系统环境:AIX 6100-09(SP3)
默认AIX系统不安装ssh,需要另外自定义安装,ssh有两个软件包组成(openssl 和 openssh),这两个软件包解压后,通过smit就可以安装。
一、安装ssh
[root@aix209 ssh]#ls
OpenSSH_5.8.0.6102.tar.Z openssl-0.9.8.1802.tar.Z
ssh.txt
[root@aix209 ssh]#uncompress OpenSSH_5.8.0.6102.tar.
1)解压
[root@aix209 ssh]#uncompress openssl-0.9.8.1802.tar.Z
[root@aix209 ssh]#ls
OpenSSH_5.8.0.6102.tar
openssl-0.9.8.1802.tar
ssh.txt
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
[root
@aix209
ssh]#tar xvf OpenSSH_5.
8.0
.
6102
.tar
x openssh.base,
6310912
bytes,
12326
tape blocks
x openssh.license,
338944
bytes,
662
tape blocks
x openssh.man.en_US,
153600
bytes,
300
tape blocks
x openssh.msg.CA_ES,
20480
bytes,
40
tape blocks
x openssh.msg.CS_CZ,
20480
bytes,
40
tape blocks
x openssh.msg.DE_DE,
20480
bytes,
40
tape blocks
x openssh.msg.EN_US,
17408
bytes,
34
tape blocks
x openssh.msg.ES_ES,
19456
bytes,
38
tape blocks
x openssh.msg.FR_FR,
20480
bytes,
40
tape blocks
x openssh.msg.HU_HU,
21504
bytes,
42
tape blocks
x openssh.msg.IT_IT,
19456
bytes,
38
tape blocks
x openssh.msg.JA_JP,
24576
bytes,
48
tape blocks
x openssh.msg.Ja_JP,
26624
bytes,
52
tape blocks
x openssh.msg.KO_KR,
21504
bytes,
42
tape blocks
x openssh.msg.PL_PL,
20480
bytes,
40
tape blocks
x openssh.msg.PT_BR,
19456
bytes,
38
tape blocks
x openssh.msg.RU_RU,
25600
bytes,
50
tape blocks
x openssh.msg.SK_SK,
20480
bytes,
40
tape blocks
x openssh.msg.ZH_CN,
25600
bytes,
50
tape blocks
x openssh.msg.ZH_TW,
24576
bytes,
48
tape blocks
x openssh.msg.Zh_CN,
21504
bytes,
42
tape blocks
x openssh.msg.Zh_TW,
21504
bytes,
42
tape blocks
x openssh.msg.ca_ES,
19456
bytes,
38
tape blocks
x openssh.msg.cs_CZ,
19456
bytes,
38
tape blocks
x openssh.msg.de_DE,
20480
bytes,
40
tape blocks
x openssh.msg.en_US,
17408
bytes,
34
tape blocks
x openssh.msg.es_ES,
19456
bytes,
38
tape blocks
x openssh.msg.fr_FR,
20480
bytes,
40
tape blocks
x openssh.msg.hu_HU,
27648
bytes,
54
tape blocks
x openssh.msg.it_IT,
19456
bytes,
38
tape blocks
x openssh.msg.ja_JP,
26624
bytes,
52
tape blocks
x openssh.msg.ko_KR,
19456
bytes,
38
tape blocks
x openssh.msg.pl_PL,
27648
bytes,
54
tape blocks
x openssh.msg.pt_BR,
18432
bytes,
36
tape blocks
x openssh.msg.ru_RU,
27648
bytes,
54
tape blocks
x openssh.msg.sk_SK,
19456
bytes,
38
tape blocks
x openssh.msg.zh_CN,
21504
bytes,
42
tape blocks
x openssh.msg.zh_TW,
21504
bytes,
42
tape blocks
[root
@aix209
ssh]#tar xvf OpenSSH_5.
8.0
.
6102
.tar
x openssh.base,
6310912
bytes,
12326
tape blocks
x openssh.license,
338944
bytes,
662
tape blocks
x openssh.man.en_US,
153600
bytes,
300
tape blocks
x openssh.msg.CA_ES,
20480
bytes,
40
tape blocks
x openssh.msg.CS_CZ,
20480
bytes,
40
tape blocks
x openssh.msg.DE_DE,
20480
bytes,
40
tape blocks
x openssh.msg.EN_US,
17408
bytes,
34
tape blocks
x openssh.msg.ES_ES,
19456
bytes,
38
tape blocks
x openssh.msg.FR_FR,
20480
bytes,
40
tape blocks
x openssh.msg.HU_HU,
21504
bytes,
42
tape blocks
x openssh.msg.IT_IT,
19456
bytes,
38
tape blocks
x openssh.msg.JA_JP,
24576
bytes,
48
tape blocks
x openssh.msg.Ja_JP,
26624
bytes,
52
tape blocks
x openssh.msg.KO_KR,
21504
bytes,
42
tape blocks
x openssh.msg.PL_PL,
20480
bytes,
40
tape blocks
x openssh.msg.PT_BR,
19456
bytes,
38
tape blocks
x openssh.msg.RU_RU,
25600
bytes,
50
tape blocks
x openssh.msg.SK_SK,
20480
bytes,
40
tape blocks
x openssh.msg.ZH_CN,
25600
bytes,
50
tape blocks
x openssh.msg.ZH_TW,
24576
bytes,
48
tape blocks
x openssh.msg.Zh_CN,
21504
bytes,
42
tape blocks
x openssh.msg.Zh_TW,
21504
bytes,
42
tape blocks
x openssh.msg.ca_ES,
19456
bytes,
38
tape blocks
x openssh.msg.cs_CZ,
19456
bytes,
38
tape blocks
x openssh.msg.de_DE,
20480
bytes,
40
tape blocks
x openssh.msg.en_US,
17408
bytes,
34
tape blocks
x openssh.msg.es_ES,
19456
bytes,
38
tape blocks
x openssh.msg.fr_FR,
20480
bytes,
40
tape blocks
x openssh.msg.hu_HU,
27648
bytes,
54
tape blocks
x openssh.msg.it_IT,
19456
bytes,
38
tape blocks
x openssh.msg.ja_JP,
26624
bytes,
52
tape blocks
x openssh.msg.ko_KR,
19456
bytes,
38
tape blocks
x openssh.msg.pl_PL,
27648
bytes,
54
tape blocks
x openssh.msg.pt_BR,
18432
bytes,
36
tape blocks
x openssh.msg.ru_RU,
27648
bytes,
54
tape blocks
x openssh.msg.sk_SK,
19456
bytes,
38
tape blocks
x openssh.msg.zh_CN,
21504
bytes,
42
tape blocks
x openssh.msg.zh_TW,
21504
bytes,
42
tape blocks
|
2)通过smit安装
[root@aix209 ssh]#smit installp
3)查看ssh服务
[root@aix209 ssh]#lssrc -a |grep ssh
sshd ssh 6029368 active
二、配置通过ssh建立主机间的信任关系(Cluster)
One node:
1)建立密钥
[grid@aix209 grid]$ssh-keygen -t rsa
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
Generating
public
/
private
rsa key pair.
Enter file
in
which to save the key (/home/grid/.ssh/id_rsa):
Created directory
'/home/grid/.ssh'
.
Enter passphrase (empty
for
no passphrase):
Enter same passphrase again:
Your identification has been saved
in
/home/grid/.ssh/id_rsa.
Your
public
key has been saved
in
/home/grid/.ssh/id_rsa.pub.
The key fingerprint is:
46
:8c:ac:aa:
82
:
62
:b1:5e:e2:ba:ed:d5:
02
:5e:f5:
62
grid@aix209
The key's randomart image is:
+--[ RSA
2048
]----+
| |
| . o |
| + o |
| o o |
| . o E S |
| o + o o |
|..=.o . |
|==o. . |
|X=o |
+-----------------+
|
[grid@aix209 grid]$ssh-keygen -t dsa
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
Generating
public
/
private
dsa key pair.
Enter file
in
which to save the key (/home/grid/.ssh/id_dsa):
Enter passphrase (empty
for
no passphrase):
Enter same passphrase again:
Your identification has been saved
in
/home/grid/.ssh/id_dsa.
Your
public
key has been saved
in
/home/grid/.ssh/id_dsa.pub.
The key fingerprint is:
4a:6d:
60
:
35
:ee:1c:fe:7d:
62
:
54
:f6:
31
:5c:7b:4a:
54
grid@aix209
The key's randomart image is:
+--[ DSA
1024
]----+
| o ..E|
| o . .. o|
| o o +=.|
| . * . + o+|
| . S . . .|
| . o . o |
| . . + . |
| . o |
| |
+-----------------+
|
2)配置密钥对
[grid@aix209 ~]$cd .ssh
[grid@aix209 .ssh]$ls
id_dsa id_dsa.pub id_rsa id_rsa.pub
[grid@aix209 .ssh]$cd ..
[grid@aix209 ~]$cat .ssh/id_rsa.pub >>.ssh/authorized_keys
[grid@aix209 ~]$cat .ssh/id_dsa.pub >>.ssh/authorized_keys
[grid@aix209 ~]$ssh aix210 cat .ssh/id_rsa.pub >>.ssh/authorized_keys
The authenticity of host 'aix210 (192.168.8.210)' can't be established.
RSA key fingerprint is 65:25:9b:46:05:a4:84:73:76:d2:ba:d2:c8:a2:91:0e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'aix210,192.168.8.210' (RSA) to the list of known hosts.
grid@aix210's password:
[grid@aix209 ~]$ssh aix210 cat .ssh/id_dsa.pub >>.ssh/authorized_keys
grid@aix210's password:
[grid@aix209 ~]$scp .ssh/authorized_keys aix210:~/.ssh
grid@aix210's password:
authorized_keys 100% 1988 1.9KB/s 00:00
[grid@aix209 ~]$ssh aix210 date
Mon Jan 5 22:24:19 CST 1970
3)测试信任关系
[grid@aix209 ~]$ssh aix210-priv date
The authenticity of host 'aix210-priv (10.10.10.210)' can't be established.
RSA key fingerprint is 65:25:9b:46:05:a4:84:73:76:d2:ba:d2:c8:a2:91:0e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'aix210-priv,10.10.10.210' (RSA) to the list of known hosts.
Mon Jan 5 22:24:27 CST 1970
[grid@aix209 ~]$ssh aix209-priv date
The authenticity of host 'aix209-priv (10.10.10.209)' can't be established.
RSA key fingerprint is 8f:54:98:0e:1b:c1:81:10:36:88:62:e2:20:61:16:91.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'aix209-priv,10.10.10.209' (RSA) to the list of known hosts.
Mon Mar 28 18:39:55 CDT 2016
[grid@aix209 ~]$ssh aix209 date
The authenticity of host 'aix209 (192.168.8.209)' can't be setablished.
RSA key fingerprint is 8f:54:98:0e:1b:c1:81:10:36:88:62:e2:20:61:16:91.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'aix209,192.168.8.209' (RSA) to the list of known hosts.
Mon Mar 28 18:40:02 CDT 2016
[grid@aix210 ~]$ssh aix209-priv date
The authenticity of host 'aix209-priv (10.10.10.209)' can't be established.
RSA key fingerprint is 8f:54:98:0e:1b:c1:81:10:36:88:62:e2:20:61:16:91.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'aix209-priv,10.10.10.209' (RSA) to the list of known hosts.
Mon Mar 28 18:40:36 CDT 2016
----- 至此,ssh在AIX系统上安装配置成功 !
