一、兩臺Linux服務(wù)器和客戶端 A:主機服務(wù)器?? B:客戶端服務(wù)器

在主機服務(wù)器A上用ssh命令生成密匙對,命令如下:ssh-keygen?-t?rsa然后一路回車即可

在當(dāng)前用戶目錄:/home/root/.ssh/下找到 id_rsa.pub

scp 本地文件(id_rsa.pub) 遠程用戶名@遠程主機(B)IP地址:遠程主機的保存位置

現(xiàn)在到遠程主機B查看是否有相應(yīng)的文件,當(dāng)然這里也要注意.ssh目錄是否存在

把剛才傳輸過來的公鑰追加到.ssh/authorized_keys文件里面

命令如下:

cat id_rsa.put >> .ssh/authorized_keys

chmod 700 .ssh

chmod 600 .ssh/authorized_keys

配置的時候注意權(quán)限的設(shè)置

二、rsync命令實現(xiàn)數(shù)據(jù)同步出錯

在使用rsync同步時還是需要輸入密碼，查看系統(tǒng)日志發(fā)現(xiàn)：

Jan 21 09:49:05 localhost sshd[44946]: User tomcat not allowed because account is locked

Jan 21 09:49:05 localhost sshd[44946]: input_userauth_request: invalid user tomcat [preauth]

Jan 21 09:49:11 localhost sshd[44946]: Connection closed by 192.168.2.250 [preauth]

通過日志查看，剛開始以為是 Tomcat用戶被鎖定了：

=============== linux 用戶解鎖 =====================

查看用戶：pam_tally2 --user 賬號

解鎖用戶：pam_tally2 -r -u 賬號

通過pam_tally2 --user指令發(fā)現(xiàn)沒有鎖定，最終通過查找資料是sshd沒有開啟 PAMPAM is not enabled for SSH service, it is commented or set to "no" explicitly:~#?grep?UsePAM?/etc/ssh/sshd_config

#UsePAM?yes

開啟sshd_config UsePAM yes；service sshd restart 出現(xiàn)新的問題，普通用戶無法登陸

cd /etc/pam.d；ls -l sshd 查看此文件是否存在，沒有則需創(chuàng)建#%PAM-1.0

auth???????required?????pam_sepermit.so

auth???????include??????password-auth

account????required?????pam_nologin.so

account????include??????password-auth

password???include??????password-auth

#?pam_selinux.so?close?should?be?the?first?session?rule

session????required?????pam_selinux.so?close

session????required?????pam_loginuid.so

#?pam_selinux.so?open?should?only?be?followed?by?sessions?to?be?executed?in?the?user?context

session????required?????pam_selinux.so?open?env_params

session????optional?????pam_keyinit.so?force?revoke

session????include??????password-auth

重新開啟 UsePAM yes;service sshd restart成功解決問題！

總結(jié)

以上是生活随笔為你收集整理的linux系统主机信任,Linux信任主机（SSH）的全部內(nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯，歡迎將生活随笔推薦給好友。