rhce day_02

要求：

配置ssh免密登陆：客户端主机通过redhat用户基于秘钥验证方式进行远程连接服务器的root用户

关闭防火墙

[root@localhost ~]# systemctl status firewalld

● firewalld.service - firewalld - dynamic firewall daemon

Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; >

Active: active (running) since Fri 2023-03-17 01:24:13 PDT; 21min ago

Docs: man:firewalld(1)

Main PID: 1171 (firewalld)

Tasks: 2 (limit: 4780)

Memory: 3.8M

CGroup: /system.slice/firewalld.service

└─1171 /usr/libexec/platform-python -s /usr/sbin/firewalld ->

Mar 17 01:24:12 localhost.localdomain systemd[1]: Starting firewalld - >

Mar 17 01:24:13 localhost.localdomain systemd[1]: Started firewalld - d>

Mar 17 01:24:13 localhost.localdomain firewalld[1171]: WARNING: AllowZo>

[root@localhost ~]# getenforce

创建密钥

[first@localhost root]$ ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/home/first/.ssh/id_rsa):

Created directory '/home/first/.ssh'.

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /home/first/.ssh/id_rsa.

Your public key has been saved in /home/first/.ssh/id_rsa.pub.

The key fingerprint is:

SHA256:ScNbAIpqGc0QssN6KhQtV9X3v3vj+qwmRKpIyq6NdAk first@localhost.localdomain

The key's randomart image is:

+---[RSA 3072]----+

|.o. .ooo |

|o.=... . o . |

|o=.=. + o . |

|.o* . = . . |

|oE. S o . |

|oo. .. . . . |

|o..oo . . . .|

|o +o . . . ..o.|

| ooo oo==+|

+----[SHA256]-----+

查看

[first@localhost root]$ ll /home/first/.ssh

total 8

-rw-------. 1 first first 2622 Mar 17 01:50 id_rsa

-rw-r--r--. 1 first first 581 Mar 17 01:50 id_rsa.pub

公钥传给私钥

[first@localhost root]$ ssh-copy-id root@192.168.30.129

[first@localhost .ssh]$ ll

total 8

-rw-------. 1 first first 2622 Mar 17 01:50 id_rsa

-rw-r--r--. 1 first first 581 Mar 17 01:50 id_rsa.pub

[first@localhost .ssh]$