# linux互相登陆 linux中的用户登陆时基于sshd服务的,安装openssh ```bash [root@localhost ~]# yum install openssh-server openssh openssh-clients 已加载插件:fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.cqu.edu.cn * extras: mirrors.cqu.edu.cn * updates: mirrors.cqu.edu.cn 软件包 openssh-server-7.4p1-16.el7.x86_64 已安装并且是最新版本 软件包 openssh-7.4p1-16.el7.x86_64 已安装并且是最新版本 软件包 openssh-clients-7.4p1-16.el7.x86_64 已安装并且是最新版本 无须任何处理 [root@localhost ~]# systemctl restart sshd [root@localhost ~]# netstat -tnlp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1361/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1056/master tcp6 0 0 :::22 :::* LISTEN 1361/sshd tcp6 0 0 ::1:25 :::* LISTEN 1056/master ``` 使用ssh命令登陆(ssh username\@ip \[-p port]]): > 注意需要关闭linux下的防火墙 ```bash [root@localhost ~]# systemctl stop firewalld # 关闭linux防火墙 [root@localhost ~]# setenforce 0 # 关闭linux安全软件 setenforce: SELinux is disabled [root@localhost ~]# ssh root@192.168.127.128 -p 22 The authenticity of host '192.168.127.128 (192.168.127.128)' can't be established. ECDSA key fingerprint is SHA256:JLkdVkJFdosZSNG+/PTRObRm3MvwHP3q0aZoSm9kAGk. ECDSA key fingerprint is MD5:ec:8e:50:11:b3:b9:32:22:fe:4a:4c:1b:75:23:ac:71. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.127.128' (ECDSA) to the list of known hosts. root@192.168.127.128's password: Last login: Sat Aug 4 16:16:11 2018 from 192.168.127.1 ``` 这样登陆需要密码,我们可以使用密钥登陆: ```bash [root@localhost ~]# ssh-keygen # 创建密钥 Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:ufhYNTlyQv7C3sLvhGUs1kLIgsrQ14Iim+59wAn7onU root@localhost.localdomain The key's randomart image is: +---[RSA 2048]----+ | | | . o o . | |+ + + + o | |+* . o + + . | |+.+ . S @ | |.. + + & o | | .o E ..* o | |.o.o . =o+ | |o.... . o++ | +----[SHA256]-----+ [root@localhost ~]# ssh-copy-id root@192.168.127.128 # 上传到需要密钥登陆的服务器 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '192.168.127.128 (192.168.127.128)' can't be established. ECDSA key fingerprint is SHA256:JLkdVkJFdosZSNG+/PTRObRm3MvwHP3q0aZoSm9kAGk. ECDSA key fingerprint is MD5:ec:8e:50:11:b3:b9:32:22:fe:4a:4c:1b:75:23:ac:71. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.127.128's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@192.168.127.128'" and check to make sure that only the key(s) you wanted were added. [root@localhost ~]# ssh root@192.168.127.128 # 直接登陆 Last failed login: Sat Aug 4 17:23:57 CST 2018 from 192.168.127.128 on ssh:notty There was 1 failed login attempt since the last successful login. Last login: Sat Aug 4 17:20:47 2018 from 192.168.127.128 [root@localhost ~]# ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://lack.gitbook.io/operation-and-maintenance/linux-le-jie/linuxhu-xiang-deng-lu.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.