linux修改主機名+免密認證+關閉防火牆

在不少軟件安裝的時候都有這些需求，所以在這裏一塊兒講一下

 

修改主機名

簡單的使用 hostnamectl 命令就行了

hostnamectl set-hostname NAME

 

免密認證

準備工做，修改主機文件 

/etc/hosts

[root@node1 .ssh]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.79.200    node1
192.168.79.202    node2
192.168.79.204    node3

在每一個節點的/root/.ssh目錄下執行（連按三次回車就好）

ssh-keygen -t rsa

[root@node1 .ssh]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:EZ1TYD9Hu7qQO+lKsOPGGu2ym5pbMUWR0psjBW7XVwM root@node1
The key's randomart image is:
+---[RSA 2048]----+
|    .ooo..E=+ .  |
|   ...+. o+o o . |
|    ooooo ..o o  |
|   ..o+  o   o . |
|    o...S     .  |
|     + o   . .   |
|    o.+ . o..    |
|   o.=oo  oo .   |
|  +o=*o .oo..    |
+----[SHA256]-----+

而後在node1上執行

cat id_rsa.pub >> authorized_keys

登陸其他主機，將公鑰文件所有拷貝到node1的authorized_keys中，如node3節點：

[root@node3 .ssh]# ssh-copy-id -i node1
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'node1 (192.168.79.200)' can't be established.
ECDSA key fingerprint is SHA256:AdOUf9OIf3q4Ks7q8nj0agFtFIFdB1BGtlk8SkYImmo.
ECDSA key fingerprint is MD5:91:b6:be:a0:bb:f3:7a:e5:2c:6b:4a:c0:a4:7f:01:55.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node1's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'node1'"
and check to make sure that only the key(s) you wanted were added.

此時查看node1節點的authorized_keys文件能夠看到已經所有加進來了

[root@node1 .ssh]# cat authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3BQUX3qQJadEaBv8IGNh1aqIKIfT/9IkqZGCfx9UEFQ4kGOdpNay355YLKUOMNbjYtFSyVA0M2jkVopFPNlhEh7S/dIgYslgjEL7rtwl8evK9FI6cIkKbjWQWbpjdLgBrvvKhAPUBwhpfoUqUyzr+wtwSzgIJV8/C651OsRP4frtVruJj6qHBE+Rb++mUbs2sGj7h8NNrtWgIHJupFqrg35F7VcVGQe4LMdm3xTDXH0b/a15LosLtg7DQOngCXuJ4iL7qVIHHXqWv2Khv+Gw/PP6fvfPD29v8KCpjSq9Yk+O44LeM4mJE39TsHY+ASxSae4surdomcCCVQoeJ7tbF root@node1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC34kQ98T/x4ex1FvNnCEC1wquxJeaMTjzWuySP33CHXHK0QpvJMg5Y1t7v9sItuVCtJac0Z932Qd0E/QnBWCNuq548JmZeIWgzdXiI+G8MLSk32GJmXig9X4THUWpcRm+qmo9ZXTImqW0C1srRNr7cQ8AtViCooxFcF7s410D1XBLza7V+Key+GTrYZNQV+cXQMX643TJl/TQaOzJamDsPZnH9f9E4q1Ux0I47IiPJBMjLonox/Bqf8W+qDgQKFA6zWrebb7YWdMbS4x8hHN0+SIeoMpLYdUNy18XCREZEYd4aWJs4v8RRsrdBaKMA1LtELNktapFqVTWtc9fFN51f root@node2
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1+6ZqI1mU2mns17pNWoPkmzSExYy14gJI5elUeM91LLjxlKMz7TWofJPJg/s2hSuu3v9db3PwzYhZenCEJ6k6R8e+iUlu65QEgvQWhsLzbQW5UAXdqKzhhC6DsaYLUZbnfaCIMNvzWo6rUcaRnKZFVAw+scxxFasHJnjQmiAZg0uL8iCT1Cghu9CwqAF2UFxCCSt6rso6l71YUZAsUMtiCS1wA/D5+9rYHkXijgTsMK3nlklQNJ9QPWz/AHgTs0N59STpWJ89KMxCRZfWgvkwzoajYMK4OeUV9HxSZuzwuIOR3Rek4YB2BN0VdfQZZxO07pgnPi/OawswojkxgRYX root@node3

修改權限後把authorized_keys文件拷貝到其他節點，此時全部節點免密認證成功

[root@node1 .ssh]# chmod 600 authorized_keys
[root@node1 .ssh]# scp authorized_keys node2:`pwd`
The authenticity of host 'node2 (192.168.79.202)' can't be established.
ECDSA key fingerprint is SHA256:AdOUf9OIf3q4Ks7q8nj0agFtFIFdB1BGtlk8SkYImmo.
ECDSA key fingerprint is MD5:91:b6:be:a0:bb:f3:7a:e5:2c:6b:4a:c0:a4:7f:01:55.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'node2,192.168.79.202' (ECDSA) to the list of known hosts.
root@node2's password: 
authorized_keys                                   100% 1176   622.8KB/s   00:00    
[root@node1 .ssh]# scp authorized_keys node3:`pwd`
The authenticity of host 'node3 (192.168.79.204)' can't be established.
ECDSA key fingerprint is SHA256:AdOUf9OIf3q4Ks7q8nj0agFtFIFdB1BGtlk8SkYImmo.
ECDSA key fingerprint is MD5:91:b6:be:a0:bb:f3:7a:e5:2c:6b:4a:c0:a4:7f:01:55.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'node3,192.168.79.204' (ECDSA) to the list of known hosts.
root@node3's password: 
authorized_keys                                   100% 1176   519.8KB/s   00:00    
[root@node1 .ssh]# 

 

 

關閉防火牆

通常來講關閉firewalld服務和selinux

# 關閉防火牆
systemctl stop firewalld
systemctl disable firewalld

#關閉selinux
使用getenforce來查看是否開啓，若是開啓
使用setenforce 0關閉

# 永久關閉selinux
vim /etc/sysconfig/selinux
將SELINUX=enforcing改成disabled