day2作业
1.配置ntp时间服务器,确保客户端主机能和服务主机同步时间
2.配置ssh免密登陆,能够通过客户端主机通过redhat用户和服务端主机基于公钥验证方式进行远程连接
1.配置ntp时间服务器,确保客户端主机能和服务主机同步时间
服务端 IP :192.168.90.132
[root@localhost ~]# vim /etc/chrony.conf
设置访问(可以是网端,也可以是ip地址) //注意要取消注释
allow 192.168.90.131
allow 192.168.90.00/24
# Serve time even if not synchronized to a time source.
local stratum 10
每次改完配置,要重启进程
[root@localhost ~]# systemctl restart chronyd
查看
[root@localhost ~]# ps -aux | grep chronyd
关闭防火墙和SELinux
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
客户端 IP :192.168.90.131
[root@localhost ~]# vim /etc/chrony.conf
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (https://www.pool.ntp.org/join.html).
#pool 2.rhel.pool.ntp.org iburst
pool 192.168.90.132
# Serve time even if not synchronized to a time source.
local stratum 10
修改时间
[root@localhost ~]# date 121010102023
Sun Dec 10 10:10:00 AM CST 2023
[root@localhost ~]# systemctl restart chronyd //重启进程
[root@localhost ~]# date //查看时间
追溯
[root@localhost ~]# chronyc sources
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^? 192.168.90.132 2 6 1 61 +5846h[ +5846h] +/- 17ms
2.配置ssh免密登陆,能够通过客户端主机通过redhat用户和服务端主机基于公钥验证方式进行远程连接
查看服务软件包
[root@localhost ~]# rpm -qa | grep ssh
libssh-config-0.9.6-3.el9.noarch
libssh-0.9.6-3.el9.x86_64
openssh-8.7p1-24.el9_1.x86_64
openssh-clients-8.7p1-24.el9_1.x86_64 //客户端软件
openssh-server-8.7p1-24.el9_1.x86_64
没有公钥验证,则密码验证
ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): //设置密钥密码
Enter same passphrase again: //再次输入
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:g1u2eMp0G+pxbrPCRuKeHd4mO6wzOhfHpj3t5MnVEGM root@localhost.localdomain
The key's randomart image is:
+---[RSA 3072]----+
| |
| |
| E |
| . . o |
| .. S . |
| o == o o |
| . @*.B . . |
| . **X#== |
| .=+*OXXo |
+----[SHA256]-----+
[redhat@node1 root]# vim known_hosts
[rredhat@node1 root]# ssh-copy-id + 服务端ip
服务端
[redhat@node1 root]# ll /root/.ssh/
total 4
-rw-------. 1 root root 580 Apr 13 20:30 authorized_keys
[redhat@node1 root]# ssh 192.168.90.131 //在本地服务器上登陆对端服务器