:   "ssh 'Oracle@192.168.2.2'"  and check to make sure that only the key(s) you wanted were added.
      

      

      2.2、通過scp將內(nèi)容寫到對方的文件中
      

      命令:scp -p ~/.ssh/id_rsa.pub root@<remote_ip>:/root/.ssh/authorized_keys
      

      舉例:
      

      

      # scp -p ~/.ssh/id_rsa.pub root@192.168.2.5:/root/.ssh/authorized_keys  #root@10.40.34.183's password:   id_rsa.pub   # ssh root@192.168.2.5  Last login: Thu Nov 15 16:54:59 2018 from 192.168.2.3
      

      

      也可以分為兩步操作:
      

      

      # scp ~/.ssh/id_rsa.pub root@<remote_ip>:pub_key //將文件拷貝至遠程服務器  # cat ~/pub_key >>~/.ssh/authorized_keys //將內(nèi)容追加到authorized_keys文件中, 不過要登錄遠程服務器來執(zhí)行這條命令
      

      

      2.3、每臺服務器下都輸入命令 ssh-keygen -t rsa,生成 key,一律不輸入密碼,直接回車,/root 就會生成 .ssh 文件夾。
      

      在 Master 服務器下,合并公鑰到 authorized_keys 文件,進入 /root/.ssh 目錄,通過 SSH 命令合并:
      

      

      [root@linuxidc ~]# cd /root/.ssh/ [root@linuxidc .ssh]# cat id_rsa.pub  >> authorized_keys [root@linuxidc .ssh]# ssh root@192.168.2.10 cat ~/.ssh/id_rsa.pub>> authorized_keys 這里的id_rsa.pub是slave服務器的,合并到Mastere服務器的文件中
      

      

      把 Master 服務器的 authorized_keys復制到 Slave 服務器的 `/root/.ssh 目錄
      

      [root@linuxidc.ssh]# scp authorized_keys root@192.168.2.10:/root/.ssh/
      

      完成,ssh root@192.168.2.10 就不需要輸入密碼登錄了
      
		
      
								            
      
            	贊(0)            	            	            
      
        				
					
      
分享到:








更多 (0)

      

      
		
		
      標簽:
      
		
		
		            
        
									
      
	
      
	
      


      
	網(wǎng)站地圖  
  
    滬ICP備18035694號-2
    
	滬公網(wǎng)安備31011702889846號