1、LInux 主机路添加路由信息

1.1Linux系统路由配置永久生效
1）、linux系统路由配置———>永久开机生效将添加路由的命令写入/etc/rc.local文件中
2)、
3)、

Centos 6

centos6：route add

路由查看方法：route -n
静态默认路由：
route add default gw 10.0.0.254
route del default gw 10.0.0.254
静态网段路由：
route add -net 223.5.5.0 255.255.255.0 gw 10.0.0.254
静态主机路由：
route add -host 223.5.5.5 gw 10.0.0.254

Centos 7

centos7：ip route add

路由查看方法：ip route show
静态默认路由：
ip route add default via 10.0.0.254
ip route del default via 10.0.0.254
静态网段路由:
ip route add 223.5.5.0/24 via 10.0.0.254
静态主机路由：
ip route add 223.5.5.5 via 10.0.0.254

2、ssh远程服务

2.1远程服务原理连接过程

远程服务原理连接过程

2.2ssh两种连接方式

（1）基于密码认证方式

[root@web01 ~/.ssh]# ssh root@10.0.0.41
The authenticity of host '10.0.0.41 (10.0.0.41)' can't be established.
ECDSA key fingerprint is SHA256:rt6MjqJJ1TIYjabsstDABB0mMiqtfH+jI19y6+yr5Cc.
ECDSA key fingerprint is MD5:ae:59:88:8b:19:14:62:c9:54:6c:b0:28:c1:b8:61:be.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.0.41' (ECDSA) to the list of known hosts.
root@10.0.0.41's password: （此处输入密码，密码无显示）

（2）基于口令认证方式
01. 管理端： 创建密钥对，保存好私钥
02. 管理端： 将公钥进行发送
03. 被管理端：接收到公钥 保存 ~/.ssh/authorized_keys
实现方式

[root@web01 /]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:Ar+YYPZw8jyx3cgD8icb6VNiWIbFQc0a5WvK0vBS23M root@web01
The key's randomart image is:
+---[RSA 2048]----+
|   oo=.          |
|    +.o          |
|   o.o.          |
|  . +o .         |
|  O+= = S        |
| o.^o#.=         |
|  o.^oX E        |
|   +.* +         |
|    o.           |
+----[SHA256]-----+
[root@web01 /]# ssh-copy-id -i ~/.ssh/id_rsa.pub 10.0.0.41
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.0.0.41's password: （此处输入密码，密码无显示）

2.3实现批量下发公钥

（1）第一次ssh连接，会有yes或no提示信息（StrictHostKeyChecking=no）
（2）解决密码交互问题即密码输入 （sshpass）
解决一台主机免交互下发公钥信息： sshpass -p123456 ssh-copy-id -i /root/.ssh/id_rsa.pub 172.16.1.7 -o StrictHostKeyChecking=no
批量下发使用脚本

[root@web01 /]# ssh-keygen -t rsa 
 #!/bin/bash 
for ip in {7,31,41}
do
echo "=====Issued pub_key with 172.16.1.$ip====="
sshpass -p123456 ssh-copy-id -i /root/.ssh/id_rsa.pub 172.16.1.$ip -o StrictHostKeyChecking=no &>/dev/null
 if [ $? -eq 0 ]
 then
          echo "公钥信息分发成功 [ok]"  
          echo ""         
 else
          echo "公钥信息分发失败 [failed]"
          echo ""
 fi
done

编写检查脚本：

    #!/bin/bash
    for ip in {7,31,41}
    do 
echo "=============== check pub_key with 172.16.1.$ip =============== "
 ssh 172.16.1.$ip hostname >/dev/null
if [ $? -eq 0 ]
 then
          echo "分发测试检查成功 [ok]"  
          echo ""         
 else
          echo "公钥测试检查失败 [failed]"
          echo ""
 fi
done