禁用selinux

禁用selinux

小白如何搭建2台Linux桥接模式_配置免密码ssh登录

Linuxeverything 发表了文章 • 0 个评论 • 657 次浏览 • 2017-05-23 21:58 • 来自相关话题

1.虚拟机安装linux CentOS6.5以上

~~~~~~~~~~~~~~~~~~~~~~~~~~略

2.在虚拟机配置桥接网络模式

~~~~~~~~~~~~~~~~~~~~~~~~~~略
参考:?
小白如何在virtualbox安装CentOS6并配置桥接网络以及静态ip
?
3.配置2台机子的静态ip地 查看全部
1.虚拟机安装linux CentOS6.5以上

~~~~~~~~~~~~~~~~~~~~~~~~~~略

2.在虚拟机配置桥接网络模式

~~~~~~~~~~~~~~~~~~~~~~~~~~略
参考:?
小白如何在virtualbox安装CentOS6并配置桥接网络以及静态ip
?
3.配置2台机子的静态ip地址_网关_DNS
?
[b]# Master
[/b]
[root@master ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=08:00:27:88:21:CA
TYPE=Ethernet
UUID=fd5e0998-1170-4959-92c6-9bb186a4515d
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=192.168.1.60
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=223.5.5.5
DNS2=223.6.6.6

[b]#Slave1
[/b]
[root@slave1 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
UUID=799c10b3-1014-4ad4-87b0-b05227e29de0
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
HWADDR=08:00:27:0C:F0:E8
IPADDR=192.168.1.61
GATEWAY=192.168.1.1
NETMASK=255.255.255.0
DEFROUTE=yes
DNS1=233.5.5.5
DNS2=233.6.6.6

4.关闭2台机子的iptables以及禁用selinux
?
[root@master ~]# /etc/init.d/iptables stop
iptables:将链设置为政策 ACCEPT:filter [确定]
iptables:清除防火墙规则: [确定]
iptables:正在卸载模块: [确定]
# 修改SELINUX=enforcing为SELINUX=disabled

[root@master xuan]# cat /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted

5.修改2台机子的hostname

? ? 一台为master,一台为slave1
[b]# master[/b]
[root@master ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.60 master
192.168.1.61 slave1

[b]# slave1[/b]
[root@slave1 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.60 master
192.168.1.61 slave1

6.测试2台机子是否能互相ping通
?
# master
[root@master ~]# ping slave1
PING slave1 (192.168.1.61) 56(84) bytes of data.
64 bytes from slave1 (192.168.1.61): icmp_seq=1 ttl=64 time=0.735 ms
64 bytes from slave1 (192.168.1.61): icmp_seq=2 ttl=64 time=0.263 ms

# slave1
[root@slave1 ~]# ping master
PING master (192.168.1.60) 56(84) bytes of data.
64 bytes from master (192.168.1.60): icmp_seq=1 ttl=64 time=0.384 ms

7.配置2台机子之间免密码ssh登陆
?
[b]#Master 生成ssh公钥和私钥[/b]

# 使用ssh-keygen 生成公钥和私钥 一路回车 不用设置密码
[root@master ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
4c:e7:fe:6d:a0:73:0a:2b:6d:7e:e2:91:90:bf:16:90 root@master
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| .. . |
| E+ o |
| o.S . |
| o.o . |
| .=... . |
| . ==+.... |
| *=o.+... |
+-----------------+
[root@master ~]# cd ./.ssh/
id_rsa id_rsa.pub known_hosts
[root@master ~]# cd ./.ssh/
[root@master .ssh]# ll
总用量 12
-rw------- 1 root root 1675 4月 18 16:24 id_rsa
-rw-r--r-- 1 root root 393 4月 18 16:24 id_rsa.pub
-rw-r--r-- 1 root root 394 4月 17 14:16 known_hosts
# 将id_rsa.pub内容复制到authorized_keys文件
[root@master .ssh]# cat id_rsa.pub > authorized_keys
[root@master .ssh]# ll
总用量 16
-rw-r--r-- 1 root root 393 4月 18 16:30 authorized_keys
-rw------- 1 root root 1675 4月 18 16:24 id_rsa
-rw-r--r-- 1 root root 393 4月 18 16:24 id_rsa.pub
-rw-r--r-- 1 root root 394 4月 17 14:16 known_hosts

[b]#Slave1 生成ssh公钥和私钥[/b]

[root@slave1 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
91:88:71:4d:f2:6a:58:a4:e9:50:0c:29:d2:6e:15:d1 root@slave1
The key's randomart image is:
+--[ RSA 2048]----+
| ..+=++o. |
|o o.oBE+.. |
|.o..+ o + |
| oo o . . |
| . o o S |
| . |
| |
| |
| |
+-----------------+
[root@slave1 ~]# cat ~/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA66kI4WvbHsapzwPAYhf+2RGcE53m4PSfY2Qi/0us7ksv7oICBVusKoCh/LTF1ZdZ9JM6+0G/Fh8u/MVQJb4YTR1dWj+A27zjzEkvE+Wfgdah4/yu/aMq2tHt/2mfIF+t88d9kQUgTJZMVbXhSDhipd6BSXUV9p2EUSksEAVWxhWobT/fLbud3dosr2sQGfITc92HWttLruw2xD//1aCK52HtrWEQ+hnMijgodKrGnBgOFYZLgbcSUh9S5CYHY+N816coYvucY/6TrHz3Ymc3qQcdB7vSlcko1mtbhVT5zQ3CmLR9Q6JilfTL0XshBUqcZ2Ew7XmcVNqNQti3BI48nw== root@slave1

[b]#  将slave1的公钥内容 拷贝到master的~/.ssh/authorized_keys 文件中[/b]

[root@master .ssh]# cat ~/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA03V3FV9O3AtpCFXDSMZh9cQZ3vn2e7UYD6lQc9uY1E9crc6iS076t5pTggKsOwQu0KsFF5x/7oSSYLZ8gUPbpZrsIVBMlLyw3rBmEBjYAmp6aampJw0TUa3GvTqFRqyMNQvpSyaK2B7WdIIDui8bILuxWDfw41/t3o+pD6s+QPMgc1UbmGzKdI8YEKM9lK6+qH39FV/SaIm4/zmhbPd73WMm+EKZ353goRxGKanK59M2FWOQnaxVUwZrhDQ0U5017t9LGQeVQcBpFFfAyE90JaXrYUNY7Hfpod/i/+mXtwwfK6hP3+p9GCv5R2iS/XDLYe5fUjGkplf71zA+XP7ZAQ== root@master
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA66kI4WvbHsapzwPAYhf+2RGcE53m4PSfY2Qi/0us7ksv7oICBVusKoCh/LTF1ZdZ9JM6+0G/Fh8u/MVQJb4YTR1dWj+A27zjzEkvE+Wfgdah4/yu/aMq2tHt/2mfIF+t88d9kQUgTJZMVbXhSDhipd6BSXUV9p2EUSksEAVWxhWobT/fLbud3dosr2sQGfITc92HWttLruw2xD//1aCK52HtrWEQ+hnMijgodKrGnBgOFYZLgbcSUh9S5CYHY+N816coYvucY/6TrHz3Ymc3qQcdB7vSlcko1mtbhVT5zQ3CmLR9Q6JilfTL0XshBUqcZ2Ew7XmcVNqNQti3BI48nw== root@slave1

[b]# master的~/.ssh/authorized_keys文件 通过scp传给slave1的~/.ssh/目录[/b]

[root@master .ssh]# scp -rp ~/.ssh/authorized_keys slave1:~/.ssh/
The authenticity of host 'slave1 (192.168.1.61)' can't be established.
RSA key fingerprint is b4:27:81:34:c0:c2:3d:98:61:be:62:69:68:85:8c:33.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'slave1' (RSA) to the list of known hosts.
root@slave1's password:
authorized_keys 100% 786 0.8KB/s 00:00

[b]#测试master免密码ssh连接slave1[/b]

[root@master .ssh]# ssh slave1
Last login: Mon Apr 17 14:09:45 2017 from 192.168.1.135
[root@slave1 ~]# ll

[b]#测试slave1免密码ssh连接master[/b]

# 第一次ssh连接需要输入yes
[root@slave1 ~]# ssh master
The authenticity of host 'master (192.168.1.60)' can't be established.
RSA key fingerprint is a4:f6:72:da:57:63:39:8b:80:59:d6:b9:ce:cb:58:a5.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'master,192.168.1.60' (RSA) to the list of known hosts.
Last login: Mon Apr 17 14:05:39 2017 from 192.168.1.135
[root@master ~]# exit
logout
Connection to master closed.
# 第二次直接免密码连接
[root@slave1 ~]# ssh master
Last login: Tue Apr 18 16:40:42 2017 from slave1
[root@master ~]#
#END
?

小白如何搭建2台Linux桥接模式_配置免密码ssh登录

Linuxeverything 发表了文章 • 0 个评论 • 657 次浏览 • 2017-05-23 21:58 • 来自相关话题

1.虚拟机安装linux CentOS6.5以上

~~~~~~~~~~~~~~~~~~~~~~~~~~略

2.在虚拟机配置桥接网络模式

~~~~~~~~~~~~~~~~~~~~~~~~~~略
参考:?
小白如何在virtualbox安装CentOS6并配置桥接网络以及静态ip
?
3.配置2台机子的静态ip地 查看全部
1.虚拟机安装linux CentOS6.5以上

~~~~~~~~~~~~~~~~~~~~~~~~~~略

2.在虚拟机配置桥接网络模式

~~~~~~~~~~~~~~~~~~~~~~~~~~略
参考:?
小白如何在virtualbox安装CentOS6并配置桥接网络以及静态ip
?
3.配置2台机子的静态ip地址_网关_DNS
?
[b]# Master
[/b]
[root@master ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=08:00:27:88:21:CA
TYPE=Ethernet
UUID=fd5e0998-1170-4959-92c6-9bb186a4515d
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=192.168.1.60
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=223.5.5.5
DNS2=223.6.6.6

[b]#Slave1
[/b]
[root@slave1 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
UUID=799c10b3-1014-4ad4-87b0-b05227e29de0
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
HWADDR=08:00:27:0C:F0:E8
IPADDR=192.168.1.61
GATEWAY=192.168.1.1
NETMASK=255.255.255.0
DEFROUTE=yes
DNS1=233.5.5.5
DNS2=233.6.6.6

4.关闭2台机子的iptables以及禁用selinux
?
[root@master ~]# /etc/init.d/iptables stop
iptables:将链设置为政策 ACCEPT:filter [确定]
iptables:清除防火墙规则: [确定]
iptables:正在卸载模块: [确定]
# 修改SELINUX=enforcing为SELINUX=disabled

[root@master xuan]# cat /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted

5.修改2台机子的hostname

? ? 一台为master,一台为slave1
[b]# master[/b]
[root@master ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.60 master
192.168.1.61 slave1

[b]# slave1[/b]
[root@slave1 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.60 master
192.168.1.61 slave1

6.测试2台机子是否能互相ping通
?
# master
[root@master ~]# ping slave1
PING slave1 (192.168.1.61) 56(84) bytes of data.
64 bytes from slave1 (192.168.1.61): icmp_seq=1 ttl=64 time=0.735 ms
64 bytes from slave1 (192.168.1.61): icmp_seq=2 ttl=64 time=0.263 ms

# slave1
[root@slave1 ~]# ping master
PING master (192.168.1.60) 56(84) bytes of data.
64 bytes from master (192.168.1.60): icmp_seq=1 ttl=64 time=0.384 ms

7.配置2台机子之间免密码ssh登陆
?
[b]#Master 生成ssh公钥和私钥[/b]

# 使用ssh-keygen 生成公钥和私钥 一路回车 不用设置密码
[root@master ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
4c:e7:fe:6d:a0:73:0a:2b:6d:7e:e2:91:90:bf:16:90 root@master
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| .. . |
| E+ o |
| o.S . |
| o.o . |
| .=... . |
| . ==+.... |
| *=o.+... |
+-----------------+
[root@master ~]# cd ./.ssh/
id_rsa id_rsa.pub known_hosts
[root@master ~]# cd ./.ssh/
[root@master .ssh]# ll
总用量 12
-rw------- 1 root root 1675 4月 18 16:24 id_rsa
-rw-r--r-- 1 root root 393 4月 18 16:24 id_rsa.pub
-rw-r--r-- 1 root root 394 4月 17 14:16 known_hosts
# 将id_rsa.pub内容复制到authorized_keys文件
[root@master .ssh]# cat id_rsa.pub > authorized_keys
[root@master .ssh]# ll
总用量 16
-rw-r--r-- 1 root root 393 4月 18 16:30 authorized_keys
-rw------- 1 root root 1675 4月 18 16:24 id_rsa
-rw-r--r-- 1 root root 393 4月 18 16:24 id_rsa.pub
-rw-r--r-- 1 root root 394 4月 17 14:16 known_hosts

[b]#Slave1 生成ssh公钥和私钥[/b]

[root@slave1 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
91:88:71:4d:f2:6a:58:a4:e9:50:0c:29:d2:6e:15:d1 root@slave1
The key's randomart image is:
+--[ RSA 2048]----+
| ..+=++o. |
|o o.oBE+.. |
|.o..+ o + |
| oo o . . |
| . o o S |
| . |
| |
| |
| |
+-----------------+
[root@slave1 ~]# cat ~/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA66kI4WvbHsapzwPAYhf+2RGcE53m4PSfY2Qi/0us7ksv7oICBVusKoCh/LTF1ZdZ9JM6+0G/Fh8u/MVQJb4YTR1dWj+A27zjzEkvE+Wfgdah4/yu/aMq2tHt/2mfIF+t88d9kQUgTJZMVbXhSDhipd6BSXUV9p2EUSksEAVWxhWobT/fLbud3dosr2sQGfITc92HWttLruw2xD//1aCK52HtrWEQ+hnMijgodKrGnBgOFYZLgbcSUh9S5CYHY+N816coYvucY/6TrHz3Ymc3qQcdB7vSlcko1mtbhVT5zQ3CmLR9Q6JilfTL0XshBUqcZ2Ew7XmcVNqNQti3BI48nw== root@slave1

[b]#  将slave1的公钥内容 拷贝到master的~/.ssh/authorized_keys 文件中[/b]

[root@master .ssh]# cat ~/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA03V3FV9O3AtpCFXDSMZh9cQZ3vn2e7UYD6lQc9uY1E9crc6iS076t5pTggKsOwQu0KsFF5x/7oSSYLZ8gUPbpZrsIVBMlLyw3rBmEBjYAmp6aampJw0TUa3GvTqFRqyMNQvpSyaK2B7WdIIDui8bILuxWDfw41/t3o+pD6s+QPMgc1UbmGzKdI8YEKM9lK6+qH39FV/SaIm4/zmhbPd73WMm+EKZ353goRxGKanK59M2FWOQnaxVUwZrhDQ0U5017t9LGQeVQcBpFFfAyE90JaXrYUNY7Hfpod/i/+mXtwwfK6hP3+p9GCv5R2iS/XDLYe5fUjGkplf71zA+XP7ZAQ== root@master
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA66kI4WvbHsapzwPAYhf+2RGcE53m4PSfY2Qi/0us7ksv7oICBVusKoCh/LTF1ZdZ9JM6+0G/Fh8u/MVQJb4YTR1dWj+A27zjzEkvE+Wfgdah4/yu/aMq2tHt/2mfIF+t88d9kQUgTJZMVbXhSDhipd6BSXUV9p2EUSksEAVWxhWobT/fLbud3dosr2sQGfITc92HWttLruw2xD//1aCK52HtrWEQ+hnMijgodKrGnBgOFYZLgbcSUh9S5CYHY+N816coYvucY/6TrHz3Ymc3qQcdB7vSlcko1mtbhVT5zQ3CmLR9Q6JilfTL0XshBUqcZ2Ew7XmcVNqNQti3BI48nw== root@slave1

[b]# master的~/.ssh/authorized_keys文件 通过scp传给slave1的~/.ssh/目录[/b]

[root@master .ssh]# scp -rp ~/.ssh/authorized_keys slave1:~/.ssh/
The authenticity of host 'slave1 (192.168.1.61)' can't be established.
RSA key fingerprint is b4:27:81:34:c0:c2:3d:98:61:be:62:69:68:85:8c:33.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'slave1' (RSA) to the list of known hosts.
root@slave1's password:
authorized_keys 100% 786 0.8KB/s 00:00

[b]#测试master免密码ssh连接slave1[/b]

[root@master .ssh]# ssh slave1
Last login: Mon Apr 17 14:09:45 2017 from 192.168.1.135
[root@slave1 ~]# ll

[b]#测试slave1免密码ssh连接master[/b]

# 第一次ssh连接需要输入yes
[root@slave1 ~]# ssh master
The authenticity of host 'master (192.168.1.60)' can't be established.
RSA key fingerprint is a4:f6:72:da:57:63:39:8b:80:59:d6:b9:ce:cb:58:a5.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'master,192.168.1.60' (RSA) to the list of known hosts.
Last login: Mon Apr 17 14:05:39 2017 from 192.168.1.135
[root@master ~]# exit
logout
Connection to master closed.
# 第二次直接免密码连接
[root@slave1 ~]# ssh master
Last login: Tue Apr 18 16:40:42 2017 from slave1
[root@master ~]#
#END
?