目录
一、配置ntp时间服务器,确保客户端主机能和服务主机同步时间
·第四步:定位客户端,修改主配置文件中的时间服务器地址,并重启服务
二、配置ssh免密登陆,能够通过客户端主机通过redhat用户和服务端主机基于公钥验证方式进行远程连接
一、配置ntp时间服务器,确保客户端主机能和服务主机同步时间
1.服务器主机从阿里云同步时间,并重启服务
准备服务端主机需要同步阿里时间服务器,准备客户端同步服务端时间服务器
·第一步:定位服务端,配置向阿里时间服务器进行同步时间
[root@server ~]# vim /etc/chrony.conf
进入主配置文件,定位第3行,删除后,添加: server ntp.aliyun.com iburst
·第二步:定位服务端,重启服务,测试是否同步:
[root@server ~]# systemctl start chronyd
[root@server ~]# chronyc sources -v
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current best, '+' = combined, '-' = not combined,
| / 'x' = may be in error, '~' = too variable, '?' = unusable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 119.28.183.184 2 7 253 61 -220us[ -77us] +/- 76ms
^+ stratum2-1.ntp.mow01.ru.> 2 6 377 57 +3801us[+3801us] +/- 88ms
^+ electrode.felixc.at 3 7 377 122 +1478us[+1625us] +/- 125ms
^- ntp1.ams1.nl.leaseweb.net 2 6 377 56 -7111us[-7111us] +/- 154ms
[root@server ~]# timedatectl status
Local time: 三 2023-03-22 04:23:48 EDT
Universal time: 三 2023-03-22 08:23:48 UTC
RTC time: 三 2023-03-22 08:23:48
Time zone: America/New_York (EDT, -0400)
System clock synchronized: yes #yes表示已同步
NTP service: active
RTC in local TZ: no
[root@server ~]#
·第三步:定位服务端,配置允许访问的主机ip,并重启服务
[root@server ~]# vim /etc/chrony.conf
定位第27行,删除allow前的#注释,修改允许的主机网段及子网掩码
[root@server ~]# systemctl restart chronyd #重启服务
·第四步:定位客户端,修改主配置文件中的时间服务器地址,并重启服务
[root@server ~]# systemctl restart chronyd #重启服务
·第五步:定位客户端,测试时间同步:
二、配置ssh免密登陆,能够通过客户端主机通过redhat用户和服务端主机基于公钥验证方式进行远程连接
一,创建新用户redhat
[root@node1 ~]# useradd redhat
[root@node1 ~]# passwd redhat
更改用户 redhat 的密码 。
新的密码:
重新输入新的密码:
passwd:所有的身份验证令牌已经成功更新
二,创建新的密钥对,并且发送到指定目录
[root@node1 ~]# ssh-keygeb -t rsa
bash: ssh-keygeb: command not found...
[root@node1 ~]# su redhat
[redhat@node1 root]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/redhat/.ssh/id_rsa):
Created directory '/home/redhat/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/redhat/.ssh/id_rsa
Your public key has been saved in /home/redhat/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:XHjKTBPG5CQriq9O0Fe2fAEUzxTmeCC2s6gtrkdckCE redhat@node1
The key's randomart image is:
+---[RSA 3072]----+
|E .oo.*+O. |
| .o. o /.o |
| .+ = @ o |
| o o.B B * |
|o.+.o o S |
|.+o. . |
|ooo |
|oo. |
|=+ |
+----[SHA256]-----+
[redhat@node1 root]$
[redhat@node1 root]$ ssh-copy-id root@192.168.183.128
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/redhat/.ssh/id_rsa.pub"
The authenticity of host '192.168.183.128 (192.168.183.128)' can't be established.
ED25519 key fingerprint is SHA256:MK3vrSRPaKvJHtkQrrGnUqHK2sKzyWj6PCwnZwC6GkY.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.183.128's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.183.128'"
and check to make sure that only the key(s) you wanted were added.
[redhat@node1 root]$ ssh root@192.168.183.128
Activate the web console with: systemctl enable --now cockpit.socket
Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Wed Mar 22 05:23:42 2023 from 192.168.183.1
[root@server ~]#
[root@server ~]#
三,客户端测试
[redhat@node1 root]$ ssh root@192.168.183.128
Activate the web console with: systemctl enable --now cockpit.socket
Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Wed Mar 22 05:23:42 2023 from 192.168.183.1
[root@server ~]#