ssh与ntp

1.配置ntp时间服务器,确保客户端主机能和服务主机同步时间

分析:首先客户端和服务主机同步,我们可以让客户端主机根据服务器主机进行同步,服务器主机从阿里云来进行同步

一,服务器主机从阿里云同步时间

[root@server ~]# vim /etc/chrony.conf

ssh与ntp_第1张图片

二,重启服务,查看服务器主机是否同步

[root@server ~]# systemctl restart chronyd

[root@server ~]# chronyc sources -v

.-- Source mode '^' = server, '=' = peer, '#' = local clock.

/ .- Source state '*' = current best, '+' = combined, '-' = not combined,

| / 'x' = may be in error, '~' = too variable, '?' = unusable.

|| .- xxxx [ yyyy ] +/- zzzz

|| Reachability register (octal) -. | xxxx = adjusted offset,

|| Log2(Polling interval) --. | | yyyy = measured offset,

|| \ | | zzzz = estimated error.

|| | | \

MS Name/IP address Stratum Poll Reach LastRx Last sample

===============================================================================

^* 203.107.6.88 2 6 17 9 +8156ns[ +654us] +/- 24ms

[root@server ~]# timedatectl status

Local time: 六 2023-03-18 19:32:49 CST

Universal time: 六 2023-03-18 11:32:49 UTC

RTC time: 六 2023-03-18 11:32:49

Time zone: Asia/Shanghai (CST, +0800)

System clock synchronized: yes

NTP service: active

RTC in local TZ: no

[root@server ~]# date

2023年 03月 18日 星期六 19:32:51 CST

三,配置允许访问的IP,并重启服务

[root@server ~]# vim /etc/chrony.conf 
ssh与ntp_第2张图片

四,对于客户端修改主配置文件中时间服务器地址,并重启服务

[root@server ~]# vim /etc/chrony.conf 
ssh与ntp_第3张图片

[root@server ~]# systemctl restart chronyd

五,查看客户端是否同步

[root@node1 ~]# systemctl restart chronyd

[root@node1 ~]# chronyc sources -v

.-- Source mode '^' = server, '=' = peer, '#' = local clock.

/ .- Source state '*' = current best, '+' = combined, '-' = not combined,

| / 'x' = may be in error, '~' = too variable, '?' = unusable.

|| .- xxxx [ yyyy ] +/- zzzz

|| Reachability register (octal) -. | xxxx = adjusted offset,

|| Log2(Polling interval) --. | | yyyy = measured offset,

|| \ | | zzzz = estimated error.

|| | | \

MS Name/IP address Stratum Poll Reach LastRx Last sample

===============================================================================

^? 192.168.38.128 3 6 3 1 -9426us[-9426us] +/- 26ms

[root@node1 ~]# timedatectl status

Local time: 六 2023-03-18 19:40:03 CST

Universal time: 六 2023-03-18 11:40:03 UTC

RTC time: 六 2023-03-18 11:40:03

Time zone: Asia/Shanghai (CST, +0800)

System clock synchronized: yes

NTP service: active

RTC in local TZ: no

[root@node1 ~]# date

2023年 03月 18日 星期六 19:40:09 CST

2.配置ssh免密登陆,能够通过客户端主机通过redhat用户和服务端主机基于公钥验证方式进行远程连接

分析:首先是使用客户端redhat用户去基于公钥验证进行连接,首先我们先增加个用户,因为是客户端去的redhat用户访问服务器端,所以我们需要在客户端redhat用户创建密钥然后发给客户端

一,创建新用户redhat

[root@node1 ~]# useradd redhat

[root@node1 ~]# passwd redhat

更改用户 redhat 的密码 。

新的密码:

重新输入新的密码:

passwd:所有的身份验证令牌已经成功更新。

二,创建新的密钥对,并且发送到指定目录

[redhat@node1 root]$ ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/home/redhat/.ssh/id_rsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /home/redhat/.ssh/id_rsa

Your public key has been saved in /home/redhat/.ssh/id_rsa.pub

The key fingerprint is:

SHA256:peN3IXp4nusrQ5Ca/umHNzX6fO6SPJSSf6LCnv2mNc8 redhat@node1

The key's randomart image is:

+---[RSA 3072]----+

| |

| |

| . . |

| o o |

| o .S.... |

| o .++=. . |

| . . o+B*o. |

| . ++BBO*o |

| +*++@X@E |

+----[SHA256]-----+

[redhat@node1 root]$

[redhat@node1 root]$ ssh-copy-id [email protected]

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/redhat/.ssh/id_rsa.pub"

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

[email protected]'s password:

Number of key(s) added: 1

Now try logging into the machine, with: "ssh '[email protected]'"

and check to make sure that only the key(s) you wanted were added.

三,客户端测试

[redhat@node1 root]$ ssh [email protected]

Activate the web console with: systemctl enable --now cockpit.socket

Register this system with Red Hat Insights: insights-client --register

Create an account or view all your systems at https://red.ht/insights-dashboard

Last login: Sat Mar 18 19:58:18 2023 from 192.168.38.136

[root@server ~]#

[root@server ~]#

[root@server ~]#

此时便切换完成

你可能感兴趣的:(ssh,服务器,linux)