How to configure mutual trust between multiple Linux machines and multiple linux machines

Source: Internet
Author: User

How to configure mutual trust between multiple Linux machines and multiple linux machines
Environment

Three machines:

Hadoop001, IP: 192.168.92.200 hadoop002, IP: 192.168.92.201 hadoop003, IP: 192.168.92.202

Configuration

Run ssh-keygen on the three machines, enter the command, press enter, and then press Enter. Press enter three times.

[root@hadoop001 ~]# ssh-keygenGenerating public/private rsa key pair.Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa.Your public key has been saved in /root/.ssh/id_rsa.pub.The key fingerprint is:8d:29:13:12:a7:eb:1d:71:d6:cf:a4:33:3e:f8:57:f6 root@hadoop001The key's randomart image is:+--[ RSA 2048]----+|    . .          ||     +   .       ||    o o o . .    ||     o = + =     ||    . + S = o    ||   . . + o o  o  ||    . . . o  o . ||         . ..   E||          ..     |+-----------------+

View the generated. ssh hidden folder

[root@hadoop001 ~]# ll -adrwx------.  2 root root  4096 Dec  4 18:00 .pulse-rw-------.  1 root root   256 Dec  4 18:00 .pulse-cookiedrwx------.  2 root root  4096 Feb 28 16:46 .ssh-rw-r--r--.  1 root root   129 Dec  4  2004 .tcshrcdrwxr-xr-x.  2 root root  4096 Dec  4 18:00 Templatesdrwxr-xr-x.  2 root root  4096 Dec  4 18:00 Videos

View public and private keys

[root@hadoop001 ~]# ll -a ./.ssh/total 16drwx------.  2 root root 4096 Feb 28 16:46 .dr-xr-x---. 27 root root 4096 Feb 28 13:59 ..-rw-------.  1 root root 1675 Feb 28 16:46 id_rsa-rw-r--r--.  1 root root  396 Feb 28 16:46 id_rsa.pub

Select hadoop001, generate the authorized_keys file, and append the public key content

[root@hadoop001 ~]# cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys

Copy the id_rsa.pub content of multiple other machines to the authorized_keys file of the first hadoop001.

Note that when copying data, it is best to put it in Notepad first, and remove the carriage return to become a line.

[root@hadoop001 .ssh]# cat authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAyROAajOjam+DoZ6EShke4WgdvgPQsaa9Sc7zPXNDk3nQ9Xzde5XpC8vD8hjFABO5CEbgavZ7tSvLX0HxroMwgi26NFwywlQlskQnnOrI/NVx8QocdcjfoRRaWyboQpsBmf2j4ADDMEOBZOycvRNWC/Vda2OWKpGrav3zLUAXpIm6UTLdGgAsZXjOmlwyRsWu0RajdmuoGYzHE3rePqlPjXSpTkhZm9sR1LBkWSxz6y8piqp2Q7QWJkQtxuTUVE3LkEa4a0wIhVU+pI1LNBUufAcWmxrz3MpnscYJPfIvfChaG4SRMXS0N+FVqyxgx4xFZhQ2SG/RDwmy9stG6xXAOQ== root@hadoop001ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwavnoifdzJ1vLhRTdALqifUlw8NBIceIkPXAYPs4iFxUOn02nurr1hZgpe/9cLVInIopNINaHcnYjP2sLNv7wklQgYZNfwK3k5DwTh9M/Yyr+9XFT0CyYrjgVgfnb9s41KjniJz9qFa96K/BylKUljd+bwl1kYgnmxbKGoIg3nNiJiJpDTGlySrnmrSrEjSpP7rL8OacrLNKjDSIGb7J7pFcM95b5pIQUth3fp05yuzq1kMlee9+URvcmtH3XJbrA1ybZWWGWEBJnC6sDY6DnQJ6K3LK0+OwBZWvYPimb1BTQiJSgYzqdDDdSlX+c/z9CUbd/k4No11wDW1NtWpNoQ== root@hadoop002ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtOPrrV7o9zv1DTKYk9w4LnpCNqReCdGDmU84QUrQje/8sZDopFPdsdZWGgXuFlfR2L0eVFsXsFNHDIl3mXNyr2tW5VUqFdsLu9cGfu9Iq65QyteCL1BO463Hm2yPtIponXIeduMrK8F/sdc3LDzKOpJGYyYMK1/TqOX592lXdL6nranETmoUYX0TIFMD6gYNq3CB7DBDaJ2fg0vrGKdCH9FtH1pCayK7iFTGSBRMCqzZstr92G0PTB4O82RwEnwHSYbw1lhsBj7XskM336tpyhnBUoMSItg1QglSLgDOVVLHn29Y7k/qfnIHI0XtOHOOwHZyiDMGfnma/PH6synPiw== root@hadoop003[root@hadoop001 .ssh]# 

Modify the. ssh folder and authorized_keys Permissions

. Ssh (executed for each server)

[root@hadoop001 ~]# chmod 700 -R /root/.ssh
- authorized_keys
[root@hadoop001 ~]# chmod 600 ~/.ssh/authorized_keys 
Send the first authorized_keys file scp to another machine (for the first transmission, enter the password)
[root@hadoop001 ~]# cd .ssh[root@hadoop001 .ssh]# scp authorized_keys root@192.168.92.201:/root/.ssh/authorized_keys The authenticity of host '192.168.92.201 (192.168.92.201)' can't be established.RSA key fingerprint is bf:5d:2b:37:82:ba:2e:45:16:94:cf:3f:1b:bf:7b:96.Are you sure you want to continue connecting (yes/no) yesWarning: Permanently added '192.168.92.201' (RSA) to the list of known hosts.root@192.168.92.201's password: authorized_keys                                               100% 1188     1.2KB/s   00:00 [root@hadoop001 .ssh]# scp authorized_keys root@192.168.92.202:/root/.ssh/authorized_keys The authenticity of host '192.168.92.202 (192.168.92.202)' can't be established.RSA key fingerprint is bf:5d:2b:37:82:ba:2e:45:16:94:cf:3f:1b:bf:7b:96.Are you sure you want to continue connecting (yes/no) yesWarning: Permanently added '192.168.92.202' (RSA) to the list of known hosts.root@192.168.92.202's password: authorized_keys                                               100% 1188     1.2KB/s   00:00 

Configure the hosts file

[root@hadoop001 .ssh]# vi /etc/hosts127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4::1         localhost localhost.localdomain localhost6 localhost6.localdomain6192.168.92.200 hadoop001192.168.92.201 hadoop002192.168.92.202 hadoop003

Transferring a host is a file to another machine.

[root@hadoop001 .ssh]# scp /etc/hosts root@192.168.92.201:/etc/hostshosts                                                                         100%  233     0.2KB/s   00:00    [root@hadoop001 .ssh]# scp /etc/hosts root@192.168.92.202:/etc/hostshosts                                                                         100%  233     0.2KB/s   00:00   
Test

Print date. input the command for each machine allocation. Input yes to print the date successfully.

[root@hadoop001 .ssh]# ssh root@hadoop001 dateWed Feb 28 17:50:14 CST 2018[root@hadoop001 .ssh]# ssh root@hadoop002 dateWed Feb 28 17:50:18 CST 2018[root@hadoop001 .ssh]# ssh root@hadoop003 dateWed Feb 28 17:50:22 CST 2018

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.