linux信任域建立

其他 2019-01-10 11:18:47 阅读次数: 0

在linux执行ssh-keygen

生成了两个文件公钥和私钥:

/root/.ssh/id_rsa

/root/.ssh/id_rsa.pub

192.168.2.14----->192.168.2.15建立信任

192.168.2.15未建立信任之前权限文件为:

cat /root/.ssh/authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCiMjbWrywJCVSM70pvjc/WH2xJJ0c9qk2edv7UvvRmRuHUfZ37pScmfnBNLWGvEznCjwPLYdH7QVp7DB6iHqcgDCCWA2Z5Pl4/zk7rqoStFwkYAwzw/o5yx0F+NugBflAX6/hzQZKBTqGZQUKbaCCeAbqLdZyoY3cOVbi+oEdJcS1og1hAbiMsnI9TSdxbRfVykLuQTZaI/8WmrMuj48FP/QLRCNhx2cl7CKrQk2Kpyb6FhIBThAgiSNtkcwaFZ1YMpbYYDHM+F2VL7ChkZ51rd0SaCZqoJS7B9qHbs7ZmV3rpP78mjjqbNk0tn+WhxGAlGqwbF31msjtsS8AyAgyJ [email protected]
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCgl3j/yfIrfekrvBuCq09mKsRcx2Fjl+JZlWnPa0PGCQD6FE3fVZUOLg1AOnrJa/yEmIhMVt/Dsw/wamjuGMtCT4uJesUoI7F1B0DMjqnGKMKLVZM1Vr2OgWCmpaDIkJ75ZhHYfGIcG+2xn0ZQvvZcYWAUczDQSbOjJGCCOu1cSxNn9+5Uc9ZYQP9itnjGqRmlKtF9DOZURveOP+DMpNmC4dYINCdLL1XKIzFoAbgmqBnHxCw9bhtv8tIogZTCLeYuMmvCjZBYc1M6gjNhcNbMgFRuIlulJEP/tbK8yhC/m7gYaTwGPjqd6kcOjRzp25/E+n1LHAhLL5k1VNy3nklV [email protected]
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCwviwW7euDo7azIZ0L5rsRzqgwyG/Zw7ECFFOYDHaoAFIeMYudxsCyNwEQXgWvwKI5PT5iMIyIHuCfmPBJC1MNDnxo5UP9Q+3/qTtskTrkKAKX33YQIS5/CHqYTkk8sC25UVv/wRyaOmddOOvRUDeLjOEtzMZvG248tfeFaySnoeoaKr7mLQImCvehJVU9rJZzNyW0a5rgCSNNj1njK/mFpwCKp5Cbg2LjJ9XLnK7w96phGDzLzJ20+zL25jPJXHPnvKl528VMoQnsqjTeuIpY+D9IXByhAG59J8/13cUh7Fl1Lqjw5GVl+CFBtd+sC/Z7+hhHFTIJY70lAAMpCTxH [email protected]
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsPG7KQJWd3GfCyVuf/sIhszFWr5heG4vuZQBOFX8HvLNjNWXrjTJ92fDHcLKCBYHHQ/8DVfC2zzDABY13SVtjRBGoMLPufB6oVBvt5Z0JWi5Wh6wPzIAGswXoa0erIOQfXa9HJVyJJa5a8/R5TnA2w36Ih/nrPpzwWCFwkVqjofpEfaITsbmVEaw71LlUEEBp4M0tXqHt2bVADQL697xWfvg0taJwkTgzI1va89LKMfjfzEZG3UGiWK9IKATBvcE61lN6vSm6ZEVbCQnW5c51/oJ9c26jRhIHpjzwxa3FbZmKuY0LaQOnkygXy7G7DO2jBJEopPAky0Wqc247Ebwx [email protected]

192.168.2.14执行脚本

ssh-copy-id -i /root/.ssh/id_rsa.pub 192.168.2.15
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Warning: Permanently added '192.168.2.15' (ECDSA) to the list of known hosts.
[email protected]'s password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '192.168.2.15'"
and check to make sure that only the key(s) you wanted were added.

192.168.2.15查看权限文件

[root@localhost ~]# cat /root/.ssh/authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCiMjbWrywJCVSM70pvjc/WH2xJJ0c9qk2edv7UvvRmRuHUfZ37pScmfnBNLWGvEznCjwPLYdH7QVp7DB6iHqcgDCCWA2Z5Pl4/zk7rqoStFwkYAwzw/o5yx0F+NugBflAX6/hzQZKBTqGZQUKbaCCeAbqLdZyoY3cOVbi+oEdJcS1og1hAbiMsnI9TSdxbRfVykLuQTZaI/8WmrMuj48FP/QLRCNhx2cl7CKrQk2Kpyb6FhIBThAgiSNtkcwaFZ1YMpbYYDHM+F2VL7ChkZ51rd0SaCZqoJS7B9qHbs7ZmV3rpP78mjjqbNk0tn+WhxGAlGqwbF31msjtsS8AyAgyJ [email protected]
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCgl3j/yfIrfekrvBuCq09mKsRcx2Fjl+JZlWnPa0PGCQD6FE3fVZUOLg1AOnrJa/yEmIhMVt/Dsw/wamjuGMtCT4uJesUoI7F1B0DMjqnGKMKLVZM1Vr2OgWCmpaDIkJ75ZhHYfGIcG+2xn0ZQvvZcYWAUczDQSbOjJGCCOu1cSxNn9+5Uc9ZYQP9itnjGqRmlKtF9DOZURveOP+DMpNmC4dYINCdLL1XKIzFoAbgmqBnHxCw9bhtv8tIogZTCLeYuMmvCjZBYc1M6gjNhcNbMgFRuIlulJEP/tbK8yhC/m7gYaTwGPjqd6kcOjRzp25/E+n1LHAhLL5k1VNy3nklV [email protected]
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCwviwW7euDo7azIZ0L5rsRzqgwyG/Zw7ECFFOYDHaoAFIeMYudxsCyNwEQXgWvwKI5PT5iMIyIHuCfmPBJC1MNDnxo5UP9Q+3/qTtskTrkKAKX33YQIS5/CHqYTkk8sC25UVv/wRyaOmddOOvRUDeLjOEtzMZvG248tfeFaySnoeoaKr7mLQImCvehJVU9rJZzNyW0a5rgCSNNj1njK/mFpwCKp5Cbg2LjJ9XLnK7w96phGDzLzJ20+zL25jPJXHPnvKl528VMoQnsqjTeuIpY+D9IXByhAG59J8/13cUh7Fl1Lqjw5GVl+CFBtd+sC/Z7+hhHFTIJY70lAAMpCTxH [email protected]
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsPG7KQJWd3GfCyVuf/sIhszFWr5heG4vuZQBOFX8HvLNjNWXrjTJ92fDHcLKCBYHHQ/8DVfC2zzDABY13SVtjRBGoMLPufB6oVBvt5Z0JWi5Wh6wPzIAGswXoa0erIOQfXa9HJVyJJa5a8/R5TnA2w36Ih/nrPpzwWCFwkVqjofpEfaITsbmVEaw71LlUEEBp4M0tXqHt2bVADQL697xWfvg0taJwkTgzI1va89LKMfjfzEZG3UGiWK9IKATBvcE61lN6vSm6ZEVbCQnW5c51/oJ9c26jRhIHpjzwxa3FbZmKuY0LaQOnkygXy7G7DO2jBJEopPAky0Wqc247Ebwx [email protected]
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7ZovI9e8L4//M8lBQJ6VfRVUbeGXVJxDN43y6plse+JSRMrlop46bvdeHmZfkCwdaBa7wXYJ8YzM3/OhoFo6yMHQRTcvHeuyC+FmKPZmqkPjh8I1TsEihqoNpye0P8A6EEhBNk6s7cYCSJ8L7y8/CJ6lLD3HomQx7EWhUMuRRKA9gRpXKaIA8UmqYtbgi+MGjfmDwWep97ofbQhX/7NpHPMIX4qWCm4KrxuuTjDYDwKcX//pBNtJsP4wNIW3vYNEvt8ggBigfZel0rh2DjjuBh97kwSytqZufEhfu8k46NVVfOujU5swwe2/rTHrSfRp2NiLsIBegd5mk9au9zNlT [email protected]

192.168.2.15验证

ssh [email protected]
Warning: Permanently added '192.168.2.15' (ECDSA) to the list of known hosts.
Last login: Fri Dec 28 04:26:02 2018 from 192.168.2.3

信任建立总结:

信任域只是在目标主机的~/.ssh/authorized_keys增加了源主机的id_rsa.pub公钥 是新增不是替换  

ssh-copy-id报错信息

ssh-copy-id dgb@ceph1 时就报了以下的错误
/bin/ssh-copy-id: ERROR: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
ERROR: @       WARNING: POSSIBLE DNS SPOOFING DETECTED!          @
ERROR: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
ERROR: The ECDSA host key for ceph-admin has changed,
ERROR: and the key for the corresponding IP address 192.168.0.10
ERROR: is unknown. This could either mean that
ERROR: DNS SPOOFING is happening or the IP address for the host
ERROR: and its host key have changed at the same time.
ERROR: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
ERROR: @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
ERROR: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
ERROR: IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
ERROR: Someone could be eavesdropping on you right now (man-in-the-middle attack)!
ERROR: It is also possible that a host key has just been changed.
ERROR: The fingerprint for the ECDSA key sent by the remote host is
ERROR: 6e:77:fc:47:14:4c:98:46:c8:c8:49:01:a8:fe:83:ee.
ERROR: Please contact your system administrator.
ERROR: Add correct host key in /home/dgb/.ssh/known_hosts to get rid of this message.
ERROR: Offending ECDSA key in /home/dgb/.ssh/known_hosts:4
ERROR: ECDSA host key for ceph-admin has changed and you have requested strict checking.
ERROR: Host key verification failed.

解决办法:

#仔细观察错误信息
ERROR: Add correct host key in /home/dgb/.ssh/known_hosts to get rid of this message.
ERROR: Offending ECDSA key in /home/dgb/.ssh/known_hosts:4

查看/home/dgb/.ssh/known_hosts这个文件

找到以前的ip 删除然后在使用ssh-copy-id 

猜你喜欢

转载自blog.csdn.net/qq_30831237/article/details/85346269
今日推荐
面壁智能发布 Eurux-8x22B 开源大模型 —— 堪称「理科状元」
开源日报 | 谷歌扶持鸿蒙上位;开源Rabbit R1;Docker加持的安卓手机;微软的焦虑和野心;海尔电器把开放平台关了
中国码农的“35岁魔咒”
蘭雅 CorelDRAW 插件 2024.5.1 国际劳动节版,免费下载
Arc Browser for Windows 1.0 正式 GA
90后程序员开发视频搬运软件、不到一年获利超 700 万,结局很刑!
周排行
【转】spring中对控制反转和依赖注入的理解
tms webcore 安装和使用
java程序员进阶相关书籍
SpringMVC接受请求参数、
如何保存训练好的机器学习模型
MyEclipse、Eclipse设置项目JDK的三个地方
商超行业微信小程序开发定制一般多少钱 (行业技术人员解读)
Markdown编辑器语言——30分钟入门到到精通
Linux系统下MongoDB的简单安装与基本操作
Power Strings
每日归档
更多
2024-05-07(14)
2024-05-06(40)
2024-05-05(0)
2024-05-04(7)
2024-05-03(19)
2024-05-02(0)
2024-05-01(4)
2024-04-30(1)
2024-04-29(40)
2024-04-28(0)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022