克隆多个虚拟机并实现虚拟机之间的免密登录

引用连接：
免密登录

克隆前

1. 修改静态ip

vi /etc/sysconfig/network-scripts/ifcfg-ens33

保存退出后重启网络服务使修改生效

systemctl restart network.service

2. 编写 vi /etc/hosts 主机名和ip的映射 192.168.202.200 three
3. 关闭防火墙的开机启动

systemctl disable firewalld
systemctl list-unit-files | grep firewalld

4. 安装时间同步服务： ntp
   yum -y install ntp
   设置ntpd 开机启动

systemctl  enable ntpd
systemctl list-unit-files | grep ntpd

7. 关闭seliunx的设置

    	cd /etc/selinux/
    vi config
   
    # This file controls the state of SELinux on the system.
    # SELINUX= can take one of these three values:
    #     enforcing - SELinux security policy is enforced.
    #     permissive - SELinux prints warnings instead of enforcing.
    #     disabled - No SELinux policy is loaded.
    SELINUX=disabled
    # SELINUXTYPE= can take one of three values:
    #     targeted - Targeted processes are protected,
    #     minimum - Modification of targeted policy. Only selected processes are protected.
    #     mls - Multi Level Security protection.
    SELINUXTYPE=targeted
   

克隆

右键点击刚刚创建的虚拟机，选择快照-------》拍摄快照

点击下图按钮，管理此虚拟机的快照

选择克隆





克隆完成

按照以上方法继续克隆两个虚拟机，来准备虚拟机之间免密登录

克隆后：

1. 修改静态ip
   此处需要修改克隆的三台虚拟机的静态IP，方法相同，但要自己记好对应的IP地址

vi /etc/sysconfig/network-scripts/ifcfg-ens33

保存退出后重启网络服务使修改生效

systemctl restart network.service

以nodeone示例

3. 修改主机名

 vi /etc/hostname

输入对应的虚拟机名称

4. 免密登录 One —> Two

ssh localhost 
cd .ssh

生成密钥对

ssh-keygen   
五个回车

将公钥拷贝到要免密登录的目标机器上

ssh-copy-id nodethree 
ssh-copy-id nodeone 

示例
以拷贝公钥到nodeone虚拟机并免密连接示例，输入密码处为12345

[root@nodetwo .ssh]# ssh-copy-id nodeone
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@nodeone's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'nodeone'"
and check to make sure that only the key(s) you wanted were added.

[root@nodetwo .ssh]# ssh nodeone
Last login: Mon Nov  2 20:56:44 2020 from 192.168.202.131
[root@nodeone ~]# exit
登出
Connection to nodeone closed.
[root@nodetwo .ssh]# 

本机免密需要提前登录输入yes

查看公钥

[root@nodetwo ~]# ll -a
总用量 32
dr-xr-x---.  3 root root  163 11月  2 19:45 .
dr-xr-xr-x. 17 root root  284 11月  2 20:12 ..
-rw-------.  1 root root 1516 11月  2 17:17 anaconda-ks.cfg
-rw-------.  1 root root  617 11月  2 20:38 .bash_history
-rw-r--r--.  1 root root   18 12月 29 2013 .bash_logout
-rw-r--r--.  1 root root  176 12月 29 2013 .bash_profile
-rw-r--r--.  1 root root  176 12月 29 2013 .bashrc
-rw-r--r--.  1 root root  100 12月 29 2013 .cshrc
drwx------   2 root root   80 11月  2 20:21 .ssh
-rw-r--r--.  1 root root  129 12月 29 2013 .tcshrc
-rw-------.  1 root root 3833 11月  2 18:23 .viminfo
[root@nodetwo ~]# cd .ssh
[root@nodetwo .ssh]# ll
总用量 16
-rw------- 1 root root  391 11月  2 20:20 authorized_keys
-rw------- 1 root root 1679 11月  2 19:45 id_rsa
-rw-r--r-- 1 root root  391 11月  2 19:45 id_rsa.pub
-rw-r--r-- 1 root root  698 11月  2 20:22 known_hosts

nodetwo操作演示：

[root@temp ~]# cd .ssh
-bash: cd: .ssh: 没有那个文件或目录
[root@temp ~]# ssh-keygen 
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:Dj0q8RAJgyKCufIH/6RcsAFb+ufzjK9XpgA0wykqkOk root@temp
The key's randomart image is:
+---[RSA 2048]----+
|.=o. .           |
|@ ooB.           |
|*o Boo           |
|=E+ +. .         |
|o. +o=. S        |
|  . =+=+ .o      |
|   o.Bo..+       |
|    o.+oo        |
|      o*+        |
+----[SHA256]-----+
[root@temp ~]# 
[root@temp ~]# 
[root@temp ~]# ssh-copy-id nodethree
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: ERROR: ssh: Could not resolve hostname nodethree: Name or service not known

[root@temp ~]# ssh-copy-id nodeone 
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: ERROR: ssh: Could not resolve hostname nodeone: Name or service not known

[root@temp ~]# vi /etc/hosts
[root@temp ~]# vi /etc/hosts
[root@temp ~]# cd .ssh
[root@temp .ssh]# ssh-keygen 
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): ^Z
[1]+  已停止               ssh-keygen
[root@temp .ssh]# ssh localhost
The authenticity of host 'localhost (::1)' can't be established.
ECDSA key fingerprint is SHA256:sdhc4a4WICwhXIzDOxI1yT38dfATBjk8Onli90l0/p8.
ECDSA key fingerprint is MD5:6d:5d:ba:42:4e:31:07:6f:99:6a:b8:0e:79:79:d8:53.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
root@localhost's password: 
Last login: Mon Nov  2 19:44:59 2020 from 192.168.202.1
[root@temp ~]# cd .ssh
[root@temp .ssh]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? n
[root@temp .ssh]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): /r	^H^H^H^H^H^H^H^H
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /r.       
Your public key has been saved i.pub.   
The key fingerprint is:
SHA256:kPeJUVCUWfAhgcHUdCTSAhj4jFq3hzf3tdzFoNFPJkc root@temp
The key's randomart image is:
+---[RSA 2048]----+
|   ..o.+=XXB=    |
|  . .  .+o== .  E|
|   +  o o.  .. . |
|  o +  o + .. + +|
| o . o  S o  o O |
|.   o + .   o   +|
|     o o . o o . |
|          . o .  |
|                 |
+----[SHA256]-----+
[root@temp .ssh]# ll
总用量 12
-rw------- 1 root root 1679 11月  2 19:45 id_rsa
-rw-r--r-- 1 root root  391 11月  2 19:45 id_rsa.pub
-rw-r--r-- 1 root root  171 11月  2 20:03 known_hosts
[root@temp .ssh]# ssh-copy-id nodethree
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'nodethree (192.168.202.202)' can't be established.
ECDSA key fingerprint is SHA256:sdhc4a4WICwhXIzDOxI1yT38dfATBjk8Onli90l0/p8.
ECDSA key fingerprint is MD5:6d:5d:ba:42:4e:31:07:6f:99:6a:b8:0e:79:79:d8:53.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@nodethree's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'nodethree'"
and check to make sure that only the key(s) you wanted were added.

[root@temp .ssh]# ssh nodethree
Last login: Mon Nov  2 20:14:38 2020 from localhost
[root@temp ~]# exit
登出
Connection to nodethree closed.
[root@temp .ssh]# ssh nodethree
Last login: Mon Nov  2 20:17:17 2020 from 192.168.202.131
[root@temp ~]# ssh localhost
root@localhost's password: 
Last login: Mon Nov  2 20:18:57 2020 from 192.168.202.131
[root@temp ~]# exit
登出
Connection to localhost closed.
[root@temp ~]# exit
登出
Connection to nodethree closed.
[root@temp .ssh]# ssh-copy-id localhost
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@localhost's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'localhost'"
and check to make sure that only the key(s) you wanted were added.

[root@temp .ssh]# ssh localhost
Last login: Mon Nov  2 20:03:18 2020 from localhost
[root@temp ~]# ssh-copy-id 127.0.0.1
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:sdhc4a4WICwhXIzDOxI1yT38dfATBjk8Onli90l0/p8.
ECDSA key fingerprint is MD5:6d:5d:ba:42:4e:31:07:6f:99:6a:b8:0e:79:79:d8:53.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: WARNING: All keys were skipped because they already exist on the remote system.
		(if you think this is a mistake, you may want to use -f option)

[root@temp ~]# ssh localhost
Last login: Mon Nov  2 20:20:47 2020 from localhost
[root@temp ~]# ssh 127.0.0.1
Last login: Mon Nov  2 20:21:40 2020 from localhost
[root@temp ~]# ssh 0.0.0.0
The authenticity of host '0.0.0.0 (0.0.0.0)' can't be established.
ECDSA key fingerprint is SHA256:sdhc4a4WICwhXIzDOxI1yT38dfATBjk8Onli90l0/p8.
ECDSA key fingerprint is MD5:6d:5d:ba:42:4e:31:07:6f:99:6a:b8:0e:79:79:d8:53.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '0.0.0.0' (ECDSA) to the list of known hosts.
Last login: Mon Nov  2 20:21:48 2020 from localhost
[root@temp ~]# ssh 0.0.0.0
Last login: Mon Nov  2 20:22:11 2020 from localhost
[root@temp ~]#