openssh免密登录和nfs配置
openssh免密登录
1.openssh免密登录配置
创建.ssh目录 权限改为700
[root@chenlinsen1 ~]# mkdir .ssh
[root@chenlinsen1 ~]# chmod 700 .sshssh-keygen -t rsa 生成ssh的密钥
[root@chenlinsen1 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:VKMQnAhOV3OUENOiaqQSpPcWoL+3XVWsAMMccmaawLM root@chenlinsen1
The key's randomart image is:
+---[RSA 3072]----+
| .+.o*/Oo.o |
| ++o.B*Boo o |
|o..+o. .+ o |
|+ E o . . o |
| * o . S o |
|o + o . |
|.. o . |
| . .. . |
| .... |
+----[SHA256]-----+
[root@chenlinsen1 ~]#
[root@chenlinsen1 ~]# ll .ssh/
total 8
-rw------- 1 root root 2602 Dec 22 17:10 id_rsa
-rw-r--r-- 1 root root 570 Dec 22 17:10 id_rsa.pub
[root@chenlinsen1 ~]# ssh-copy-id 将密钥复制到另一个系统
[root@chenlinsen1 ~]# ssh-copy-id root@192.168.157.129
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.157.129 (192.168.157.129)' can't be established.
ECDSA key fingerprint is SHA256:GvevoHY71/dneUu6+Gk42MjtxAVkT29ffJCQeanrUbI.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.157.129's password: Number of key(s) added: 1Now try logging into the machine, with: "ssh 'root@192.168.157.129'"
and check to make sure that only the key(s) you wanted were added.[root@chenlinsen1 ~]#
cat .ssh/id_rsa.pub 查看文件
[root@chenlinsen1 ~]# cat .ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCTQNaZEq4ARScTv50Yg39g2E7cyTXioTFFTcid88BkFCH0+ukjndupnZc5zfw5viBybK8nhANVNeO1P6c656TjDtO17F+X4SdPX2WjMu/iR93b7iHYTQkoVAk6cZDDok/0ReQCKn+N7Zm6NHrN6IjC3YO/xCZ38oOAYumJZpL+HCEFAdbVx/eklRJ6t6L6wYwwQdjqxZtr1bvzJW4ql/FtOtfBch2ThL9NjRA3B0AlqMnP+rfpLJZH2l8Vldr38IcjpgRVHVLpGeuj/sFRlCew3A4CKga/ie3lxkRZ7+Y8dnU9T93CvSif1KvZIaRAh039XtYgW7BrDoaDqj2GcGwbjJ/m5+yIIXCbkOrbaNpw8M05MDqvgs3j3QKYM4b1jGTS7OAzkVB4OLDrISYBGG6idf+MiJawtHWAngkPKX6JJpERa1M1jcK9xz586XKrSTabX45GDFL9Sfj17jI0kzn7Kro1e45km4hZEvsuXYp1s2Afoyv/qzlCoPSKr4EuaF0= root@chenlinsen1
[root@chenlinsen1 ~]# cat .ssh/authorized_keys 查看文件
[root@chenlinsen2 ~]# cat .ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCTQNaZEq4ARScTv50Yg39g2E7cyTXioTFFTcid88BkFCH0+ukjndupnZc5zfw5viBybK8nhANVNeO1P6c656TjDtO17F+X4SdPX2WjMu/iR93b7iHYTQkoVAk6cZDDok/0ReQCKn+N7Zm6NHrN6IjC3YO/xCZ38oOAYumJZpL+HCEFAdbVx/eklRJ6t6L6wYwwQdjqxZtr1bvzJW4ql/FtOtfBch2ThL9NjRA3B0AlqMnP+rfpLJZH2l8Vldr38IcjpgRVHVLpGeuj/sFRlCew3A4CKga/ie3lxkRZ7+Y8dnU9T93CvSif1KvZIaRAh039XtYgW7BrDoaDqj2GcGwbjJ/m5+yIIXCbkOrbaNpw8M05MDqvgs3j3QKYM4b1jGTS7OAzkVB4OLDrISYBGG6idf+MiJawtHWAngkPKX6JJpERa1M1jcK9xz586XKrSTabX45GDFL9Sfj17jI0kzn7Kro1e45km4hZEvsuXYp1s2Afoyv/qzlCoPSKr4EuaF0= root@chenlinsen1
[root@chenlinsen2 ~]# ssh 远程登录
[root@chenlinsen1 ~]# ssh root@192.168.157.129
Last login: Thu Dec 22 16:47:23 2022 from 192.168.157.1
[root@chenlinsen2 ~]#
nfs配置
设置一个服务端
[root@chenlinsen2 ~]# hostname nfsserver
[root@chenlinsen2 ~]# bash
[root@nfsserver ~]#
[root@nfsserver ~]# yum -y install nfs-utils
Last metadata expiration check: 0:25:02 ago on Thu 22 Dec 2022 05:16:20 PM CST.
Dependencies resolved.
=============================================================================================================Package Architecture Version Repository Size
=============================================================================================================
Installing:nfs-utils x86_64 1:2.3.3-46.el8 baseos 500 k
Installing dependencies:gssproxy x86_64 0.8.0-19.el8 baseos 119 kkeyutils x86_64 1.5.10-9.el8 baseos 66 klibverto-libevent x86_64 0.3.0-5.el8 baseos 16 kpython3-pyyaml x86_64 3.12-12.el8 baseos 193 kquota x86_64 1:4.04-14.el8 baseos 214 kquota-nls noarch 1:4.04-14.el8 baseos 95 krpcbind x86_64 1.2.5-8.el8 baseos 70 kTransaction Summary
=============================================================================================================
Install 8 PackagesTotal download size: 1.2 M
Installed size: 3.8 M
Downloading Packages:
(1/8): libverto-libevent-0.3.0-5.el8.x86_64.rpm 8.6 kB/s | 16 kB 00:01
(2/8): keyutils-1.5.10-9.el8.x86_64.rpm 30 kB/s | 66 kB 00:02
(3/8): gssproxy-0.8.0-19.el8.x86_64.rpm 49 kB/s | 119 kB 00:02
(4/8): python3-pyyaml-3.12-12.el8.x86_64.rpm 239 kB/s | 193 kB 00:00
(5/8): nfs-utils-2.3.3-46.el8.x86_64.rpm 354 kB/s | 500 kB 00:01
(6/8): quota-4.04-14.el8.x86_64.rpm 215 kB/s | 214 kB 00:00
(7/8): quota-nls-4.04-14.el8.noarch.rpm 176 kB/s | 95 kB 00:00
(8/8): rpcbind-1.2.5-8.el8.x86_64.rpm 119 kB/s | 70 kB 00:00
-------------------------------------------------------------------------------------------------------------
Total 330 kB/s | 1.2 MB 00:03
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transactionPreparing : 1/1 Running scriptlet: rpcbind-1.2.5-8.el8.x86_64 1/8 Installing : rpcbind-1.2.5-8.el8.x86_64 1/8 Running scriptlet: rpcbind-1.2.5-8.el8.x86_64 1/8 Installing : quota-nls-1:4.04-14.el8.noarch 2/8 Installing : quota-1:4.04-14.el8.x86_64 3/8 Installing : python3-pyyaml-3.12-12.el8.x86_64 4/8 Installing : libverto-libevent-0.3.0-5.el8.x86_64 5/8 Installing : gssproxy-0.8.0-19.el8.x86_64 6/8 Running scriptlet: gssproxy-0.8.0-19.el8.x86_64 6/8 Installing : keyutils-1.5.10-9.el8.x86_64 7/8 Running scriptlet: nfs-utils-1:2.3.3-46.el8.x86_64 8/8 Installing : nfs-utils-1:2.3.3-46.el8.x86_64 8/8 Running scriptlet: nfs-utils-1:2.3.3-46.el8.x86_64 8/8 Verifying : gssproxy-0.8.0-19.el8.x86_64 1/8 Verifying : keyutils-1.5.10-9.el8.x86_64 2/8 Verifying : libverto-libevent-0.3.0-5.el8.x86_64 3/8 Verifying : nfs-utils-1:2.3.3-46.el8.x86_64 4/8 Verifying : python3-pyyaml-3.12-12.el8.x86_64 5/8 Verifying : quota-1:4.04-14.el8.x86_64 6/8 Verifying : quota-nls-1:4.04-14.el8.noarch 7/8 Verifying : rpcbind-1.2.5-8.el8.x86_64 8/8 Installed:gssproxy-0.8.0-19.el8.x86_64 keyutils-1.5.10-9.el8.x86_64 libverto-libevent-0.3.0-5.el8.x86_64 nfs-utils-1:2.3.3-46.el8.x86_64 python3-pyyaml-3.12-12.el8.x86_64 quota-1:4.04-14.el8.x86_64 quota-nls-1:4.04-14.el8.noarch rpcbind-1.2.5-8.el8.x86_64 Complete!
[root@nfsserver ~]#
关闭防火墙和selinux
[root@nfsserver ~]# systemctl stop firewalld
[root@nfsserver ~]# setenforce 0
[root@nfsserver ~]#
启动nfs服务
[root@nfsserver ~]# systemctl start nfs-server
[root@nfsserver ~]# systemctl start rpcbind
[root@nfsserver ~]# 创建共享目录编辑配置文件
[root@nfsserver ~]# cat /etc/exports
/nfs/shared *(ro)
[root@nfsserver ~]#
重启nfs
[root@nfsserver ~]# systemctl restart nfs-server rpcbind
[root@nfsserver ~]#
客户端安装nfs
[root@chenlinsen ~]# yum -y install nfs-utils
Last metadata expiration check: 0:00:12 ago on Thu 22 Dec 2022 09:42:51 PM CST.
Dependencies resolved.
=========================================================================================================================Package Architecture Version Repository Size
=========================================================================================================================
Installing:nfs-utils x86_64 1:2.3.3-46.el8 baseos 500 k
Installing dependencies:gssproxy x86_64 0.8.0-19.el8 baseos 119 kkeyutils x86_64 1.5.10-9.el8 baseos 66 klibverto-libevent x86_64 0.3.0-5.el8 baseos 16 kpython3-pyyaml x86_64 3.12-12.el8 baseos 193 kquota x86_64 1:4.04-14.el8 baseos 214 kquota-nls noarch 1:4.04-14.el8 baseos 95 krpcbind x86_64 1.2.5-8.el8 baseos 70 kTransaction Summary
=========================================================================================================================
Install 8 PackagesTotal download size: 1.2 M
Installed size: 3.8 M
Downloading Packages:
(1/8): keyutils-1.5.10-9.el8.x86_64.rpm 145 kB/s | 66 kB 00:00
(2/8): libverto-libevent-0.3.0-5.el8.x86_64.rpm 34 kB/s | 16 kB 00:00
(3/8): gssproxy-0.8.0-19.el8.x86_64.rpm 248 kB/s | 119 kB 00:00
(4/8): quota-4.04-14.el8.x86_64.rpm 820 kB/s | 214 kB 00:00
(5/8): nfs-utils-2.3.3-46.el8.x86_64.rpm 1.7 MB/s | 500 kB 00:00
(6/8): python3-pyyaml-3.12-12.el8.x86_64.rpm 670 kB/s | 193 kB 00:00
(7/8): quota-nls-4.04-14.el8.noarch.rpm 676 kB/s | 95 kB 00:00
(8/8): rpcbind-1.2.5-8.el8.x86_64.rpm 472 kB/s | 70 kB 00:00
-------------------------------------------------------------------------------------------------------------------------
Total 1.4 MB/s | 1.2 MB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transactionPreparing : 1/1 Running scriptlet: rpcbind-1.2.5-8.el8.x86_64 1/8 Installing : rpcbind-1.2.5-8.el8.x86_64 1/8 Running scriptlet: rpcbind-1.2.5-8.el8.x86_64 1/8 Installing : quota-nls-1:4.04-14.el8.noarch 2/8 Installing : quota-1:4.04-14.el8.x86_64 3/8 Installing : python3-pyyaml-3.12-12.el8.x86_64 4/8 Installing : libverto-libevent-0.3.0-5.el8.x86_64 5/8 Installing : gssproxy-0.8.0-19.el8.x86_64 6/8 Running scriptlet: gssproxy-0.8.0-19.el8.x86_64 6/8 Installing : keyutils-1.5.10-9.el8.x86_64 7/8 Running scriptlet: nfs-utils-1:2.3.3-46.el8.x86_64 8/8 Installing : nfs-utils-1:2.3.3-46.el8.x86_64 8/8 Running scriptlet: nfs-utils-1:2.3.3-46.el8.x86_64 8/8 Verifying : gssproxy-0.8.0-19.el8.x86_64 1/8 Verifying : keyutils-1.5.10-9.el8.x86_64 2/8 Verifying : libverto-libevent-0.3.0-5.el8.x86_64 3/8 Verifying : nfs-utils-1:2.3.3-46.el8.x86_64 4/8 Verifying : python3-pyyaml-3.12-12.el8.x86_64 5/8 Verifying : quota-1:4.04-14.el8.x86_64 6/8 Verifying : quota-nls-1:4.04-14.el8.noarch 7/8 Verifying : rpcbind-1.2.5-8.el8.x86_64 8/8 Installed:gssproxy-0.8.0-19.el8.x86_64 keyutils-1.5.10-9.el8.x86_64 libverto-libevent-0.3.0-5.el8.x86_64 nfs-utils-1:2.3.3-46.el8.x86_64 python3-pyyaml-3.12-12.el8.x86_64 quota-1:4.04-14.el8.x86_64 quota-nls-1:4.04-14.el8.noarch rpcbind-1.2.5-8.el8.x86_64 Complete!
[root@chenlinsen ~]#
关闭防火墙selinux
[root@chenlinsen ~]# systemctl stop firewalld
[root@chenlinsen ~]# setenforce 0
[root@chenlinsen ~]#
查看共享目录
[root@chenlinsen ~]# showmount -e 192.168.157.129
Export list for 192.168.157.129:
/nfs/shared *
[root@chenlinsen ~]#
创建目录挂载点
[root@chenlinsen ~]# mkdir /fize
[root@chenlinsen ~]# mount 192.168.157.129:/nfs/shared /fize
[root@chenlinsen ~]#
[root@chenlinsen ~]# df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 877M 0 877M 0% /dev
tmpfs 896M 0 896M 0% /dev/shm
tmpfs 896M 8.8M 887M 1% /run
tmpfs 896M 0 896M 0% /sys/fs/cgroup
/dev/mapper/cl-root 17G 1.7G 16G 10% /
/dev/sdc2 10G 104M 9.9G 2% /media
/dev/sdb1 477M 2.3M 445M 1% /mount
/dev/sda1 1014M 214M 801M 22% /boot
tmpfs 179M 0 179M 0% /run/user/0
192.168.157.129:/nfs/shared 17G 1.8G 16G 11% /fize
[root@chenlinsen ~]#
在服务端创建文件客户端查看
[root@nfsserver ~]# cd /nfs/shared/
[root@nfsserver shared]# touch kaisa
[root@nfsserver shared]# ls
kaisa
[root@nfsserver shared]#
[root@chenlinsen ~]# ls /fize
kaisa
[root@chenlinsen ~]#
开放/nfs/upload目录为172.16.12.0/24网段的数据上传目录,并将所有用户及所属的用户组都映射为nfs-upload,其UID与GID均为300
[root@nfsserver ~]# useradd -r -u 300 nfsupload
[root@nfsserver ~]# id nfsupload
uid=300(nfsupload) gid=300(nfsupload) groups=300(nfsupload)
[root@nfsserver ~]#
修改文件
[root@nfsserver ~]# vi /etc/exports
[root@nfsserver ~]# cat /etc/exports
/nfs/shared *(ro)
/nfs/upload 192.168.157.0/24(rw,anonuid=300,anongid=300)
[root@nfsserver ~]#
重启
[root@nfsserver ~]# systemctl restart rpcbind nfs-server
[root@nfsserver ~]#
在客户端查看共享目录
[root@chenlinsen ~]# showmount -e 192.168.157.129
Export list for 192.168.157.129:
/nfs/shared *
/nfs/upload 192.168.157.0/24
[root@chenlinsen ~]# 挂载
[root@chenlinsen ~]# mkdir hibiki/
[root@chenlinsen ~]# mount -t nfs 192.168.157.129:/nfs/upload hibiki
[root@chenlinsen ~]# df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 877M 0 877M 0% /dev
tmpfs 896M 0 896M 0% /dev/shm
tmpfs 896M 8.8M 887M 1% /run
tmpfs 896M 0 896M 0% /sys/fs/cgroup
/dev/mapper/cl-root 17G 1.7G 16G 10% /
/dev/sdc2 10G 104M 9.9G 2% /media
/dev/sdb1 477M 2.3M 445M 1% /mount
/dev/sda1 1014M 214M 801M 22% /boot
tmpfs 179M 0 179M 0% /run/user/0
192.168.157.129:/nfs/shared 17G 1.8G 16G 11% /fize
192.168.157.129:/nfs/upload 17G 1.8G 16G 11% /root/hibiki
[root@chenlinsen ~]#
设置权限
[root@nfsserver ~]# setfacl -m u:nobody:rwx /nfs
[root@nfsserver ~]# getfacl /nfs
getfacl: Removing leading '/' from absolute path names
# file: nfs
# owner: root
# group: root
user::rwx
user:nobody:rwx
group::r-x
mask::rwx
other::r-x[root@nfsserver ~]#
创建文件
[root@chenlinsen ~]# cd /fize
[root@chenlinsen fize]# touch abc
[root@chenlinsen fize]# ll
total 0
-rw-r--r--. 1 300 300 0 DEC 22 22.10 abc
本文来自互联网用户投稿,文章观点仅代表作者本人,不代表本站立场,不承担相关法律责任。如若转载,请注明出处。 如若内容造成侵权/违法违规/事实不符,请点击【内容举报】进行投诉反馈!