所有linux主机之间(包含本主机)root用户实现密钥ssh认证,禁用密码认证。
ssh-keygen //所有主机运行这条命令生成密钥(注:1-9都需要运行,输入之后一直回车就行了别的什么都不用输)
[root@linux1 ~]# cat /root/.ssh/id_rsa.pub //把所有主机id_rsa.pub内的密钥都复制到,linux1的id_rsa.pub里面
//利用for循环把密钥发送的所有主机,一定要复制到/root/.ssh/authorized_keys 这个路径改了没效果
[root@linux1 ~]# for i in {1..9};do scp /root/.ssh/id_rsa.pub root@10.4.220.10$i:/root/.ssh/authorized_keys ;done
[root@linux1 ~]# vi /etc/ssh/sshd_config //修改配置文件来实现禁用密码认证
61 # Don't read the user's ~/.rhosts and ~/.shosts files
62 #IgnoreRhosts yes
63
64 # To disable tunneled clear text passwords, change to no here!
65 PasswordAuthentication no //修改
66 #PermitEmptyPasswords no
//利用for把配置文件,发送的其余主机
[root@linux1 ~]# for i in {2..9};do scp /etc/ssh/sshd_config root@10.4.220.10$i:/etc/ssh/sshd_config ;done
//重启服务所有主机重启服务
[root@linux1 ~]# for i in {1..9};do ssh root@10.4.220.10$i systemctl restart sshd