Home > Article > Operation and Maintenance > Learn basic Linux system configuration, user authorization, and SSH password-free login operations
Modify CentOs basic information, create user authorization, ssh password-free login configuration
1 Permanent modification Host name
sudo vim /etc/hostname
Change the original host name xxx to master (change it to the corresponding slave on the slave host)
sudo vim /etc/hosts
Change xxx in /etc/hosts to the one you just changed Host name, and change the previous ip address to the actual ip address
reboot //重启
2 Create a user and authorize
Create user zhjc Recommendation: [Linux Video Tutorial]
[root@slave5 ~]# adduser zhjc [root@slave5 ~]# passwd zhjc
New password: # 输入密码 Retype new password: # 再次输入密码 passwd: all authentication tokens updated successfully.
Find the sudoers file path and grant write permission to the root user
[root@slave5~]# whereis sudoers # 查找sudoers文件路径 //显示:sudoers: /etc/sudoers /etc/sudoers.d /usr/share/man/man5/sudoers.5.gz [root@slave5~]# ls -l /etc/sudoers # 查看权限 //显示:4 -r--r----- 1 root root 3938 Sep 6 2017 /etc/sudoers # 只有读权限 [root@slave5~]# chmod -v u+w /etc/sudoers # 赋予读写权限 //显示:mode of ‘/etc/sudoers’ changed from 0440 (r--r-----) to 0640 (rw-r-----)
Modify the sudoers file
[zhjc@slave5 ~]# vim /etc/sudoers
Modify sudoers file, add new user information: press shift i to modify the file
root ALL=(ALL) ALL zhjc ALL=(ALL) ALL //这个是新用户
Recover the write permission of the root user
[root@slave5 ~]# chmod -v u-w /etc/sudoers
3 Create the corresponding folder and authorize the corresponding user
Create a folder in the root directory soft
[zhjc@slave5 ~]# sudo mkdir /soft //输入zhjc用户的密码 [zhjc@slave5 ~]# ll / //查看根目录的所有文件夹的权限 [zhjc@slave5 ~]# sudo chown -R zhjc:zhjc /soft [zhjc@slave5 ~]# ll / //再次查看根目录的所有文件夹的权限
Introduction to SSH
SSH (Secure SHell): It is a network protocol. As the name suggests, it is a very secure shell, mainly used for Encrypted transmission between computers. The SSH service implements data encrypted transmission based on asymmetric encryption (public-key cryptograthy, also known as public key encryption) technology. This technology generates a pair of keys, one that encrypts the data and can only be used for encryption, and the other that can only be used for decryption. Data encrypted using an encryption key can only be decrypted using the corresponding decryption key. And knowing only one of the keys, you can't calculate the other. Therefore, if one key in a pair is disclosed, the other key is not compromised. The public key is usually called the public key, and the non-public key is called the private key.
4 ssh password-free login
Install ssh: enter "sudo apt-get install openssh-server"-->Enter- ->Enter "y"-->Enter-->The installation is complete.
Open the "terminal window" and enter "sudo ps -e |grep ssh"-->Enter-->If there is sshd, it means that the ssh service has been started. If it has not been started, , enter "sudo service ssh start"-->Enter-->The ssh service will start.
Create ssh password-less login to this machine
Create ssh-key, here we use rsa method
[zhjc@slave5 ~]# ssh-keygen -t rsa -P "" [zhjc@slave5 ~]# cd ~/.ssh [zhjc@slave5 ~]# chmod 777 ~/.ssh [zhjc@slave5 .ssh]# cat id_rsa.pub >> authorized_keys [zhjc@slave5 .ssh]# chmod 600 authorized_keys //centos 系统需要设置这个权限
Test whether the local password-free login:
[zhjc@slave5 ~]# ssh slave5
Configure the master to log in to slave5 without a password:
Enter the command in the mater host to copy a public key to the home
[zhjc@master ~]# cp .ssh/id_rsa.pub ~/id_rsa_master.pub
Copy the id_rsa_master.pub in the master's home directory to the slave5's home
Enter the commands respectively in the home directory of slave5:
[zhjc@slave5 ~]# cat id_rsa_master.pub >> .ssh/authorized_keys
This article comes from the php Chinese website, linux system tutorial column, welcome to learn!
The above is the detailed content of Learn basic Linux system configuration, user authorization, and SSH password-free login operations. For more information, please follow other related articles on the PHP Chinese website!