博客介绍了两项网络配置内容。一是配置ntp时间服务器,让客户端主机与服务主机实现时间同步,涉及服务端和客户端配置;二是配置ssh免密登录,使客户端主机能通过服务器端redhat账户,以公钥验证方式进行远程连接,包含服务器端和客户端定位。
1.配置ntp时间服务器,确保客户段主机能和服务主机同步时间
服务端
[root@server ~]# vim /etc/chrony.conf server ntp.aliyun.com iburst allow 192.168.62.130/24 [root@server ~]# systemctl restart chronyd [root@server ~]# timedatectl status Local time: 日 2023-08-20 21:36:49 CST Universal time: 日 2023-08-20 13:36:49 UTC RTC time: 日 2023-08-20 13:36:48 Time zone: Asia/Shanghai (CST, +0800) System clock synchronized: yes NTP service: active RTC in local TZ: no
客户端
[root@node1 ~]# vim /etc/chrony.conf server 192.168.62.129 iburst [root@node1 ~]# systemctl restart chronyd [root@node1 ~]# date -s 13:00 2023年 08月 21日 星期一 13:00:00 CST [root@node1 ~]# timedatectl status Local time: 一 2023-08-21 12:36:03 CST Universal time: 一 2023-08-21 04:36:03 UTC RTC time: 一 2023-08-21 04:36:03 Time zone: Asia/Shanghai (CST, +0800) System clock synchronized: yes NTP service: active RTC in local TZ: no [root@node1 ~]#
2.配置ssh免密登录,能够实现客户端主机通过服务器端的redhat账户进行基于公钥验证方式的远程连接
定位服务器端
[root@server ~]# useradd redhat [root@server ~]# passwd redhat 更改用户 redhat 的密码 。 新的密码: 无效的密码: 密码少于 8 个字符 重新输入新的密码: passwd:所有的身份验证令牌已经成功更新。 [root@server ~]#
定位客户端
[root@node1 ~]# ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa Your public key has been saved in /root/.ssh/id_rsa.pub The key fingerprint is: SHA256:8n1NSmKhC8ur+dBga/JhTSWpAvunIWwHWdYRGjpxY3Q root@node1 The key's randomart image is: +---[RSA 3072]----+ | ..* E. | | = * .. | |.o + .o . . | | o= . o . . | |.o. + + S o . . | |...o B = + o + | |.o+.B = o . o . | |...O + . . | | . +oo | +----[SHA256]-----+ [root@node1 ~]# [root@node1 ~]# ssh-copy-id redhat@192.168.62.129 The authenticity of host '192.168.62.129 (192.168.62.129)' can't be established. ED25519 key fingerprint is SHA256:YYO62cit0iAgxMw+acNrHSYn/eBVWqF2gGC+kFEPOgs. This key is not known by any other names Are you sure you want to continue connecting (yes/no/[fingerprint])? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys redhat@192.168.62.129's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'redhat@192.168.62.129'" and check to make sure that only the key(s) you wanted were added. [root@node1 ~]# ssh redhat@192.168.62.129 Register this system with Red Hat Insights: insights-client --register Create an account or view all your systems at https://red.ht/insights-dashboard [redhat@server ~]$ 注销 Connection to 192.168.62.129 closed. [root@node1 ~]#
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
