[root@server200 ~]# hostnamectl hostname client.example.com[root@server200 ~]# hostname
client.example.com
[root@server200 ~]# ifconfig | tr -s " " | grep broadcast | cut -d " " -f3172.25.254.200
# 免密登录设置# 使用非交互式设置,并且指定加密算法为rsa算法[root@server200 ~]# ssh-keygen -f /root/.ssh/id_rsa -P "" -t rsa
Generating public/private rsa key pair.
Created directory '/root/.ssh'.
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:RhwHxNxgpVwJd39BZUncyKIG2QDKyv5JnxBd7Mjrsu0 root@client.example.com
The key's randomart image is:
+---[RSA 3072]----+
| .=OX=...+=*|
| . . ==*+...o+o|
| o B. . .. .|
| . . o = o . |
| o . + S. |
| . . o |
| . o . |
| o.* . |
| ++E |
+----[SHA256]-----+
# 查看是否生成公私密钥对
[root@server200 ~]# cd /root/.ssh/
[root@server200 .ssh]# ls
id_rsa id_rsa.pu
# 向主机一的root账户上传本地公钥
[root@server200 .ssh]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@172.25.254.100
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '172.25.254.100 (172.25.254.100)' can't be established.
ED25519 key fingerprint is SHA256:7v4Yn0h5gqnR0kmEQJPtc9vLb4JZmmHL7CBz5aqco+o.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@172.25.254.100's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@172.25.254.100'"
and check to make sure that only the key(s) you wanted were added.
# 向主机一的timinglee账户上传本地公钥
[root@server200 .ssh]# ssh-copy-id -i /root/.ssh/id_rsa.pub timinglee@172.25.254.100
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
timinglee@172.25.254.100's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'timinglee@172.25.254.100'"
and check to make sure that only the key(s) you wanted were added.
# 查看在主机一root账户中是否存在主机二上传的公钥[root@server .ssh]# cd /root/.ssh/[root@server .ssh]# ls
authorized_keys
# 查看在主机一timinglee账户中是否存在主机二上传的公钥[timinglee@server ~]$ cd /home/timinglee/.ssh/
[timinglee@server .ssh]$ ls
authorized_keys
# root账户直接免密连接100的主机[root@client ~]# ssh -l root 172.25.254.100
Activate the web console with: systemctl enable--now cockpit.socket
Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Fri Apr 1920:57:54 2024 from 172.25.254.1
[root@server ~]## timinglee账户直接免密连接100的主机[root@client ~]# ssh -l timinglee 172.25.254.100
Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Fri Apr 1920:58:41 2024[timinglee@server ~]$s
测试是否只能root用户和timinglee用户可以被登录
# 在主机一添加test用户用来测试[root@server ~]# useradd test[root@server ~]# echo "test" | passwd test --stdin
Changing password for user test.
passwd: all authentication tokens updated successfully.
# 在主机二中使用test账户上传公钥至主机一[root@client ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub test@172.25.254.100
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
test@172.25.254.100's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'test@172.25.254.100'"
and check to make sure that only the key(s) you wanted were added.
# 测试root和timinglee账户是否可以免密登录主机一
[root@client ~]# ssh root@172.25.254.100
Activate the web console with: systemctl enable --now cockpit.socket
Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Fri Apr 19 21:26:38 2024 from 172.25.254.1
# root账户免密登录成功
# [root@client ~]# ssh timinglee@172.25.254.100
Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Fri Apr 19 21:01:39 2024 from 172.25.254.200
# timinglee账户免密登录成功
# 测试test测试账户是否可以免密登录主机一
[root@client ~]# ssh test@172.25.254.100
test@172.25.254.100's password:
Permission denied, please try again.
test@172.25.254.100's password:
# test账户免密登录主机一失败,因为设置了sshd白名单,只用在白名单的root和timinglee账户可以免密登录主机一
简单工厂模式,请跳转到我的另一篇博客【工厂模式】简单工厂模式-简单例子-CSDN博客 四、工厂方法模式
(1)这部分还是不变,创建一个Car接口,和两个实现类。
public interface Car {void name();
}public class WuLing…