多台linux無密碼訪問

標籤：linux 無密碼訪問

一：實驗環境：

1.四台SLES 11 SP2 X86_64 迷你安裝

2.其中主機名稱和IP對應關係如下

manager     192.168.78.11

node1       192.168.78.12

node2       192.168.78.13

node3       192.168.78.14

 

 

二：配置過程如下：

1.在manager的/etc/hosts下新增內容如下

192.168.78.11   manager

192.168.78.12   node1

192.168.78.13   node2

192.168.78.14   node3

 

2.產生無私密金鑰密碼的金鑰組

manager:~ # ssh-keygen

Generating public/private rsa key pair.

Enter file in which to save the key(/root/.ssh/id_rsa):                //直接Enter鍵

Created directory ‘/root/.ssh‘.

Enter passphrase (empty for no passphrase):                            //直接Enter鍵

Enter same passphrase again:                                           //直接Enter鍵

Your identification has been saved in/root/.ssh/id_rsa.

Your public key has been saved in/root/.ssh/id_rsa.pub.

The key fingerprint is:

c2:e9:a3:48:a5:57:3c:64:a8:b6:17:71:ff:93:4d:[email protected]

The key‘s randomart image is:

+--[ RSA 2048]----+

|                 |

|    .           |

|   o +          |

|   .B o         |

|  oo B S   .    |

| . + + o . + .   |

|  +o o   + E .  |

| . + . .  . .   |

|  ..            |

+-----------------+

manager:~ #

 

3.產生認證檔案authorized_keys並設定相應許可權

manager:~ # cd .ssh/

manager:~/.ssh # ls

id_rsa id_rsa.pub

manager:~/.ssh # cp id_rsa.pub authorized_keys

manager:~/.ssh # chmod 600 authorized_keys

manager:~/.ssh # ls -l

total 12

-rw------- 1 root root  394 Dec 11 05:13 authorized_keys

-rw------- 1 root root 1675 Dec 11 05:12id_rsa

-rw-r--r-- 1 root root  394 Dec 11 05:12 id_rsa.pub

manager:~/.ssh #

 

4.複製/root/.ssh目錄到node1,node2,node3的root目錄下

manager:~ # for i in `seq 1 3`; do scp -r /root/.ssh/ node$i:/root/ ; done

The authenticity of host ‘node1(192.168.78.12)‘ can‘t be established.

RSA key fingerprint is9d:f6:00:b6:96:ba:e3:0c:91:47:8d:36:a6:68:6a:cf.

Are you sure you want to continueconnecting (yes/no)? yes

Warning: Permanently added‘node1,192.168.78.12‘ (RSA) to the list of known hosts.

Password:

authorized_keys                               100%  394    0.4KB/s   00:00   

id_rsa                                        100%1675     1.6KB/s   00:00   

known_hosts                                   100%  229    0.2KB/s   00:00   

id_rsa.pub                                    100%  394    0.4KB/s   00:00   

The authenticity of host ‘node2(192.168.78.13)‘ can‘t be established.

RSA key fingerprint is45:d1:31:ed:05:54:ec:a4:61:f2:a8:70:8f:97:8c:41.

Are you sure you want to continueconnecting (yes/no)? yes

Warning: Permanently added‘node2,192.168.78.13‘ (RSA) to the list of known hosts.

Password:

authorized_keys                               100%  394    0.4KB/s   00:00   

id_rsa                                        100%1675     1.6KB/s   00:00   

known_hosts                                   100%  458    0.5KB/s   00:00   

id_rsa.pub                                    100%  394    0.4KB/s   00:00   

The authenticity of host ‘node3(192.168.78.14)‘ can‘t be established.

RSA key fingerprint is45:d1:31:ed:05:54:ec:a4:61:f2:a8:70:8f:97:8c:41.

Are you sure you want to continueconnecting (yes/no)? yes

Warning: Permanently added‘node3,192.168.78.14‘ (RSA) to the list of known hosts.

Password:

authorized_keys                               100%  394    0.4KB/s   00:00   

id_rsa                                        100%1675     1.6KB/s   00:00   

known_hosts                                   100%  687    0.7KB/s   00:00   

id_rsa.pub                                    100%  394    0.4KB/s   00:00   

manager:~ #

 

註：第一次是基於使用者名稱密碼的認證，所以要輸入密碼

 

5.複製/etc/hosts檔案到node1,node2,node3的/etc目錄下

manager:~ # for i in `seq 1 3`; do scp /etc/hosts node$i:/etc/ ; done

 

6.ssh訪問本機（以便添加manager到.ssh/known_hosts檔案下）

manager:~ # ssh manager

The authenticity of host ‘manager(192.168.78.11)‘ can‘t be established.

RSA key fingerprint ise6:74:87:2c:5e:71:30:c8:ae:9d:87:d4:54:05:d0:22.

Are you sure you want to continueconnecting (yes/no)? yes

Warning: Permanently added‘manager,192.168.78.11‘ (RSA) to the list of known hosts.

Last login: Thu Dec 11 05:06:27 2014 from192.168.78.1

manager:~ #

 

7.複製.ssh/known_hosts檔案到node1,node2,node3的/root/.ssh/目錄下

manager:~ # for i in `seq 1 3`; do scp /root/.ssh/known_hosts node$i:/root/.ssh/ ; done

 

至此配置完成

 

 

三：檢驗配置是否成功

1.隨便選擇一台機器比如node3,分別訪問manager,node1,node2

node3:~ # ssh manager

Last login: Thu Dec 11 05:20:52 2014 frommanager              //無密碼登入manager成功

manager:~ # exit                                              //退出到manager的串連

logout

Connection to manager closed.

node3:~ # ssh node1

Last login: Mon Sep 29 23:24:13 2014

linux-x4xj:~ # exit

logout

Connection to node1 closed.

node3:~ # ssh node2

Last login: Mon Sep 29 23:24:28 2014

linux-hmae:~ # exit

logout

Connection to node2 closed.

node3:~ #

 

由以上可知配置成功，node1,node2節點測試同上

 

#############################################################################

注意事項：

 

1.如果要重裝某個節點比如重裝node2，要按順序執行下面4步

◆在重裝node2之前需要先備份/etc/下的ssh目錄

◆重裝完成後，首先把/etc目錄下的ssh目錄替換為備份的ssh目錄並重啟ssh服務

◆然後從manager,node1或node3上複製.ssh目錄到node2的/root目錄下

◆最後複製hosts檔案到node2的/etc目錄下

 

2.普通使用者的操作同root使用者，且每個普通使用者都要做以上的操作

#############################################################################

本文出自 “永不止步” 部落格，謝絕轉載！

多台linux無密碼訪問