標籤:centos 6.4配置ssh免密碼驗證
一、環境
CentOS 6.4x64位
zabbix-c1:192.168.3.29
zabbix-c2:192.168.3.30
二、配置從zabbix-c1進行ssh到zabbix-c2免密碼驗證
在zabbix-c1上產生金鑰組,整個過程斷行符號即可。
[[email protected] ~]# ssh-keygen Generating public/private rsa key pair.Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa.Your public key has been saved in /root/.ssh/id_rsa.pub.The key fingerprint is:7d:ca:81:d9:35:c5:ab:7b:93:f0:b8:0f:8a:e8:63:c2 [email protected]The key‘s randomart image is:+--[ RSA 2048]----+| .. || .. || o . || = . .. || S + .. || . +o || . o .= . || E o. . .o.= || +o.. . .+.. |+-----------------+
在/root/.ssh目錄下回產生私密金鑰(id_rsa)和公開金鑰(id_rsa.pub)
[[email protected] ~]# ll /root/.ssh/total 12-rw------- 1 root root 1675 May 4 09:31 id_rsa #私密金鑰-rw-r--r-- 1 root root 396 May 4 09:31 id_rsa.pub #公開金鑰-rw-r--r-- 1 root root 394 Apr 30 10:29 known_hosts
三、將公開金鑰複製到目標機器(zabbix-c2)的authorized_keys檔案中
[[email protected] ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub 192.168.3.30[email protected]‘s password: #這裡在第一次串連的時候需要輸入密碼Now try logging into the machine, with "ssh ‘192.168.3.30‘", and check in: .ssh/authorized_keysto make sure we haven‘t added extra keys that you weren‘t expecting.#使用ssh登陸到zabbix-c2機器上,整個過程不需要輸入密碼[[email protected] ~]# ssh 192.168.3.30Last login: Mon May 4 09:24:02 2015 from 192.168.3.2[[email protected] ~]# ip a1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:68:fd:3e brd ff:ff:ff:ff:ff:ff inet 192.168.3.30/24 brd 192.168.3.255 scope global eth0 inet6 fe80::20c:29ff:fe68:fd3e/64 scope link valid_lft forever preferred_lft forever[[email protected] ~]# hostnamezabbix-c2
四、使用ssh協議遠程執行命令
#遠程查看記憶體資訊[[email protected] ~]# ssh 192.168.3.30 free -m total used free shared buffers cachedMem: 988 121 867 0 8 44-/+ buffers/cache: 68 919Swap: 1999 0 1999#遠程查看iptables資訊[[email protected] ~]# ssh 192.168.3.30 iptables -L -nChain INPUT (policy ACCEPT)target prot opt source destination ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 10050:10051 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT)target prot opt source destination REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT)target prot opt source destination #遠程查看IP地址資訊[[email protected] ~]# ssh 192.168.3.30 ip a1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:68:fd:3e brd ff:ff:ff:ff:ff:ff inet 192.168.3.30/24 brd 192.168.3.255 scope global eth0 inet6 fe80::20c:29ff:fe68:fd3e/64 scope link valid_lft forever preferred_lft forever#遠程查看hostname資訊[[email protected] ~]# ssh 192.168.3.30 hostnamezabbix-c2
本文出自 “ly36843營運” 部落格,請務必保留此出處http://ly36843.blog.51cto.com/3120113/1641591
CentOS 6.4配置SSH免密碼驗證