Linux多台机器配置互相信任关系

环境

• 三台机器：
  
  • hadoop001， IP：192.168.92.200
  • hadoop002 ，IP：192.168.92.201
  • hadoop003， IP：192.168.92.202

配置

• 三台机器分别执行 ssh-keygen,输入命令后回车，回车，再回车。回车三次即可。

[root@hadoop001 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
8d:29:13:12:a7:eb:1d:71:d6:cf:a4:33:3e:f8:57:f6 root@hadoop001
The key's randomart image is:
+--[ RSA 2048]----+
|    . .          |
|     +   .       |
|    o o o . .    |
|     o = + =     |
|    . + S = o    |
|   . . + o o  o  |
|    . . . o  o . |
|         . ..   E|
|          ..     |
+-----------------+

• 查看生成的.ssh隐藏文件夹

[root@hadoop001 ~]# ll -a
drwx------.  2 root root  4096 Dec  4 18:00 .pulse
-rw-------.  1 root root   256 Dec  4 18:00 .pulse-cookie
drwx------.  2 root root  4096 Feb 28 16:46 .ssh
-rw-r--r--.  1 root root   129 Dec  4  2004 .tcshrc
drwxr-xr-x.  2 root root  4096 Dec  4 18:00 Templates
drwxr-xr-x.  2 root root  4096 Dec  4 18:00 Videos

• 查看公钥与私钥

[root@hadoop001 ~]# ll -a ./.ssh/
total 16
drwx------.  2 root root 4096 Feb 28 16:46 .
dr-xr-x---. 27 root root 4096 Feb 28 13:59 ..
-rw-------.  1 root root 1675 Feb 28 16:46 id_rsa
-rw-r--r--.  1 root root  396 Feb 28 16:46 id_rsa.pub

• 选取hadoop001,生成authorized_keys文件,并将公钥内容追加进去

[root@hadoop001 ~]# cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys

• 其他多台机器的id_rsa.pub内容,手动copy到第一台hadoop001的authorized_keys文件
  
  • 注意copy时,最好先放到记事本中,将回车去掉,成为一行

[root@hadoop001 .ssh]# cat authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAyROAajOjam+DoZ6EShke4WgdvgPQsaa9Sc7zPXNDk3nQ9Xzde5XpC8vD8hjFABO5CEbgavZ7tSvLX0HxroMwgi26NFwywlQlskQnnOrI/NVx8QocdcjfoRRaWyboQpsBmf2j4ADDMEOBZOycvRNWC/Vda2OWKpGrav3zLUAXpIm6UTLdGgAsZXjOmlwyRsWu0RajdmuoGYzHE3rePqlPjXSpTkhZm9sR1LBkWSxz6y8piqp2Q7QWJkQtxuTUVE3LkEa4a0wIhVU+pI1LNBUufAcWmxrz3MpnscYJPfIvfChaG4SRMXS0N+FVqyxgx4xFZhQ2SG/RDwmy9stG6xXAOQ== root@hadoop001
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwavnoifdzJ1vLhRTdALqifUlw8NBIceIkPXAYPs4iFxUOn02nurr1hZgpe/9cLVInIopNINaHcnYjP2sLNv7wklQgYZNfwK3k5DwTh9M/Yyr+9XFT0CyYrjgVgfnb9s41KjniJz9qFa96K/BylKUljd+bwl1kYgnmxbKGoIg3nNiJiJpDTGlySrnmrSrEjSpP7rL8OacrLNKjDSIGb7J7pFcM95b5pIQUth3fp05yuzq1kMlee9+URvcmtH3XJbrA1ybZWWGWEBJnC6sDY6DnQJ6K3LK0+OwBZWvYPimb1BTQiJSgYzqdDDdSlX+c/z9CUbd/k4No11wDW1NtWpNoQ== root@hadoop002
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtOPrrV7o9zv1DTKYk9w4LnpCNqReCdGDmU84QUrQje/8sZDopFPdsdZWGgXuFlfR2L0eVFsXsFNHDIl3mXNyr2tW5VUqFdsLu9cGfu9Iq65QyteCL1BO463Hm2yPtIponXIeduMrK8F/sdc3LDzKOpJGYyYMK1/TqOX592lXdL6nranETmoUYX0TIFMD6gYNq3CB7DBDaJ2fg0vrGKdCH9FtH1pCayK7iFTGSBRMCqzZstr92G0PTB4O82RwEnwHSYbw1lhsBj7XskM336tpyhnBUoMSItg1QglSLgDOVVLHn29Y7k/qfnIHI0XtOHOOwHZyiDMGfnma/PH6synPiw== root@hadoop003
[root@hadoop001 .ssh]# 

• .ssh文件夹和authorized_keys权限修改
  
  • .ssh（每台都执行）

[root@hadoop001 ~]# chmod 700 -R /root/.ssh

- authorized_keys

[root@hadoop001 ~]# chmod 600 ~/.ssh/authorized_keys 

• 将第一台的authorized_keys文件 scp 给其他机器(第一次传输,需要输入密码)

[root@hadoop001 ~]# cd .ssh
[root@hadoop001 .ssh]# scp authorized_keys root@192.168.92.201:/root/.ssh/authorized_keys 
The authenticity of host '192.168.92.201 (192.168.92.201)' can't be established.
RSA key fingerprint is bf:5d:2b:37:82:ba:2e:45:16:94:cf:3f:1b:bf:7b:96.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.92.201' (RSA) to the list of known hosts.
root@192.168.92.201's password: 
authorized_keys                                               100% 1188     1.2KB/s   00:00 

[root@hadoop001 .ssh]# scp authorized_keys root@192.168.92.202:/root/.ssh/authorized_keys 
The authenticity of host '192.168.92.202 (192.168.92.202)' can't be established.
RSA key fingerprint is bf:5d:2b:37:82:ba:2e:45:16:94:cf:3f:1b:bf:7b:96.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.92.202' (RSA) to the list of known hosts.
root@192.168.92.202's password: 
authorized_keys                                               100% 1188     1.2KB/s   00:00 

• 配置hosts文件

[root@hadoop001 .ssh]# vi /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.92.200 hadoop001
192.168.92.201 hadoop002
192.168.92.202 hadoop003

• 传输host是文件到其他机器

[root@hadoop001 .ssh]# scp /etc/hosts root@192.168.92.201:/etc/hosts
hosts                                                                         100%  233     0.2KB/s   00:00    
[root@hadoop001 .ssh]# scp /etc/hosts root@192.168.92.202:/etc/hosts
hosts                                                                         100%  233     0.2KB/s   00:00   

测试

• 打印日期,每台机器分配输入一下命令，输入yes成功打印日期成功

[root@hadoop001 .ssh]# ssh root@hadoop001 date
Wed Feb 28 17:50:14 CST 2018
[root@hadoop001 .ssh]# ssh root@hadoop002 date
Wed Feb 28 17:50:18 CST 2018
[root@hadoop001 .ssh]# ssh root@hadoop003 date
Wed Feb 28 17:50:22 CST 2018