主要操作这个写的很详细:http://space.itpub.net/26686207/viewspace-742502,摘抄如下:
设置h1 h2 h4 的ssh
H4
[grid@h4 ~]$ ssh-keygen -t rsa 使用RSA加密算法生成密钥对
Generating public/private rsa key pair. 一个公钥和一个私钥
Enter file in which to save the key (/home/grid/.ssh/id_rsa):
Created directory '/home/grid/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/grid/.ssh/id_rsa. 这个是私钥
Your public key has been saved in /home/grid/.ssh/id_rsa.pub. 这个是公钥
The key fingerprint is:
50:29:8a:78:ac:0e:a1:72:10:2d:01:66:77:f0:7e:c1 grid@h4
The key's randomart image is: RSA随机图
+--[ RSA 2048]----+
|+= o.. .. |
|= o o o.. |
| = . o.E |
|+ + o .. |
|.= . .S |
|= . . |
|+. |
| . |
| |
+-----------------+
[grid@h4 ~]$ ll –lrta 只要在家目录下生成.ssh隐藏目录就算成功
总用量
-rw-r--r--. 1 grid hadoop 500 1月24 2007 .emacs
drwxr-xr-x. 2 grid hadoop 4096 11月12 2010 .gnome2
-rw-r--r--. 1 grid hadoop 124 5月31 2011 .bashrc
-rw-r--r--. 1 grid hadoop 176 5月31 2011 .bash_profile
-rw-r--r--. 1 grid hadoop 18 5月31 2011 .bash_logout
drwxr-xr-x. 4 root root 4096 9月 1 21:14 ..
drwx------. 5 grid hadoop 4096 9月 1 21:34 .
drwx------. 2 grid hadoop 4096 9月 1 21:34 .ssh
drwxr-xr-x. 4 grid hadoop 4096 9月 2 2012 .mozilla
[grid@h4 ~]$ cd .ssh
[grid@h4 .ssh]$ ll
总用量8
-rw-------. 1 grid hadoop 1675 9月 1 21:34 id_rsa
-rw-r--r--. 1 grid hadoop 389 9月 1 21:34 id_rsa.pub
[grid@h4 .ssh]$ cp id_rsa.pub authorized_keys 生成授权文件
[grid@h4 .ssh]$ cat authorized_keys 打开authorized_keys查看里面的公钥
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAr6+D01KKqeMUrkyakulV3su+9RU+jJ6sNJMlydxFq38oGBsJBwcskVL/I9ds7vE5g7coP+cMzgtRyj1ns+elgF0g3/uhtSerad4QdWXVLZgUjyUxijkm+nI3SSdwLihzsNNgH4GzeKX3HQAH/7S+rLoZSBPi//w9HYfO6VeXdo7N2lkvUxNW2z/h7JuYPMEqiaOIWAeLK7AJXhjJaeJkZh/ccGuEx4uBLRxqce5zjbNsFapoD2bact1w80a7mrgzAN3cVcQuQPzmpdj750negxMtai+QRmPDlSx2ZXtbarI4opSVmBiqpY84PJ/h9m5wptQ3hg/1XIxv4gyqwLSxZw== grid@h4
有了这个公钥还配合私钥,我们就可以免密码登陆了
H2
[grid@h2 ~]$ ssh-keygens -t rsa
-bash: ssh-keygens: command not found
[grid@h2 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/grid/.ssh/id_rsa):
Created directory '/home/grid/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/grid/.ssh/id_rsa.
Your public key has been saved in /home/grid/.ssh/id_rsa.pub.
The key fingerprint is:
14:55:b9:d1:4a:60:a1:5c:47:37:30:49:09:aa:30:3d grid@h2
The key's randomart image is: RSA随机图每个都是不一样的
+--[ RSA 2048]----+
| ..BBB*o |
| . . * .*o.. |
| o E = . + |
| o + o |
| . S |
| |
| |
| |
| |
+-----------------+
[grid@h2 ~]$ cd .ssh
[grid@h2 .ssh]$ ll
总用量12
-rw-------. 1 grid hadoop 1675 9月 1 21:59 id_rsa 也生成了私钥和公钥
-rw-r--r--. 1 grid hadoop 389 9月 1 21:59 id_rsa.pub
H4
[grid@h4 .ssh]$ scp authorized_keys h2:/home/grid/.ssh/ 把h4的授权文件->h2
H2
[grid@h2 .ssh]$ ll
总用量12
-rw-r--r--. 1 grid hadoop 778 9月 1 22:02 authorized_keys
-rw-------. 1 grid hadoop 1675 9月 1 21:59 id_rsa
-rw-r--r--. 1 grid hadoop 389 9月 1 21:59 id_rsa.pub
[grid@h2 .ssh]$ cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAr6+D01KKqeMUrkyakulV3su+9RU+jJ6sNJMlydxFq38oGBsJBwcskVL/I9ds7vE5g7coP+cMzgtRyj1ns+elgF0g3/uhtSerad4QdWXVLZgUjyUxijkm+nI3SSdwLihzsNNgH4GzeKX3HQAH/7S+rLoZSBPi//w9HYfO6VeXdo7N2lkvUxNW2z/h7JuYPMEqiaOIWAeLK7AJXhjJaeJkZh/ccGuEx4uBLRxqce5zjbNsFapoD2bact1w80a7mrgzAN3cVcQuQPzmpdj750negxMtai+QRmPDlSx2ZXtbarI4opSVmBiqpY84PJ/h9m5wptQ3hg/1XIxv4gyqwLSxZw== grid@h4
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA5iKGfOGKh3d8BYr4vkkNaEtZkxCbBzBn6pfD0n3h82/1f9PwEtT4CEgqzBssYvQ2Nbc6dUy2NbDD9j5dIwQENS/fAJDwccdiJjEYMo5+o4ocPABx6OVM0r9nsUkyU7bxeHjap3ZUmcC1UvgW5asOsRMl7ePCze+rnt5D5ldZ+VOKh0NgtY2/CST8qXHmedfZFbQSEhIPf5Lh4A6oSoRHTFQbDN4apvf5s7Cm5/NgPiyhU+KbHBz96pNCxkjuOwj69a7kx4AgQYJoYc0T9O6YfjfVy3l1a7N2aJ6jp4SMv0GaohgzIrBNXwoFK6skuyf10yIxvNlGzkhTYK9GS9hjJw
看现在授权文件中已经有了h4和h2的公钥了,就差h1的
H1
[grid@h1 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/grid//.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/grid//.ssh/id_rsa.
Your public key has been saved in /home/grid//.ssh/id_rsa.pub.
The key fingerprint is:
b6:4e:a6:05:d3:37:e7:3d:ca:44:7b:cf:2c:d2:5b:a4 grid@h1
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| |
| . |
| o S o o .|
| + o = o o |
| = +.E .|
| * o.oo* |
| . . o..o+|
+-----------------+
H2
[grid@h2 .ssh]$ scp authorized_keys h1:/home/grid/.ssh/
H1
[grid@h1 .ssh]$ ll
总用量12
-rw-r--r--. 1 grid hadoop 778 9月 1 22:12 authorized_keys
-rw-------. 1 grid hadoop 1675 9月 1 22:12 id_rsa
-rw-r--r--. 1 grid hadoop 389 9月 1 22:12 id_rsa.pub
[grid@h1 .ssh]$ cat id_rsa.pub >> authorized_keys 把三个节点的公钥相互拷贝到文件中
[grid@h1 .ssh]$ cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAr6+D01KKqeMUrkyakulV3su+9RU+jJ6sNJMlydxFq38oGBsJBwcskVL/I9ds7vE5g7coP+cMzgtRyj1ns+elgF0g3/uhtSerad4QdWXVLZgUjyUxijkm+nI3SSdwLihzsNNgH4GzeKX3HQAH/7S+rLoZSBPi//w9HYfO6VeXdo7N2lkvUxNW2z/h7JuYPMEqiaOIWAeLK7AJXhjJaeJkZh/ccGuEx4uBLRxqce5zjbNsFapoD2bact1w80a7mrgzAN3cVcQuQPzmpdj750negxMtai+QRmPDlSx2ZXtbarI4opSVmBiqpY84PJ/h9m5wptQ3hg/1XIxv4gyqwLSxZw== grid@h4
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA5iKGfOGKh3d8BYr4vkkNaEtZkxCbBzBn6pfD0n3h82/1f9PwEtT4CEgqzBssYvQ2Nbc6dUy2NbDD9j5dIwQENS/fAJDwccdiJjEYMo5+o4ocPABx6OVM0r9nsUkyU7bxeHjap3ZUmcC1UvgW5asOsRMl7ePCze+rnt5D5ldZ+VOKh0NgtY2/CST8qXHmedfZFbQSEhIPf5Lh4A6oSoRHTFQbDN4apvf5s7Cm5/NgPiyhU+KbHBz96pNCxkjuOwj69a7kx4AgQYJoYc0T9O6YfjfVy3l1a7N2aJ6jp4SMv0GaohgzIrBNXwoFK6skuyf10yIxvNlGzkhTYK9GS9hjJw== grid@h2
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA5V1lyss14a8aWFEkTk/aBgKHFLMX/XZX/xtXVUqJl8NkTQVLQ37+XLyqvTfrcJSja70diqB3TrwBp3K5eXNxp3EOr6EGHsi0B6D8owsg0bCDhxHGHu8RX8WB4DH9UOv1uPL5BESAPHjuemQuQaQzLagqrnXbrKix8CzdIEgmnOknYiS49q9msnzawqo3luQFRU7MQvAU9UZqkxotrnzHqh0tgjJ3Sq6O6nscA7w//Xmb0JGobVQAFCDJQdn/z1kOq7E5WNhVa8ynF9GOF7cMdppug7Ibw1RZ9cKa+igi1KhhavS5H7XCM64NuGfC87aQE9nz0ysS3Kh8PT5h6zlxfw== grid@h1
[grid@h1 .ssh]$ scp authorized_keys h2:/home/grid/.ssh/ 传给H2
[grid@h1 .ssh]$ scp authorized_keys h4:/home/grid/.ssh/ 传给H4
后续遇见两个问题:
解决 Agent admitted failure to sign using the key 问题 with ssh
配置ssh
之前要在本机上装上ssh,可以通过sudo apt-get install ssh或者通过新立德来安装。如果没有进行配置的话,登录到本机或者远程主机需要该主机的密码才行。下面进行无密码登录的配置:
很简单,执行ssh-keygen -t rsa命令,一路敲回车就行了,就在.ssh文件夹下生成了2个文件,一个公钥和一个私钥文件, id_rsa id_rsa.pub ,然后执行cp ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys命令。这样配置之后就可以实现无密码登录本机。如果需要登录到远程主机,只需要将authorized_keys文件发送到远程主机的~/.ssh/目录下。
現在的 ssh 使用同樣的方法會出現錯誤訊息
解決方式 使用 ssh-add 指令将私钥 加进来 (根据个人的密匙命名不同更改 id_rsa)
# ssh-add ~/.ssh/id_rsa
再通过ssh 主机名 就可以实现无密码登录了
SSH 登录失败:Host key verification failed 的解决方法
1.参考文章
http://www.zhanghaijun.com/post/866/
http://www.anheng.com.cn/news/30032.html
2.错误描述
当我想ssh slave节点时,出现如下错误
- hadoop@xuwei-laptop:~$ ssh slave
- @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
- @ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
- @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
- The RSA host key for slave has changed,
- and the key for the corresponding IP address 192.168.0.42
- is unchanged. This could either mean that
- DNS SPOOFING is happening or the IP address for the host
- and its host key have changed at the same time.
- Offending key for IP in /home/hadoop/.ssh/known_hosts:9
- @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
- @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
- @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
- IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
- Someone could be eavesdropping on you right now (man-in-the-middle attack)!
- It is also possible that the RSA host key has just been changed.
- The fingerprint for the RSA key sent by the remote host is
- e1:e0:28:39:6d:fb:d6:45:72:71:c1:ec:3d:ef:78:19.
- Please contact your system administrator.
- Add correct host key in /home/hadoop/.ssh/known_hosts to get rid of this message.
- Offending key in /home/hadoop/.ssh/known_hosts:5
- RSA host key for slave has changed and you have requested strict checking.
- Host key verification failed.
3.问题解释
用OpenSSH的人都知ssh会把你每个你访问过计算机的公钥(public key)都记录在~/.ssh/known_hosts。当下次访问相同计算机时,OpenSSH会核对公钥。如果公钥不同,OpenSSH会发出警告,避免你受到DNS Hijack之类的攻击。因此我们现在只需要删除knows_hosts文件中所对应的slave节点的公钥,然后再ssh slave就可以了。我们使用命令
- sudo gedit known_hosts
- |1|Xv9OoqvMzLO8ZB6RBgo5huXiJsM=|zwBphczddm/ogCsQfJJb8pO8CNo= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3fvljAowPKD9Lx4GkF75FQfj1edEPLTsY9TQv7S5mDS6RB8YvgP9SQxnqt0Dr+IpiDpRg6y7iv6Qm6WC4dOd4jJCPfbI4FUbGTkwLL4qeKo0+ZHZUS2ByeMd+PbqM0iIubKBsNBebA5c+RvqOCneYHOkrTKtwJsq2NnwhgFBz0odeFF7G7tBq6huK7KqikXZauEk7B4gnbtSiD2pG1XZzEUeXq8qEFLjWFPKBRYr8/AL/RZjktJRj98mCRtXCB9tef3DhFkHnXODfC/LzMX3vkQP2ahP4kbNmtXM8nkK2YFx0emAL07h66j89k9ByXzuN0mGw2QKcjFkDWNVkwk6CQ==
- |1|peUXkOx+hnb6XQZZGGwMhOXAj04=|mqdXqRTi/MiqARL+dylDygmDgpk= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3fvljAowPKD9Lx4GkF75FQfj1edEPLTsY9TQv7S5mDS6RB8YvgP9SQxnqt0Dr+IpiDpRg6y7iv6Qm6WC4dOd4jJCPfbI4FUbGTkwLL4qeKo0+ZHZUS2ByeMd+PbqM0iIubKBsNBebA5c+RvqOCneYHOkrTKtwJsq2NnwhgFBz0odeFF7G7tBq6huK7KqikXZauEk7B4gnbtSiD2pG1XZzEUeXq8qEFLjWFPKBRYr8/AL/RZjktJRj98mCRtXCB9tef3DhFkHnXODfC/LzMX3vkQP2ahP4kbNmtXM8nkK2YFx0emAL07h66j89k9ByXzuN0mGw2QKcjFkDWNVkwk6CQ==
- |1|2Agq45UHkRDXi73GGuTp7+ONWyQ=|wfAq9PffuqQch0E1tsFJDGlAPQk= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3fvljAowPKD9Lx4GkF75FQfj1edEPLTsY9TQv7S5mDS6RB8YvgP9SQxnqt0Dr+IpiDpRg6y7iv6Qm6WC4dOd4jJCPfbI4FUbGTkwLL4qeKo0+ZHZUS2ByeMd+PbqM0iIubKBsNBebA5c+RvqOCneYHOkrTKtwJsq2NnwhgFBz0odeFF7G7tBq6huK7KqikXZauEk7B4gnbtSiD2pG1XZzEUeXq8qEFLjWFPKBRYr8/AL/RZjktJRj98mCRtXCB9tef3DhFkHnXODfC/LzMX3vkQP2ahP4kbNmtXM8nkK2YFx0emAL07h66j89k9ByXzuN0mGw2QKcjFkDWNVkwk6CQ==
- |1|GT/tN5xUgbRZhRt31sCAnpWPtH4=|mkxeWxXDrk9XSLo2DtIwvD/J9w4= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3fvljAowPKD9Lx4GkF75FQfj1edEPLTsY9TQv7S5mDS6RB8YvgP9SQxnqt0Dr+IpiDpRg6y7iv6Qm6WC4dOd4jJCPfbI4FUbGTkwLL4qeKo0+ZHZUS2ByeMd+PbqM0iIubKBsNBebA5c+RvqOCneYHOkrTKtwJsq2NnwhgFBz0odeFF7G7tBq6huK7KqikXZauEk7B4gnbtSiD2pG1XZzEUeXq8qEFLjWFPKBRYr8/AL/RZjktJRj98mCRtXCB9tef3DhFkHnXODfC/LzMX3vkQP2ahP4kbNmtXM8nkK2YFx0emAL07h66j89k9ByXzuN0mGw2QKcjFkDWNVkwk6CQ==
- |1|hMbmluXaSJKOv4bZydZ75Ye3OUc=|rcfbiV7hrXoaDt02BrVb9UxJSqI= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0d8quvKVdc0b620eAY46ucB87dK/Q1EqEsPOdUltfEpr7/r9hCG+yJqjM6l3roOzkkc9Fi/iZEx0pvIgDdtD+n5YEQrQu81/mj1cWXmkN9xuXvqv9BZxOTeETRF5g1cL0yr4T91CmvXIMewUzv1fE1pWOzZvMKj8SqMOn7PpTjQhpDoS8SkTuNO81k41DkyrDe3DIRL0yC6aUGTF3YOTAe4DbpF8jMHD3+wDm4JT//ULRNKSwRQPOb57XWHy9GLHm89oOm2e8wrjrz84nCRJ5hgJdsjaPt3qJEEGeb8OAMj2fevyu+e1KDF3KExSE0jGBegEWpJilxaD8AV4+1CHsw==
- |1|5BwBb0f3G3TO2JJ0ATWbGrFOfjA=|Mr+5xsBD6SDMpg9ITPpDT3r6ULc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0d8quvKVdc0b620eAY46ucB87dK/Q1EqEsPOdUltfEpr7/r9hCG+yJqjM6l3roOzkkc9Fi/iZEx0pvIgDdtD+n5YEQrQu81/mj1cWXmkN9xuXvqv9BZxOTeETRF5g1cL0yr4T91CmvXIMewUzv1fE1pWOzZvMKj8SqMOn7PpTjQhpDoS8SkTuNO81k41DkyrDe3DIRL0yC6aUGTF3YOTAe4DbpF8jMHD3+wDm4JT//ULRNKSwRQPOb57XWHy9GLHm89oOm2e8wrjrz84nCRJ5hgJdsjaPt3qJEEGeb8OAMj2fevyu+e1KDF3KExSE0jGBegEWpJilxaD8AV4+1CHsw==
- |1|UVN6ra08UPwZpm4ZmW6YjAC2Zvg=|dDwgm6Ep/OdeicdFkqXJS46gTmo= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3fvljAowPKD9Lx4GkF75FQfj1edEPLTsY9TQv7S5mDS6RB8YvgP9SQxnqt0Dr+IpiDpRg6y7iv6Qm6WC4dOd4jJCPfbI4FUbGTkwLL4qeKo0+ZHZUS2ByeMd+PbqM0iIubKBsNBebA5c+RvqOCneYHOkrTKtwJsq2NnwhgFBz0odeFF7G7tBq6huK7KqikXZauEk7B4gnbtSiD2pG1XZzEUeXq8qEFLjWFPKBRYr8/AL/RZjktJRj98mCRtXCB9tef3DhFkHnXODfC/LzMX3vkQP2ahP4kbNmtXM8nkK2YFx0emAL07h66j89k9ByXzuN0mGw2QKcjFkDWNVkwk6CQ==
- |1|QLl8/P9ESKa1gVjgt9CVMT0a1Rw=|HopDtnlmB0JoXC5Y0kAAKMja1EA= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3fvljAowPKD9Lx4GkF75FQfj1edEPLTsY9TQv7S5mDS6RB8YvgP9SQxnqt0Dr+IpiDpRg6y7iv6Qm6WC4dOd4jJCPfbI4FUbGTkwLL4qeKo0+ZHZUS2ByeMd+PbqM0iIubKBsNBebA5c+RvqOCneYHOkrTKtwJsq2NnwhgFBz0odeFF7G7tBq6huK7KqikXZauEk7B4gnbtSiD2pG1XZzEUeXq8qEFLjWFPKBRYr8/AL/RZjktJRj98mCRtXCB9tef3DhFkHnXODfC/LzMX3vkQP2ahP4kbNmtXM8nkK2YFx0emAL07h66j89k9ByXzuN0mGw2QKcjFkDWNVkwk6CQ==
- |1|QZa400OJbWjQNrKTQdqlNvJkyEs=|yVD3EAylkfJaW43kRSUIFcJla10= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3fvljAowPKD9Lx4GkF75FQfj1edEPLTsY9TQv7S5mDS6RB8YvgP9SQxnqt0Dr+IpiDpRg6y7iv6Qm6WC4dOd4jJCPfbI4FUbGTkwLL4qeKo0+ZHZUS2ByeMd+PbqM0iIubKBsNBebA5c+RvqOCneYHOkrTKtwJsq2NnwhgFBz0odeFF7G7tBq6huK7KqikXZauEk7B4gnbtSiD2pG1XZzEUeXq8qEFLjWFPKBRYr8/AL/RZjktJRj98mCRtXCB9tef3DhFkHnXODfC/LzMX3vkQP2ahP4kbNmtXM8nkK2YFx0emAL07h66j89k9ByXzuN0mGw2QKcjFkDWNVkwk6CQ==
- |1|yp3zvqWQ6ChoV+KJiRhaNUHVaaA=|Zh9+UnUaW8W1XTCXh8oaOjnsCGM= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAs6IHrmuZwTilgYsOjwiOfQP1u1c3Aj6MH2EOaypGYxccDddcQu6QoKhVXQZWMZFt7W6MeZUa/QKqNVmcpho4NubyCpxfkBIybPzqbqQif8EmYrCCsbaU41hQppISrXNdlcn/S7TKM9T6sbQV1/moYScjQ4kEO+MchVmuIY5cm8kz5p8jxklSF2xFftB+kz7RmMJN3+GcGHOcgACngtxqFnqXfNF8RV1wv2lP5wLui7cv7V+pogExckzqiNfJMPnt8SCMvODHVMRnlJC5yOtpkDKH29X056KeYtK40KhMCQL9UMHfRPQgvQL0qArQ65RLevIckZ8YehOG9aCXbcWzBw==
- |1|QLuhhDXvYoefLiZ7+fw5A9ErlV4=|bWOSl44257+rbK1Fn4zwMY8GE3c= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAs6IHrmuZwTilgYsOjwiOfQP1u1c3Aj6MH2EOaypGYxccDddcQu6QoKhVXQZWMZFt7W6MeZUa/QKqNVmcpho4NubyCpxfkBIybPzqbqQif8EmYrCCsbaU41hQppISrXNdlcn/S7TKM9T6sbQV1/moYScjQ4kEO+MchVmuIY5cm8kz5p8jxklSF2xFftB+kz7RmMJN3+GcGHOcgACngtxqFnqXfNF8RV1wv2lP5wLui7cv7V+pogExckzqiNfJMPnt8SCMvODHVMRnlJC5yOtpkDKH29X056KeYtK40KhMCQL9UMHfRPQgvQL0qArQ65RLevIckZ8YehOG9aCXbcWzBw==
然而,偶然一些计算机的ssh公钥是合理地被更动。虽然遇到这些情况OpenSSH会发出惊告并禁止你进入该计算机。以往当我们确定该次 ssh公钥被更动没有可疑时,我们用文字编辑器开启known_hosts,把相关的公钥记录删掉就可以了。但现在因为所有计算机名称或IP地址都被 hash了,我们很难知道那行是相关计算机的公钥。当然我们可以把整个known_hosts删除,但我们会同时失去其他正常计算机的ssh公钥。 事实上OpenSSH在工具ssh-keygen加了三个选项,协助你管理hash了的known_hosts。你可以用\"ssh-keygen -F 计算机名称\"找出相关的公钥,使用如下命令找出slave所对应的公钥
- ssh-keygen -F slave
- # Host slave found: line 5 type RSA
- |1|hMbmluXaSJKOv4bZydZ75Ye3OUc=|rcfbiV7hrXoaDt02BrVb9UxJSqI= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0d8quvKVdc0b620eAY46ucB87dK/Q1EqEsPOdUltfEpr7/r9hCG+yJqjM6l3roOzkkc9Fi/iZEx0pvIgDdtD+n5YEQrQu81/mj1cWXmkN9xuXvqv9BZxOTeETRF5g1cL0yr4T91CmvXIMewUzv1fE1pWOzZvMKj8SqMOn7PpTjQhpDoS8SkTuNO81k41DkyrDe3DIRL0yC6aUGTF3YOTAe4DbpF8jMHD3+wDm4JT//ULRNKSwRQPOb57XWHy9GLHm89oOm2e8wrjrz84nCRJ5hgJdsjaPt3qJEEGeb8OAMj2fevyu+e1KDF3KExSE0jGBegEWpJilxaD8AV4+1CHsw==