概述
配置两个节点的ssh 互信,注意 .ssh上一层目录,也就是home目录的权限应为755,不能是777,如果是777则ssh不能配置互信。
在两个节点先执行:
> chmod 755 $HOME
配置过程:
node1:
cd $HOME
mkdir ~/.ssh
chmod 700 ~/.ssh
/usr/bin/ssh-keygen -t rsa
cat $HOME/.ssh/id_rsa.pub >> $HOME/.ssh/authorized_keys
/usr/bin/ssh-keygen -t dsa
cat $HOME/.ssh/id_dsa.pub >> $HOME/.ssh/authorized_keys
node2:
cd $HOME
mkdir ~/.ssh
chmod 700 ~/.ssh
/usr/bin/ssh-keygen -t rsa
cat $HOME/.ssh/id_rsa.pub >> $HOME/.ssh/authorized_keys
/usr/bin/ssh-keygen -t dsa
cat $HOME/.ssh/id_dsa.pub >> $HOME/.ssh/authorized_keys
node1:
ssh $NODE2 "cat .ssh/id_rsa.pub">>$HOME/.ssh/authorized_keys
ssh $NODE2 "cat .ssh/id_dsa.pub">>$HOME/.ssh/authorized_keys
scp $HOME/.ssh/authorized_keys $NODE2 :$HOME/.ssh
验证,无需输入密码则为配置成功:
[node1 .ssh]$ ssh node2 date
Thu Sep 15 09:26:52 CST 2016
[node2 .ssh]$ ssh node1 date
Thu Sep 15 09:26:47 CST 2016
注意
[node1 ~]$ /usr/bin/ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/paic/stg/oracle/11g/otzj11g/.ssh/id_dsa): /paic/stg/oracle/11g/otzj11g/.ssh/id_dsa
Enter passphrase (empty for no passphrase): ##为空,直接回车
Enter same passphrase again: ##为空,直接回车
Your identification has been saved in /paic/stg/oracle/11g/otzj11g/.ssh/id_dsa.
Your public key has been saved in /paic/stg/oracle/11g/otzj11g/.ssh/id_dsa.pub.
The key fingerprint is:
97:51:28:d9:15:4c:6a:9b:7e:f9:c1:70:72:fe:64:fa node1
最后
以上就是暴躁橘子为你收集整理的linux配置SSH 互信的全部内容,希望文章能够帮你解决linux配置SSH 互信所遇到的程序开发问题。
如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。
发表评论 取消回复