分享如何在Centos7配置ssh/rsh免密互信集羣服務 |
1、以root用戶登錄,更改ssh配置文件 /etc/ssh/sshd_config,去除以下配置的註釋
RSAAuthentication yes #啓用rsa認證 PubkeyAuthentication yes #啓用公鑰私鑰配對認證方式 AuthorizedKeysFile .ssh/authorized_keys #公鑰文件路徑
2、重啓SSH服務
systemctl restart sshd //重啓ssh服務
1、生成公鑰私鑰對
ssh-keygen -t rsa
一路默認回車,系統在/root/.ssh下生成id_rsa、id_rsa.pub
2、把id_rsa.pub發送到服務端機器上
ssh-copy-id -i /root/.ssh/id_rsa.pub 192.168.1.20 #server ip
例如我有17個節點,依次將每個節點的root分別進行上述步驟,循環一次即可全部ssh通
ssh 192.168.1.20 #server ip
yum install -y rsh rsh-server yum install -y xinetd
vi /etc/xinetd.d vi /etc/rlogin vi /etc/rexec
rsh
service shell { disable = no socket_type = stream wait = no user = root log_on_success += USERID log_on_failure += USERID server = /usr/sbin/in.rshd }
rlogin
service login { disable = no socket_type = stream wait = no user = root log_on_success += USERID log_on_failure += USERID server = /usr/sbin/in.rlogind }
之後在命令行輸入
echo "rsh" >> /etc/securetty echo "rlogin" >> /etc/securetty echo "rexec" >> /etc/securetty
(如果沒有,則創建)
cat /etc/hosts.equiv node29 node30 node31 node32 node33 node34 newnode1
文件內容與/etc/hosts.equiv相同
systemctl restart rsh.socket systemctl restart rlogin.socket systemctl restart rexec.socket systemctl enable rsh.socket systemctl enable rlogin.socket systemctl enable rexec.socket
systemctl restart xinetd