1.配置ntp時(shí)間服務(wù)器，確保客戶端主機(jī)能和服務(wù)主機(jī)同步時(shí)間

2.配置ssh免密登陸，能夠通過(guò)客戶端主機(jī)通過(guò)redhat用戶和服務(wù)端主機(jī)基于公鑰驗(yàn)證方式進(jìn)行遠(yuǎn)程連接

一.配置ntp時(shí)間服務(wù)器，確?？蛻舳酥鳈C(jī)能和服務(wù)主機(jī)同步時(shí)間

1、軟件安裝

[root@localhost ~]# yum install chrony -y

2、查看客戶端主機(jī)時(shí)間

[root@client ~]# timedatectl 
               Local time: 日 2003-07-13 07:16:23 CST
           Universal time: 六 2003-07-12 23:16:23 UTC
                 RTC time: 日 2023-04-16 11:47:14
                Time zone: Asia/Shanghai (CST, +0800)
System clock synchronized: no
              NTP service: active
          RTC in local TZ: no
[root@client ~]# 

3、修改配置文件

客戶端主機(jī)：

[root@client ~]# vim /etc/chrony.conf 
#添加服務(wù)端地址
pool 192.168.186.138 iburst

服務(wù)端主機(jī)：

[root@server ~]# vim /etc/chrony.conf 
#設(shè)置允許哪個(gè)客戶端可以訪問(wèn)該服務(wù)器
# Allow NTP client access from local network.
allow 192.168.186.0/24

# Serve time even if not synchronized to a time source.
local stratum 10
（值10可被取代，可選范圍為1-15。假如該計(jì)算機(jī)可以連接到一臺(tái)最終與真實(shí)時(shí)間同步的計(jì)算機(jī)，那么該計(jì)算機(jī)的stratum層級(jí)幾乎可以肯定比10小。因此，為local命令選取stratum 10這樣的大數(shù)值，可以防止機(jī)器本身的時(shí)間與真實(shí)時(shí)間混淆，可以保證該機(jī)器不會(huì)將本身的時(shí)間授時(shí)給那些可以連接同步到真實(shí)時(shí)間的ntp服務(wù)器的ntp客戶端。）  

4、查看服務(wù)器時(shí)間，并重啟chronyd服務(wù)

[root@server ~]# date
2023年 04月 16日 星期日 19:51:18 CST
[root@server ~]# grep allow /etc/chrony.conf 
allow 192.168.186.0/24
[root@server ~]# systemctl restart chronyd

5、用客戶端去同步，并再次查看客戶端的時(shí)間是否與客戶端一致

[root@client ~]# ping 192.168.186.138
[root@client ~]# grep iburst /etc/chrony.conf 
#pool 2.rhel.pool.ntp.org iburst
#pool ntp.aliyun.com iburst
pool 192.168.186.138 iburst
[root@client ~]# systemctl restart chronyd
[root@client ~]# chronyc sources
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 192.168.186.138              10   6    17     0    -19us[  -53us] +/-  354us
[root@client ~]# timedatectl 
               Local time: 日 2023-04-16 20:00:55 CST
           Universal time: 日 2023-04-16 12:00:55 UTC
                 RTC time: 日 2023-04-16 12:00:56
                Time zone: Asia/Shanghai (CST, +0800)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no
[root@client ~]# chronyc ntpdata 

Remote address  : 192.168.186.138 (C0A8BA8A)
Remote port     : 123
Local address   : 192.168.186.137 (C0A8BA89)
Leap status     : Normal
Version         : 4
Mode            : Server
Stratum         : 10
Poll interval   : 6 (64 seconds)
Precision       : -26 (0.000000015 seconds)
Root delay      : 0.000000 seconds
Root dispersion : 0.000000 seconds
Reference ID    : 7F7F0101 ()
Reference time  : Sun Apr 16 12:03:56 2023
Offset          : -0.000075828 seconds
Peer delay      : 0.000886137 seconds
Peer dispersion : 0.000000034 seconds
Response time   : 0.000293112 seconds
Jitter asymmetry: +0.00
NTP tests       : 111 111 1111
Interleaved     : No
Authenticated   : No
TX timestamping : Daemon
RX timestamping : Kernel
Total TX        : 7
Total RX        : 7
Total valid RX  : 7
[root@client ~]# 

二.配置ssh免密登陸，能夠通過(guò)客戶端主機(jī)通過(guò)redhat用戶和服務(wù)端主機(jī)基于公鑰驗(yàn)證方式進(jìn)行遠(yuǎn)程連接

1、創(chuàng)建用戶redhat

[root@client ~]# useradd redhat
[root@client ~]# passwd redhat 
更改用戶 redhat 的密碼 。
新的密碼： 
無(wú)效的密碼： 密碼少于 8 個(gè)字符
重新輸入新的密碼： 
passwd：所有的身份驗(yàn)證令牌已經(jīng)成功更新。
[root@client ~]# 

2、創(chuàng)建新的密鑰對(duì)，并且發(fā)送到指定目錄中

[root@client .ssh]# su redhat
[redhat@client .ssh]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/redhat/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/redhat/.ssh/id_rsa
Your public key has been saved in /home/redhat/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:ttXkI8fBsvXzKNTArpYWluWKxVRVtDFNbPzcYi/1HpQ redhat@client
The key's randomart image is:
+---[RSA 3072]----+
|            ...O=|
|           +    O|
|          o O  ++|
|         o & =oE=|
|        S X X.=+.|
|       . * O ..=o|
|        o * . .oo|
|         o   .  .|
|                 |
+----[SHA256]-----+
[redhat@client .ssh]$ 
[redhat@client .ssh]$ ll
總用量 8
-rw-------. 1 redhat redhat 2602  4月 16 20:47 id_rsa
-rw-r--r--. 1 redhat redhat  567  4月 16 20:47 id_rsa.pub


[root@server .ssh]# ll
總用量 8
-rw-------. 1 root root 1695  4月 16 20:43 authorized_keys
-rw-r--r--. 1 root root 2590  4月 16 20:50 id_rsa
[root@server .ssh]# 

ssh-keygen 生成、管理和轉(zhuǎn)換認(rèn)證密鑰 -t制定類型 RSA

/root/.ssh/id_rsa私鑰文件
/root/.ssh/id_rsa.pub公鑰文件文章來(lái)源地址http://www.zghlxwxcb.cn/news/detail-450184.html

?3、客戶端測(cè)試

[redhat@client .ssh]$ ssh 192.168.186.138
The authenticity of host '192.168.186.138 (192.168.186.138)' can't be established.
ED25519 key fingerprint is SHA256:IjiKi+oexrRWTbUACwNqXYQvu2F8yakPx49b7PW9lto.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.186.138' (ED25519) to the list of known hosts.
redhat@192.168.186.138's password: 
Activate the web console with: systemctl enable --now cockpit.socket

Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Sat Apr  8 10:10:53 2023
[redhat@server ~]$ 

到了這里，關(guān)于RHCE——時(shí)間服務(wù)器（ntp）的文章就介紹完了。如果您還想了解更多內(nèi)容，請(qǐng)?jiān)谟疑辖撬阉鱐OY模板網(wǎng)以前的文章或繼續(xù)瀏覽下面的相關(guān)文章，希望大家以后多多支持TOY模板網(wǎng)！