搜索
Linux网络服务器管理实验二实验名称:SSH公钥认证一、实验的目的学习通过一台虚拟机远程控制另外一台机器。二、实验环境本地主机rh1:192.168.233.3/24远程主机rh2:192.168.233.4/24在putty上,以用户yanji登录rh1。三、实验过程(写出屏幕上的输出,必要时作出评述或解释)1.创建密钥对主机rh1,用户yanji。$zh$cd$mkdir-pm700.ssh$ssh-keygen-f.ssh/id_dsa-tdsaGeneratingpublic/privatedsakeypair..ssh/id_dsaalreadyexists.Overwrite(y/n)?yEnterpassphrase(emptyfornopassphrase):Entersamepassphraseagain:Youridentificationhasbeensavedin.ssh/id_dsa.Yourpublickeyhasbeensavedin.ssh/id_dsa.pub.Thekeyfingerprintis:a0:b9:77:67:bc:a4:ca:8a:6d:1e:eb:39:36:18:50:3cyanji@localhost.localdomain[yanji@localhostyanji]$口令串passphrase为空。查看产生的密钥对:私钥:$cd$cat.ssh/id_dsa-----BEGINDSAPRIVATEKEY-----MIIBuwIBAAKBgQCO2eXpHZPDHIqQawb41sCGFqCh1fuDRqfVT9a8qyXjPXqTjgQDuU+U0pyPGtuPyNJB83OF6EbrTYPKh+jiBpJPk9lD/1AOaF2KYb5oAYc1kSjhwGkoi9LdxEQVzIIr1DTbU01hzGu7es8JmasLvknYNlPWdNkbBVakkHVh+cEnSQIVAPist+E1XBeKp2Hs837tmEIPj7LfAoGAf/ZdWoZ7Pp8oQLpBolD+oMpxQuOix0g5YYg3N5PDKrf9+K1LxZWkKawID1fIEDlixVbTTp8Q+JwFCW2S7MP3ObmsfDczv4GElm5uYZVWO8f6b8dg+GkBIQ+1pN2yVsigWVR+NAJzoc3N1BgamcmZPB/gkxx9LLY+Tx1xvsyzvMACgYBcKyMIVZZy1yfq9Ch+rJGjkBGHbwMkSV2xTz/4PsDwYAujBuK8aK8utXSsXaPfXt9ybsl/wrTJbEvE2E+jeh18WDTiO2ow8wMMWrN3ujNV1fgHFNXd6F5bqp1RYX0GO06IuR4Hnzf1DYRSoqpZm1NfI/T/zVo3M1J/IuhrFp9BbAIVAOXuTrL/suDYjAgwpEd35dxsV+0U-----ENDDSAPRIVATEKEY-----[yanji@localhostyanji]$公钥:$cat.ssh/id_dsa.pubssh-dssAAAAB3NzaC1kc3MAAACBAI7Z5ekdk8McipBrBvjWwIYWoKHV+4NGp9VP1ryrJeM9epOOBAO5T5TSnI8a24/I0kHzc4XoRutNg8qH6OIGkk+T2UP/UA5oXYphvmgBhzWRKOHAaSiL0t3ERBXMgivUNNtTTWHMa7t6zwmZqwu+Sdg2U9Z02RsFVqSQdWH5wSdJAAAAFQD4rLfhNVwXiqdh7PN+7ZhCD4+y3wAAAIB/9l1ahns+nyhAukGiUP6gynFC46LHSDlhiDc3k8Mqt/34rUvFlaQprAgPV8gQOWLFVtNOnxD4nAUJbZLsw/c5uax8NzO/gYSWbm5hlVY7x/pvx2D4aQEhD7Wk3bJWyKBZVH40AnOhzc3UGBqZyZk8H+CTHH0stj5PHXG+zLO8wAAAAIBcKyMIVZZy1yfq9Ch+rJGjkBGHbwMkSV2xTz/4PsDwYAujBuK8aK8utXSsXaPfXt9ybsl/wrTJbEvE2E+jeh18WDTiO2ow8wMMWrN3ujNV1fgHFNXd6F5bqp1RYX0GO06IuR4Hnzf1DYRSoqpZm1NfI/T/zVo3M1J/IuhrFp9BbA==yanji@localhost.localdomain[yanji@localhostyanji]$2.上传公钥到rh2主机rh1,用户yanji。$cd$scp.ssh/id_dsa.pubroot@192.168.233.4:.(以下输入密码时是输入rhlinux)root@192.168.159.4'spassword:Permissiondenied,pleasetryagain.root@192.168.159.4'spassword:id_dsa.pub100%|*****************************|61700:00[yanji@localhostyanji]$3.远程登录rh2主机rh1,用户yanji。$sshroot@192.168.233.4...#(以下输入密码时是输入rhlinux)root@192.168.159.4'spassword:Permissiondenied,pleasetryagain.root@192.168.159.4'spassword:Lastlogin:ThuMar1321:10:312014from192.168.159.3[root@localhostroot]#现在到了rh2。4.添加yanji的公钥到授权密钥文件#mkdir-pm600.ssh#catid_dsa.pub.ssh/authorized_keys#chmod600.ssh/authorized_keys#exit$[root@localhostroot]#mkdir-pm600.ssh[root@localhostroot]#lsanaconda-ks.cfgid_dsa.pubinstall.loginstall.log.syslogpoem1[root@localhostroot]#catid_dsa.pub.ssh/authorized_keys[root@localhostroot]#chmod600.ssh/authorized_keys[root@localhostroot]#lsanaconda-ks.cfgid_dsa.pubinstall.loginstall.log.syslogpoem1[root@localhostroot]#exitlogoutConnectionto192.168.159.4closed.[yanji@localhostyanji]$现在回到了rh1。5.免密码远程登录主机rh1,用户yanji。远程登录rh2,创建文件poem1后退出。$sshroot@192.168.233.4[yanji@localhostyanji]$sshroot@192.168.159.4Lastlogin:FriMar1418:15:142014from192.168.159.3#zh#catpoem1唧唧复唧唧木兰当户织不闻机杼声惟闻女叹息#exit$[root@localhostroot]#exitlogoutConnectionto192.168.159.4closed.[yanji@localhostyanji]$现在又回到了rh1。6.远程复制主机rh1,用户yanji。$ls$scproot@192.168.233.4:poem1.$ls$catpoem1[yanji@localhostyanji]$scproot@192.168.159.4:poem1.poem1100%|*****************************|6400:00[yanji@localhostyanji]$lspoem1[yanji@localhostyanji]$catpoem1唧唧复唧唧木兰当户织不闻机杼声惟闻女叹息[yanji@localhostyanji]$6.远程操作(远程执行命令)主机rh1,用户yanji。$sshroot@192.168.233.4ls–ltotal40-rw-r--r--1rootroot1837Mar905:21anaconda-ks.cfg-rw-r--r--1rootroot617Mar1418:12id_dsa.pub-rw-r--r--1rootroot19564Mar905:21install.log-rw-r--r--1rootroot4269Mar905:21install.log.syslog-rw-r--r--1rootroot64Mar1418:20poem1[yanji@localhostyanji]$$sshroot@192.168.159.4echo'(木兰诗片段)'poem1$sshroot@192.168.233.4catpoem1sshroot@192.168.159.4catpoem1唧唧复唧唧木兰当户织不闻机杼声惟闻女叹息(木兰诗片段)四、实验的体会学习通过一台虚拟机远程控制另外一台机器。