openssh免密登录配置，nfs

wangshuai0703

已于 2022-12-25 22:44:52 修改

阅读量175

点赞数

文章标签： linux

于 2022-12-22 19:42:51 首次发布

本文链接：https://blog.csdn.net/wangshuai0703/article/details/128411712

版权

openssh免密登录配置

生成密钥ssh-keygen -t rsa -t rsa表示用rsa算法加密

[root@wzqserver ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:YdA5RuOq3oRePxzvLpRG8TAWhjBddgp4p4+fh6E0Kgk root@wzq
The key's randomart image is:
+---[RSA 3072]----+
|    o+o=Bo.      |
|    ..+*@+       |
|     . ==*       |
|      .o...      |
|      .+S.       |
|E    o+ B        |
| . .oooB *       |
|  oo.+..B o      |
|   .o . .*o      |
+----[SHA256]-----+
[root@wzqserver ~]#

ll .ssh/查看生成的私钥和公钥先ssh登录一次其他用户就会生成密钥

[root@wzqserver ~]# ll .ssh/
total 12
-rw-------. 1 root root 2590 Dec 22 17:48 id_rsa
-rw-r--r--. 1 root root  562 Dec 22 17:48 id_rsa.pub
-rw-r--r--. 1 root root  176 Dec 22 17:52 known_hosts
[root@wzqserver ~]#

把公钥复制到目标的系统上

[root@wzqserver ~]# ssh-copy-id root@192.168.47.128
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.47.128's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.47.128'"
and check to make sure that only the key(s) you wanted were added.

[root@wzqserver ~]#

在目标系统上查看是否收到

[root@wuhu ~]# ll .ssh/
total 4
-rw-------. 1 root root 562 Dec 22 17:57 authorized_keys
[root@wuhu ~]#

开始免密登录


[root@wzqserver ~]# ssh root@192.168.47.128
Last login: Thu Dec 22 17:52:38 2022 from 192.168.47.129
[root@wuhu ~]#

nfs课后作业

开放/nfs/shared目录，供所有用户查询资料

服务端下载nfs包

[root@wzqserver ~]# yum -y install nfs-utils

关闭防火墙和selinux

[root@wzqserver ~]# systemctl stop firewalld
[root@wzqserver ~]# setenforce 0

启动NFS服务

[root@wzqserver ~]# systemctl start nfs-server
[root@wzqserver ~]# systemctl start rpcbind

创建共享目录

[root@wzqserver ~]# mkdir -p /nfs/shared

编辑配置文件

[root@wzqserver ~]# vi /etc/exports
[root@wzqserver ~]# cat /etc/exports
/nfs/shared  *(ro)
[root@wzqserver ~]#

重启NFS服务

[root@wzqserver ~]# systemctl restart nfs-server rpcbind

客户端

下载NFS包

[root@wuhu ~]# yum install nfs-utils

关闭防火墙和selinux

[root@wuhu ~]# systemctl stop firewalld
[root@wuhu ~]# setenforce 0

在客户端查看共享目录

[root@wuhu ~]# showmount -e 192.168.47.129
Export list for 192.168.47.129:
/nfs/shared *
[root@wuhu ~]#

创建挂载点目录，挂载

[root@wuhu ~]# mkdir /qifei
[root@wuhu ~]# mount 192.168.47.129:/nfs/shared /qifei

查看挂载是否成功

[root@wuhu ~]# df -h
Filesystem                  Size  Used Avail Use% Mounted on
devtmpfs                    370M     0  370M   0% /dev
tmpfs                       389M     0  389M   0% /dev/shm
tmpfs                       389M  5.6M  384M   2% /run
tmpfs                       389M     0  389M   0% /sys/fs/cgroup
/dev/mapper/cs-root          17G  2.1G   15G  13% /
/dev/sda1                  1014M  214M  801M  22% /boot
tmpfs                        78M     0   78M   0% /run/user/0
192.168.47.129:/nfs/shared   17G  1.9G   16G  12% /qifei
[root@wuhu ~]#

在服务端创建文件，在客户端查看

[root@wzqserver ~]# cd /nfs/shared/
[root@wzqserver shared]# touch yahaha
[root@wzqserver shared]# ls
yahaha
[root@wzqserver shared]# 
[root@wuhu ~]# ls qifei/
yahaha

开放/nfs/upload目录为172.16.12.0/24网段的数据上传目录，并将所有用户组都映射为nfs-upload，其UID和GID均为300

创建共享目录

[root@wzqserver ~]# mkdir -p /nfs/upload

创建用户和组为nfsupload，指定UID GID均为300

[root@wzqserver ~]# useradd -r -u 300 nfsupload
[root@wzqserver ~]# id nfsupload
uid=300(nfsupload) gid=300(nfsupload) groups=300(nfsupload)
[root@wzqserver ~]#

修改/etc/exports文件

[root@wzqserver ~]# vi /etc/exports
[root@wzqserver ~]# cat /etc/exports
/nfs/shared  *(ro)
/nfs/upload  172.16.12.0/24(rw,anonuid=300,anongid=300)
[root@wzqserver ~]#

重启服务

[root@wzqserver ~]# systemctl restart rpcbind nfs-server

在客户端查看nfs共享的目录

[root@wuhu ~]# showmount -e 192.168.47.129
Export list for 192.168.47.129:
/nfs/shared *
/nfs/upload 172.16.12.0/24

挂载目录

[root@wuhu ~]# mount -t nfs 192.168.47.129:/nfs/upload  yoxi
[root@wuhu ~]# df -h |tail 1
192.168.47.129:/nfs/upload   17G  1.1G   16G  7% /root/yoxi

在共享目录创建文件

[root@wuhu ~]# cd upload/
[root@wuhu ~]# touch cici
touch: cannot touch 'abc': Permission denied

创建不了没权限，将服务端共享目录属主，属组都改为nfsupload

[root@wzqserver ~]# vi /etc/exports
[root@wzqserver ~]# chown -R 300 /nfs/upload/
[root@wzqserver ~]# chgrp -R 300 /nfs/upload/
[root@wzqserver ~]# ll /nfs
total 0
drwxr-xr-x. 2 root      root      20 Dec 22 19:06 shared
drwxr-xr-x. 2 nfsupload nfsupload  6 Dec 22 18:08 upload

在客户端共享目录上创建文件

[root@wuhu ~]# cd /upload/
[root@wuhu upload]# touch abc
[root@wuhu upload]# ll
total 0
-rw-r--r--. 1 300 300 0 Dec 22 19:36 abc

wangshuai0703

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
1
评论
openssh免密登录配置，nfs

openssh免密登录，nfs
复制链接

扫一扫

openssh免密登录配置，nfs

openssh免密登录配置

nfs课后作业

“相关推荐”对你有帮助么？