如何在 Linux 中创建 MySQL 数据库、表
如何在 Linux 中创建软链接(Symlink)和硬链接

问题

如何在3台linux服务器之间为非 root 用户创建无需密码的 ssh 连接。

当用户user1在linux服务器之间进行ssh连接时,如何设置不需要密码?

在服务器3上执行类似的操作

要使用普通用户在多台Linux计算机之间创建无密码ssh身份验证,请确保下面这两个权限设置正确,否则无密码ssh身份验证将无法工作。
authorized_keys 文件的权限 600
.ssh目录的权限 700

如何为多个非 root 用户创建无密码 ssh 连接

在服务器1上 设置无需密码的连接

在服务器1上执行

以user1的身份登录

[user1@server1 ~]$ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user1/.ssh/id_rsa):
Created directory '/home/user1/.ssh'.
Enter passphrase (empty for no passphrase): [Press ENTER for EMPTY password]
Enter same passphrase again: [Press ENTER for EMPTY password]
Your identification has been saved in /home/user1/.ssh/id_rsa.
Your public key has been saved in /home/user1/.ssh/id_rsa.pub.
The key fingerprint is:
81:bf:d5:03:3f:a1:a4:81:27:b5:61:e4:e6:17:b9:a0 user1@server1.example
The key's randomart image is:
+--[ RSA 2048]----+
|       .=        |
|       * o .     |
|      + O = .    |
|       B * B .   |
|      E S = =    |
|         +   o   |
|        .        |
|                 |
|                 |
+-----------------+

通过上面的命令,我们使用RSA类型的身份验证创建了一对公钥和私钥。

现在要创建一个无密码的ssh连接,我们需要将id_rsa.pub复制到远程服务器上,即:server2和server3

[user1@server1 ~]$ssh-copy-id user1@server2
The authenticity of host 'server2 (192.168.1.11)' can't be established.
RSA key fingerprint is de:75:8a:ff:26:1b:b5:82:61:36:9c:44:d2:57:3c:9e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'server2,192.168.1.11' (RSA) to the list of known hosts.
user1@server2's password: [Give password for user1]

现在,尝试使用“ssh”登录到计算机user1@server2“,并检查:

.ssh/authorized_keys

以确保我们没有添加另外的密钥。

[user1@server1 ~]$ssh-copy-id user1@server3
The authenticity of host 'server3 (192.168.1.12)' can't be established.
RSA key fingerprint is 98:61:fb:91:8b:10:29:e1:b2:db:fd:52:6d:79:d7:1a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'server3,192.168.1.12' (RSA) to the list of known hosts.
user1@server3's password: [Give password for user1]

现在,尝试使用“ssh”登录到计算机user1@server3“,并检查:

.ssh/authorized_keys

以确保我们没有添加另外的密钥。

注意:确保对授权密钥的权限为600。

通过以上步骤,我们已经成功地创建了从

服务器 1 ------> 服务器 2
服务器 1 ------> 服务器 3

的无密码身份验证。

在服务器2上 设置无需密码的连接

在服务器2上执行

以user1的身份登录

[user1@server2 ~]$ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user1/.ssh/id_rsa):
Enter passphrase (empty for no passphrase): [Press ENTER for EMPTY password]
Enter same passphrase again: [Press ENTER for EMPTY password]
Your identification has been saved in /home/user1/.ssh/id_rsa.
Your public key has been saved in /home/user1/.ssh/id_rsa.pub.
The key fingerprint is:
8f:0d:bc:8c:fc:d1:38:1a:b3:be:7a:8d:fc:8d:0d:1e user1@server2.example
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|                 |
|                 |
|       .         |
|        S        |
|     . o O       |
|     .=oE +      |
|      +B.O       |
|    .+=o= o      |
+-----------------+

通过上面的命令,我们使用RSA类型的身份验证创建了一对公钥和私钥。

现在要创建一个无密码的ssh连接,我们需要将id_rsa.pub复制到远程服务器上,即:server1和server3

[user1@server2 ~]$ssh-copy-id user1@server1
The authenticity of host 'server1 (192.168.1.6)' can't be established.
RSA key fingerprint is b8:36:c1:38:01:db:cc:89:b1:a9:b8:f7:f7:a8:17:ef.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'server1,192.168.1.6' (RSA) to the list of known hosts.
user1@server1's password: [Give password for user1]

现在,尝试使用“ssh”登录到计算机user1@server1“,并检查:

.ssh/authorized_keys

以确保我们没有添加另外的密钥。

[user1@server2 ~]$ssh-copy-id user1@server3
The authenticity of host 'server3 (192.168.1.12)' can't be established.
RSA key fingerprint is 98:61:fb:91:8b:10:29:e1:b2:db:fd:52:6d:79:d7:1a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'server3,192.168.1.12' (RSA) to the list of known hosts.
user1@server3's password: [Give password for user1]

现在,尝试使用“ssh”登录到计算机user1@server3“,并检查:

.ssh/authorized_keys

以确保我们没有添加另外的密钥。

通过以上步骤,我们已经成功地创建了从

服务器 2 ------> 服务器 1
服务器 2 ------> 服务器 3

的无密码身份验证。

准备工作

用户 user1 应该存在于所有 3 个 Linux 机器上

服务器详情

server1.example
IP 192.168.1.6

server2.example
IP 192.168.1.11

server3.example
IP 192.168.1.12

日期:2020-06-02 22:18:29 来源:oir作者:oir
如何在 Linux 中创建 MySQL 数据库、表
如何在 Linux 中创建软链接(Symlink)和硬链接

目录

Copyright © 2017-2019 OnITRoad.com All rights reserved.  桂ICP备20001160号-1  关于 | 隐私和政策