RHEL7.2 SSH非root用户无密码登录-服务器评测

RHEL7.2 SSH非root用户无密码登录

1 修改三台虚拟机的/ect/hosts文件

[Hadoop@hadoop01 ~]$ cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
[hadoop@hadoop01 ~]$ su – root
密码：
上一次登录：六 11月 4 15:52:36 CST 2017pts/0 上
ABRT has detected 1 problem(s). For more info run: abrt-cli list –since 1509781956
[root@hadoop01 ~]# vi /etc/hosts
[root@hadoop01 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.169.101 hadoop01
192.168.169.102 hadoop02
192.168.169.103 hadoop03

2 修改三台虚拟机的/etc/ssh/sshd_config

[root@hadoop01 ~]# vi /etc/ssh/sshd_config
[root@hadoop01 ~]# cat /etc/ssh/sshd_config | grep uth | grep -v “#”
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

将前面的#号去掉

3 修改三台虚拟机的/etc/selinux/config

[root@hadoop01 ~]# vi /etc/selinux/config
[root@hadoop01 ~]# cat /etc/selinux/config | grep SELINUX= | grep -v “#”
SELINUX=disabled

4 重启虚机三台虚拟机

[root@hadoop01 ~]# reboot

5 配置SSH无密码登录

三台虚拟机依次操作如下：

192.168.168.101

[hadoop@hadoop01 ~]$ ssh-keygen
Generating public/private dsa key pair.
Created directory ‘/hadoop/.ssh’.
Your identification has been saved in /hadoop/.ssh/id_dsa.
Your public key has been saved in /hadoop/.ssh/id_dsa.pub.
The key fingerprint is:
c1:4b:6d:30:2b:57:b9:f8:dc:33:b6:d9:05:f8:79:31 hadoop@hadoop01
The key’s randomart image is:
+–[ DSA 1024]—-+
| o .. |
| . *. |
| . *.o. . |
| +.+. . .E |
| So . . oo|
| o = o o|
| . * o |
| o . |
| |
+—————–+
[hadoop@hadoop01 ~]$ chmod 700 .ssh
[hadoop@hadoop01 ~]$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
[hadoop@hadoop01 ~]$ chmod 600 ~/.ssh/authorized_keys
[hadoop@hadoop01 ~]$ ssh hadoop01
The authenticity of host ‘hadoop01 (192.168.169.101)’ can’t be established.
ECDSA key fingerprint is 7a:41:d1:c6:30:98:21:51:40:b7:ac:13:a4:0d:05:5c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘hadoop01,192.168.169.101’ (ECDSA) to the list of known hosts.
Last login: Sun Nov 5 10:24:11 2017 from 192.168.169.1
[hadoop@hadoop01 ~]$ exit
登出
Connection to hadoop01 closed.
[hadoop@hadoop01 ~]$ ssh hadoop01
Last login: Sun Nov 5 10:26:02 2017 from hadoop01

192.168.168.102

[hadoop@hadoop02 ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/hadoop/.ssh/id_rsa):
Created directory ‘/hadoop/.ssh’.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /hadoop/.ssh/id_rsa.
Your public key has been saved in /hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
ee:ba:9f:68:d8:ab:27:ea:f7:42:ff:0c:47:80:fe:63 hadoop@hadoop02
The key’s randomart image is:
+–[ RSA 2048]—-+
| |
| . |
| . . |
| . . |
| . S |
| .. o |
| . +E o |
| =.=B . |
| .oo.B*** |
+—————–+
[hadoop@hadoop02 ~]$ chmod 700 .ssh
[hadoop@hadoop02 ~]$ scp -rp ~/.ssh/id_rsa.pub hadoop@hadoop01:/hadoop/.ssh/id_rsa.pub.102
The authenticity of host ‘hadoop01 (192.168.169.101)’ can’t be established.
ECDSA key fingerprint is 7a:41:d1:c6:30:98:21:51:40:b7:ac:13:a4:0d:05:5c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘hadoop01,192.168.169.101’ (ECDSA) to the list of known hosts.
hadoop@hadoop01’s password:
id_rsa.pub

192.168.169.103

[hadoop@hadoop03 ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/hadoop/.ssh/id_rsa):
Created directory ‘/hadoop/.ssh’.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /hadoop/.ssh/id_rsa.
Your public key has been saved in /hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
dc:c2:8d:14:b0:bf:64:a7:2f:41:44:34:1b:66:2b:b2 hadoop@hadoop03
The key’s randomart image is:
+–[ RSA 2048]—-+
| .+O |
| +.* |
| . o.+ |
| o *.+ |
| E .S + |
| o.= |
| o. |
| .. |
| .. |
+—————–+
[hadoop@hadoop03 ~]$ chmod 700 .ssh
[hadoop@hadoop03 ~]$ scp -rp ~/.ssh/id_rsa.pub hadoop@hadoop01:/hadoop/.ssh/id_rsa.pub.103
The authenticity of host ‘hadoop01 (192.168.169.101)’ can’t be established.
ECDSA key fingerprint is 7a:41:d1:c6:30:98:21:51:40:b7:ac:13:a4:0d:05:5c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘hadoop01,192.168.169.101’ (ECDSA) to the list of known hosts.
hadoop@hadoop01’s password:
id_rsa.pub

192.168.169.101

[hadoop@hadoop01 ~]$ cat ~/.ssh/id_rsa.pub.102 >> ~/.ssh/authorized_keys
[hadoop@hadoop01 ~]$ cat ~/.ssh/id_rsa.pub.103 >> ~/.ssh/authorized_keys
[hadoop@hadoop01 ~]$ scp -rp ~/.ssh/authorized_keys hadoop@hadoop02:/hadoop/.ssh/
The authenticity of host ‘hadoop02 (192.168.169.102)’ can’t be established.
ECDSA key fingerprint is f7:ef:fb:e5:7e:0f:59:40:63:23:99:9a:ca:e2:03:e8.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘hadoop02,192.168.169.102’ (ECDSA) to the list of known hosts.
hadoop@hadoop02’s password:
authorized_keys 100% 397 0.4KB/s 00:00
[hadoop@hadoop01 ~]$ scp -rp ~/.ssh/authorized_keys hadoop@hadoop03:/hadoop/.ssh/
The authenticity of host ‘hadoop03 (192.168.169.103)’ can’t be established.
ECDSA key fingerprint is 25:a7:16:1f:49:91:0f:ba:f8:ba:68:bb:1e:e0:1c:44.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘hadoop03,192.168.169.103’ (ECDSA) to the list of known hosts.
hadoop@hadoop03’s password:
authorized_keys 100% 397 0.4KB/s 00:00

6 验证

192.168.169.101

[hadoop@hadoop01 ~]$ ssh hadoop02
Last login: Sun Nov 5 13:42:56 2017 from 192.168.169.1
[hadoop@hadoop02 ~]$ exit
登出
Connection to hadoop02 closed.
[hadoop@hadoop01 ~]$ ssh hadoop03
Last login: Sun Nov 5 13:42:58 2017 from 192.168.169.1
[hadoop@hadoop03 ~]$

192.168.169.102

[hadoop@hadoop02 ~]$ ssh hadoop01
Last login: Sun Nov 5 13:44:08 2017 from 192.168.169.1
[hadoop@hadoop01 ~]$ exit
登出
Connection to hadoop01 closed.
[hadoop@hadoop02 ~]$ ssh hadoop03
The authenticity of host ‘hadoop03 (192.168.169.103)’ can’t be established.
ECDSA key fingerprint is 25:a7:16:1f:49:91:0f:ba:f8:ba:68:bb:1e:e0:1c:44.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘hadoop03,192.168.169.103’ (ECDSA) to the list of known hosts.
Last login: Sun Nov 5 13:51:57 2017 from hadoop01
[hadoop@hadoop03 ~]$

192.168.169.103

[hadoop@hadoop03 ~]$ ssh hadoop01
Last login: Sun Nov 5 13:52:30 2017 from hadoop02
[hadoop@hadoop01 ~]$ exit
登出
Connection to hadoop01 closed.
[hadoop@hadoop03 ~]$ ssh hadoop02
The authenticity of host ‘hadoop02 (192.168.169.102)’ can’t be established.
ECDSA key fingerprint is f7:ef:fb:e5:7e:0f:59:40:63:23:99:9a:ca:e2:03:e8.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘hadoop02,192.168.169.102’ (ECDSA) to the list of known hosts.
Last login: Sun Nov 5 13:51:50 2017 from hadoop01
[hadoop@hadoop02 ~]$

下面关于SSH相关的文章您也可能喜欢，不妨参考下：

集群环境SSH免密码登录设置 http://www.linuxidc.com/Linux/2017-03/141296.htm

Linux基础教程：配置SSH免密码登陆 http://www.linuxidc.com/Linux/2017-07/145847.htm

远程SSH连接服务与基本排错 http://www.linuxidc.com/Linux/2017-05/143738.htm

使用SSH公钥密钥自动登陆Linux服务器 http://www.linuxidc.com/Linux/2017-02/140642.htm

配置SSH免密码登录 http://www.linuxidc.com/Linux/2017-08/146213.htm

开启SSH服务让Android手机远程访问 Ubuntu 14.04 http://www.linuxidc.com/Linux/2014-09/106809.htm

SSH非交互式密码授权远程执行脚本 http://www.linuxidc.com/Linux/2017-04/143180.htm

SSH通过密钥登陆 http://www.linuxidc.com/Linux/2017-06/144997.htm

Linux上实现SSH免密码登陆远程服务器 http://www.linuxidc.com/Linux/2017-05/144165.htm

本文永久更新链接地址：http://www.linuxidc.com/Linux/2017-11/148280.htm

RHEL7.2 SSH非root用户无密码登录

相关推荐

分类

听说打赏我的人，都进福布斯排行榜啦！

支付宝扫一扫打赏

微信扫一扫打赏

QQ咨询

回顶部