[root@test1 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:9r23YdzNJEt4ofW3jJHVDCR//1r1SjXMT89ENkw1j3U root@test1.example.com
The key's randomart image is:
+---[RSA 2048]----+
| ..ooE|
| oo==|
| =+B|
| +=*o|
| S oo++X|
| . . . ++@@|
| . ..*o@|
| +.= |
| ..+. |
+----[SHA256]-----+本地及远程登录
Table of Contents
ssh 互信登录
ssh-keygen 生成公钥私钥对
ssh-copy-id 拷贝公钥到远程机器
[root@test1 ~]# ssh-copy-id test2
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'test2 (192.168.122.4)' can't be established.
ECDSA key fingerprint is SHA256:rXyrF9i/YrMqrDbnK4dHXGONrzLNUf/C+OEl56KgLHk.
ECDSA key fingerprint is MD5:f0:4e:5d:30:34:4a:6d:7f:40:71:cd:a8:27:26:ae:e5.
Are you sure you want to continue connecting (yes/no)? yes
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@test2's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'test2'"
and check to make sure that only the key(s) you wanted were added.远程登录执行命令
[root@test1 ~]# ssh test2 'hostname'
test2.example.comsshd 服务
/etc/ssh/sshd_config 文件控制 sshd 服务的一般行为:
| 配置 | 说明 |
|---|---|
AuthorizedKeysFile .ssh/authorized_keys |
认证文件的路径 |
PasswordAuthentication yes |
是否运行 root 用户登录 |
远程配置 docker 示例
拷贝并覆盖远程文件
# for i in master yum node1 node2 node3 node4 infra nfs; do scp /etc/hosts $i.example.com:/etc ; done查看远程 docker 运行状态
# for i in node1 node2 node3 node4 infra ; do ssh $i.example.com 'hostname; systemctl status docker.service; echo' ; done远程创建 PV, VG
# for i in node1 node2 node3 node4 infra ; do ssh $i.example.com 'hostname; pvcreate /dev/vdb ; vgcreate docker-vg /dev/vdb; echo' ; done查看远程 PV, VG, LV
# for i in master node1 node2 node3 node4 infra ; do ssh $i.example.com 'hostname; pvdisplay; vgdisplay; lvdisplay; echo' ; done远程配置 docker
# for i in node1 node2 node3 node4 infra ; do ssh $i.example.com 'hostname; rm -fr /var/lib/docker/*; docker-storage-setup; systemctl restart docker ; echo' ; done查看远程服务信息
# for i in master yum node1 node2 node3 node4 infra ; do ssh $i.example.com 'hostname; systemctl is-enabled docker.service; echo' ; done收集和查看 sos report
执行 sosreport 收集
# sosreport|
Note
|
sosreport 执行可能需要一段时间,并且执行过程中需要输入一些信息,例如红帽账户名、红帽问题单号等,命令执行完会在 /var/tmp 下产生一个以 sosreport- 开头的文件。
|
查看 sos report
# cd /var/tmp/
# tar -xvJf sosreport-kylin.016001789-20180215001511.tar.xz
# cd sosreport-kylin.016001789-20180215001511/
# ls -lR