ssh 免密码登录

当我们需要做hadoop solr等之类需要集群测试，如果不配置ssh免密码登录的话在，每次访问主机都需要输入密码这给学习生产带来了很大的麻烦。

　　ssh免密码登录步骤如下

　　1、配置本机无密码登录

进入network修改主机名

[root@master Desktop]# vim /etc/sysconfig/network

#修改如下

NETWORKING=yes

HOSTNAME=master

GATEWAT=192.168.1.8

#保存并退出

#修改hostname

[root@master Desktop]# hostname master

#查看当前hostname

[root@master Desktop]# hostname

master

 主机名修改完成之后，就需要进入hosts配置需要免密码登录的主机

[root@master Desktop]# vim /etc/hosts

#内容如下，红色为需要配置的ip和主机。tab分隔ip和主机名

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4

::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.1.8     master

192.168.1.9     data1

192.168.1.10    data2

 进入需要配置的用户组的根目录进行ssh免密码配置，比如我需要的用户组是hadoop

[root@master Desktop]# su hadoop

[hadoop@master Desktop]$ cd ~

[hadoop@master ~]$ 

 

#查看当前文件下的所有文件，时候存在.ssh文件，如果存在就删除

[hadoop@master ~]$ ls -a

.              .gconf               .nautilus

..             .gconfd              Pictures

.bashrc        .gtk-bookmarks       .ssh

 

[hadoop@master ~]$ rm -rf .ssh

 

#创建ssh密钥，这里我创建的是rsa加密方式

[hadoop@master ~]$ ssh-keygen -t rsa

Generating public/private rsa key pair.

#这里问你私钥的存放地点，回车默认就行

Enter file in which to save the key (/home/hadoop/.ssh/id_rsa): 

Created directory '/home/hadoop/.ssh'.

#这里也默认回车就行

Enter passphrase (empty for no passphrase): 

Enter same passphrase again: 

Your identification has been saved in /home/hadoop/.ssh/id_rsa.

Your public key has been saved in /home/hadoop/.ssh/id_rsa.pub.

The key fingerprint is:

e4:24:f4:f8:07:80:f8:b1:dd:6e:76:e0:1f:a1:e3:b4 hadoop@master

The key's randomart image is:

+--[ RSA 2048]----+

|   . .o          |

|  . o. +         |

|   . +o.=        |

|    o .*o..      |

|       oSo..     |

|        O.o      |

|       = = .     |

|        E .      |

|                 |

+-----------------+

 

#这时候新的.ssh文件应该创建完成了，可以进入的.ssh文件中查看

[hadoop@master ~]$ cd .ssh

[hadoop@master .ssh]$ ls

id_rsa  id_rsa.pub

 

#id_rsa是私钥，我们这里要的是 id_res.pub 公钥,公钥可以上传给别人进行使用

#不过首先我们要先将公钥加入的加入到自动使用密钥的文件中给自己使用

[hadoop@master .ssh]$ cp id_rsa.pub authorized_keys

[hadoop@master .ssh]$ ls

#这里就多出了一个authorized_keys文件，可以自动使用密钥

authorized_keys  id_rsa  id_rsa.pub

 

#我们在这里可以查看一下authorized_keys里面的内容

[hadoop@master .ssh]$ cat authorized_keys 

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAyMrXvjPOfb0MOtna5PLzFX3sHsOPSjUc//BcGOWO+JEfIvqCmhABQXO/InuPL2LiaNk/Ex4WcV+3bI2fVSwFaZtRjRTqP0Zpi0cX66nAaslGmYfOKPxdddYk+zu0PWvoqwVUOEjcTFaisYYoyJY0B32nU94X4hVN5A9fzgjLHxDw3d1SObCgq2jQ0r74vHjRPxFUI6BdOLDr8c7wOTtXn7crzTLH8kNdGtYaQgnnlwSJb7OS696WoNDLDDjVJvtqKGdMPSDQvYK6m8esDo3qg2B60JPg2d0sFLZ0cs3Fh61AXWSLFUwVf4VpiFnmTwSL2TCFRmuKaRc63K7xG82Lhw== hadoop@master

#我们可以看到hadoop@master已经加入到了keys里了，这样我们自己对自己的免密码登录就做好了

 

#进行ssh localhost 和 ssh master来测试一下是否免密码登录

[hadoop@master .ssh]$ ssh localhost

The authenticity of host 'localhost (::1)' can't be established.

RSA key fingerprint is 13:0c:1c:77:37:71:55:50:76:01:2b:12:20:10:b5:56.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'localhost' (RSA) to the list of known hosts.

Last login: Tue Nov 12 19:35:13 2013 from data1

[hadoop@master ~]$

 

[hadoop@master ~]$ ssh master

The authenticity of host 'master (192.168.1.8)' can't be established.

RSA key fingerprint is 13:0c:1c:77:37:71:55:50:76:01:2b:12:20:10:b5:56.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'master,192.168.1.8' (RSA) to the list of known hosts.

Last login: Wed Nov 13 10:49:53 2013 from localhost

[hadoop@master ~]$

 

2、配置其它机器免密码登录

经过上面的步骤我们已经实现了对自己的免密码登录，然后将其他的机子重复上面的步骤。当所有的机器自己的免密码登录做完以后。我们只要把当前机器的公钥上传给其他机器，并且加入到其它机器的authorized_keys文件中就行了

操作如下：

 

 

#我当前是在.ssh文件夹下

[hadoop@master ~]$ cd .ssh

[hadoop@master .ssh]$ scp id_rsa.pub hadoop@data1:~/.ssh/id_rsa_master.pub(要重命名一个)

 

#ssh进入data1

[hadoop@master .ssh]$ ssh data1

The authenticity of host 'data1 (192.168.1.9)' can't be established.

RSA key fingerprint is 13:0c:1c:77:37:71:55:50:76:01:2b:12:20:10:b5:56.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'data1,192.168.1.9' (RSA) to the list of known hosts.

hadoop@data1's password: 

Last login: Tue Nov 12 19:34:07 2013 from master

 

#进入.ssh查看文件，是不是多了一个id_rsa_master.put

[hadoop@data2 ~]$ cd .ssh/

[hadoop@data2 .ssh]$ ls

authorized_keys  id_rsa id_rsa_master.pub  id_rsa.pub  known_hosts

#将id_rsa.pub加入到authorized_keys中

[hadoop@data2 .ssh]$ cat id_rsa_master.pub >> authorized_keys

 

#查看authorized_keys文件，master已经加入到data1里面了，这样从master到data1就不需要输入密码了

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAyrVuO4m1Zgg5UsijT0bopNvGUjnmxBiOQjVU1Lv0Zo7xkWu/cS2Zq+0CDlHkxjTg1/6wg5eyExvv6qTPEaAXCBmcNbqzGMce1WXuGiWL6MClADZqC+VGMOiMnuHTNXebLkFMOIcvRJKPodBGRbMV070GppgipYeCRs1FtSWSyR2Lf7QnKCBX+BnacSzZWfBbfAjBfpvR2UpBx99dShn5IMW5WFCghk06uaALKzp8D2vmNpnEa166rcmxnW4xybToRKfp8Y24ZlmmULpadbyCFYHfC9NEWUSEyXldoUeIgv/ysf/deAyJqe9kz09MyMC3nWTF3ODzUohUMShvTeg8aw== hadoop@master

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxfc2LNAdW04M09+nre9fT0hOxhNjW9MisvQRLySuw9Pjvk+XpgCsbu/sEIvAygMKGQwLfTaKobDtHfxQOymv1Sf71k1UB2ftWuBHui4q6UBaWPkwyfgX4eSzoFe1Ne0w8Jd3L4+v45wMVH9ZwKHqqBO1AAOOszLjkds05xtuh6PyYMUDeXk4q11jOzw7bkYx+8zfpSvZ1//+I/YwYHpZV3S6X/xgCQtgLI7oW0ve3uZQtzf2N59X5YsMwzKy1Xm2lOauglDiJHxhEbqT+mTjM345O+MXIDnl5jzyU2obGIFjanKnyAZwiVhOr4rbbMEgcLu88T8DxI0THM/LktAqhQ== hadoop@data1

 

#效果如下 注意我的因为在master中已经加入了data1的公钥了所以已经不要输入密码了，如果你是按照我上面的配的，是需要密码的，从master进入data1是不需要的（红色部分）

[hadoop@data1 Desktop]$ ssh master

Last login: Tue Nov 12 19:35:13 2013 from data1

[hadoop@master ~]$ ssh data1

Last login: Tue Nov 12 19:32:53 2013 from master

[hadoop@data1 ~]$ 

 

 只需要重复以上的步骤，就可以做完ssh免密码登录这。做完了ssh管理集群就更方便了

评论

3 楼 rambolovepanda 2014-07-09  

有时候 必须在server端 将authorized_keys 权限设置
chmod 600 authorized_keys  要不然不行的  还没搞明白  擦

2 楼 152629 2013-11-15  

不错写的很详细，值的收藏

1 楼 liaoyulin0609 2013-11-13  

大牛呀，找了这篇文章找了好久了，终于找到了，非常感谢~~