CE第一次作业

边蘑菇菇1

已于 2023-08-21 21:35:44 修改

阅读量444

点赞数

文章标签： linux

于 2023-08-21 17:57:08 首次发布

本文链接：https://blog.csdn.net/weixin_63097446/article/details/132413440

版权

1.配置ntp时间服务器，确保客户端主机能和服务主机同步时间

服务端

[root@server ~]# vim  /etc/chrony.conf 
allow 192.168.40.129/24    # 删除第26行的前导星号，启用白名单，将node1的ip添加进入
[root@server ~]# systemctl restart chronyd   # 重启服务

客户端

[root@node1 ~]# vim /etc/chrony.conf 
server 192.168.40.128  iburst
[root@node1 ~]# systemctl restart chronyd #重启服务
[root@node1 ~]# chronyc sources -v ##同步测试

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current best, '+' = combined, '-' = not combined,
| /             'x' = may be in error, '~' = too variable, '?' = unusable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 192.168.40.128                3   6    17    27   +374ns[  -11us] +/-  102ms
[root@node1 ~]# date
2023年 08月 21日 星期一 17:59:21 CST
[root@node1 ~]# timedatectl status ###检查是否同步
               Local time: 一 2023-08-21 18:00:29 CST
           Universal time: 一 2023-08-21 10:00:29 UTC
                 RTC time: 一 2023-08-21 10:00:29
                Time zone: Asia/Shanghai (CST, +0800)
System clock synchronized: yes  #### yes表示成功同步时间
              NTP service: active
          RTC in local TZ: no
[root@node1 ~]#

2.配置ssh免密登陆，能够实现客户端主机通过服务器端的redhat账户进行基于公钥验证方式的远

第一步：服务器端创建Redhat账户并设置密码

[root@server ~]# useradd redhat
[root@server ~]# passwd redhat 
更改用户 redhat 的密码 。
新的密码： 
无效的密码： 密码少于 8 个字符
重新输入新的密码： 
passwd：所有的身份验证令牌已经成功更新。

第二步：定位node1做公私对

 
[root@node1 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.


Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:fzQ+KpYvX7Y/1hil/g861EfC0pLKlCrD6EAwe9tNef4 root@node1
The key's randomart image is:
+---[RSA 3072]----+
|                 |
|o                |
| +     .   . +   |
|. o   o . o + + o|
| o o = oS+ .o+ = |
|  o o = o.oo..+ .|
|   o   o o..*..= |
|    .   = E=.+=..|
|       . =+ o+.o+|
+----[SHA256]-----+
[root@node1 ~]#

第三步：定位node1，将公钥上传

[root@node1 ~]# ssh-copy-id redhat@192.168.40.128
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
redhat@192.168.40.128's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'redhat@192.168.40.128'"
and check to make sure that only the key(s) you wanted were added.

[root@node1 ~]#

第四步：客户端测试

[root@node1 ~]# ssh redhat@192.168.40.128
Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Mon Aug 21 20:54:52 2023 from 192.168.40.129
[redhat@server ~]$