devbox
繁依Fanyi0
这个屌丝很懒,什么也没留下!
关注作者
热门标签
热门文章
当前位置:   article > 正文

第二天作业_this key is not known by any other names.

作者:繁依Fanyi0 | 2024-04-22 19:51:29

this key is not known by any other names.

一.配置ntp时间服务器,确保客户端主机能和服务主机同步时间

1.配置server端的时间服务器

  1. [root@server ~]# vim /etc/chrony.conf 
  2. server  ntp.aliyun.com  iburst

2.在server端重启服务,并查看是否同步

  1. [root@server ~]# systemctl restart chronyd
  2. [root@server ~]# timedatectl status 
  3.                Local time: 日 2023-05-21 11:33:14 CST
  4.            Universal time: 日 2023-05-21 03:33:14 UTC
  5.                  RTC time: 日 2023-05-21 03:33:14
  6.                 Time zone: Asia/Shanghai (CST, +0800)
  7. System clock synchronized: yes
  8.               NTP service: active
  9.           RTC in local TZ: no
  10. [root@server ~]# chronyc sources -v
  11.  
  12.   .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
  13.  / .- Source state '*' = current best, '+' = combined, '-' = not combined,
  14. | /             'x' = may be in error, '~' = too variable, '?' = unusable.
  15. ||                                                 .- xxxx [ yyyy ] +/- zzzz
  16. ||      Reachability register (octal) -.           |  xxxx = adjusted offset,
  17. ||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
  18. ||                                \     |          |  zzzz = estimated error.
  19. ||                                 |    |           \
  20. MS Name/IP address         Stratum Poll Reach LastRx Last sample               
  21. ===============================================================================
  22. ^* 203.107.6.88                  2   6    17    15  -1599us[-2404us] +/-   31ms

3.在server端配置允许访问的主机IP,并重启服务

  1. [root@server ~]# vim /etc/chrony.conf 
  2. allow 192.168.30.0/24 #此处要将前面的#号删除
  3. [root@server ~]# systemctl restart chronyd

4.在node1端修改配置文件,配置时间服务器到server端

  1. [root@node1 ~]# vim /etc/chrony.conf 
  2. pool 192.168.30.128 iburst
  3. [root@node1 ~]# systemctl restart chronyd

5.在node1端测试时间同步

  1. [root@node1 ~]# chronyc sources -v
  2.  
  3.   .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
  4.  / .- Source state '*' = current best, '+' = combined, '-' = not combined,
  5. | /             'x' = may be in error, '~' = too variable, '?' = unusable.
  6. ||                                                 .- xxxx [ yyyy ] +/- zzzz
  7. ||      Reachability register (octal) -.           |  xxxx = adjusted offset,
  8. ||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
  9. ||                                \     |          |  zzzz = estimated error.
  10. ||                                 |    |           \
  11. MS Name/IP address         Stratum Poll Reach LastRx Last sample               
  12. ===============================================================================
  13. ^* 192.168.30.128                3   6    37    12  -7440ns[ -784us] +/-   34ms

二.配置ssh免密登陆,能够通过客户端主机通过redhat用户和服务端主机基于公钥验证方式进行远程连接

1.定位客户端,制作密钥对

  1. [root@node1 ~]# ssh-keygen -t rsa
  2. Generating public/private rsa key pair.
  3. Enter file in which to save the key (/root/.ssh/id_rsa): 
  4. Created directory '/root/.ssh'.
  5. Enter passphrase (empty for no passphrase): 
  6. Enter same passphrase again: 
  7. Your identification has been saved in /root/.ssh/id_rsa
  8. Your public key has been saved in /root/.ssh/id_rsa.pub
  9. The key fingerprint is:
  10. SHA256:gjcWEkgRmE4Bicr1AcXbuDgHr+DCoNOER4Kkx0YQecs root@node1
  11. The key's randomart image is:
  12. +---[RSA 3072]----+
  13. |*X===.           |
  14. |*o+. +           |
  15. |O=..o *          |
  16. |=oE. * o         |
  17. | *  = * S        |
  18. |o.oo * o         |
  19. |=+. +            |
  20. |+o..             |
  21. |..               |
  22. +----[SHA256]-----+

2.定位客户端,上传公钥

  1. [root@node1 ~]# ssh-copy-id root@192.168.30.128
  2. /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
  3. The authenticity of host '192.168.30.128 (192.168.30.128)' can't be established.
  4. ED25519 key fingerprint is SHA256:cUwa1+n9OILUC8E3q9+uoe5MFU6wrafGjwmPnH6P9pk.
  5. This key is not known by any other names
  6. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
  7. /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
  8. /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
  9. root@192.168.30.128's password: 
  10.  
  11. Number of key(s) added: 1
  12.  
  13. Now try logging into the machine, with:   "ssh 'root@192.168.30.128'"
  14. and check to make sure that only the key(s) you wanted were added.

3.定位服务端,制作密钥对

  1. [root@server ~]# ssh-keygen -t rsa
  2. Generating public/private rsa key pair.
  3. Enter file in which to save the key (/root/.ssh/id_rsa): 
  4. Enter passphrase (empty for no passphrase): 
  5. Enter same passphrase again: 
  6. Your identification has been saved in /root/.ssh/id_rsa
  7. Your public key has been saved in /root/.ssh/id_rsa.pub
  8. The key fingerprint is:
  9. SHA256:m8c1qKE9yeT5w9Zk7U20F4PFwjvdp0JAAlGV1lNwOrE root@server
  10. The key's randomart image is:
  11. +---[RSA 3072]----+
  12. |      o+oooo+o+  |
  13. |         .+ oB o |
  14. |         . .E.* .|
  15. |           ..= ++|
  16. |        S ..o..o=|
  17. |       * O .+.o.o|
  18. |      . @.o+ o o.|
  19. |         ++ . . .|
  20. |         ...     |
  21. +----[SHA256]-----+

4.定位服务端,上传公钥

  1. [root@server ~]# ssh-copy-id root@192.168.30.129
  2. /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
  3. The authenticity of host '192.168.30.129 (192.168.30.129)' can't be established.
  4. ED25519 key fingerprint is SHA256:cUwa1+n9OILUC8E3q9+uoe5MFU6wrafGjwmPnH6P9pk.
  5. This key is not known by any other names
  6. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
  7. /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
  8. /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
  9. root@192.168.30.129's password: 
  10.  
  11. Number of key(s) added: 1
  12.  
  13. Now try logging into the machine, with:   "ssh 'root@192.168.30.129'"
  14. and check to make sure that only the key(s) you wanted were added.

5.测试免密登录

  1. [root@server ~]# ssh 192.168.30.129
  2. Activate the web console with: systemctl enable --now cockpit.socket
  3.  
  4. Register this system with Red Hat Insights: insights-client --register
  5. Create an account or view all your systems at https://red.ht/insights-dashboard
  6. Last login: Sun May 21 19:02:01 2023 from 192.168.30.1
  7. [root@node1 ~]# 
  1. [root@node1 ~]# ssh 192.168.30.128
  2. Activate the web console with: systemctl enable --now cockpit.socket
  3.  
  4. Register this system with Red Hat Insights: insights-client --register
  5. Create an account or view all your systems at https://red.ht/insights-dashboard
  6. Last login: Sun May 21 19:01:42 2023 from 192.168.30.1
  7. [root@server ~]#

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/繁依Fanyi0/article/detail/470221
推荐阅读
相关标签

Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。

  

闽ICP备14008679号