1.配置桥接
[root@localhost Desktop]# nmcli connection add type bridge con-name br1 ifname br1
Connection 'br1' (a797689a-d4a4-4057-99af-ad57fb730131) successfully added.
[root@localhost Desktop]# nmcli connection modify br1 ipv4.addresses 192.168.233.221/24
[root@localhost Desktop]# nmcli connection modify br1 ipv4.gateway 192.168.233.2
[root@localhost Desktop]# nmcli connection modify br1 ipv4.method manual
[root@localhost Desktop]# nmcli connection add type bridge-slave con-name br1-port0 ifname ens192 master br1
Warning: There is another connection with the name 'br1-port0'. Reference the connection by its uuid 'b78dcadf-2164-48e7-bce2-8ffca89ed69e'
Connection 'br1-port0' (b78dcadf-2164-48e7-bce2-8ffca89ed69e) successfully added.
[root@localhost Desktop]# nmcli connection up br1 br1-port1
Error: invalid extra argument 'br1-port1'.
[root@localhost Desktop]# nmcli connection up br1-port0
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/30)
[root@localhost Desktop]# nmcli connection up br1
运行结果:
[root@localhost Desktop]# nmcli connection show
NAME UUID TYPE DEVICE
br1 a797689a-d4a4-4057-99af-ad57fb730131 bridge br1
virbr0 bd06317a-45a7-4ace-8a3e-f3e0bf72c0e8 bridge virbr0
br1-port0 f9a2d637-92a9-4014-8723-c5a8015e76cd ethernet ens192
br1-port0 b78dcadf-2164-48e7-bce2-8ffca89ed69e ethernet --
2.SSH:拒绝用户远程登陆
3.xshell远程免密登录
zhangqiao@localhost Desktop]$ cd ~
[zhangqiao@localhost ~]$ cd .ssh
bash: cd: .ssh: No such file or directory
[zhangqiao@localhost ~]$ su root
Password:
[root@localhost zhangqiao]# cd ~
[root@localhost ~]# cd .ssh
[root@localhost .ssh]# ls
authorized_keys known_hosts
[root@localhost .ssh]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:LZ7pIsqDGa5GD0vpsok/1etAcghJuZlNx0ZMT3ZIQbs root@localhost.localdomain
The key's randomart image is:
+---[RSA 3072]----+
| .. =oo*o. |
|.o . =+.o |
|o * o o |
| = o .. |
| + o. ES . |
|.= +. .. + |
|=++.. .+ |
|=Bo...o. |
|Oo++ o... |
+----[SHA256]-----+
[root@localhost .ssh]# ls
authorized_keys id_rsa id_rsa.pub known_hosts
[root@localhost .ssh]# ssh-copy-id localhost
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'localhost (::1)' can't be established.
ECDSA key fingerprint is SHA256:JMpiTR0tXTwSJPt0IKtIBpNFqQZxOiHxy+mh+uPjIx8.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@localhost's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'localhost'"
and check to make sure that only the key(s) you wanted were added.
[root@localhost .ssh]# ls
authorized_keys id_rsa id_rsa.pub known_hosts
[root@localhost .ssh]# scp /root/.ssh/authorized_keys 192.168.233.129:~/.ssh/
The authenticity of host '192.168.233.129 (192.168.233.129)' can't be established.
ECDSA key fingerprint is SHA256:JMpiTR0tXTwSJPt0IKtIBpNFqQZxOiHxy+mh+uPjIx8.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.233.129' (ECDSA) to the list of known hosts.
root@192.168.233.129's password:
authorized_keys 100% 1160 521.9KB/s 00:00
[root@localhost .ssh]# ssh root@192.168.233.129
Activate the web console with: systemctl enable --now cockpit.socket
This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
To register this system, run: insights-client --register
Last login: Mon Nov 29 20:29:21 2021
[root@localhost ~]#