Ubuntu下安装rsh实现无密码访问详解
<p><strong>一、环境</strong></p>
<p>
1.三台服务器ubuntu14.04, 主机名分别为compute,block1和blcok2</p>
<p>
2.两台主机hosts文件都为:<br><span>root@compute:~# cat /etc/hosts</span><br>
127.0.0.1 localhost<br>
192.168.4.132 compute<br>
192.168.4.133 block1<br>
192.168.4.134 block2</p>
<p>
<strong>二、安装rsh和rsh-server</strong>(三台主机都安装),并设置启动rsh和rlogin服务</p>
<p>
1 安装</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_503452">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash plain">apt-get </code><code class="bash functions">install</code> <code class="bash plain">rsh-client rsh-server xinetd </code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
2 ubuntu下原来没有/etc/xinetd.d/rsh文件,新建并添加内容</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_214211">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
<div class="line number4 index3 alt1">
4</div>
<div class="line number5 index4 alt2">
5</div>
<div class="line number6 index5 alt1">
6</div>
<div class="line number7 index6 alt2">
7</div>
<div class="line number8 index7 alt1">
8</div>
<div class="line number9 index8 alt2">
9</div>
<div class="line number10 index9 alt1">
10</div>
<div class="line number11 index10 alt2">
11</div>
<div class="line number12 index11 alt1">
12</div>
<div class="line number13 index12 alt2">
13</div>
<div class="line number14 index13 alt1">
14</div>
<div class="line number15 index14 alt2">
15</div>
<div class="line number16 index15 alt1">
16</div>
<div class="line number17 index16 alt2">
17</div>
<div class="line number18 index17 alt1">
18</div>
<div class="line number19 index18 alt2">
19</div>
<div class="line number20 index19 alt1">
20</div>
<div class="line number21 index20 alt2">
21</div>
<div class="line number22 index21 alt1">
22</div>
<div class="line number23 index22 alt2">
23</div>
<div class="line number24 index23 alt1">
24</div>
<div class="line number25 index24 alt2">
25</div>
<div class="line number26 index25 alt1">
26</div>
<div class="line number27 index26 alt2">
27</div>
<div class="line number28 index27 alt1">
28</div>
<div class="line number29 index28 alt2">
29</div>
<div class="line number30 index29 alt1">
30</div>
<div class="line number31 index30 alt2">
31</div>
<div class="line number32 index31 alt1">
32</div>
<div class="line number33 index32 alt2">
33</div>
<div class="line number34 index33 alt1">
34</div>
<div class="line number35 index34 alt2">
35</div>
<div class="line number36 index35 alt1">
36</div>
<div class="line number37 index36 alt2">
37</div>
<div class="line number38 index37 alt1">
38</div>
<div class="line number39 index38 alt2">
39</div>
<div class="line number40 index39 alt1">
40</div>
<div class="line number41 index40 alt2">
41</div>
<div class="line number42 index41 alt1">
42</div>
<div class="line number43 index42 alt2">
43</div>
<div class="line number44 index43 alt1">
44</div>
<div class="line number45 index44 alt2">
45</div>
<div class="line number46 index45 alt1">
46</div>
<div class="line number47 index46 alt2">
47</div>
<div class="line number48 index47 alt1">
48</div>
<div class="line number49 index48 alt2">
49</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash comments"># default: on </code>
</div>
<div class="line number2 index1 alt1">
<code class="bash comments"># descrīption: The rshd server is the server for the rcmd(3) routine and, \ </code>
</div>
<div class="line number3 index2 alt2">
<code class="bash comments"># consequently, for the rsh(1) program. The server provides \ </code>
</div>
<div class="line number4 index3 alt1">
<code class="bash comments"># remote execution facilities with authentication based on \ </code>
</div>
<div class="line number5 index4 alt2">
<code class="bash comments"># privileged port numbers from trusted hosts. </code>
</div>
<div class="line number6 index5 alt1">
<code class="bash plain">service shell </code>
</div>
<div class="line number7 index6 alt2">
<code class="bash plain">{ </code>
</div>
<div class="line number8 index7 alt1">
<code class="bash spaces"> </code><code class="bash plain">disable = no </code>
</div>
<div class="line number9 index8 alt2">
<code class="bash spaces"> </code><code class="bash plain">socket_type = stream </code>
</div>
<div class="line number10 index9 alt1">
<code class="bash spaces"> </code><code class="bash plain">wait = no </code>
</div>
<div class="line number11 index10 alt2">
<code class="bash spaces"> </code><code class="bash plain">user = root </code>
</div>
<div class="line number12 index11 alt1">
<code class="bash spaces"> </code><code class="bash plain">log_on_success += USERID </code>
</div>
<div class="line number13 index12 alt2">
<code class="bash spaces"> </code><code class="bash plain">log_on_failure += USERID </code>
</div>
<div class="line number14 index13 alt1">
<code class="bash spaces"> </code><code class="bash plain">server = </code><code class="bash plain">/usr/sbin/in</code><code class="bash plain">.rshd </code>
</div>
<div class="line number15 index14 alt2">
<code class="bash plain">} </code>
</div>
<div class="line number16 index15 alt1">
<code class="bash spaces"> </code>
</div>
<div class="line number17 index16 alt2">
<code class="bash plain">/etc/xinetd</code><code class="bash plain">.d</code><code class="bash plain">/rlogin</code>
</div>
<div class="line number18 index17 alt1">
<code class="bash spaces"> </code>
</div>
<div class="line number19 index18 alt2">
<code class="bash comments"># default: on </code>
</div>
<div class="line number20 index19 alt1">
<code class="bash comments"># descrīption: rlogind is the server for the rlogin(1) program. The server \ </code>
</div>
<div class="line number21 index20 alt2">
<code class="bash comments"># provides a remote login facility with authentication based on \ </code>
</div>
<div class="line number22 index21 alt1">
<code class="bash comments"># privileged port numbers from trusted hosts. </code>
</div>
<div class="line number23 index22 alt2">
<code class="bash plain">service login </code>
</div>
<div class="line number24 index23 alt1">
<code class="bash plain">{ </code>
</div>
<div class="line number25 index24 alt2">
<code class="bash spaces"> </code><code class="bash plain">disable = no </code>
</div>
<div class="line number26 index25 alt1">
<code class="bash spaces"> </code><code class="bash plain">socket_type = stream </code>
</div>
<div class="line number27 index26 alt2">
<code class="bash spaces"> </code><code class="bash plain">wait = no </code>
</div>
<div class="line number28 index27 alt1">
<code class="bash spaces"> </code><code class="bash plain">user = root </code>
</div>
<div class="line number29 index28 alt2">
<code class="bash spaces"> </code><code class="bash plain">log_on_success += USERID </code>
</div>
<div class="line number30 index29 alt1">
<code class="bash spaces"> </code><code class="bash plain">log_on_failure += USERID </code>
</div>
<div class="line number31 index30 alt2">
<code class="bash spaces"> </code><code class="bash plain">server = </code><code class="bash plain">/usr/sbin/in</code><code class="bash plain">.rlogind </code>
</div>
<div class="line number32 index31 alt1">
<code class="bash plain">} </code>
</div>
<div class="line number33 index32 alt2">
<code class="bash spaces"> </code>
</div>
<div class="line number34 index33 alt1">
<code class="bash plain">/etc/xinetd</code><code class="bash plain">.d</code><code class="bash plain">/rexec</code>
</div>
<div class="line number35 index34 alt2">
<code class="bash spaces"> </code>
</div>
<div class="line number36 index35 alt1">
<code class="bash comments"># default: off </code>
</div>
<div class="line number37 index36 alt2">
<code class="bash comments"># descrīption: Rexecd is the server for the rexec(3) routine. The server \ </code>
</div>
<div class="line number38 index37 alt1">
<code class="bash comments"># provides remote execution facilities with authentication based \ </code>
</div>
<div class="line number39 index38 alt2">
<code class="bash comments"># on user names and passwords. </code>
</div>
<div class="line number40 index39 alt1">
<code class="bash plain">service </code><code class="bash functions">exec</code>
</div>
<div class="line number41 index40 alt2">
<code class="bash plain">{ </code>
</div>
<div class="line number42 index41 alt1">
<code class="bash spaces"> </code><code class="bash plain">disable = no </code>
</div>
<div class="line number43 index42 alt2">
<code class="bash spaces"> </code><code class="bash plain">socket_type = stream </code>
</div>
<div class="line number44 index43 alt1">
<code class="bash spaces"> </code><code class="bash plain">wait = no </code>
</div>
<div class="line number45 index44 alt2">
<code class="bash spaces"> </code><code class="bash plain">user = root </code>
</div>
<div class="line number46 index45 alt1">
<code class="bash spaces"> </code><code class="bash plain">log_on_success += USERID </code>
</div>
<div class="line number47 index46 alt2">
<code class="bash spaces"> </code><code class="bash plain">log_on_failure += USERID </code>
</div>
<div class="line number48 index47 alt1">
<code class="bash spaces"> </code><code class="bash plain">server = </code><code class="bash plain">/usr/sbin/in</code><code class="bash plain">.rexecd </code>
</div>
<div class="line number49 index48 alt2">
<code class="bash plain">} </code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
3 重启动</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_490041">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash plain">root@block2:~</code><code class="bash comments"># /etc/init.d/xinetd restart </code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">xinetd stop</code><code class="bash plain">/waiting</code>
</div>
<div class="line number3 index2 alt2">
<code class="bash plain">xinetd start</code><code class="bash plain">/running</code><code class="bash plain">, process 26181 </code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
<strong>三、建立信任文件,实现无密码访问配置</strong></p>
<p>
1.在root主目录下建立.rhosts文件,并在此文件内写入这两台主机的主机名</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_388420">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
<div class="line number4 index3 alt1">
4</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash plain">root@block1:~</code><code class="bash comments"># cat .rhosts </code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">compute root </code>
</div>
<div class="line number3 index2 alt2">
<code class="bash plain">block1 root </code>
</div>
<div class="line number4 index3 alt1">
<code class="bash plain">block2 root </code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
<span><strong>注:</strong></span>root 验证需要/root/.rhosts文件,普通用户需要/etc/hosts.equiv文件</p>
<p>
2.在/etc目录下建立hosts.equiv文件,并在此文件内写入作为客户端主机的主机名</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_715614">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
<div class="line number4 index3 alt1">
4</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash plain">root@block1:~</code><code class="bash comments"># cat /etc/hosts.equiv </code>
</div>
<div class="line number2 index1 alt1">
<code class="bash comments"># /etc/hosts.equiv: list of hosts and users that are granted "trusted" r </code>
</div>
<div class="line number3 index2 alt2">
<code class="bash comments"># command access to your system . </code>
</div>
<div class="line number4 index3 alt1">
<code class="bash plain">compute </code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
3 在文件/etc/securetty中</p>
<p>
加入rsh rlogin rexec</p>
<p>
<strong>四、配置完毕,验证配置</strong></p>
<p>
1.在compute服务器上直接输入rsh block1 date就可以在block1上无密码执行date命令</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_214731">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash plain">root@compute:~</code><code class="bash comments"># rsh block2 date </code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">Thu Mar 30 16:38:42 CST 2017 </code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
2.在compute上直接输入rsh block1就可以无密码登录block1<br>
3.普通用户操作同root用户<br>
4.还有rcp命令可以远程复制文件<br>
至此rsh无密码访问配置完毕。</p>
<p>
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持。</p>
頁:
[1]