Linux服务器之间密钥登录

张开发
2026/4/17 18:11:07 15 分钟阅读

最新文章

推荐文章

相关文章

分享文章

Linux服务器之间密钥登录
Linux服务器之间密钥登录环境准备准备两台服务器server1和server210.1.8.11 server1.sjw.cloud server110.1.8.12 server2.sjw.cloud server2配置server1# 设置主机名[rootserver1 ~ 09:23:07]# hostnamectl set-hostname server1.sjw.cloud# 修改 IP 地址[rootserver1 ~ 09:23:07]# cd /etc/sysconfig/network-scripts/[rootserver1 network-scripts 09:24:52]# vim ifcfg-ens33# 修改IP地址为 10.1.8.11IPADDR10.1.8.11# 重新加载配置文件[rootserver1 network-scripts 09:24:52]# nmcli connection reload# 激活配置[rootserver1 network-scripts 09:24:52]# nmcli connection up ens33# 配置名称解析[rootserver1 ~ 09:42:48]# vim /etc/hosts127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6# 最后追加解析记录10.1.8.11 server1.sjw.cloud server110.1.8.12 server2.sjw.cloud server2#验证[rootserver1 ~10:11:50]# ping -c 1 server2PING server2.sjw.cloud(10.1.8.12)56(84)bytes of data.64bytes from server2.sjw.cloud(10.1.8.12):icmp_seq1ttl64time0.199ms --- server2.sjw.cloudpingstatistics ---1packets transmitted,1received,0% packet loss,time0ms rtt min/avg/max/mdev0.199/0.199/0.199/0.000 ms配置server2# 设置主机名[rootserver2 ~ 09:23:07]# hostnamectl set-hostname server2.sjw.cloud# 修改 IP 地址[rootserver2 ~ 09:23:07]# cd /etc/sysconfig/network-scripts/[rootserver2 network-scripts 09:24:52]# vim ifcfg-ens33# 修改IP地址为 10.1.8.12IPADDR10.1.8.12# 重新加载配置文件[rootserver2 network-scripts 09:24:52]# nmcli connection reload# 激活配置[rootserver2 network-scripts 09:24:52]# nmcli connection up ens33# 配置名称解析[rootserver1 ~ 09:42:48]# vim /etc/hosts127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6# 最后追加解析记录10.1.8.11 server1.sjw.cloud server110.1.8.12 server2.sjw.cloud server2#验证[rootserver2 ~ 09:46:15]# ping -c 1 server1PING server1.sjw.cloud(10.1.8.11)56(84)bytes of data.64bytes from server1.sjw.cloud(10.1.8.11):icmp_seq1ttl64time0.179ms --- server1.sjw.cloudpingstatistics ---1packets transmitted,1received,0% packet loss,time0ms rtt min/avg/max/mdev0.179/0.179/0.179/0.000 ms验证[rootserver1 ~10:12:35]# hostnameserver1.sjw.cloud[rootserver1 ~10:14:02]# ip -br alo UNKNOWN127.0.0.1/8 ::1/128 ens33 UP10.1.8.11/24 fe80::20c:29ff:fe4f:643e/64[rootserver2 ~10:13:27]# hostnameserver2.sjw.cloud[rootserver2 ~10:14:47]# ip -br alo UNKNOWN127.0.0.1/8 ::1/128 ens33 UP10.1.8.12/24 fe80::20c:29ff:fe07:a2de/64配置过程配置server1秘钥登录server2# 1. 生成密钥对[rootserver1 ~10:02:52]# ssh-keygenGenerating public/private rsa key pair.# 私钥保存位置Enterfileinwhichto save the key(/root/.ssh/id_rsa):# 私钥密码为空Enter passphrase(emptyforno passphrase): Enter same passphrase again: Your identification has been savedin/root/.ssh/id_rsa. Your public key has been savedin/root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:EWHD23ebuaOEMAQOP6kgXl2IEErL5YqiszrAPlRjX5o rootserver1.laoma.cloud The keys randomart image is: ---[RSA 2048]---- | o.o oo. | | ....o | |oo.o . oo | |o.o . ... . . | |oo S . . | |o E o . | |* . . . | |. . o | |.. .. . | ----[SHA256]----- [rootserver1 ~ 10:04:35]# ls .ssh/id_rsa* id_rsa id_rsa.pub # 删除之前生成的文件 [rootserver1 ~ 10:04:35]# rm -fr .ssh/id_rsa* # 也可以使用以下命令非交互方式生成 [rootserver1 ~ 10:05:47]# ssh-keygen -N -f.ssh/id_rsa# -f 私钥存储位置# -N 指定秘钥为空# 2. 推送到目标服务器[rootserver1 ~10:06:40]# ssh-copy-id sjwserver2/usr/bin/ssh-copy-id: INFO: Source of key(s)to be installed:/root/.ssh/id_rsa.pub/usr/bin/ssh-copy-id: INFO: attempting to loginwith the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO:1key(s)remain to be installed --ifyou are prompted now it is toinstallthe new keys laomaserver2s password: Number of key(s) added: 1 Now try logging into the machine, with: ssh sjwserver2 and check tomakesure that only the key(s)you wanted were added.# 3. 验证[rootserver1 ~10:11:21]# ssh sjwserver2 iduid1000(sjw)gid1000(sjw)组1000(sjw),10(wheel)[rootserver1 ~10:11:42]# ssh sjwserver2 hostnameserver2.sjw.cloud

更多文章