* ssh 多台伺服器之間串連
例如有4台機器,需要相互之間不使用密碼通訊。
|----------+-------------|
| host | IP |
|----------+-------------|
| server01 | 192.168.0.1 |
| server02 | 192.168.0.2 |
| server03 | 192.168.0.3 |
| server04 | 192.168.0.4 |
|----------+-------------|
** 第一步:產生各自的檔案夾
server01:# mkdir -p /root/.ssh; chmod 700 /root/.ssh
server02:# mkdir -p /root/.ssh; chmod 700 /root/.ssh
server03:# mkdir -p /root/.ssh; chmod 700 /root/.ssh
server04:# mkdir -p /root/.ssh; chmod 700 /root/.ssh
** 第二步: 產生各自的key
1. 分別進入/root/.ssh/目錄,執行命令:
server01:# ssh-keygen -t rsa
server02:# ssh-keygen -t rsa
server03:# ssh-keygen -t rsa
server04:# ssh-keygen -t rsa
一路斷行符號即可產生對應的key(private key: id_rsa ) ( public key: id_rsa.pub )
server01:# cp id_rsa.pub authorized_keys
server02:# cp id_rsa.pub authorized_keys
server03:# cp id_rsa.pub authorized_keys
server04:# cp id_rsa.pub authorized_keys
2. 四台伺服器上分別執行下面買的命令
server01:# ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N ""
server01:# ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_rsa_key -N ""
server01:# ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ""
server01:# /etc/init.d/ssh restart
** 第三步: 添加不同伺服器的public key(id_rsa.pub)到自己的authorized_keys檔案中
(注意:下面的scp命令中還需要手動輸入密碼才能登陸)
server01:# scp 192.168.0.2:/root/.ssh/id_rsa.pub /root/
server01:# cat /root/id_rsa.pub >> /root/.ssh/authorized_keys
server01:# scp 192.168.0.3:/root/.ssh/id_rsa.pub /root/
server01:# cat /root/id_rsa.pub >> /root/.ssh/authorized_keys
server01:# scp 192.168.0.4:/root/.ssh/id_rsa.pub /root/
server01:# cat /root/id_rsa.pub >> /root/.ssh/authorized_keys
現在server01上的/root/.ssh/authorized_keys已經包含了四台伺服器的public key。
server01:# scp /root/.ssh/authorized_keys scp 192.168.0.2:/root/.ssh/authorized_keys
server01:# scp /root/.ssh/authorized_keys scp 192.168.0.3:/root/.ssh/authorized_keys
server01:# scp /root/.ssh/authorized_keys scp 192.168.0.4:/root/.ssh/authorized_keys
至此,應該可以相互之間無密碼串連了。
engoy it!