Redhat 7/CentOS 7 SSH 免密登录的方法
<p><strong>先决条件</strong></p>
<p>
3 台 CentOS 7</p>
<p>
</p>
<table>
<thead><tr>
<th>
HOSTNAME</th>
<th>
IP</th>
<th>
ROLE</th>
</tr></thead>
<tbody>
<tr>
<td>
server1</td>
<td>
10.8.26.197</td>
<td>
Master</td>
</tr>
<tr>
<td>
server2</td>
<td>
10.8.26.196</td>
<td>
Slave1</td>
</tr>
<tr>
<td>
server3</td>
<td>
10.8.26.195</td>
<td>
Slave2</td>
</tr>
</tbody>
</table>
<p>
</p>
<p>
<strong>步骤</strong></p>
<p>
1. 用 root 用户登录。每台服务器都生成公钥,再合并到 authorized_keys。</p>
<p>
2. CentOS 默认没有启动 ssh 无密登录,去掉<code> /etc/ssh/sshd_config </code>其中 2 行的注释,每台服务器都要设置。</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_128566">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash plain">RSAAuthentication </code><code class="bash functions">yes</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">PubkeyAuthentication </code><code class="bash functions">yes</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
3. 每台服务器下都输入命令<code> ssh-keygen -t rsa</code>,生成 key,一律不输入密码,直接回车,<code>/root</code> 就会生成<code> .ssh </code>文件夹。</p>
<p>
4. 在 Master 服务器下,合并公钥到<code> authorized_keys </code>文件,进入 <code>/root/.ssh </code>目录,通过 SSH 命令合并.</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_997069">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash comments"># cat id_rsa.pub>> authorized_keys</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash comments"># ssh root@10.8.26.196 cat ~/.ssh/id_rsa.pub>> authorized_keys</code>
</div>
<div class="line number3 index2 alt2">
<code class="bash comments"># ssh root@10.8.26.195 cat ~/.ssh/id_rsa.pub>> authorized_keys</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
5. 把 Master 服务器的<code> authorized_keys</code>、<code>known_hosts </code>复制到 Slave 服务器的 <code>`/root/.ssh </code>目录</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_628279">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
<div class="line number4 index3 alt1">
4</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash comments"># scp authorized_keys root@server2:/root/.ssh/</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash comments"># scp authorized_keys root@server3:/root/.ssh/</code>
</div>
<div class="line number3 index2 alt2">
<code class="bash comments"># scp known_hosts root@server2:/root/.ssh/</code>
</div>
<div class="line number4 index3 alt1">
<code class="bash comments"># scp known_hosts root@server3:/root/.ssh/</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
6. 完成,<code>ssh root@10.8.26.196</code>、<code>ssh root@10.8.26.195 </code>就不需要输入密码了。</p>
<p>
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持服务器之家。</p>
<p>
原文链接:https://segmentfault.com/a/1190000008615560</p>
頁:
[1]