主机名 | IP地址 |
---|---|
centos-01 | 192.168.150.128 |
centos-02 | 192.168.150.129 |
CentOS-01连接CentOS-02(普通方式)
CentOS-01
[root@centos-01 ~]# ssh 192.168.150.129
The authenticity of host '192.168.150.129 (192.168.150.129)' can't be established.
ECDSA key fingerprint is SHA256:tUzP+aYEwLklzTHTN5A9dzFfXb+4E9hdOmD1M2jml0s.
ECDSA key fingerprint is MD5:5f:f2:ca:7f:3c:f1:21:f0:0c:16:25:61:7f:83:ca:6b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.150.129' (ECDSA) to the list of known hosts.
root@192.168.150.129's password:
Last login: Thu Jan 18 12:56:31 2018 from 192.168.150.1
CentOS-02
[root@centos-02 ~]# w
12:59:32 up 4 min, 2 users, load average: 0.13, 0.31, 0.16
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 192.168.150.1 12:56 4.00s 0.06s 0.04s w
root pts/1 192.168.150.128 12:59 19.00s 0.01s 0.01s -bash
CentOS-01
[root@centos-02 ~]# logout
Connection to 192.168.150.129 closed.
[root@centos-01 ~]#
CentOS-02免密钥登录CentOS-01(SSH登录)
CentOS-02
[root@centos-02 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:RfjueL/pQSL51ms5J7DK5O80C3kUGNcjPqNAZP6srzw root@centos-02
The key's randomart image is:
+---[RSA 2048]----+
| .o ..o. |
| o. .=. o |
| .. .oo. . |
| .o o=. |
| .Sooo. |
| ..=o+ |
| . +o*oo. |
| .E=.=+o=+. |
| oo==++*= |
+----[SHA256]-----+
[root@centos-02 ~]#
[root@centos-02 ~]# ls /root/.ssh/
authorized_keys id_rsa id_rsa.pub
[root@centos-02 ~]# cat /root/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCUhPCnFjVORQdYvn6wmJUc6LPQRwaF4lraCGbCm2lj3l0rp+jDgTSST5WZ4qOus9Vp4pko0y1Savirp1emHHz2SZVih4NLqyoeb8AJjqgoGjaY2jmX0Mrc5qDIhisZjMn/+Juje7gURsocRnVCKVKBSMBOKMUocatNyBWbdswuKjJK4tsLJbPd/Y3UVXqIqv3wU9RrWKMUCiJUe7HlDZoFJp9KNx7GLjhrl0tjxsChqilODDvtlRbzA6ojJggNlmcXVcs8Bj7kcOFXwKvWEQwjEk1Vh9T+lI/oSKr/c/Pqc5zTL2LgY/0U88lui8MCrn3doA7jluwH+VVFUOA4BPPd root@centos-02
把公钥内容复制到CentOS-01上去
CentOS-01
[root@centos-01 ~]# vi /root/.ssh/authorized_keys
添加
#centos-02
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCUhPCnFjVORQdYvn6wmJUc6LPQRwaF4lraCGbCm2lj3l0rp+jDgTSST5WZ4qOus9Vp4pko0y1Savirp1emHHz2SZVih4NLqyoeb8AJjqgoGjaY2jmX0Mrc5qDIhisZjMn/+Juje7gURsocRnVCKVKBSMBOKMUocatNyBWbdswuKjJK4tsLJbPd/Y3UVXqIqv3wU9RrWKMUCiJUe7HlDZoFJp9KNx7GLjhrl0tjxsChqilODDvtlRbzA6ojJggNlmcXVcs8Bj7kcOFXwKvWEQwjEk1Vh9T+lI/oSKr/c/Pqc5zTL2LgY/0U88lui8MCrn3doA7jluwH+VVFUOA4BPPd root@centos-02
保存退出
查看SELinux状态
[root@centos-01 ~]# getenforce
Enforcing
SELinux是打开的
临时关闭
[root@centos-01 ~]# setenforce 0
[root@centos-01 ~]# getenforce
Permissive
CentOS-02
[root@centos-02 ~]# ssh 192.168.150.128
Last login: Thu Jan 18 15:46:51 2018 from 192.168.150.129
[root@centos-01 ~]# logout
Connection to 192.168.150.128 closed.
[root@centos-02 ~]#