1、配置ssh免密登陆:客户端主机通过redhat用户基于秘钥验证方式进行远程连接服务器的root用户
服务器端:
(1):关闭防火墙
[root@localhost ~]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: >
Active: inactive (dead)
Docs: man:firewalld(1)(2):设置setenforce 0(操作之后要重启ssh)
[root@localhost ~]# getenforce
Permissive
[root@localhost ~]# systemctl restart sshd客户端:
(1):产生公钥、私钥
[redhat@localhost ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/redhat/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/redhat/.ssh/id_rsa
Your public key has been saved in /home/redhat/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:YtHvnY56SZBoXUGwgs60MT6P0qs9n7SpugjDd7sr41E redhat@localhost.localdomain
The key's randomart image is:
+---[RSA 3072]----+
| .oo. |
| . . .. |
| = oooo |
| = +oo+. |
| *Eo S.. |
|. ..= . ... . |
|o..oo.o ...o |
|.o.=+o.+ oo |
|. ==*BB .o. . |
+----[SHA256]-----+
[redhat@localhost ~]$ ll /home/redhat/.ssh/ //查看是否成功
总用量 16
-rw-------. 1 redhat redhat 2622 3月 11 17:32 id_rsa //私钥
-rw-r--r--. 1 redhat redhat 582 3月 11 17:32 id_rsa.pub //公钥
-rw-------. 1 redhat redhat 840 3月 11 17:29 known_hosts
-rw-r--r--. 1 redhat redhat 96 3月 11 17:29 known_hosts.old(2):客户端传送公钥给客户端
[redhat@localhost ~]# ssh-copy-id root@192.168.40.129(3):远程连接服务器
[redhat@localhost ~]$ ssh root@192.168.40.129
Activate the web console with: systemctl enable --now cockpit.socket
Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Sat Mar 11 17:32:16 2023 from 192.168.40.129
[root@localhost ~]#