ssh访问授权

 
有两台机器: Node1 和 Node2
账号都为: oracle

第一步:登陆Node1

su - oracle

第二步:生成密钥

ssh-keygen -d (选择缺省指导指令结束 )
output:
Enter file in which to save the key (/home/oracle/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_dsa.
Your public key has been saved in /home/oracle/.ssh/id_dsa.pub.
The key fingerprint is:
32:21:e1:3b:7d:6e:de:4b:39:da:af:38:fe:90:40:61
oracle@Node1.server.com

在/home/oracle目录下就产生了.ssh的隐含目录:

cd ~oracle/.ssh

ls -al
id_dsa -------- 私钥文档
id_dsa.pub -------- 公钥文档

 

第三步:将id_dsa.pub复制一份文档名为:authorized_keys

cp ~oracle/.ssh/id_dsa.pub ~oracle/.ssh/authorized_keys

chmod 600 ~oracle/.ssh/authorized_keys


(并将 authorized_keys 的属性改为 600 即文档所属用户有读和写的权限,组用户和其他用户禁止读写)

 

第四步:在Node2上重复以上操作

 

第五步:密钥拷贝(两台机器都德进行)

su - oracle(登陆第二台机器)

scp oracle@Node1:/home/oracle/.ssh/id_dsa.pub~oracle/.ssh/Node1.key

su - oracle(登陆第一台机器)

scp oracle@Node2:/home/oracle/.ssh/id_dsa.pub~oracle/.ssh/Node2.key

第六步:合并授权文件(两个服务器都的进行)

cat Node1.pub >> authorized_keys2

第七步:验证

ssh oracle@Node2

ssh oracle@Node21  

相关文章
相关标签/搜索