Linux主机名与免密登录实操
1、配置设备主机名
1.直接修改配置文件
vim /etc/hostname
systemctl restart systemd-hostnamed.service
注意:修改完配置需要重启hostnamed服务
2.使用nmtui修改主机名(图形化界面)
systemctl restart systemd-hostnamed.service
3.hostnamectl修改主机名 永久修改主机名
hostnamectl set-hostname 123 将当前主机名修改为123
注意:该方法需要与hostname相区分
hostname命令是临时修改 hostnamectl是永久修改主机名
4.nmcli命令修改主机名
nmcli general hostname server1
systemctl restart systemd-hostnamed.service
2、A主机 -> B主机 可免密码登录实操
2.1,修改主机的hostname
A主机 192.168.168.101
[root@www ~]# hostname
www
B主机 192.168.168.102
[root@mail ~]# hostname
mail
2.2,在A192.168.168.101主机生成密钥对
[root@www .ssh]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
4f:07:ae:a6:ca:31:ea:34:1f:81:6c:be:75:a6:07:97 root@www
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| . |
| . . . . |
| + . .S o . |
| o ..E + . |
| + =oo o . |
| . B B.o |
| .+ =o. |
+-----------------+
生成的密匙对默认存放在家目录下的.ssh
文件夹中
[root@www ~]# ls ./.ssh/
id_rsa id_rsa.pub
2.3,A主机发送公钥到B主机
[root@www ~]# ssh-copy-id -i .ssh/id_rsa.pub root@192.168.168.102
The authenticity of host '192.168.168.102 (192.168.168.102)' can't be established.
RSA key fingerprint is ec:67:e1:93:66:25:bf:64:f3:0f:4d:59:9b:23:6a:79.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.168.102' (RSA) to the list of known hosts.
Address 192.168.168.102 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
root@192.168.168.102's password:
Now try logging into the machine, with "ssh 'root@192.168.168.102'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
2.4,从A主机免密登录B主机测试
[root@www ~]# ssh 192.168.168.102
Address 192.168.168.102 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Last login: Mon Nov 25 03:58:13 2019 from 192.168.168.2
[root@mail ~]#
2.5,A主机发送命令到B主机执行
[root@www ~]# ssh -n 192.168.168.102 "date '+%Y%m%d %H:%M:%S'"
Address 192.168.168.102 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
20191125 04:35:19
后记:
ssh-keygen [-t dsa | ecdsa | ed25519 | rsa | rsa1]
ssh-copy-id [-i [identity_file]] [-p port] [user@]hostname
ssh -n [user@]hostname [command]