openeuler的安装和两台linux主机配置ssh实现互相免密登陆

一、openeuler的安装

下载OpenEuler

- 网址:https://www.openeuler.org/zh/download/archive/
- 版本选择:openEuler 22.03 LTS SP2 (镜像文件) ,即长期更新版

设置自定义硬件

  • 内存:推荐2GB

  • 处理器:1颗、2核心

  • ==新CD/DVD:适应ISO映像文件,点击浏览按钮,选择之前下载好的openEuler-22.03-LTS-SP2-x86_64-dvd.iso镜像文件==

  • 网络适配器:选择NAT模式

  • 显示器:去掉"加速3D图形“的对钩

  • 最终:如图   

openeuler的安装和两台linux主机配置ssh实现互相免密登陆_第1张图片

虚拟机安装的其他步骤可参考 创建虚拟机及远程连接Linux_如何利用远程服务器搭建linux虚拟机-CSDN博客

OpenEuler22.03操作系统的安装部署

  • 使用鼠标点击黑色界面进入OpenEuler22.03系统,通过ctrl+alt可以释放鼠标焦点回到Windows

  • 通过键盘方向键选择第一项Install openEuler 22.03-LTS-SP2 选项进行安装系统

openeuler的安装和两台linux主机配置ssh实现互相免密登陆_第2张图片

  • 选择语言:中文或英文

  • 安装信息摘要设置

openeuler的安装和两台linux主机配置ssh实现互相免密登陆_第3张图片

  • 安装目的地:显示安装位置,一般为硬盘,点击自定义进行行分区

  • 网络和主机名:打开网卡连接

  • root账户密码设置自定义(密码难度太弱可能无法确认)

  • 创建用户:创建一个普通账户fox(可自定义)

  • 重启系统

配置OpenEuler22.03

进行账户和密码登录

openeuler的安装和两台linux主机配置ssh实现互相免密登陆_第4张图片

二、两台linux主机配置ssh实现互相免密登陆

1.查询有无ssh服务软件

#ssh服务安装包
[root@csa ~]# rpm -qa | grep ssh
libssh-config-0.9.6-3.el9.noarch
libssh-0.9.6-3.el9.x86_64
openssh-8.7p1-24.el9_1.x86_64
openssh-clients-8.7p1-24.el9_1.x86_64
openssh-server-8.7p1-24.el9_1.x86_64

2.确认ssh服务开启

openeuler的安装和两台linux主机配置ssh实现互相免密登陆_第5张图片

状态为active(running)表示该服务正常运行,可以进行连接

3.ssh服务默认端口为22(端口号应该大于1024)

4.生成非对称密钥

[root@csa ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:8EuqY4qEF2vshJu9vK5btQs+VA++7vxsB0uABbPQKzg root@csa
The key's randomart image is:
+---[RSA 3072]----+
|..o.             |
| ..o.            |
|. .+  .          |
|E o +  o         |
| o.o.+  S        |
|.o.+..+o .       |
|ooO .o.o.        |
|.&.o++o .        |
|*+XO*+o.         |
+----[SHA256]-----+

5.关闭服务端防火墙

[root@csa ~]# systemctl stop firewalld.service

6.查看
id_rsa:储存私钥的文件
id_rsa.pub:储存公钥的文件

7.将生成的公钥发给需要免密登录的设备

openeuler的安装和两台linux主机配置ssh实现互相免密登陆_第6张图片

8.在对端查看ssh配置文件

[root@192 ~]# ll .ssh/
total 4
-rw-------. 1 root root 562 Jan 10 20:51 authorized_keys

9.直接登录服务端,登录成功后,对端会将公钥传回

[root@csa ~]# ssh 192.168.112.133
Activate the web console with: systemctl enable --now cockpit.socket

Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Wed Jan 10 20:44:42 2024 from 192.168.112.1
[root@192 ~]# 

10.对另一端进行同样操作

[root@192 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:LOjoB4tHdrQID57klrpzfM9eSN1EyUj/lFnyCViwRAU [email protected]
The key's randomart image is:
+---[RSA 3072]----+
|       ..+EB= .  |
|        .++. B . |
|          + + o  |
|o.  .. o o o     |
|++oo..o S . .    |
| **oo. o         |
|o=.+. . .        |
|+.= o. .         |
|.=.o o+          |
+----[SHA256]-----+
[root@192 ~]# ssh-copy-id 192.168.112.131
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.112.131 (192.168.112.131)' can't be established.
ED25519 key fingerprint is SHA256:+WZK8ViECx/xdyXqi4IRo3YdT8brzFKaKVJ6AmZTYwY.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '192.168.112.131'"
and check to make sure that only the key(s) you wanted were added.

[root@192 ~]# ssh 192.168.112.131
Activate the web console with: systemctl enable --now cockpit.socket

Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Wed Jan 10 19:51:08 2024 from 192.168.112.1
[root@csa ~]# 

你可能感兴趣的:(linux,ssh,服务器)