Ubuntu实现免密登录

喷子的自我修养 發表於 2022-9-2 08:24:00

@[TOCUbuntu实现免密登录) 
准备环境：两台Ubuntu节点server版，，ip我设置的静态，可以实现ssh远程登录window终端（cmd），也可以实现远程登录的,需要注意的是使用Ubuntu远程登录需要先登录普通用户再切换到root用户
说明：登录完毕后切换到root后，检查root是否有设置密码的，需要使用passwd设置一下root的密码
1，修改一下ssh配置文件 
用于开启远程操作的密码验证
<pre><code>root@master:~# vi /etc/ssh/sshd_config

# Logging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin prohibit-password
PermitRootLogin yes #需要开启的是这行，注意是仿照上行手动添加
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

#PubkeyAuthentication yes

</code></pre>
2，使用windows终端实现远程登录
<pre><code>C:\Users\huhy>ssh huhy@192.168.200.100
huhy@192.168.200.100's password:
Welcome to Ubuntu 22.04 LTS (GNU/Linux 5.15.0-25-generic x86_64)

* Documentation:https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

System information as of Thu Sep1 03:46:07 PM UTC 2022

System load:0.08251953125 Processes: 221
Usage of /: 33.3% of 19.51GB Users logged in: 1
Memory usage: 10% IPv4 address for ens33: 192.168.200.100
Swap usage: 0%

0 updates can be applied immediately.

Last login: Thu Sep1 15:34:51 2022 from 192.168.200.1
huhy@master:~$ sudo su root

</code></pre>
3，做个域名解析
<pre><code>root@master:~# vi /etc/hosts

127.0.0.1 localhost
127.0.1.1 huhy

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
192.168.200.100 master
192.168.200.101 slave1 # 添加最后两行即可，注意更改IP

# 测试

root@master:~# ping master
PING master (192.168.200.100) 56(84) bytes of data.
64 bytes from master (192.168.200.100): icmp_seq=1 ttl=64 time=0.023 ms
64 bytes from master (192.168.200.100): icmp_seq=2 ttl=64 time=0.050 ms
64 bytes from master (192.168.200.100): icmp_seq=3 ttl=64 time=0.106 ms
^C
--- master ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2034ms
rtt min/avg/max/mdev = 0.023/0.059/0.106/0.034 ms
root@master:~# ping slave1
PING slave1 (192.168.200.101) 56(84) bytes of data.
64 bytes from slave1 (192.168.200.101): icmp_seq=1 ttl=64 time=0.773 ms
64 bytes from slave1 (192.168.200.101): icmp_seq=2 ttl=64 time=0.830 ms
64 bytes from slave1 (192.168.200.101): icmp_seq=3 ttl=64 time=0.820 ms
^C
--- slave1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2006ms
rtt min/avg/max/mdev = 0.773/0.807/0.830/0.024 ms
root@master:~#

#alave1同样操作

root@slave1:~# vi /etc/hosts
root@slave1:~# ping master -c3
PING master (192.168.200.100) 56(84) bytes of data.
64 bytes from master (192.168.200.100): icmp_seq=1 ttl=64 time=0.640 ms
64 bytes from master (192.168.200.100): icmp_seq=2 ttl=64 time=1.95 ms
64 bytes from master (192.168.200.100): icmp_seq=3 ttl=64 time=2.20 ms

--- master ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2020ms
rtt min/avg/max/mdev = 0.640/1.598/2.202/0.685 ms
root@slave1:~# ping slave1 -c3
PING slave1 (192.168.200.101) 56(84) bytes of data.
64 bytes from slave1 (192.168.200.101): icmp_seq=1 ttl=64 time=0.023 ms
64 bytes from slave1 (192.168.200.101): icmp_seq=2 ttl=64 time=0.067 ms
64 bytes from slave1 (192.168.200.101): icmp_seq=3 ttl=64 time=0.073 ms

--- slave1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2057ms
rtt min/avg/max/mdev = 0.023/0.054/0.073/0.022 ms
root@slave1:~#
</code></pre>
4，做免密操作
<pre><code>ssh: Could not resolve hostname key-gen: Temporary failure in name resolution
root@master:~# ssh-keygen
Generating public/private rsa key pair. # 连续回车四下
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:X2aQjgO4k5zdxe5kjsvpqILy9C6gkWEBjpKp77Q1AxY root@master
The key's randomart image is:
+-------+
|o |
|o+ . . . |
|=.E . . = |
|+. o = o = . |
|ooo * . S = + |
|+o . . O + |
|.++ + . + |
|++o+ o o o |
|..+++...= |
+---------+
root@master:~#

# slave1同样操作

root@slave1:~# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:WASg8Kr3Fs/7L7CyB+SXW6K3dm4hmuVMaYXCmeFTYIc root@slave1
The key's randomart image is:
+-------+
|. ++o.. |
| o oE... |
|oo = .. |
| .O .o. |
|.o o.+S |
|. + @ o |
|. ./ B . |
| . .* @ + |
| .o*oBoo. |
+---------+
root@slave1:~#

#ssh传输公钥

root@master:~# ssh-copy-id -i /root/.ssh/id_rsa.pub root@slave1
root@slave1:~# ssh-copy-id -i /root/.ssh/id_rsa.pub root@master
#传输后输入密码即可

#测试master
root@master:~# ssh slave1
Welcome to Ubuntu 22.04 LTS (GNU/Linux 5.15.0-25-generic x86_64)

* Documentation:https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

System information as of Thu Sep1 04:21:53 PM UTC 2022

System load:0.0498046875 Processes: 217
Usage of /: 34.4% of 19.51GB Users logged in: 1
Memory usage: 10% IPv4 address for ens33: 192.168.200.101
Swap usage: 0%

0 updates can be applied immediately.

Last login: Thu Sep1 16:18:54 2022 from 192.168.200.100
root@slave1:~#

#测试slave1
root@slave1:~# ssh master
Welcome to Ubuntu 22.04 LTS (GNU/Linux 5.15.0-25-generic x86_64)

* Documentation:https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

System information as of Thu Sep1 04:22:46 PM UTC 2022

System load:0.0107421875 Processes: 216
Usage of /: 33.3% of 19.51GB Users logged in: 1
Memory usage: 10% IPv4 address for ens33: 192.168.200.100
Swap usage: 0%

0 updates can be applied immediately.

Last login: Thu Sep1 16:18:46 2022 from 192.168.200.101
root@master:~#

</code></pre> 
来源：https://www.cnblogs.com/hwiung/p/16648497.html

頁: [1]

琼殿技术论坛's Archiver

Ubuntu实现免密登录