一、配置ntp时间服务器,确保客户端主机能和服务主机同步时间
1.定位服务端,配置向阿里时间服务器进行同步时间
[root@localhost ~]# vim /etc/chrony.conf
# 定位第3行,删除后,添加如下内容:
server ntp.aliyun.com iburst
2.定位服务端,重启服务,测试是否同步
[root@localhost ~]# vim /etc/chrony.conf
[root@localhost ~]# systemctl restart chronyd
[root@localhost ~]# chronyc sources -v
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current best, '+' = combined, '-' = not combined,
| / 'x' = may be in error, '~' = too variable, '?' = unusable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 203.107.6.88 2 6 17 11 +374us[+3522us] +/- 26ms
[root@localhost ~]# timedatectl status
Local time: 六 2023-03-18 19:43:54 CST
Universal time: 六 2023-03-18 11:43:54 UTC
RTC time: 六 2023-03-18 11:43:54
Time zone: Asia/Shanghai (CST, +0800)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
3.定位服务端,配置允许访问的主机ip,并重启服务
[root@localhost ~]# vim /etc/chrony.conf
# 定位第26行,删除allow前的#注释,修改允许的主机网段及子网掩码,结果为:
allow 192.168.121.0/24
# 退出配置文件,重启服务
[root@localhost ~]# systemctl restart chronyd
4.定位客户端,修改主配置文件中的时间服务器地址,并重启服务
[root@node2 ~]# vim /etc/chrony.conf
#删除第三行内容,添加pool 192.168.48.130 iburst
#Use public localhost from the pool.ntp.org project.
#Please consider joining the pool (https://www.pool.ntp.org/join.html)
pool 192.168.48.130 iburst
#重启服务
[root@node2 ~]# systemctl restart chronyd
5.定位客户
[root@node2 ~]# chronyc sources -v # 同步时间
二、配置ssh免密登陆,能够通过客户端主机通过redhat用户和服务端主机基于公钥验证方式进行远程连接
1.客户端添加新账户并进入Redhat用户
[root@node1 ~]# useradd redhat
[root@node1 ~]# passwd redhat
更改用户 redhat 的密码 。
新的密码:
passwd:所有的身份验证令牌已经成功更新。
[root@node1 ~]# su redhat
2.定位客户端的Redhat用户,并制作密钥,且复制客户端Redhat公钥到服务器指定目录
#复制客户端Redhat公钥到服务器指定目录
[redhat@node1 root]$ ssh-copy-id root@192.168.121.128
[redhat@node1 root]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/redhat/.ssh/id_rsa): Created directory '/home/redhat/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/redhat/.ssh/id_rsa
Your public key has been saved in /home/redhat/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:vrNKPkC+8kgVNMfv9pARqDxZ0bJOXn6JE9k6edcEUlc redhat@node1
The key's randomart image is:
+---[RSA 3072]----+
| o.o+ .. ..E|
| . o= o . .. |
| ..+ + + . . |
| *.o * . . |
| o.= +SB . o |
| .o o.% + . . |
| . o...B . |
| ....o. ... |
| .o. oooo |
+----[SHA256]-----+
3.客户端测试
[root@node1 ~]# ssh root@192.168.48.130