zoukankan      html  css  js  c++  java

  • 配置SSH无秘钥登录

    [hadoop@hadoop01 ~]$ cd .ssh
    [hadoop@hadoop01 .ssh]$ ll -d ./  #查看.ssh文件夹的权限
    drwx------. 2 hadoop hadoop 4096 Jun 19 23:44 ./  #.ssh文件夹的权限为700,如果不是,必须执行chmod 700 ./进行修改,否则,即使配置了无密钥登录后面仍然需要密码
[hadoop@hadoop01 .    ssh]$ ls
authorized_keys  id_rsa  id_rsa.pub  known_hosts
[hadoop@hadoop01 .ssh]$ rm -rf ./*  #清空文件夹
[hadoop@hadoop01 .ssh]$ ssh-keygen -t rsa  #生成公钥和秘钥
Generating public/private rsa key pair.
Enter file in which to save the key (/home/hadoop/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/hadoop/.ssh/id_rsa.
Your public key has been saved in /home/hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
a2:78:65:72:49:9a:71:91:aa:8f:3b:3e:a8:b3:74:87 hadoop@hadoop01.zjl.com
The key's randomart image is:
+--[ RSA 2048]----+
|      ..         |
|      ..         |
|    ..o          |
|    .* .         |
|   .+ * S        |
|  ...* .         |
| o.Eo.           |
|+ =.o            |
|++o+             |
+-----------------+
[hadoop@hadoop01 .ssh]$ ll
total 8
-rw-------. 1 hadoop hadoop 1675 Jun 19 23:41 id_rsa  #秘钥
-rw-r--r--. 1 hadoop hadoop  405 Jun 19 23:41 id_rsa.pub  #公钥

[hadoop@hadoop01 .ssh]$ ssh-copy-id hadoop02.zjl.com  #将公钥发送给远程主机
The authenticity of host 'hadoop01.zjl.com (192.168.0.131)' can't be established.
RSA key fingerprint is 60:10:35:2f:64:08:bf:82:e5:bc:56:8c:3d:60:18:13.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop01.zjl.com,192.168.0.131' (RSA) to the list of known hosts.
hadoop@hadoop01.zjl.com's password: 
Now try logging into the machine, with "ssh 'hadoop01.zjl.com'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

[hadoop@hadoop01 .ssh]$ ssh hadoop01.zjl.com  #无密码登录
     Last login: Mon Jun 19 23:30:46 2017 from 192.168.0.1
    [hadoop@hadoop02 ~]$  #无密码登录成功

       所谓公钥登录,就是用户将自己的公钥储存在远程主机上。登录的时候远程主机回向用户发送一段随机字符串,用户用自己的秘钥加密后再发送给远程主机。远程主机用事先储存的公钥进行解密,如果成功,就证明用户是可信的,直接允许登录shell,不再要求密码。
  • 相关阅读:
    小坦克 沪牌代拍 包中 不中赔100
    JMeter 测试 ActiveMq
    上海程序员 落户攻略
    性能测试(一) 基础概念
    2017 沪牌中标后流程
    2017 上海车牌(沪牌)标书购买攻略
    2017年 外牌转沪牌 攻略 (沪南路车管所)
    Android Monkey 压力测试 介绍
    Android ADB 用法
    Python自动化测试 (九)urllib2 发送HTTP Request
  • 原文地址:https://www.cnblogs.com/huanongying/p/7051359.html
Copyright © 2011-2022 走看看