基于ssh的多节点之间互信通信的实现

实现条件：node1:192.168.176.6 主机名称是node1.magedu.com；

node2:192.168.176.6 主机名称是node1.magedu.com；

实现目的：在节点node1上可以ssh 192.168.176.7    ssh node2  ;在节点node2上可以ssh 192.168.176.6    ssh node1

实现步骤：

[root@node1 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):    回车
Enter passphrase (empty for no passphrase): 回车，设置空密码
Enter same passphrase again:回车
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
77:7d:09:dc:9c:d5:dd:41:d3:66:3e:0b:e9:98:dc:32 root@node1.magedu.com
The key's randomart image is:
+--[ RSA 2048]----+
|              .+B|
|            . o @|
|             o.B |
|             +..o|
|        S o * o.+|
|         . E o o |
|            o    |
|                 |
|                 |
+-----------------+

（2）在node1上使用ssh-copy-id工具将/root/.ssh/id_rsa.pub.远程拷贝至node的~/.ssh/目录下

[root@node1 ~]# ssh-copy-id -i .ssh/id_rsa.pub root@192.168.176.7(node2)
The authenticity of host '192.168.176.7 (192.168.176.7)' can't be established.
RSA key fingerprint is da:6d::5a::fa::6b:e4:1d:2d::1e:cc::1b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.176.7' (RSA) to the list of known hosts.
root@192.168.176.7's password:
Now try logging into the machine, with "ssh 'root@192.168.176.7'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

（3）在node1验证ssh 192.168.176.7 ,然后在验证ssh node2

[root@node1 heartbeat]# ssh 192.168.176.7(node2)
The authenticity of host 'node2 (192.168.176.7)' can't be established.
RSA key fingerprint is da:6d::5a::fa::6b:e4:1d:2d::1e:cc::1b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'node2' (RSA) to the list of known hosts.
Last login: Fri Apr  ::  from node1

以上在用node1去ssh控制node2时就不用输入密码了！直接连接成功！

同样的方法在node2用工具ssh-keygen生密钥对，拷贝公钥至node1，然后在验证ssh node1