Hadoop SSH免密码登录以及失败解决方案

1. 创建ssh-key

这里我们采用rsa方式,使用如下命令:

xiaosi@xiaosi:~$ ssh-keygen -t rsa -f ~/.ssh/id_rsa
Generating public/private rsa key pair.
Created directory '/home/xiaosi/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/xiaosi/.ssh/id_rsa.
Your public key has been saved in /home/xiaosi/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:n/sFaAT94A/xxxxxxxxxxxxxxxxxxxxxxx xiaosi@xiaosi
The key's randomart image is:
+---[xxxxx]----+
|    o= .. .. |
|    o.= .. .|
|     *.* o .|
|    +.4.=E+..|
|    .SBo=. h+ |
|    ogo..oo. |
|     or +j..|
|     ...+o=.|
|     ... o=+|
+----[xxxxx]-----+

备注:

这里会提示输入pass phrase,一定不要输入任何字符,回车即可。

2. 生成authorized_keys文件

xiaosi@xiaosi:~$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys

备注:

记得要把authorized_keys文件放到.ssh目录下,与rsa等文件放在一起,否则免登录失败,debug如下(ssh -vvv localhost进行调试,查找错误原因):

xiaosi@xiaosi:~$ ssh -vvv localhost
OpenSSH_7.2p2 Ubuntu-4ubuntu1, OpenSSL 1.0.2g-fips 1 Mar 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "localhost" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/xiaosi/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/xiaosi/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/xiaosi/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/xiaosi/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/xiaosi/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/xiaosi/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/xiaosi/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/xiaosi/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu1
debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu1 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to localhost:22 as 'xiaosi'
debug3: hostkeys_foreach: reading file "/home/xiaosi/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/xiaosi/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from localhost
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:378enl3ckhdpObP8fnsHr1EXz4d1q2Jde+jUplkub/Y
debug3: hostkeys_foreach: reading file "/home/xiaosi/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/xiaosi/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from localhost
debug1: Host 'localhost' is known and matches the ECDSA host key.
debug1: Found key in /home/xiaosi/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS received
debug2: key: /home/xiaosi/.ssh/id_rsa (0x5602df5e80c0)
debug2: key: /home/xiaosi/.ssh/id_dsa ((nil))
debug2: key: /home/xiaosi/.ssh/id_ecdsa ((nil))
debug2: key: /home/xiaosi/.ssh/id_ed25519 ((nil))
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/xiaosi/.ssh/id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/xiaosi/.ssh/id_dsa
debug3: no such identity: /home/xiaosi/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /home/xiaosi/.ssh/id_ecdsa
debug3: no such identity: /home/xiaosi/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /home/xiaosi/.ssh/id_ed25519
debug3: no such identity: /home/xiaosi/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
xiaosi@localhost's password:

3. 验证

xiaosi@xiaosi:~$ ssh localhost
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:378enl3ckhdpObP8fnsHr1EXz4d1q2Jde+jUplkub/Y.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
sign_and_send_pubkey: signing failed: agent refused operation
xiaosi@localhost's password:

4. authorized_keys权限

我们可以看到还是让我输入密码,很大可能是authorized_keys文件权限的问题,我们给该文件赋予一定权限:

xiaosi@xiaosi:~$ chmod 600 ~/.ssh/authorized_keys

再次验证:

xiaosi@xiaosi:~$ ssh localhost
Welcome to Ubuntu 16.04 LTS (GNU/Linux 4.4.0-24-generic x86_64)
 * Documentation: https://help.ubuntu.com/
0 个可升级软件包。
0 个安全更新。
Last login: Thu Jun 16 08:05:50 2016 from 127.0.0.1

到此表示OK了。

备注:

或者第一次需要输入密码,以后再次登陆就不需要输入密码了。

感谢阅读,希望能帮助到大家,谢谢大家对本站的支持!

(0)

相关推荐

  • Hadoop组件简介

    Hadoop组件简介

    安装hbase 首先下载hbase的最新稳定版本 http://www.apache.org/dyn/closer.cgi/hbase/ 安装到本地目录中,我安装的是当前用户的hadoop/hbase中 tar -zxvf hbase-0.90.4.tar.gz 单机模式 修改配置文件 conf/hbase_env.sh 配置JDK的路径 修改conf/hbase-site.xml hbase.rootdir file:///home/${user.name}/hbase-tmp 完成后启动 b

  • Linux中安装配置hadoop集群详细步骤

    Linux中安装配置hadoop集群详细步骤

    一. 简介 参考了网上许多教程,最终把hadoop在ubuntu14.04中安装配置成功.下面就把详细的安装步骤叙述一下.我所使用的环境:两台ubuntu 14.04 64位的台式机,hadoop选择2.7.1版本.(前边主要介绍单机版的配置,集群版是在单机版的基础上,主要是配置文件有所不同,后边会有详细说明) 二. 准备工作 2.1 创建用户 创建用户,并为其添加root权限,经过亲自验证下面这种方法比较好. sudo adduser hadoop sudo vim /etc/sudoers

  • 详解Ubuntu16.04下Hadoop 2.7.3的安装与配置

    详解Ubuntu16.04下Hadoop 2.7.3的安装与配置

    一.Java环境搭建 (1)下载JDK并解压(当前操作系统为Ubuntu16.04,jdk版本为jdk-8u111-Linux-x64.tar.gz) 新建/usr/java目录,切换到jdk-8u111-linux-x64.tar.gz所在目录,将这个文件解压缩到/usr/java目录下. tar -zxvf jdk-8u101-linux-x64.tar.gz -C /usr/java/ (2)设置环境变量 修改.bashrc,在最后一行写入下列内容. sudo vim ~/.bashrc

  • 详解使用docker搭建hadoop分布式集群

    详解使用docker搭建hadoop分布式集群

    使用Docker搭建部署Hadoop分布式集群 在网上找了很长时间都没有找到使用docker搭建hadoop分布式集群的文档,没办法,只能自己写一个了. 一:环境准备: 1:首先要有一个Centos7操作系统,可以在虚拟机中安装. 2:在centos7中安装docker,docker的版本为1.8.2 安装步骤如下: <1>安装制定版本的docker yum install -y docker-1.8.2-10.el7.centos <2>安装的时候可能会报错,需要删除这个依赖 r

  • 基于CentOS的Hadoop分布式环境的搭建开发

    基于CentOS的Hadoop分布式环境的搭建开发

    首先,要说明的一点的是,我不想重复发明轮子.如果想要搭建Hadoop环境,网上有很多详细的步骤和命令代码,我不想再重复记录. 其次,我要说的是我也是新手,对于Hadoop也不是很熟悉.但是就是想实际搭建好环境,看看他的庐山真面目,还好,还好,最好看到了.当运行wordcount词频统计的时候,实在是感叹hadoop已经把分布式做的如此之好,即使没有分布式相关经验的人,也只需要做一些配置即可运行分布式集群环境. 好了,言归真传. 在搭建Hadoop环境中你要知道的一些事儿: 1.hadoop运行于

  • 详解从 0 开始使用 Docker 快速搭建 Hadoop 集群环境

    详解从 0 开始使用 Docker 快速搭建 Hadoop 集群环境

    Linux Info: Ubuntu 16.10 x64 Docker 本身就是基于 Linux 的,所以首先以我的一台服务器做实验.虽然最后跑 wordcount 已经由于内存不足而崩掉,但是之前的过程还是可以参考的. 连接服务器 使用 ssh 命令连接远程服务器. ssh root@[Your IP Address] 更新软件列表 apt-get update 更新完成. 安装 Docker sudo apt-get install docker.io 当遇到输入是否继续时,输入「Y/y」继

  • Hadoop SSH免密码登录以及失败解决方案

    1. 创建ssh-key 这里我们采用rsa方式,使用如下命令: xiaosi@xiaosi:~$ ssh-keygen -t rsa -f ~/.ssh/id_rsa Generating public/private rsa key pair. Created directory '/home/xiaosi/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identifi

  • centos配置ssh免密码登录后仍要输入密码的解决方法

    前言 在搭建Linux集群服务的时候,主服务器需要启动从服务器的服务,如果通过手动启动,集群内服务器几台还好,要是像阿里1000台的云梯Hadoop集群的话,轨迹启动一次集群就得几个工程师一两天时间,是不是很恐怖.如果使用免密登录,主服务器就能通过程序执行启动脚步,自动帮我们将从服务器的应用启动.而这一切就是建立在ssh服务的免密码登录之上的.所以要学习集群部署,就必须了解linux的免密码登录. 第一步:在本机中创建秘钥 1.执行命令: ssh-keygen -t rsa -C "xx@qq.

  • Linux下实现SSH免密码登录和实现秘钥的管理、分发、部署SHELL脚本分享

    环境: ssh server: 192.168.100.29  server.example.com ssh client: 192.168.100.30  client.example.com 通过root用户建立秘钥认证实现SHELL脚本管理,分发,部署 首先client端创建秘钥对,并将公钥分发给需要登录的SSH服务端 注:公钥相当于锁,私钥相当于钥匙,我们这里相当于在客户端创建一对钥匙和锁,想要做到SSH免密码登录,就相当于我们将锁分发到服务端并装锁,然后客户端就可以利用钥匙开锁. 一.

  • ubuntu16.04服务器配置ssh免密码登录

    在客户端操作 ssh-keygen -t rsa 文件位置写/home/try/.ssh/server_rsa,不使用默认值,我命名为server_rsa担心影响到git的key(因为我的git使用的是默认值) ssh-copy-id root@123.45.56.78(你的服务器ip), 或这使用 cat ~/.ssh/id_rsa.pub | ssh user@123.45.56.78 "mkdir -p ~/.ssh && cat >> ~/.ssh/autho

  • CentOS 6.5中SSH免密码登录配置教程

    0.说明 这里为了方便说明问题,假设有A和B两台安装了centos6.5的主机.目标是实现A.B两台主机分别能够通过ssh免密码登录到对方主机.不同主机的配置过程一样,这里介绍A主机的配置过程. 事先在AB主机分别创建好要免密码登录的用户名,在/etc/hosts文件增加主机名和ip. 创建新用户:useradd linuxidc 设置密码:passwd linuxidc,输入自己想要的密码即可,之后su linuxidc切换用户 修改主机名:vim /etc/sysconfig/network

  • 在CentOS / RHEL上设置 SSH 免密码登录的方法

    作为系统管理员,你计划在 Linux 上使用 OpenSSH,完成日常工作的自动化,比如文件传输.备份数据库转储文件到另一台服务器等.为实现该目标,你需要从主机 A 能自动登录到主机 B.自动登录也就是说,要在 shell 脚本中使用ssh,而无需要输入任何密码. 本文会告诉你怎样在 CentOS/RHEL 上设置 SSH 免密码登录.自动登录配置好以后,你可以通过它使用 SSH (Secure Shell)和安全复制 (SCP)来移动文件. SSH 是开源的,是用于远程登录的最为可靠的网络协议

  • Linux下SSH免密码登录配置详解

    假设有 A. B 两台 Linux 服务器,我们希望能够从其中一台服务器通过 SSH 免密码登录到另一台服务器. 两台服务器的信息如下: 主机名 IP地址 免密码登录用户名 server1 192.168.12.11 guest1 server2 192.168.12.12 guest2 环境设置(root权限) 1.关闭防火墙和SELinux Redhat使用了SELinux来增强安全,关闭的办法为: a. 永久有效 修改 /etc/selinux/config 文件中的 SELINUX=en

  • 详解ssh免密码登录配置方法(图示加命令)

    首先,说明一下我们要做的是,serverA 服务器的 usera 用户免密码登录 serverB 服务器的 userb用户. 我们先使用usera 登录 serverA 服务器 [root@serverA ~]# su - usera [usera@serverA ~]$ pwd /home/usera 然后在serverA上生成密钥对 [usera@serverA ~]$ ssh-keygen -t rsa Generating public/private rsa key pair. Ent

  • Ubuntu下如何设置ssh免密码登录安装

    1.首先在本机安装openssh-server和openssh-client. 命令:sudo apt-get install openssh-server openssh-client 2.在检查当前的目录下有没有.ssh这个文件,没有的话就mkdir下. 3.生成公钥与私钥.命令:ssh-keygen -t rsa 4.将.ssh文件中的id_isa_pub复制到其他机器的authorized_keys下.并修改authorized_keys权限为600. 5.ssh nodeXX即可

  • Linux使用ssh公钥实现免密码登录实例

    ssh 无密码登录要使用公钥与私钥.linux下可以用用ssh-keygen生成公钥/私钥对,下面我以CentOS为例. 有机器A(192.168.1.155),B(192.168.1.181).现想A通过ssh免密码登录到B. 首先以root账户登陆为例. 1.在A机下生成公钥/私钥对. [root@A ~]# ssh-keygen -t rsa -P '' -P表示密码,-P '' 就表示空密码,也可以不用-P参数,这样就要三车回车,用-P就一次回车. 该命令将在/root/.ssh目录下面

随机推荐