Linux主机信任机制的配置

Linux主机信任机制的配置

 

一，生产rsa和dsa的私有key和public key：

在vmoel5u4上：

[oracle@vmoel5u4 ~]$ ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/home/oracle/.ssh/id_rsa): 

Enter passphrase (empty for no passphrase): 

Enter same passphrase again: 

Your identification has been saved in /home/oracle/.ssh/id_rsa.

Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.

The key fingerprint is:

06:82:c4:a3:d0:b9:d8:02:cf:dd:eb:0e:5e:db:22:b1 oracle@vmoel5u4.oracle.com

[oracle@vmoel5u4 ~]$ ssh-keygen -t dsa

Generating public/private dsa key pair.

Enter file in which to save the key (/home/oracle/.ssh/id_dsa): 

Enter passphrase (empty for no passphrase): 

Enter same passphrase again: 

Your identification has been saved in /home/oracle/.ssh/id_dsa.

Your public key has been saved in /home/oracle/.ssh/id_dsa.pub.

The key fingerprint is:

7f:b4:8e:bb:67:18:73:9f:14:cf:12:47:0d:28:93:aa oracle@vmoel5u4.oracle.com

在even上：

[oracle@even ~]$ ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/home/oracle/.ssh/id_rsa): 

Enter passphrase (empty for no passphrase): 

Enter same passphrase again: 

Your identification has been saved in /home/oracle/.ssh/id_rsa.

Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.

The key fingerprint is:

ad:69:3e:bc:ad:57:ee:03:29:25:b1:e5:b5:99:1b:af oracle@even.oracle.com

[oracle@even ~]$ ssh-keygen -t dsa

Generating public/private dsa key pair.

Enter file in which to save the key (/home/oracle/.ssh/id_dsa): 

Enter passphrase (empty for no passphrase): 

Enter same passphrase again: 

Your identification has been saved in /home/oracle/.ssh/id_dsa.

Your public key has been saved in /home/oracle/.ssh/id_dsa.pub.

The key fingerprint is:

73:b7:9c:ba:83:15:67:9e:a5:d9:af:48:69:96:1b:cb oracle@even.oracle.com

二，将pub key加入到authorized_keys：

在vmoel5u4上：

[oracle@vmoel5u4 ~]$ cd .ssh

[oracle@vmoel5u4 .ssh]$ ll

total 20

-rw------- 1 oracle oinstall  668 Jun 11 18:15 id_dsa

-rw-r--r-- 1 oracle oinstall  616 Jun 11 18:15 id_dsa.pub

-rw------- 1 oracle oinstall 1675 Jun 11 18:14 id_rsa

-rw-r--r-- 1 oracle oinstall  408 Jun 11 18:14 id_rsa.pub

-rw-r--r-- 1 oracle oinstall  798 Jul 23  2012 known_hosts

[oracle@vmoel5u4 .ssh]$ cat id_dsa.pub>>authorized_keys

[oracle@vmoel5u4 .ssh]$ ll

total 24

-rw-r--r-- 1 oracle oinstall  616 Jun 11 18:19 authorized_keys

-rw------- 1 oracle oinstall  668 Jun 11 18:15 id_dsa

-rw-r--r-- 1 oracle oinstall  616 Jun 11 18:15 id_dsa.pub

-rw------- 1 oracle oinstall 1675 Jun 11 18:14 id_rsa

-rw-r--r-- 1 oracle oinstall  408 Jun 11 18:14 id_rsa.pub

-rw-r--r-- 1 oracle oinstall  798 Jul 23  2012 known_hosts

[oracle@vmoel5u4 .ssh]$ cat id_rsa.pub>>authorized_keys

[oracle@vmoel5u4 .ssh]$ ssh even cat /home/oracle/.ssh/id_dsa.pub>>authorized_keys

oracle@even's password:

[oracle@vmoel5u4 .ssh]$ ssh even cat /home/oracle/.ssh/id_rsa.pub>>authorized_keys

oracle@even's password:

 

在even上：

[oracle@even .ssh]$ ssh vmoel5u4 cat /home/oracle/.ssh/authorized_keys>>authorized_keys

 

三，测试下：

[oracle@vmoel5u4 ~]$ ssh even

Last login: Tue Jun 11 18:28:06 2013 from vmoel5u4.oracle.com

[oracle@even ~]$

[oracle@even ~]$ ssh vmoel5u4

Last login: Tue Jun 11 18:27:57 2013 from even.oracle.com

[oracle@vmoel5u4 ~]$ 

测试成功，不需要输入密码可以通过SSH在两个主机间互换了！！！！！