linux中集群的免秘钥SSH直接登录
这里以三台mysql的主从服务器为例:manage、master、slave1、slave2
给4个机器生成秘钥文件
以manage为例,执行命令,生成空字符串的秘钥(后面要使用公钥),命令是:
[root@manage ~]# ssh-keygen -t rsa -P ''
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
96:7e:3c:32:f2:44:e4:bc:79:6f:dd:b8:4e:46:17:37 root@localhost.localdomain
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| . E.|
| + . +|
| S . .|
| + + . . |
| . B = .oo |
| + = o.oo .|
| . ...o. |
+-----------------+
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
96:7e:3c:32:f2:44:e4:bc:79:6f:dd:b8:4e:46:17:37 root@localhost.localdomain
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| . E.|
| + . +|
| S . .|
| + + . . |
| . B = .oo |
| + = o.oo .|
| . ...o. |
+-----------------+
[root@manage ~]# cd /root/
[root@manage ~]# ll .ssh/
total 8
-rw-------. 1 root root 1675 Apr 28 10:24 id_rsa
-rw-r--r--. 1 root root 408 Apr 28 10:24 id_rsa.pub
[root@manage ~]# cd .ssh/
[root@manage .ssh]# ls
id_rsa id_rsa.pub
[root@manage .ssh]# cp id_rsa.pub authorized_keys ####将id_rsa.pub公钥拷贝重命名authorized_keys文件。
[root@manage ~]# ll .ssh/
total 8
-rw-------. 1 root root 1675 Apr 28 10:24 id_rsa
-rw-r--r--. 1 root root 408 Apr 28 10:24 id_rsa.pub
[root@manage ~]# cd .ssh/
[root@manage .ssh]# ls
id_rsa id_rsa.pub
[root@manage .ssh]# cp id_rsa.pub authorized_keys ####将id_rsa.pub公钥拷贝重命名authorized_keys文件。
[root@manage .ssh]# ls
authorized_keys id_rsa id_rsa.pub
authorized_keys id_rsa id_rsa.pub
使用同样的方法为master、slave1和slave2生成秘钥(命令完全相同,不用做如何修改):
[root@master ~]# ssh-keygen -t rsa -P
''
[root@slave1 ~]# ssh-keygen -t rsa -P
''
[root@slave2 ~]# ssh-keygen -t rsa -P
''
#登录master、slave1、slave2,将公钥拷贝到manage的authorized_keys中
[root@master ~]# ssh-copy-id -i
manage_ip
###manage_ip是指manage这台机器的Ip地址
[root@slave1 ~]# ssh-copy-id -i
manage_ip
授权authorized_keys文件
登录manage,在.ssh目录下输入命令:
[root@manage ~]# cd /root/.ssh/
[root@manage ~]# chmod 600 authorized_keys
将authorized_keys文件复制到其他机器
[root@manage ~]# scp /root/.ssh/authorized_keys root@master_ip:/root/.ssh/authorized_keys[root@manage ~]# scp /root/.ssh/authorized_keys root@slave1_ip:/root/.ssh/authorized_keys
[root@manage ~]# scp /root/.ssh/authorized_keys root@slave2_ip:/root/.ssh/authorized_keys
注意第一次ssh登录时需要输入密码,再次访问时即可免密码登录。
测试连接成功的情况:
在manage机器上机器上运行:
[root@manage ~]# ssh master_ip 'hostname'
master
[root@manage ~]# ssh slave1_ip 'hostname'
slave1[root@manage ~]# ssh slave2_ip 'hostname'
slave2至此,免密码登录已经设定完成!
下面这个我试过,步骤没那么多,但原理一样,测试也是可以的。
配置SSH无密码登录认证
各节点生成秘钥,并将公钥传送到其他服务器,包括自身,如在10.211.55.41创建秘钥。
创建秘钥
ssh-keygen -t rsa ###一直回车到结束即可
传送到其他机器生成认证文件 ###然后分别在42-43-44机器上操作生成秘钥分发各机器
ssh-copy-id -i /root/.ssh/id_rsa.pub root@10.211.55.41
ssh-copy-id -i /root/.ssh/id_rsa.pub root@10.211.55.42
ssh-copy-id -i /root/.ssh/id_rsa.pub root@10.211.55.43
ssh-copy-id -i /root/.ssh/id_rsa.pub root@10.211.55.44
专业从事搬砖多年,还是在继续搬砖中,厚积薄发~
