1. 创建一个无密码的密钥
mkdir -p ~/.sshchmod 700 ~/.sshcd ~/.sshssh-keygen -t rsa
将公钥拷贝到客户端这里用rsync方法
rsync id_rsa.pub root@xx.xx.xx.xx:/root/.ssh/.
cat id_rsa.pub >> authorized_keys
① 在资产上生成 root 账户的公钥和私钥
[root@centos7-1 ~]# ssh-keygen -t rsa # 默认会输入公钥和私钥文件到 ~/.ssh 目录
② 将公钥输出到文件 authorized_keys 文件,并修改权限
cat ~/.ssh/id_rsa22.pub >> ~/.ssh/authorized_keys
chmod 400 ~/.ssh/authorized_keys
③ 打开RSA验证相关设置
[root@centos7-1 ~]# vim /etc/ssh/sshd_config
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys ④ 重启 ssh 服务
[root@centos7-1 ~]# systemctl restart sshd
⑤ 上传 ~/.ssh 目录下的 id_rsa 私钥到 jumpserver 的管理用户中
安装rz sz
yum -y install lrzsz
cat /etc/passwd 可以查看所有用户的列表
fatal: [xxxx]: UNREACHABLE! => {"changed": false, "msg": "Authentication or permission failure. In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in \"/tmp\". Failed command was: ( umask 77 && mkdir -p \"` echo /home/web/.ansible/tmp/ansible-tmp-1574662141.410315-104046477959130 `\" && echo ansible-tmp-1574662141.410315-104046477959130=\"` echo /home/web/.ansible/tmp/ansible-tmp-1574662141.410315-104046477959130 `\" ), exited with result 1", "unreachable": true
登录到机器上
mkdir -p /home/web
chmod -R 777 /home/web
京公网安备 11010502036488号