配置ntp时间服务器，确保客户端主机能和服务主机同步时间

配置ntp时间服务器，确保客户端主机能和服务主机同步时间

1配置Chrony服务器

先下载chrony

dnf install -y chrony

查看和配置chrony.conf文件

rpm -qc chrony
vim /etc/chrony.conf

配置的时阿里云的时间服务器

pool ntp.aliyun.com iburst

允许192.168.169.0/24网段的客户端使用

allow 192.168.17.131/24

local stratum 10

启动服务

systemctl enable --now chronyd
systemctl status chronyd

主机的防火强需要放行ntp

firewall-cmd --permanent --add-service=ntp
firewall-cmd --reload
firewall-cmd --list-all
setenforce 0
systemctl restart chronyd

查看端口

chronyc sources

2、配置客户端如下：

dnf install -y chrony
vim /etc/chrony.conf

pool 192.168.17.131 iburst

其他同上

2.配置ssh免密登陆，能够通过客户端主机通过redhat用户和服务端主机基于公钥验证方式进行远程连接

1、创建新用户

useradd redhat
passwd redhat

Changing password for user redhat.
New password:

BAD PASSWORD: The password is shorter than 8 characters
Retype new password:

二，创建新的密钥对，并且发送到指定目录

[redhat@bogon ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/redhat/.ssh/id_rsa): 
Created directory '/home/redhat/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/redhat/.ssh/id_rsa
Your public key has been saved in /home/redhat/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:9RYttneqph5LbmP7enILEkgez3i97SX4+qC34isHj0U redhat@bogon
The key's randomart image is:
+---[RSA 3072]----+
|                 |
|             .   |
|      o   . + .  |
|     o *Eo o +   |
|      +.S . + . .|
|      .... = . o |
|       =. B o o  |
|      o +=*B++   |
|       ++BX#B.   |
+----[SHA256]-----+
[redhat@bogon ~]$ 
[redhat@bogon ~]$ ssh 'root@192.168.17.130'
The authenticity of host '192.168.17.130 (192.168.17.130)' can't be established.
ED25519 key fingerprint is SHA256:WUf4aCKByXGl0sHjcLgX0wJ9gZ/pxgJX/KK+LxOUJN0.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? y
Please type 'yes', 'no' or the fingerprint: y
Please type 'yes', 'no' or the fingerprint: n^Hyes^H^H^H^H^C
[redhat@bogon ~]$ ssh 'root@192.168.17.130'
The authenticity of host '192.168.17.130 (192.168.17.130)' can't be established.
ED25519 key fingerprint is SHA256:WUf4aCKByXGl0sHjcLgX0wJ9gZ/pxgJX/KK+LxOUJN0.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.17.130' (ED25519) to the list of known hosts.
root@192.168.17.130's password: 
Activate the web console with: systemctl enable --now cockpit.socket

Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Sun Apr  9 21:25:30 2023 from 192.168.17.1
[root@bogon ~]# 
[root@bogon ~]#