准备CentOS7.9与银河麒麟V10两台服务器
环境准备
主机名 | IP地址 |
---|---|
centos7 | 192.168.8.100 |
kylin-server | 192.168.8.102 |
CentOS7.9准备工作
更改CentOS7.9的主机名为centos7
[root@centos7 ~]# hostnamectl set-hostname centos7
[root@centos7 ~]# hostname #查看主机名
查看CentOS7.9网络连接
[root@centos7 ~]# nmcli connection show #查看连接名
配置IP
[root@centos7 ~]# nmcli connection modify eth0 ipv4.method manual ipv4.addresses 192.168.8.100/24 ipv4.gateway 192.168.8.254 ipv4.dns 114.114.114.114 connection.autoconnect yes #配置IP地址和网关并实现开机自动连接
[root@centos7 ~]# nmcli connection up eth0 #激活eth0
[root@centos7 ~]# ifconfig eth0 #查看eth0配置的IP
CentOS7.9关闭firewalld服务并且设置为开机不自启,将SELINUX设置为disabled模式
[root@centos7 ~]# systemctl stop firewalld #停止firewalld服务
[root@centos7 ~]# systemctl disable firewalld #禁止firealld开机自启
[root@centos7 ~]# vim /etc/selinux/config
SELINUX=disabled
银河麒麟准备工作
更改Kylin-Server的主机名为kylin-server
[root@kylin-server ~]# hostnamectl set-hostname kylin-server
[root@kylin-server ~]# hostname
查看Kylin-Server网络连接
[root@kylin-server ~]# nmcli connection show
配置IP
[root@kylin-server ~]# nmcli connection modify ens32 ipv4.method manual ipv4.addresses 192.168.8.102/24 ipv4.gateway 192.168.8.254 ipv4.dns 8.8.8.8 connection.autoconnect yes #配置IP地址、网关、DNS
[root@kylin-server ~]# nmcli connection up ens32 #激活ens32
[root@kylin-server ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens32 #查看ens32配置的IP
Kylin-Server关闭firewalld服务并且设置为开机不自启,将SELINUX设置为disabled模式
[root@kylin-server ~]# systemctl stop firewalld #停止firewalld服务
[root@kylin-server ~]# systemctl disable firewalld #禁止firealld开机自启
[root@kylin-server ~]# vim /etc/selinux/config
SELINUX=disabled
网络测试
测试两台服务器之间能否相互ping通
[root@centos7 ~]# ping 192.168.8.102
[root@kylin-server ~]# ping 192.168.8.100
修改hosts文件
[root@centos7 ~]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 centos7
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.8.100 centos7
192.168.8.102 kylin-server
[root@centos7 ~]# reboot #重启生效
[root@kylin-server ~]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 kylin-server
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.8.100 centos7
192.168.8.102 kylin-server
[root@kylin-server ~]# reboot #重启生效
SSH远程管理
CentOS7.9远程操作Kylin-Server
[root@centos7 ~]# ssh root@192.168.8.102
Authorized users only. All activities may be monitored and reported.
root@192.168.8.102's password:
Authorized users only. All activities may be monitored and reported.
Activate the web console with: systemctl enable --now cockpit.socket
Last login: Tue Feb 20 10:53:51 2024 from 192.168.8.100
[root@kylin-server ~]#
Kylin-Server修改SSH默认端口
[root@kylin-server ~]# vim /etc/ssh/sshd_config
Port 220
[root@kylin-server ~]# systemctl restart sshd #重启sshd服务,SELINUX需要是disabled状态
修改后,CentOS7.9重新远程操作Kylin-Server
[root@centos7 ~]# ssh -p 220 root@192.168.8.102
Authorized users only. All activities may be monitored and reported.
root@192.168.8.102's password:
Authorized users only. All activities may be monitored and reported.
Activate the web console with: systemctl enable --now cockpit.socket
Last login: Tue Feb 20 11:13:15 2024 from 192.168.8.100
[root@kylin-server ~]#
恢复Kylin-Server SSH默认端口,重启服务
[root@kylin-server ~]# vim /etc/ssh/sshd_config
Port 22
[root@kylin-server ~]# systemctl restart sshd
实现SSH免密登录
SSH免密登录原理图
CentOS7.9生成公钥与私钥
[root@centos7 ~]# ssh-keygen #全部回车
[root@centos7 ~]# ls /root/.ssh/ #查看密钥
将公钥传递给Kylin-Server
[root@centos7 ~]# ssh-copy-id root@192.168.8.102
Kylin-Server生成公钥与私钥
[root@kylin-server ~]# ssh-keygen #全部回车
[root@kylin-server ~]# ls /root/.ssh/ #查看密钥
将公钥传递给CentOS7.9
[root@kylin-server ~]# ssh-copy-id root@192.168.8.100
CentOS7.9免密登录Kylin-Server
[root@centos7 ~]# ssh root@kylin-server
Authorized users only. All activities may be monitored and reported.
Authorized users only. All activities may be monitored and reported.
Activate the web console with: systemctl enable --now cockpit.socket
Last login: Tue Feb 20 11:36:58 2024 from 192.168.8.100
[root@kylin-server ~]#
Kylin-Server免密登录CentOS7.9
[root@kylin-server ~]# ssh root@centos7
Last login: Tue Feb 20 11:37:51 2024 from kylin-server
[root@centos7 ~]#