ssh与ntp |
您所在的位置:网站首页 › vmware debian10 › ssh与ntp |
1.配置ntp时间服务器,确保客户端主机能和服务主机同步时间 分析:首先客户端和服务主机同步,我们可以让客户端主机根据服务器主机进行同步,服务器主机从阿里云来进行同步 一,服务器主机从阿里云同步时间 [root@server ~]# vim /etc/chrony.conf ![]() 二,重启服务,查看服务器主机是否同步 [root@server ~]# systemctl restart chronyd [root@server ~]# chronyc sources -v
.-- Source mode '^' = server, '=' = peer, '#' = local clock. / .- Source state '*' = current best, '+' = combined, '-' = not combined, | / 'x' = may be in error, '~' = too variable, '?' = unusable. || .- xxxx [ yyyy ] +/- zzzz || Reachability register (octal) -. | xxxx = adjusted offset, || Log2(Polling interval) --. | | yyyy = measured offset, || \ | | zzzz = estimated error. || | | \ MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^* 203.107.6.88 2 6 17 9 +8156ns[ +654us] +/- 24ms [root@server ~]# timedatectl status Local time: 六 2023-03-18 19:32:49 CST Universal time: 六 2023-03-18 11:32:49 UTC RTC time: 六 2023-03-18 11:32:49 Time zone: Asia/Shanghai (CST, +0800) System clock synchronized: yes NTP service: active RTC in local TZ: no [root@server ~]# date 2023年 03月 18日 星期六 19:32:51 CST 三,配置允许访问的IP,并重启服务 [root@server ~]# vim /etc/chrony.conf![]() ![]() [root@server ~]# systemctl restart chronyd 五,查看客户端是否同步 [root@node1 ~]# systemctl restart chronyd [root@node1 ~]# chronyc sources -v
.-- Source mode '^' = server, '=' = peer, '#' = local clock. / .- Source state '*' = current best, '+' = combined, '-' = not combined, | / 'x' = may be in error, '~' = too variable, '?' = unusable. || .- xxxx [ yyyy ] +/- zzzz || Reachability register (octal) -. | xxxx = adjusted offset, || Log2(Polling interval) --. | | yyyy = measured offset, || \ | | zzzz = estimated error. || | | \ MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^? 192.168.38.128 3 6 3 1 -9426us[-9426us] +/- 26ms [root@node1 ~]# timedatectl status Local time: 六 2023-03-18 19:40:03 CST Universal time: 六 2023-03-18 11:40:03 UTC RTC time: 六 2023-03-18 11:40:03 Time zone: Asia/Shanghai (CST, +0800) System clock synchronized: yes NTP service: active RTC in local TZ: no [root@node1 ~]# date 2023年 03月 18日 星期六 19:40:09 CST 2.配置ssh免密登陆,能够通过客户端主机通过redhat用户和服务端主机基于公钥验证方式进行远程连接 分析:首先是使用客户端redhat用户去基于公钥验证进行连接,首先我们先增加个用户,因为是客户端去的redhat用户访问服务器端,所以我们需要在客户端redhat用户创建密钥然后发给客户端 一,创建新用户redhat [root@node1 ~]# useradd redhat [root@node1 ~]# passwd redhat 更改用户 redhat 的密码 。 新的密码: 重新输入新的密码: passwd:所有的身份验证令牌已经成功更新。 二,创建新的密钥对,并且发送到指定目录 [redhat@node1 root]$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/redhat/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/redhat/.ssh/id_rsa Your public key has been saved in /home/redhat/.ssh/id_rsa.pub The key fingerprint is: SHA256:peN3IXp4nusrQ5Ca/umHNzX6fO6SPJSSf6LCnv2mNc8 redhat@node1 The key's randomart image is: +---[RSA 3072]----+ | | | | | . . | | o o | | o .S.... | | o .++=. . | | . . o+B*o. | | . ++BBO*o | | +*++@X@E | +----[SHA256]-----+ [redhat@node1 root]$ [redhat@node1 root]$ ssh-copy-id [email protected] /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/redhat/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]'s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '[email protected]'" and check to make sure that only the key(s) you wanted were added. 三,客户端测试 [redhat@node1 root]$ ssh [email protected] Activate the web console with: systemctl enable --now cockpit.socket
Register this system with Red Hat Insights: insights-client --register Create an account or view all your systems at https://red.ht/insights-dashboard Last login: Sat Mar 18 19:58:18 2023 from 192.168.38.136 [root@server ~]# [root@server ~]# [root@server ~]# 此时便切换完成 |
CopyRight 2018-2019 办公设备维修网 版权所有 豫ICP备15022753号-3 |