使用client的xiaoming用户基于秘钥认证方式通过端口2000使用ssh登录server端的xiaoming用户和xiaohei用户,server端的其他用户都不可被远程登录
1.首先在客户端和服务端创建用户
[root@server ~]# useradd xiaoming
[root@server ~]# useradd xiaohei
[root@server ~]# echo root | passwd --stdin xiaoming
Changing password for user xiaoming.
passwd: all authentication tokens updated successfully.
[root@server ~]# echo root | passwd --stdin xiaohei
Changing password for user xiaohei.
passwd: all authentication tokens updated successfully.
[root@client ~]# useradd xiaoming
[root@client ~]# echo root | passwd --stdin xiaoming
Changing password for user xiaoming.
passwd: all authentication tokens updated successfully.
2.然后创建密钥对
[root@client ~]# su - xiaoming
[xiaoming@client ~]$ ssh-keygen -t rsa
3.对服务端进行配置,添加或修改内容
[root@client ~]# su - xiaoming
[xiaoming@client ~]$ ssh-keygen -t rsa
4.关闭防火墙和selinux,重启服务
[root@server ~]# systemctl stop firewalld.service
[root@server ~]# setenforce 0
[root@server ~]# systemctl restart sshd
5.将客户端的密钥传输到服务端
[xiaoming@client .ssh]$ ssh-copy-id xiaoming@192.168.136.138 -p 2000
[xiaoming@client .ssh]$ ssh-copy-id xiaohei@192.168.136.138 -p 2000
6.最后在客户端测试
[xiaoming@client .ssh]$ ssh-copy-id xiaohei@192.168.136.138 -p 2000
[xiaoming@server ~]$
[xiaoming@client .ssh]$ ssh xiaohei@192.168.136.138 -p 2000
[xiaohei@server ~]$
7.登录root和redhat测试
[xiaoming@client .ssh]$ ssh root@192.168.136.138 -p 2000
root@192.168.136.138’s password:
Permission denied, please try again.
[xiaoming@client .ssh]$ ssh redhat@192.168.136.138 -p 2000
redhat@192.168.136.138’s password:
Permission denied, please try again.