NFS服务、SSHD服务
本章内容:linux
- NFS服务
- SSHD服务
NFS服务
NFS(Network File System)即网络文件系统,用以在网络上与他人共享文件和目录;NFS是运行在应用层的协议;基于Client/Server架构。vim
部署NFS
server端部署
第一步:下载nfs和rpcbind安全
rpcbind服务:因为在使用NFS服务进行文件共享以前,须要使用RPC(Remote Procedure Call,远程程序调用)服务将NFS服务器的IP地址和端口号等信息发送给客户端。所以,在启动NFS服务以前,还须要顺带重启并启用rpcbind服务程序服务器
╭─root@server /home/du ╰─➤ yum install nfs-utils rpcbind -y ... Complete!
第二步:配置nfs文件网络
╭─root@server /home/du ╰─➤ vim /etc/exports #补充编辑文件内容 ... /du 192.168.80.4/24(rw) /du 192.168.80.0/24(rw) /du *(rw) ...
第三步:重启nfs服务和rpcbind服务架构
╭─root@server /home/du ╰─➤ systemctl restart rpcbind nfs
第四步:更改共享目录“/du”属主为nfsnobodyapp
╭─root@server /home/du ╰─➤ chown -R nfsnobody: /du
client端部署
第一步:下载nfsdom
╭─root@client ~ ╰─➤ yum install nfs-utils -y ... 完毕!
第二步:查看共享ssh
╭─root@client ~ ╰─➤ showmount -e 192.168.80.3 Export list for 192.168.80.3: /du (everyone)
第三步:挂载使用ide
╭─root@client ~ ╰─➤ mkdir /du #建立挂载目录 ╭─root@client ~ ╰─➤ mount -t nfs 192.168.80.3:/du /du #-t:--type vfstype ╭─root@client ~ ╰─➤ df -h #查看挂载 文件系统 容量 已用 可用 已用% 挂载点 /dev/mapper/cl-root 17G 4.7G 13G 28% / devtmpfs 473M 0 473M 0% /dev tmpfs 489M 144K 489M 1% /dev/shm tmpfs 489M 7.1M 482M 2% /run tmpfs 489M 0 489M 0% /sys/fs/cgroup /dev/sda1 1014M 173M 842M 18% /boot tmpfs 98M 24K 98M 1% /run/user/0 /dev/sr0 4.1G 4.1G 0 100% /run/media/root/CentOS 7 x86_64 192.168.80.3:/du 17G 1.3G 16G 8% /du ╭─root@client ~ ╰─➤ cd /du #进入到挂载目录 ╭─root@client /du ╰─➤ touch cjk #若是sever端没有更改共享目录的属主就会报错 touch: 正在设置"cjk" 的时间: 权限不够 ╭─root@client /du ╰─➤ touch cjk #sever端执行第四步:更改属主后 ╭─root@client /du ╰─➤ ls 1903班学员基本信息表(1).xlsx cjk 威武.docx
SSHD服务
SSH( Secure Shell )即安全外壳协议;SSH 为创建在应用层和传输层基础上的安全协议;
- 做用1:是远程链接linux系统的一种服务协议,经常使用于加密传输数据。
- 做用2:相比较以前用telnet方式来传输文件要安全不少,由于telnet使用明文传输,ssh是加密传输;
- 做用3:sshd服务使用SSH协议能够用来进行远程控制, 或在计算机之间传送文件;
SSH协议默认端口22,这个端口通常是能够更改或者添加的,配置文件位置在:/etc/ssh/sshd_config经过编辑文件能够修改sshd服务的相关配置;
ssh配置文件
/etc/ssh/ssh_config #客户端配置文件 /etc/sshd_config #服务器端配置文件
SSH服务安装(系统已经默认安装并开机自启)
╭─root@localhost.localdomain ~ ╰─➤ yum -y install openssh openssh-clients openssh-server openssh-askpass
远程链接线上服务器
语法:ssh[远程主机用户名]@远程主机ip地址
第一步:ssh链接(确保能ping通)
方法一:ssh root@192.168.80.4 方法二:ssh 192.168.80.4
╭─root@localhost.localdomain ~
╰─➤ ssh 192.168.80.4
The authenticity of host '192.168.80.4 (192.168.80.4)' can't be established.
ECDSA key fingerprint is SHA256:m+YjLnd/Q27EtPXBv+ZkEawNSjcgcExVmGZCFC6M0v8.
ECDSA key fingerprint is MD5:2c:8c:34:b9:0c:00:5f:41:9e:f8:03:bf:ce:50:de:27.
Are you sure you want to continue connecting (yes/no)? yes #输入yes
Warning: Permanently added '192.168.80.4' (ECDSA) to the list of known hosts.
root@192.168.80.4's password: #输入密码
Last login: Sun Jun 2 13:42:47 2019 from 192.168.80.1
╭─root@localhost.localdomain ~
╰─➤ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:2e:d0:de brd ff:ff:ff:ff:ff:ff
inet 192.168.80.4/24 brd 192.168.80.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::5e15:9431:4cf4:2bd5/64 scope link
valid_lft forever preferred_lft forever
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
link/ether 52:54:00:8f:de:b3 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
link/ether 52:54:00:8f:de:b3 brd ff:ff:ff:ff:ff:ff
第二步:退出远程服务器
╭─root@localhost.localdomain ~
╰─➤ exit
Connection to 192.168.80.4 closed.
╭─root@localhost.localdomain ~
╰─➤ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:7f:e5:12 brd ff:ff:ff:ff:ff:ff
inet 192.168.80.3/24 brd 192.168.80.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe7f:e512/64 scope link
valid_lft forever preferred_lft forever
免密登陆远程主机
第一步:生成密钥对
╭─root@localhost.localdomain ~ ╰─➤ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:sIQ7fonPlTfI4JKe9VGl/yqOr4YqLCi3sLJ2NkvZFe0 root@localhost.localdomain The key's randomart image is: +---[RSA 2048]----+ | | | . . | | . o. . . | | o oo o | | o o.SEo | | .o=.+ + . | |o. o=.=.* o . | |=+== B.o.+.. . | |*+++*.o.++o.... | +----[SHA256]-----+
第二步:查看生成的秘钥
╭─root@localhost.localdomain ~ ╰─➤ ls /root/.ssh #公钥在/root/.ssh 目录下 id_rsa id_rsa.pub known_hosts ———————— #其中: id_rsa: 私钥(执行ssh-keygen生成) id_rsa.pub: 公钥(执行ssh-keygen生成) known_hosts: 主机信息 ————————
第三步:传输公钥
╭─root@localhost.localdomain ~ ╰─➤ ssh-copy-id root@192.168.80.4 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.80.4's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@192.168.80.4'" and check to make sure that only the key(s) you wanted were added.
第四步:免密登陆
╭─root@localhost.localdomain ~ ╰─➤ ssh 'root@192.168.80.4' Last login: Sun Jun 2 19:01:49 2019 from 192.168.80.3
第五步:退出远程服务器
╭─root@localhost.localdomain ~ ╰─➤ exit Connection to 192.168.80.4 closed.
拓展:scp
做用:
scp能够实现远程主机之间的文件复制
scp使用ssh协议,全部想要免密进行复制,须要发送秘钥给相应的节点
option:
-r: 复制目录时使用
-P:大写的P指定端口
演示:
╭─root@localhost.localdomain /home/du ╰─➤ ls 3 cjk default 更名.docx ╭─root@localhost.localdomain /home/du ╰─➤ scp cjk 192.168.80.4:/home #scp发送主机文件到远程节点 The authenticity of host '192.168.80.4 (192.168.80.4)' can't be established. ECDSA key fingerprint is 2c:8c:34:b9:0c:00:5f:41:9e:f8:03:bf:ce:50:de:27. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.80.4' (ECDSA) to the list of known hosts. root@192.168.80.4's password: #输入密码 cjk 100% 6 0.0KB/s 00:00 ╭─root@localhost.localdomain /home/du ╰─➤ scp 192.168.80.4:/home/cjk /home #scp拉取远程节点文件到本地 root@192.168.80.4's password: #输入密码 cjk 100% 6 0.0KB/s 00:00 ╭─root@localhost.localdomain /home/du ╰─➤ ls /home cjk du test1 test2
相关文章
- 1. sshd的服务
- 2. Linux sshd服务
- 3. Linux----sshd服务
- 4. sshd服务
- 5. 9.SSHD服务
- 6. LINUX---sshd服务
- 7. Linux : SSHD服务
- 8. Linux---sshd服务
- 9. linux sshd服务
- 10. sshd服务篇
- 更多相关文章...
- • 启动MySQL服务 - MySQL教程
- • Git 服务器搭建 - Git 教程
- • Spring Cloud 微服务实战(三) - 服务注册与发现
- • 再有人问你分布式事务,把这篇扔给他
相关标签/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
欢迎关注本站公众号,获取更多信息
相关文章
- 1. sshd的服务
- 2. Linux sshd服务
- 3. Linux----sshd服务
- 4. sshd服务
- 5. 9.SSHD服务
- 6. LINUX---sshd服务
- 7. Linux : SSHD服务
- 8. Linux---sshd服务
- 9. linux sshd服务
- 10. sshd服务篇