1.安装OpenEuler操作系统

第一步:点击文件菜单,点击新建虚拟机,选择典型,点击下一步

第二步:选择稍后安装操作系统,点击下一步

第三步:选择操作系统类型,由于OpenEuler22.03 LTS SP2使用Linux5.10内核则选择如下:

第四步:命名虚拟机

第五步:设置磁盘空间,根据虚拟机安装要求设置,如下:

设置32G,动态空间申请,设置为单个文件

第六步:自定义硬件,设置硬件参数 第七步:设置自定义硬件

内存:推荐2GB 处理器:1颗、2核心 ==新CD/DVD:适应ISO映像文件,点击浏览按钮,选择之前下载好的openEuler-22.03-LTS-SP2-x86_64-dvd.iso镜像文件== 网络适配器:选择NAT模式 显示器:去掉"加速3D图形“的对钩 最终: 选择关闭、完成 第八步OpenEuler22.03操作系统的安装部署 使用鼠标点击黑色界面进入OpenEuler22.03系统,通过ctrl+alt可以释放鼠标焦点回到Windows 通过键盘方向键选择第一项Install openEuler 22.03-LTS-SP2 选项进行安装系统

选择语言:中文或英文

安装信息摘要设置

安装目的地:显示安装位置,一般为硬盘,点击自定义进行行分区:

/boot:系统启动分区,推荐500M或1GB swap:交换分区,4G /:根分区,期望容量省略,表示将剩余空间全部分配 网络和主机名:打开网卡连接

root账户密码设置:密码为OPENlab123

创建用户:创建一个普通账户fox,设置密码:OPENlab123 重启系统

第九步:配置OpenEuler22.03

登录

账户:root 密码:OPENlab123

2.通过两台linux主机配置ssh实现互相免密登陆

2.1SSH简介

1.介绍

SSH用于计算机之间的加密登录,是一类网络协议,使用SSH协议远程登录另一台计算机,这种登录是相对安全的,即使被中途截获,密码不会泄露。

2.工作流程

(1)建立连接:SSH服务器在指定的端口监听客户端的连接请求,在客户端向服务器发起连接请求后,建立一个TCP连接。

(2)协商版本:某些版本可以支持更多的认证方法和密钥交换方法,SSH服务器和客户端通过协商确定最终使用的SSH版本号。

(3)算法协商:双方根据各自支持的算法,协商出最终用于产生会话密钥的密钥交换算法,用于数据信息加密的加密算法、用于进行数字签名和认证的公钥算法。

(4)交换密钥:服务器和客户端通过密钥交换算法,动态生成共享的会话密钥和绘画ID,建立加密通道。会话密钥主要用于后续数据传输的加密,会话ID用于在认证过程中标识该SSH连接。

(5)用户认证:密码(password)认证、密钥(publickey)认证、password-publickey认证(同时满足)、all认证(选择其一)

(6)会话请求和交互:认证通过后,SSH客户端向服务器端发送会话请求,请求服务器提供服务,建立好会话后,SSH服务器端和客户端在该会话上进行数据信息交互。

3.配置原理

1.Client将自己的公钥存放在Server上,追加在文件authorized_keys中。

2.Server端接收到Client的连接请求后,会在authorized_keys中匹配到Client的公钥pubKey,并生成随机数R,用Client的公钥对该随机数进行加密得到pubKey(R),然后将加密后信息发送给Client。

3.Client端通过私钥进行解密得到随机数R,然后对随机数R和本次会话的SessionKey利用MD5生成摘要Digest1,发送给Server端。

4.Server端会也会对R和SessionKey利用同样摘要算法生成Digest2。

5.Server端会最后比较Digest1和Digest2是否相同,完成认证过程。

4.配置步骤

主机A:192.168.119.128 主机B:192.168.119.129

A登录B

第一步:生成密钥对 在A机下产生密钥:ssh-keygen -t RSA -b 4096,一直按enter

[root@server ~]# ssh-keygen -t RSA -b 4096

Generating public/private RSA key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa

Your public key has been saved in /root/.ssh/id_rsa.pub

The key fingerprint is:

SHA256:AvhOqfaHqsmvTtQZg2sSIt2tUVJrVvuN7m2l6a7pM6Q root@server

The key's randomart image is:

+---[RSA 4096]----+

|   ..o .       |

| ..o + o .       |

|+.oo+ = .       |

|o.o.+B   . o     |

|.+ o= . S o .   |

|+ +   . ..   . |

| .o ..   o. +   |

|oo .. . E.oo+   |

|+=+o..   .=B+   |

+----[SHA256]-----+

检查是否产生密钥对:

id_rsa 私钥

id_rsa.pub 公钥

[root@server ~]# cd /root/.ssh

[root@server .ssh]# ll

总用量 12

-rw-r--r-- 1 root root 381 7月 18 23:46 authorized_keys

-rw------- 1 root root 3369 1月 10 12:58 id_rsa

-rw-r--r-- 1 root root 737 1月 10 12:58 id_rsa.pub

第二步:发送公钥到要连接的另一个主机

[root@server .ssh]# ssh-copy-id 192.168.119.129

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"

The authenticity of host '192.168.119.129 (192.168.119.129)' can't be established.

ED25519 key fingerprint is SHA256:l91NRfMcJ/H7FnN7ifXVSzjSLz6AIPGeZwdOb7xlpaE.

This key is not known by any other names

Are you sure you want to continue connecting (yes/no/[fingerprint])? yes

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

root@192.168.119.129's password: #输入密码

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '192.168.119.129'"

and check to make sure that only the key(s) you wanted were added.

第三步:测试 从主机A连接主机B

[root@server .ssh]# ssh 192.168.119.129

Activate the web console with: systemctl enable --now cockpit.socket

Register this system with Red Hat Insights: insights-client --register

Create an account or view all your systems at https://red.ht/insights-dashboard

Last login: Wed Jan 10 12:53:20 2024 from 192.168.119.1

[root@node1 ~]#

B登录A

第一步:生成密钥对 在B机下产生密钥:ssh-keygen -t RSA -b 4096,一直按enter

[root@node1 ~]# ssh-keygen -t rsa -b 4096

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa

Your public key has been saved in /root/.ssh/id_rsa.pub

The key fingerprint is:

SHA256:+U+UmLSFKcdKD+tgZEIT/2prG8nQfYfh0xEOPKd3OcQ root@node1

The key's randomart image is:

+---[RSA 4096]----+

|   +.   .. ..   |

|   . o   .o=..E |

|   . + + B++. . |

|     = + @.O.o+ |

|   . + S X.=. . |

|     + = o +     |

|     * . . .   |

|     ..o   o     |

|     .o.   .   |

+----[SHA256]-----+

检查是否产生密钥对:

id_rsa 私钥

id_rsa.pub 公钥

[root@node1 ~]# ll .ssh

总用量 12

-rw------- 1 root root 737 1月 10 13:02 authorized_keys

-rw------- 1 root root 3369 1月 10 13:07 id_rsa

-rw-r--r-- 1 root root 736 1月 10 13:07 id_rsa.pub

第二步:发送公钥到要连接的另一个主机

[root@node1 ~]# ssh-copy-id 192.168.119.128

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"

The authenticity of host '192.168.119.128 (192.168.119.128)' can't be established.

ED25519 key fingerprint is SHA256:l91NRfMcJ/H7FnN7ifXVSzjSLz6AIPGeZwdOb7xlpaE.

This key is not known by any other names

Are you sure you want to continue connecting (yes/no/[fingerprint])? yes

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

root@192.168.119.128's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '192.168.119.128'"

and check to make sure that only the key(s) you wanted were added.

第三步:测试 从主机B连接主机A

[root@node1 ~]# ssh 192.168.119.128

Activate the web console with: systemctl enable --now cockpit.socket

Register this system with Red Hat Insights: insights-client --register

Create an account or view all your systems at https://red.ht/insights-dashboard

Last login: Wed Jan 10 12:53:54 2024 from 192.168.119.1

好文推荐

评论可见,请评论后查看内容,谢谢!!!评论后请刷新页面。