2023/7/17RHEL暑期二

最新推荐文章于 2024-07-08 22:09:55 发布

Sesessep

最新推荐文章于 2024-07-08 22:09:55 发布

阅读量46

点赞数

文章标签： linux

本文链接：https://blog.csdn.net/Sesessep/article/details/131775252

版权

1.配置ntp时间服务器，确保客户端主机能和服务主机同步时间

使用chrony实现主机同步时间

（1）安装chrony

[root@server ~]# yum install chrony.x86_64 -y
[root@server ~]# systemctl start chronyd
[root@server ~]# systemctl status chronyd

（2）server主机服务器向阿里时间同步服务器进行时间同步

[root@server ~]# vim /etc/chrony.conf

进入chrony配置文件，编辑配置文件，定位定3行，修改为阿里的时间同步服务器地址（server ntp.aliyun.com iburst)

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (https://www.pool.ntp.org/join.html).
server ntp.aliyun.com iburst

# Use NTP servers from DHCP.
sourcedir /run/chrony-dhcp

重启服务并测试

[root@server ~]# systemctl restart chronyd
[root@server ~]# chronyc sources -v

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current best, '+' = combined, '-' = not combined,
| /             'x' = may be in error, '~' = too variable, '?' = unusable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 203.107.6.88                  2   6    17     6    -38ms[  -37ms] +/-   85ms
[root@server ~]# timedatectl status 
               Local time: 一 2023-07-17 21:22:49 CST
           Universal time: 一 2023-07-17 13:22:49 UTC
                 RTC time: 一 2023-07-17 13:22:49
                Time zone: Asia/Shanghai (CST, +0800)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no

yes 表示server主机服务器已与阿里时间同步服务器时间同步

（3）设置server主机服务器时间同步白名单

进入chrony配置文件，定位26行，设置node1可以访问本机进行时间同步

[root@server ~]# vim /etc/chrony.conf

将IP地址改为server端主机地址

# Allow NTP client access from local network.
allow 192.168.186.131/24

重启服务

[root@server ~]# systemctl restart chronyd

（4）定位node1端

进入chrony配置文件，编辑配置文件，定位定3行，修改为server的ip地址（server 192.168.186.130 iburst)

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (https://www.pool.ntp.org/join.html).
server 192.168.186.130 iburst

重启服务并检验

[root@node1 ~]# systemctl restart chronyd
[root@node1 ~]# chronyc sources -v

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current best, '+' = combined, '-' = not combined,
| /             'x' = may be in error, '~' = too variable, '?' = unusable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 192.168.186.130               3   6    17    22    -12us[-4653ns] +/-   42ms
[root@node1 ~]# timedatectl status 
               Local time: 一 2023-07-17 21:33:36 CST
           Universal time: 一 2023-07-17 13:33:36 UTC
                 RTC time: 一 2023-07-17 13:33:36
                Time zone: Asia/Shanghai (CST, +0800)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no

时间服务器ip为server端的IP地址，yes表示同步成功，即node1客户端主机与server服务端主机时间同步成功

2.配置ssh免密登陆，能够实现客户端主机通过服务器端的redhat账户进行基于公钥验证方式的远程连接

（1）创造redhat账户

[root@server ~]# useradd redhat
[root@server ~]# passwd redhat

（2）定位node1（客户端）制作公私钥对

[redhat@server ~]# ssh-keygen  -t  rsa   
Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:qYGbVwaxgjb0WXslhaFkoG4TG7vt1LfE2r+GLq4F4Lw root@node1
The key's randomart image is:
+---[RSA 3072]----+
|  . ..= o+o      |
| . + = =.o       |
|  O + = .        |
| = B o o .       |
|  O o . S        |
| . = = *         |
|  E = = +.       |
|   o o.=...      |
|    oooo+oo.     |
+----[SHA256]-----+

(3)定位node1端，上传公钥

[redhat@server ~]# ssh-copy-id  root@192.168.186.130

(4)测试

[redhat@server ~]$ ssh root@192.168.186.130
Activate the web console with: systemctl enable --now cockpit.socket

Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Mon Jul 17 22:15:22 2023 from 192.168.186.130

成功

Sesessep

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
1
评论
2023/7/17RHEL暑期二

进入chrony配置文件，编辑配置文件，定位定3行，修改为阿里的时间同步服务器地址（server ntp.aliyun.com iburst)进入chrony配置文件，编辑配置文件，定位定3行，修改为server的ip地址（server 192.168.186.130 iburst)时间服务器ip为server端的IP地址，yes表示同步成功，即node1客户端主机与server服务端主机时间同步成功。yes 表示server主机服务器已与阿里时间同步服务器时间同步。将IP地址改为server端主机地址。
复制链接

扫一扫