配置节点之间的SSH互信
节点1、2配置hosts文件
[root@test1 ~]# cat /etc/hosts
#ssh
192.168.1.160 test1
192.168.1.178 local
节点1执行
#su - root
#mkdir ~/.ssh
[root@test1 ~]# chmod 755 ~/.ssh/
[root@test1 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:N0cKLDOLfYYZ5gP9fxpGiRrLtPG/hchpMEZHOiu7Qsk root@test1
The key's randomart image is:
+---[RSA 2048]----+
| . |
| . + |
| . @ + . |
| B & o + |
| . .o / S * . |
| E * # * + |
| . . = * = o |
| . . . o = |
| .. +. |
+----[SHA256]-----+
[root@test1 ~]# ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
SHA256:1uR0MuNrbIx0mL9oMftyVGM3DpB0eWV4RK60yGNNE4s root@test1
The key's randomart image is:
+---[DSA 1024]----+
| ......==|
| o...o=.|
| *.E.=..|
| O *==o+ |
| S =o==+. |
| oo*.o .. |
| .=B |
| ++.. |
| ..+o |
+----[SHA256]-----+
节点2执行
[root@local ~]# mkdir ~/.ssh
[root@local ~]# chmod 755 ~/.ssh/
[root@local ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:dEtPyWHH4BfoyQk7ubehY5BQMsRDU3MGiB4B6OXi++I root@local
The key's randomart image is:
+---[RSA 2048]----+
| ....*+o+.o ++o |
|. .o *..+.+.+.. |
|. o. . =. o*=o. |
| o .. .. o++=. |
|. . .S..o. |
| . o . o |
| . . o o |
| o + . |
|.Eo. . . |
+----[SHA256]-----+
[root@local ~]# ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
SHA256:cz7ZoATY2ljeZR7QkO6XQxAnWhj3Rtf+281N6sleoGk root@local
The key's randomart image is:
+---[DSA 1024]----+
| .oB=o .. |
| o.+o*.. . |
| . =. .* . |
| * o.=.. . |
| o o.S.+. .. |
| ..=++ o .o|
| ..+.E +*|
| o ..+=|
| o= |
+----[SHA256]-----+
节点1执行
[root@test1 ~]# cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
[root@test1 ~]# cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
[root@test1 ~]# ssh local cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
The authenticity of host 'local (192.168.1.178)' can't be established.
ECDSA key fingerprint is SHA256:1ZXb3IG+tPpQEQMvygyZcjfPLuy3wbD6d/YSYHXi4Bw.
ECDSA key fingerprint is MD5:51:98:51:dd:fb:82:00:77:76:e7:7c:88:30:92:d7:bc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'local' (ECDSA) to the list of known hosts.
root@local's password:
[root@test1 ~]# ssh local cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
root@local's password:
[root@test1 ~]# scp ~/.ssh/authorized_keys local:~/.ssh/authorized_keys
root@local's password:
authorized_keys 100% 1984 471.8KB/s 00:00
验证配置
节点1
[root@test1 ~]# ssh local date;ssh test1 date;ssh local-pri date
Tue Mar 24 11:15:44 CST 2020
Mon Mar 23 23:15:32 EDT 2020
节点2
[root@local ~]# ssh test1 date;ssh local date;
2020年 03月 23日 星期一 23:17:51 EDT
2020年 03月 24日 星期二 11:18:03 CST