本文于 7 天前发布,最后更新于 7 天前
一、环境说明
集群中包括三台服务器
- 192.168.241.131(dwp)
- 192.168.241.132(dws)
- 192.168.241.133(dwm)
二、配置免密
(1)配置主机名映射(三台服务器均需操作)
vim /etc/hosts 192.168.241.131 dwp 192.168.241.132 dws 192.168.241.133 dwm
重启 ssh 服务
systemctl start sshd
(2)生成 SSH 密钥对(三台服务器均需操作)
[root@dwp ~]# ssh-keygen 多次回车 [root@dwp ~]# ssh-copy-id 192.168.241.131 [root@dwp ~]# ssh-copy-id 192.168.241.132 [root@dwp ~]# ssh-copy-id 192.168.241.133 或者 [root@dwp ~]# ssh-copy-id dwp [root@dwp ~]# ssh-copy-id dws [root@dwp ~]# ssh-copy-id dwm
如下:
[root@dwp ~]# ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa Your public key has been saved in /root/.ssh/id_rsa.pub The key fingerprint is: SHA256:n4866Plm9ba0Z7jBmeii0Rru6SIyJK6wnU53oI+HR+M root@dwp The key's randomart image is: +---[RSA 3072]----+ | | | | | | | | | . S | |.. .o. . ..+ o | |= o+..+...+.*. | |+=o=Eo.*=. ++oo | |++=+.=X=o+o.== | +----[SHA256]-----+ [root@dwp ~]# ssh-copy-id 192.168.241.131 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '192.168.241.131 (192.168.241.131)' can't be established. ECDSA key fingerprint is SHA256:Y2mowFFYesLVUdYE7bDew7pLShtEuOYMCNVgilHds/o. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys Authorized users only. All activities may be monitored and reported. root@192.168.241.131's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '192.168.241.131'" and check to make sure that only the key(s) you wanted were added. [root@dwp ~]# ssh-copy-id 192.168.241.132 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys Authorized users only. All activities may be monitored and reported. root@192.168.241.132's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '192.168.241.132'" and check to make sure that only the key(s) you wanted were added. [root@dwp ~]# ssh-copy-id 192.168.241.133 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys Authorized users only. All activities may be monitored and reported. root@192.168.241.133's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '192.168.241.133'" and check to make sure that only the key(s) you wanted were added.
另外两台的执行过程略。
三、登录验证
[root@dwp ~]# ssh dws Authorized users only. All activities may be monitored and reported. Authorized users only. All activities may be monitored and reported. Activate the web console with: systemctl enable --now cockpit.socket Last login: Tue Mar 25 10:32:26 2025 from 192.168.241.131 [root@dws ~]# 注销 Connection to dws closed. [root@dwp ~]# ssh dwm Authorized users only. All activities may be monitored and reported. Authorized users only. All activities may be monitored and reported. Activate the web console with: systemctl enable --now cockpit.socket Last login: Tue Mar 25 10:32:36 2025 from 192.168.241.131 [root@dwm ~]# ssh dws Authorized users only. All activities may be monitored and reported. Authorized users only. All activities may be monitored and reported. Activate the web console with: systemctl enable --now cockpit.socket Last login: Tue Mar 25 10:33:09 2025 from 192.168.241.131 [root@dws ~]#
