多台linux无密码访问
一:实验环境:
1.四台SLES 11 SP2 X86_64 最小化安装
2.其中主机名和IP对应关系如下
manager 192.168.78.11
node1 192.168.78.12
node2 192.168.78.13
node3 192.168.78.14
二:配置过程如下:
1.在manager的/etc/hosts下添加内容如下
192.168.78.11 manager
192.168.78.12 node1
192.168.78.13 node2
192.168.78.14 node3
2.生成无私钥密码的密钥对
manager:~ # ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key(/root/.ssh/id_rsa): //直接Enter键
Created directory ‘/root/.ssh‘.
Enter passphrase (empty for no passphrase): //直接Enter键
Enter same passphrase again: //直接Enter键
Your identification has been saved in/root/.ssh/id_rsa.
Your public key has been saved in/root/.ssh/id_rsa.pub.
The key fingerprint is:
c2:e9:a3:48:a5:57:3c:64:a8:b6:17:71:ff:93:4d:2froot@manager
The key‘s randomart image is:
+--[ RSA 2048]----+
| |
| . |
| o + |
| .B o |
| oo B S . |
| . + + o . + . |
| +o o + E . |
| . + . . . . |
| .. |
+-----------------+
manager:~ #
3.生成认证文件authorized_keys并设置相应权限
manager:~ # cd .ssh/
manager:~/.ssh # ls
id_rsa id_rsa.pub
manager:~/.ssh # cp id_rsa.pub authorized_keys
manager:~/.ssh # chmod 600 authorized_keys
manager:~/.ssh # ls -l
total 12
-rw------- 1 root root 394 Dec 11 05:13 authorized_keys
-rw------- 1 root root 1675 Dec 11 05:12id_rsa
-rw-r--r-- 1 root root 394 Dec 11 05:12 id_rsa.pub
manager:~/.ssh #
4.复制/root/.ssh目录到node1,node2,node3的root目录下
manager:~ # for i in `seq 1 3`; do scp -r /root/.ssh/ node$i:/root/ ; done
The authenticity of host ‘node1(192.168.78.12)‘ can‘t be established.
RSA key fingerprint is9d:f6:00:b6:96:ba:e3:0c:91:47:8d:36:a6:68:6a:cf.
Are you sure you want to continueconnecting (yes/no)? yes
Warning: Permanently added‘node1,192.168.78.12‘ (RSA) to the list of known hosts.
Password:
authorized_keys 100% 394 0.4KB/s 00:00
id_rsa 100%1675 1.6KB/s 00:00
known_hosts 100% 229 0.2KB/s 00:00
id_rsa.pub 100% 394 0.4KB/s 00:00
The authenticity of host ‘node2(192.168.78.13)‘ can‘t be established.
RSA key fingerprint is45:d1:31:ed:05:54:ec:a4:61:f2:a8:70:8f:97:8c:41.
Are you sure you want to continueconnecting (yes/no)? yes
Warning: Permanently added‘node2,192.168.78.13‘ (RSA) to the list of known hosts.
Password:
authorized_keys 100% 394 0.4KB/s 00:00
id_rsa 100%1675 1.6KB/s 00:00
known_hosts 100% 458 0.5KB/s 00:00
id_rsa.pub 100% 394 0.4KB/s 00:00
The authenticity of host ‘node3(192.168.78.14)‘ can‘t be established.
RSA key fingerprint is45:d1:31:ed:05:54:ec:a4:61:f2:a8:70:8f:97:8c:41.
Are you sure you want to continueconnecting (yes/no)? yes
Warning: Permanently added‘node3,192.168.78.14‘ (RSA) to the list of known hosts.
Password:
authorized_keys 100% 394 0.4KB/s 00:00
id_rsa 100%1675 1.6KB/s 00:00
known_hosts 100% 687 0.7KB/s 00:00
id_rsa.pub 100% 394 0.4KB/s 00:00
manager:~ #
注:第一次是基于用户名密码的认证,所以要输入密码
5.复制/etc/hosts文件到node1,node2,node3的/etc目录下
manager:~ # for i in `seq 1 3`; do scp /etc/hosts node$i:/etc/ ; done
6.ssh访问本机(以便添加manager到.ssh/known_hosts文件下)
manager:~ # ssh manager
The authenticity of host ‘manager(192.168.78.11)‘ can‘t be established.
RSA key fingerprint ise6:74:87:2c:5e:71:30:c8:ae:9d:87:d4:54:05:d0:22.
Are you sure you want to continueconnecting (yes/no)? yes
Warning: Permanently added‘manager,192.168.78.11‘ (RSA) to the list of known hosts.
Last login: Thu Dec 11 05:06:27 2014 from192.168.78.1
manager:~ #
7.复制.ssh/known_hosts文件到node1,node2,node3的/root/.ssh/目录下
manager:~ # for i in `seq 1 3`; do scp /root/.ssh/known_hosts node$i:/root/.ssh/ ; done
至此配置完成
三:检验配置是否成功
1.随便选择一台机器比如node3,分别访问manager,node1,node2
node3:~ # ssh manager
Last login: Thu Dec 11 05:20:52 2014 frommanager //无密码登录manager成功
manager:~ # exit //退出到manager的连接
logout
Connection to manager closed.
node3:~ # ssh node1
Last login: Mon Sep 29 23:24:13 2014
linux-x4xj:~ # exit
logout
Connection to node1 closed.
node3:~ # ssh node2
Last login: Mon Sep 29 23:24:28 2014
linux-hmae:~ # exit
logout
Connection to node2 closed.
node3:~ #
由以上可知配置成功,node1,node2节点测试同上
#############################################################################
注意事项:
1.如果要重装某个节点比如重装node2,要按顺序执行下面4步
◆在重装node2之前需要先备份/etc/下的ssh目录
◆重装完成后,首先把/etc目录下的ssh目录替换为备份的ssh目录并重启ssh服务
◆然后从manager,node1或node3上复制.ssh目录到node2的/root目录下
◆最后复制hosts文件到node2的/etc目录下
2.普通用户的操作同root用户,且每个普通用户都要做以上的操作
#############################################################################
本文出自 “永不止步” 博客,谢绝转载!
郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。