1.安装openssh-server
[root@pod_name /]# yum install -y openssh-server
输出如下:
Loaded plugins: fastestmirror, ovl
Repository base is listed more than once in the configuration
Repository updates is listed more than once in the configuration
Repository extras is listed more than once in the configuration
Repository centosplus is listed more than once in the configuration
ADDOPS-base | 2.9 kB 00:00:00
base | 3.6 kB 00:00:00
Not using downloaded base/repomd.xml because it is older than what we have:
Current : Wed Nov 9 00:03:03 2022
Downloaded: Fri Oct 30 04:03:00 2020
epel | 2.9 kB 00:00:00
extras | 2.9 kB 00:00:00
puppetlabs-deps | 2.9 kB 00:00:00
puppetlabs-products | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/4): extras/7/x86_64/primary_db | 250 kB 00:00:00
(2/4): ADDOPS-base/7/x86_64/primary_db | 938 kB 00:00:00
(3/4): epel/x86_64/primary_db | 7.7 MB 00:00:00
(4/4): updates/7/x86_64/primary_db | 22 MB 00:00:00
Determining fastest mirrors
* base: mirrors.ustc.edu.cn
* extras: mirrors.ustc.edu.cn
* updates: mirrors.jlu.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package openssh-server.x86_64 0:7.4p1-23.el7_9 will be installed
--> Processing Dependency: openssh = 7.4p1-23.el7_9 for package: openssh-server-7.4p1-23.el7_9.x86_64
--> Processing Dependency: fipscheck-lib(x86-64) >= 1.3.0 for package: openssh-server-7.4p1-23.el7_9.x86_64
--> Processing Dependency: libfipscheck.so.1()(64bit) for package: openssh-server-7.4p1-23.el7_9.x86_64
--> Running transaction check
---> Package fipscheck-lib.x86_64 0:1.4.1-6.el7 will be installed
--> Processing Dependency: /usr/bin/fipscheck for package: fipscheck-lib-1.4.1-6.el7.x86_64
---> Package openssh.x86_64 0:7.4p1-23.el7_9 will be installed
--> Running transaction check
---> Package fipscheck.x86_64 0:1.4.1-6.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
============================================================================================================================================================================================================================================= Package Arch Version Repository Size
=============================================================================================================================================================================================================================================Installing:
openssh-server x86_64 7.4p1-23.el7_9 updates 459 k
Installing for dependencies:
fipscheck x86_64 1.4.1-6.el7 base 21 k
fipscheck-lib x86_64 1.4.1-6.el7 base 11 k
openssh x86_64 7.4p1-23.el7_9 updates 510 k
Transaction Summary
=============================================================================================================================================================================================================================================Install 1 Package (+3 Dependent packages)
Total download size: 1.0 M
Installed size: 2.9 M
Downloading packages:
(1/4): fipscheck-1.4.1-6.el7.x86_64.rpm | 21 kB 00:00:00
(2/4): fipscheck-lib-1.4.1-6.el7.x86_64.rpm | 11 kB 00:00:00
(3/4): openssh-server-7.4p1-23.el7_9.x86_64.rpm | 459 kB 00:00:00
(4/4): openssh-7.4p1-23.el7_9.x86_64.rpm | 510 kB 00:00:00
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------Total 3.5 MB/s | 1.0 MB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : fipscheck-1.4.1-6.el7.x86_64 1/4
Installing : fipscheck-lib-1.4.1-6.el7.x86_64 2/4
Installing : openssh-7.4p1-23.el7_9.x86_64 3/4
Installing : openssh-server-7.4p1-23.el7_9.x86_64 4/4
Verifying : fipscheck-lib-1.4.1-6.el7.x86_64 1/4
Verifying : fipscheck-1.4.1-6.el7.x86_64 2/4
Verifying : openssh-7.4p1-23.el7_9.x86_64 3/4
Verifying : openssh-server-7.4p1-23.el7_9.x86_64 4/4
Installed:
openssh-server.x86_64 0:7.4p1-23.el7_9
Dependency Installed:
fipscheck.x86_64 0:1.4.1-6.el7 fipscheck-lib.x86_64 0:1.4.1-6.el7 openssh.x86_64 0:7.4p1-23.el7_9
Complete!
2.生成密钥
[root@pod_name /]# ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
输出如下(一路回车就行):
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): #直接回车
Enter same passphrase again: #直接回车
Your identification has been saved in /etc/ssh/ssh_host_rsa_key.
Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub.
The key fingerprint is:
SHA256:b78IGPa3IDl9eg0WZcoTeLQSK8/g2wxh7dSwz0ZS11c root@pod_name
The key's randomart image is:
+---[RSA 2048]----+
| ooo .. E|
| ..Booo . .|
| = Bo+= . |
| o O *= |
| = S +o |
| . @ oo |
| * B.=o |
| o B.+. |
| ..o o. |
+----[SHA256]-----+
[root@pod_name /]# ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key
输出如下(一路回车就行):
Generating public/private ecdsa key pair.
Enter passphrase (empty for no passphrase):#直接回车
Enter same passphrase again: #直接回车
Your identification has been saved in /etc/ssh/ssh_host_ecdsa_key.
Your public key has been saved in /etc/ssh/ssh_host_ecdsa_key.pub.
The key fingerprint is:
SHA256:40PWi5VYoBcSPlReM3yA3xK4LZzYmoidhAgvbzD5Euo root@pod_name
The key's randomart image is:
+---[ECDSA 256]---+
| +o++=. |
|. o +o+oo. |
|.+ . ++o=.+ |
|B o . .o*++.. |
|.B + o oS.+. |
|o = + o+ + . |
|.o + . |
| E . |
| |
+----[SHA256]-----+
[root@pod_name /]# ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key
输出如下(一路回车就行):
Generating public/private ed25519 key pair.
Enter passphrase (empty for no passphrase): #直接回车
Enter same passphrase again: #直接回车
Your identification has been saved in /etc/ssh/ssh_host_ed25519_key.
Your public key has been saved in /etc/ssh/ssh_host_ed25519_key.pub.
The key fingerprint is:
SHA256:XbBb1XU2VYwqjxPLqg5txBs1YMFg5WJIPxrrr6mEdqA root@pod_name
The key's randomart image is:
+--[ED25519 256]--+
| . o+=. . .=X|
| . + o.. o ...=|
| o = . o . o. |
| = + . oo+. |
| .o + S.o* |
|o.. o o = . |
|Eo... + . . |
|o .o o . |
|..o...o. |
+----[SHA256]-----+
3.启动sshd服务
[root@pod_name /]# /usr/sbin/sshd -D &
4.修改root密码
[root@pod_name /]# passwd root
Changing password for user root.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
[root@pod_name /]#
