环境准备
两台虚拟机都开启并且关闭防火墙和seliunx
[root@server ~]# systemctl status sshd #查看sshd的状态
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor pres>
Active: active (running) since Mon 2023-10-30 09:53:35 CST; 1min 50s ago
Docs: man:sshd(8)
man:sshd_config(5)
Main PID: 923 (sshd)
Tasks: 1 (limit: 11985)
Memory: 5.9M
CPU: 95ms
CGroup: /system.slice/sshd.service
└─923 "sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups"
[root@server ~]# systemctl status firewalld #查看防火墙是否关闭
○ firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendo>
Active: inactive (dead)
Docs: man:firewalld(1)
[root@server ~]# setenforce 0 #关闭senlinux
第一步
定位客户端制作公私钥对
[root@Node1 ~]# ssh-keygen -t rsa
第二步
定位客户端,将公钥上传到服务器端
[root@Node1 ~]# ssh-copy-id root@192.168.20.133
其中要在交互中输入一次yes
# 注意:客户端将公钥上传到服务器端后,服务器端的/root/.ssh/authorized_keys文件会存储客户端的公钥数据
第三步
[root@Node1 ~]# ssh root@192.168.20.133
Activate the web console with: systemctl enable --now cockpit.socket
Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Mon Oct 30 09:53:37 2023 from 192.168.20.1
[root@server ~]#
可以进行免密登录
第四步
因为是互相免密登录所以我们在server端也要进行一次同样的操纵
[root@server ~]# ssh-copy-id root@192.168.20.141
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.20.141 (192.168.20.141)' can't be established.
ED25519 key fingerprint is SHA256:QFpceWlQI0u+6CqzX/HFRt1EzZB868vU3Qy+d7rPwQ4.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.20.141's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.20.141'"
and check to make sure that only the key(s) you wanted were added.
[root@server ~]# ssh root@192.168.20.141
Activate the web console with: systemctl enable --now cockpit.socket
Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Mon Oct 30 09:53:41 2023 from 192.168.20.1
总结
其实就是两步,在自己的机子上生成公私钥对之后把公钥通过·ssh-copy-id·传给服务端,这样就建立了联系