zoukankan      html  css  js  c++  java
  • linux修改主机名+免密认证+关闭防火墙

    在很多软件安装的时候都有这些需求,因此在这里一起讲一下

    修改主机名

    简单的使用 hostnamectl 命令就好了

    hostnamectl set-hostname NAME

    免密认证

    准备工作,修改主机文件 

    /etc/hosts
    [root@node1 .ssh]# cat /etc/hosts
    127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
    ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
    192.168.79.200    node1
    192.168.79.202    node2
    192.168.79.204    node3

    在每个节点的/root/.ssh目录下执行(连按三次回车就好)

    ssh-keygen -t rsa
    [root@node1 .ssh]# ssh-keygen -t rsa
    Generating public/private rsa key pair.
    Enter file in which to save the key (/root/.ssh/id_rsa): 
    Enter passphrase (empty for no passphrase): 
    Enter same passphrase again: 
    Your identification has been saved in /root/.ssh/id_rsa.
    Your public key has been saved in /root/.ssh/id_rsa.pub.
    The key fingerprint is:
    SHA256:EZ1TYD9Hu7qQO+lKsOPGGu2ym5pbMUWR0psjBW7XVwM root@node1
    The key's randomart image is:
    +---[RSA 2048]----+
    |    .ooo..E=+ .  |
    |   ...+. o+o o . |
    |    ooooo ..o o  |
    |   ..o+  o   o . |
    |    o...S     .  |
    |     + o   . .   |
    |    o.+ . o..    |
    |   o.=oo  oo .   |
    |  +o=*o .oo..    |
    +----[SHA256]-----+

    然后在node1上执行

    cat id_rsa.pub >> authorized_keys

    登录其余主机,将公钥文件全部拷贝到node1的authorized_keys中,如node3节点:

    [root@node3 .ssh]# ssh-copy-id -i node1
    /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
    The authenticity of host 'node1 (192.168.79.200)' can't be established.
    ECDSA key fingerprint is SHA256:AdOUf9OIf3q4Ks7q8nj0agFtFIFdB1BGtlk8SkYImmo.
    ECDSA key fingerprint is MD5:91:b6:be:a0:bb:f3:7a:e5:2c:6b:4a:c0:a4:7f:01:55.
    Are you sure you want to continue connecting (yes/no)? yes
    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
    root@node1's password: 
    
    Number of key(s) added: 1
    
    Now try logging into the machine, with:   "ssh 'node1'"
    and check to make sure that only the key(s) you wanted were added.

    此时查看node1节点的authorized_keys文件可以看到已经全部加进来了

    [root@node1 .ssh]# cat authorized_keys 
    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3BQUX3qQJadEaBv8IGNh1aqIKIfT/9IkqZGCfx9UEFQ4kGOdpNay355YLKUOMNbjYtFSyVA0M2jkVopFPNlhEh7S/dIgYslgjEL7rtwl8evK9FI6cIkKbjWQWbpjdLgBrvvKhAPUBwhpfoUqUyzr+wtwSzgIJV8/C651OsRP4frtVruJj6qHBE+Rb++mUbs2sGj7h8NNrtWgIHJupFqrg35F7VcVGQe4LMdm3xTDXH0b/a15LosLtg7DQOngCXuJ4iL7qVIHHXqWv2Khv+Gw/PP6fvfPD29v8KCpjSq9Yk+O44LeM4mJE39TsHY+ASxSae4surdomcCCVQoeJ7tbF root@node1
    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC34kQ98T/x4ex1FvNnCEC1wquxJeaMTjzWuySP33CHXHK0QpvJMg5Y1t7v9sItuVCtJac0Z932Qd0E/QnBWCNuq548JmZeIWgzdXiI+G8MLSk32GJmXig9X4THUWpcRm+qmo9ZXTImqW0C1srRNr7cQ8AtViCooxFcF7s410D1XBLza7V+Key+GTrYZNQV+cXQMX643TJl/TQaOzJamDsPZnH9f9E4q1Ux0I47IiPJBMjLonox/Bqf8W+qDgQKFA6zWrebb7YWdMbS4x8hHN0+SIeoMpLYdUNy18XCREZEYd4aWJs4v8RRsrdBaKMA1LtELNktapFqVTWtc9fFN51f root@node2
    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1+6ZqI1mU2mns17pNWoPkmzSExYy14gJI5elUeM91LLjxlKMz7TWofJPJg/s2hSuu3v9db3PwzYhZenCEJ6k6R8e+iUlu65QEgvQWhsLzbQW5UAXdqKzhhC6DsaYLUZbnfaCIMNvzWo6rUcaRnKZFVAw+scxxFasHJnjQmiAZg0uL8iCT1Cghu9CwqAF2UFxCCSt6rso6l71YUZAsUMtiCS1wA/D5+9rYHkXijgTsMK3nlklQNJ9QPWz/AHgTs0N59STpWJ89KMxCRZfWgvkwzoajYMK4OeUV9HxSZuzwuIOR3Rek4YB2BN0VdfQZZxO07pgnPi/OawswojkxgRYX root@node3

    修改权限后把authorized_keys文件拷贝到其余节点,此时所有节点免密认证成功

    [root@node1 .ssh]# chmod 600 authorized_keys
    [root@node1 .ssh]# scp authorized_keys node2:`pwd`
    The authenticity of host 'node2 (192.168.79.202)' can't be established.
    ECDSA key fingerprint is SHA256:AdOUf9OIf3q4Ks7q8nj0agFtFIFdB1BGtlk8SkYImmo.
    ECDSA key fingerprint is MD5:91:b6:be:a0:bb:f3:7a:e5:2c:6b:4a:c0:a4:7f:01:55.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added 'node2,192.168.79.202' (ECDSA) to the list of known hosts.
    root@node2's password: 
    authorized_keys                                   100% 1176   622.8KB/s   00:00    
    [root@node1 .ssh]# scp authorized_keys node3:`pwd`
    The authenticity of host 'node3 (192.168.79.204)' can't be established.
    ECDSA key fingerprint is SHA256:AdOUf9OIf3q4Ks7q8nj0agFtFIFdB1BGtlk8SkYImmo.
    ECDSA key fingerprint is MD5:91:b6:be:a0:bb:f3:7a:e5:2c:6b:4a:c0:a4:7f:01:55.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added 'node3,192.168.79.204' (ECDSA) to the list of known hosts.
    root@node3's password: 
    authorized_keys                                   100% 1176   519.8KB/s   00:00    
    [root@node1 .ssh]# 

    关闭防火墙

    一般来说关闭firewalld服务和selinux

    # 关闭防火墙
    systemctl stop firewalld
    systemctl disable firewalld
    
    #关闭selinux
    使用getenforce来查看是否开启,如果开启
    使用setenforce 0关闭
    
    # 永久关闭selinux
    vim /etc/sysconfig/selinux
    将SELINUX=enforcing改为disabled
  • 相关阅读:
    Deep Learning(深度学习)学习笔记整理系列五
    Deep Learning(深度学习)学习笔记整理系列四
    Deep Learning(深度学习)学习笔记整理系列三
    Deep Learning(深度学习)学习笔记整理系列二
    Deep Learning(深度学习)学习笔记整理系列 一
    java对象转为json字符串
    eclipse常用功能及快捷键
    fiddler详解
    http状态码
    eclipse中文乱码
  • 原文地址:https://www.cnblogs.com/luxiaodai/p/9949226.html
Copyright © 2011-2022 走看看