How to configure mutual trust between multiple Linux machines and multiple linux machines

How to configure mutual trust between multiple Linux machines and multiple linux machines
Environment

Three machines:

Hadoop001, IP: 192.168.92.200 hadoop002, IP: 192.168.92.201 hadoop003, IP: 192.168.92.202

Configuration

Run ssh-keygen on the three machines, enter the command, press enter, and then press Enter. Press enter three times.

[root@hadoop001 ~]# ssh-keygenGenerating public/private rsa key pair.Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa.Your public key has been saved in /root/.ssh/id_rsa.pub.The key fingerprint is:8d:29:13:12:a7:eb:1d:71:d6:cf:a4:33:3e:f8:57:f6 root@hadoop001The key's randomart image is:+--[ RSA 2048]----+|    . .          ||     +   .       ||    o o o . .    ||     o = + =     ||    . + S = o    ||   . . + o o  o  ||    . . . o  o . ||         . ..   E||          ..     |+-----------------+

View the generated. ssh hidden folder

[root@hadoop001 ~]# ll -adrwx------.  2 root root  4096 Dec  4 18:00 .pulse-rw-------.  1 root root   256 Dec  4 18:00 .pulse-cookiedrwx------.  2 root root  4096 Feb 28 16:46 .ssh-rw-r--r--.  1 root root   129 Dec  4  2004 .tcshrcdrwxr-xr-x.  2 root root  4096 Dec  4 18:00 Templatesdrwxr-xr-x.  2 root root  4096 Dec  4 18:00 Videos

View public and private keys

[root@hadoop001 ~]# ll -a ./.ssh/total 16drwx------.  2 root root 4096 Feb 28 16:46 .dr-xr-x---. 27 root root 4096 Feb 28 13:59 ..-rw-------.  1 root root 1675 Feb 28 16:46 id_rsa-rw-r--r--.  1 root root  396 Feb 28 16:46 id_rsa.pub

Select hadoop001, generate the authorized_keys file, and append the public key content

[root@hadoop001 ~]# cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys

Copy the id_rsa.pub content of multiple other machines to the authorized_keys file of the first hadoop001.

Note that when copying data, it is best to put it in Notepad first, and remove the carriage return to become a line.

[root@hadoop001 .ssh]# cat authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAyROAajOjam+DoZ6EShke4WgdvgPQsaa9Sc7zPXNDk3nQ9Xzde5XpC8vD8hjFABO5CEbgavZ7tSvLX0HxroMwgi26NFwywlQlskQnnOrI/NVx8QocdcjfoRRaWyboQpsBmf2j4ADDMEOBZOycvRNWC/Vda2OWKpGrav3zLUAXpIm6UTLdGgAsZXjOmlwyRsWu0RajdmuoGYzHE3rePqlPjXSpTkhZm9sR1LBkWSxz6y8piqp2Q7QWJkQtxuTUVE3LkEa4a0wIhVU+pI1LNBUufAcWmxrz3MpnscYJPfIvfChaG4SRMXS0N+FVqyxgx4xFZhQ2SG/RDwmy9stG6xXAOQ== root@hadoop001ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwavnoifdzJ1vLhRTdALqifUlw8NBIceIkPXAYPs4iFxUOn02nurr1hZgpe/9cLVInIopNINaHcnYjP2sLNv7wklQgYZNfwK3k5DwTh9M/Yyr+9XFT0CyYrjgVgfnb9s41KjniJz9qFa96K/BylKUljd+bwl1kYgnmxbKGoIg3nNiJiJpDTGlySrnmrSrEjSpP7rL8OacrLNKjDSIGb7J7pFcM95b5pIQUth3fp05yuzq1kMlee9+URvcmtH3XJbrA1ybZWWGWEBJnC6sDY6DnQJ6K3LK0+OwBZWvYPimb1BTQiJSgYzqdDDdSlX+c/z9CUbd/k4No11wDW1NtWpNoQ== root@hadoop002ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtOPrrV7o9zv1DTKYk9w4LnpCNqReCdGDmU84QUrQje/8sZDopFPdsdZWGgXuFlfR2L0eVFsXsFNHDIl3mXNyr2tW5VUqFdsLu9cGfu9Iq65QyteCL1BO463Hm2yPtIponXIeduMrK8F/sdc3LDzKOpJGYyYMK1/TqOX592lXdL6nranETmoUYX0TIFMD6gYNq3CB7DBDaJ2fg0vrGKdCH9FtH1pCayK7iFTGSBRMCqzZstr92G0PTB4O82RwEnwHSYbw1lhsBj7XskM336tpyhnBUoMSItg1QglSLgDOVVLHn29Y7k/qfnIHI0XtOHOOwHZyiDMGfnma/PH6synPiw== root@hadoop003[root@hadoop001 .ssh]# 

Modify the. ssh folder and authorized_keys Permissions

. Ssh (executed for each server)

[root@hadoop001 ~]# chmod 700 -R /root/.ssh

- authorized_keys

[root@hadoop001 ~]# chmod 600 ~/.ssh/authorized_keys 

Send the first authorized_keys file scp to another machine (for the first transmission, enter the password)

[root@hadoop001 ~]# cd .ssh[root@hadoop001 .ssh]# scp authorized_keys root@192.168.92.201:/root/.ssh/authorized_keys The authenticity of host '192.168.92.201 (192.168.92.201)' can't be established.RSA key fingerprint is bf:5d:2b:37:82:ba:2e:45:16:94:cf:3f:1b:bf:7b:96.Are you sure you want to continue connecting (yes/no) yesWarning: Permanently added '192.168.92.201' (RSA) to the list of known hosts.root@192.168.92.201's password: authorized_keys                                               100% 1188     1.2KB/s   00:00 [root@hadoop001 .ssh]# scp authorized_keys root@192.168.92.202:/root/.ssh/authorized_keys The authenticity of host '192.168.92.202 (192.168.92.202)' can't be established.RSA key fingerprint is bf:5d:2b:37:82:ba:2e:45:16:94:cf:3f:1b:bf:7b:96.Are you sure you want to continue connecting (yes/no) yesWarning: Permanently added '192.168.92.202' (RSA) to the list of known hosts.root@192.168.92.202's password: authorized_keys                                               100% 1188     1.2KB/s   00:00 

Configure the hosts file

[root@hadoop001 .ssh]# vi /etc/hosts127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4::1         localhost localhost.localdomain localhost6 localhost6.localdomain6192.168.92.200 hadoop001192.168.92.201 hadoop002192.168.92.202 hadoop003

Transferring a host is a file to another machine.

[root@hadoop001 .ssh]# scp /etc/hosts root@192.168.92.201:/etc/hostshosts                                                                         100%  233     0.2KB/s   00:00    [root@hadoop001 .ssh]# scp /etc/hosts root@192.168.92.202:/etc/hostshosts                                                                         100%  233     0.2KB/s   00:00   

Test

Print date. input the command for each machine allocation. Input yes to print the date successfully.

[root@hadoop001 .ssh]# ssh root@hadoop001 dateWed Feb 28 17:50:14 CST 2018[root@hadoop001 .ssh]# ssh root@hadoop002 dateWed Feb 28 17:50:18 CST 2018[root@hadoop001 .ssh]# ssh root@hadoop003 dateWed Feb 28 17:50:22 CST 2018