linux间的对等关系建立

第一步，建立两台主机对等关系

 

两台主机是不同的版本的linux操作系统，一个是red hat5.7，另外一个是centos 5.6。此时需要把red hat5.7上的备份文件复制到centos5.6上面。

 

建立120与124的对等关系

 

两机都要做：

第一步：

 

[oracle@gg02 ~]$ ssh 10.86.87.120

The authenticity of host 'gg02 (10.86.87.133)' can't be established.

RSA key fingerprint is 2b:d3:2a:5b:f0:66:e0:9a:12:52:8d:e9:c1:46:9b:e4.

Are you sure you want to continue connecting (yes/no)?

Host key verification failed.

[oracle@gg01 ~]$ ssh 10.86.87.124

The authenticity of host 'gg02 (10.86.87.133)' can't be established.

RSA key fingerprint is 2b:d3:2a:5b:f0:66:e0:9a:12:52:8d:e9:c1:46:9b:e4.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'gg02,10.86.87.133' (RSA) to the list of known hosts.

oracle@gg02's password:

Permission denied, please try again.

oracle@gg02's password:

Permission denied, please try again.

oracle@gg02's password:

Permission denied (publickey,gssapi-with-mic,password).

 

[oracle@gg01 ~]$ ssh 10.86.87.124 date

oracle@gg02's password:

Permission denied, please try again.

oracle@gg02's password:

Permission denied, please try again.

oracle@gg02's password:

Permission denied (publickey,gssapi-with-mic,password).

 

注：上面ssh gg02一定要执行。

 

第二步,

[root@gg02 ~]# mkdir -p /usr/local/bin

[root@gg02 ~]# cp /usr/bin/scp /usr/local/bin

[root@gg02 ~]# cp /usr/bin/ssh /usr/local/bin

 

 

第三步,

 

[root@gg01 ~]# su - oracle

-bash-3.2$ mkdir .ssh

-bash-3.2$ chmod 700 .ssh

 

注：第二步及第三步需要在两个主机上都需要做

 

第四步,

 

 

在每个节点上重复的上述命令。选择其中一个节点作为当前节点，在这个节点上为当前用户产生RSA密钥或者DSA密钥，这个密钥都将存储在.ssh目录下的相关文件中。其中RSA公钥和私钥分别存放在文件id_rsa.pub和id_rsa中，而DSA公钥和私钥分别存放在文件id_dsa.pub和id_dsa中。例如，下面在节点gg02上产生RSA密钥：

 

 

-bash-3.2$ ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/opt/oracle/.ssh/id_rsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /opt/oracle/.ssh/id_rsa.

Your public key has been saved in /opt/oracle/.ssh/id_rsa.pub.

The key fingerprint is:

2a:ca:45:b2:6d:44:34:3a:27:41:68:a0:a4:ce:90:f3 oracle@gg02

 

为了保护私钥，在创建RSA密钥时，可以为RSA私钥指定口令(passphrase),以后在读私钥时需要输入这个口令。以下命令用于在节点gg02为oracle用户产生DSA密钥：

 

-bash-3.2$ ssh-keygen -t dsa

Generating public/private dsa key pair.

Enter file in which to save the key (/opt/oracle/.ssh/id_dsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /opt/oracle/.ssh/id_dsa.

Your public key has been saved in /opt/oracle/.ssh/id_dsa.pub.

The key fingerprint is:

2c:8f:e2:5d:67:44:c4:8f:b7:17:a4:f4:84:90:eb:73 oracle@gg02

 

在创建DSA密钥时，同样可以为DSA私钥指定口令。下面的命令用于将DSA公钥和RSA公钥复制到authorized_keys文件中，并为这个文件设置权限：

 

第五步，

 

-bash-3.2$ pwd

/opt/oracle/.ssh

-bash-3.2$ cat id_dsa.pub >> authorized_keys

-bash-3.2$ cat id_rsa.pub >> authorized_keys

-bash-3.2$chmod 600 authorized_keys

[oracle@gg02 .ssh]$ scp authorized_keys 10.86.87.120:/opt/oracle/.ssh

oracle@gg01's password:

 

注：最后一步还是比较重要的。

 

 

第六步,

[oracle@gg01 .ssh]$  exec /usr/bin/ssh-agent

[oracle@gg01 .ssh]$ /usr/bin/ssh-add

Identity added: /home/oracle/.ssh/id_rsa (/home/oracle/.ssh/id_rsa)

Identity added: /home/oracle/.ssh/id_dsa (/home/oracle/.ssh/id_dsa)

 

注：这一步在120上执行即可

[oracle@gg02 ~]$ ssh 10.86.87.120 date

Mon May  7 11:54:00 EDT 2012

 

 

注：对等关系建立成功。

 

 

解决的问题：

当使用ssh-add 添加新的内容，提示如下错误时：
Could not open a connection to your authentication agent.
可以通过先运行如下命令：

ssh-agent bash
再重新添加
/usr/bin/ssh-add

 

 

 

 

通过scp把文件上传到另外一个主机上，或者通过ftp上传到另外一个主机上。