Linux 服务器之间互信
修改hosts文件
执行vi /etc/hosts命令打开主机表文件,会看到类似如下的信息。
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
分别修改两台服务器的hosts主机表,在其末尾增加两行配置,配置如下。
192.168.10.10 server1.cluster.com
192.168.10.11 server2.cluster.com
增加之配置之后,输入:q保存。
完成配置之后,可以通过hostname –f命令查看服务器当前的FQDN,如果是主机表中所配置的就代表修改成功了。
服务器互信
步骤1 【生成秘钥】
服务器节点上生成公钥和私钥,可以通过执行如下命令实现。
[root@localhost ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
28:05:b8:eb:b5:7a:96:c1:d4:f5:03:5f:a2:d6:d0:d4 root@redhatclient
The key's randomart image is:
+--[ RSA 2048]----+
| .. o.. |
| . . + o E |
| . ... B o |
| . ....o = |
| +. ..S . |
| . +. |
| . . + |
| . = |
| .+ |
+-----------------+
[root@localhost ~]#
执行成功之后会在 /root/.ssh 目录下生成私钥和公钥文件。
步骤2 【集群互信】
将生成的公钥添加到集群中所有目标服务器节点的 authorized_keys 文件中去。
首先,进入到 server1.cluster.com 服务器的 /root/.ssh 目录。
然后,执行如下命令进行拷贝。
注意:需要将公钥发送到集群中的所有主机
-
添加server1.cluster.com服务器
ssh-copy-id -i ./id_rsa.pub root@server1.cluster.com root@server1.cluster.com's password: Now try logging into the machine, with "ssh 'root@server1.cluster.com'", and check in: .ssh/authorized_keys
-
添加server2.cluster.com服务器
ssh-copy-id -i ./id_rsa.pub root@server2.cluster.com The authenticity of host 'server2.cluster.com (10.0.1.62)' can't be established. RSA key fingerprint is 6b:97:71:34:6b:97:90:46:58:8f:e5:7a:8f:d0:d1:65. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'server2.cluster.com,10.0.1.62' (RSA) to the list of known hosts. root@server2.cluster.com's password: Now try logging into the machine, with "ssh 'root@server2.cluster.com'", and check in: .ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting.
-
拷贝过程中会要求你输入目标服务的登录密码。
[root@redhatclient .ssh]# ssh server2.cluster.com Last login: Wed Apr 4 03:45:39 2018 from localhost [root@masterserver ~]#
拷贝完后,使用集群主机域名,挨个免密登录集群中的所有主机,以便将信息自动添加到known_hosts文件中。注册主机时,可能会自动校验known_hosts文件信息。
known_hosts文件信息: