配置主机间信任的一个简单办法
只列出在一个机器上的操作。从rac01-ud-us-eqx到rac02-ud-us-eqx和rac03-ud-us-eqx
bash-3.00$
ssh 10.12.32.182
The authenticity of host '10.12.32.182 (10.12.32.182)' can't be established.
RSA key fingerprint is 7e:8d:db:aa:7c:15:3e:b6:4e:5f:86:58:b5:e8:97:7a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.12.32.182' (RSA) to the list of known hosts.
Password:
Password:
Password:
Permission denied (gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive).
bash-3.00$
bash-3.00$
bash-3.00$
/usr/bin/ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/export/home/oracle/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /export/home/oracle/.ssh/id_rsa.
Your public key has been saved in /export/home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
73:a0:e2:39:0b:6a:f5:b2:90:63:2d:a0:8b:20:96:af
oracle@rac01-ud-us-eqx
bash-3.00$
/usr/bin/ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/export/home/oracle/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /export/home/oracle/.ssh/id_dsa.
Your public key has been saved in /export/home/oracle/.ssh/id_dsa.pub.
The key fingerprint is:
5b:f6:0b:e5:2d:85:04:1c:85:84:52:de:ac:a1:27:f1
oracle@rac01-ud-us-eqx
bash-3.00$
ssh rac01-ud-us-eqx cat /export/home/oracle/.ssh/id_rsa.pub >>authorized_keys
The authenticity of host 'rac01-ud-us-eqx (10.12.32.181)' can't be established.
RSA key fingerprint is a5:b1:df:ea:ca:b5:78:69:43:cb:2b:cb:de:9f:f1:5d.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'rac01-ud-us-eqx,10.12.32.181' (RSA) to the list of known hosts.
Password:
bash-3.00$
ssh rac01-ud-us-eqx cat /export/home/oracle/.ssh/id_dsa.pub >>authorized_keys
Password:
bash-3.00$
ssh rac02-ud-us-eqx cat /export/home/oracle/.ssh/id_rsa.pub >>authorized_keys
The authenticity of host 'rac02-ud-us-eqx (10.12.32.182)' can't be established.
RSA key fingerprint is 7e:8d:db:aa:7c:15:3e:b6:4e:5f:86:58:b5:e8:97:7a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'rac02-ud-us-eqx' (RSA) to the list of known hosts.
Password:
bash-3.00$
ssh rac02-ud-us-eqx cat /export/home/oracle/.ssh/id_dsa.pub >>authorized_keys
Password:
bash-3.00$
scp authorized_keys rac02-ud-us-eqx:/export/home/oracle/.ssh
Password:
authorized_keys 100% |*********************************************************************************| 2532 00:00
bash-3.00$ ssh rac02-ud-us-eqx
Last login: Wed Apr 21 02:28:53 2010 from rac01-ud-us-eqx
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
$ exit
Connection to rac02-ud-us-eqx closed.
bash-3.00$ ssh rac03ud-us-eqx cat /export/home/oracle/.ssh/id_rsa.pub >>authorized_keys
ssh: rac03ud-us-eqx: node name or service name not known
bash-3.00$ ssh rac03-ud-us-eqx cat /export/home/oracle/.ssh/id_rsa.pub >>authorized_keys
The authenticity of host 'rac03-ud-us-eqx (10.12.32.183)' can't be established.
RSA key fingerprint is 01:d0:d1:4c:6b:4e:00:fe:d1:c0:33:5d:fd:56:2f:19.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'rac03-ud-us-eqx,10.12.32.183' (RSA) to the list of known hosts.
Password:
bash-3.00$
ssh rac03ud-us-eqx cat /export/home/oracle/.ssh/id_dsa.pub >>authorized_keys
ssh: rac03ud-us-eqx: node name or service name not known
bash-3.00$
ssh rac03-ud-us-eqx cat /export/home/oracle/.ssh/id_dsa.pub >>authorized_keys
Password:
bash-3.00$
scp authorized_keys rac03-ud-us-eqx:/export/home/oracle/.ssh
Password:
authorized_keys 100% |*********************************************************************************| 3376 00:00
bash-3.00$
ssh rac03-ud-us-eqx
Last login: Wed Apr 21 02:31:14 2010 from rac01-ud-us-eqx
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
$ exit
Connection to rac03-ud-us-eqx closed
原文: 配置主机间信任的一个简单办法
版权所有: 本文系米扑博客原创、转载、摘录,或修订后发表,最后更新于 2011-05-31 16:30:31
侵权处理: 本个人博客,不盈利,若侵犯了您的作品权,请联系博主删除,莫恶意,索钱财,感谢!
转载注明: 配置主机间信任的一个简单办法 (米扑博客)