0 总结
Get to the points first. The article comes from LawsonAbs!
- updata on 20200505:修改相关格式
1.环境简介
- windows 10【物理机】 + centos 6.5【虚拟机】
hadoop 2.6.4
2.为什么需要ssh
?
3.ssh
协议原理
[待完善]
4.ssh
免密搭建
- step 01.查看当前目录下的
.ssh
文件
[root@littlelawson ~]# ls -a
...
.bash_profile .gconfd .m2 region_split_info_two.txt
.bashrc .gnome2 Main$$anonfun$1.class region_split_info.txt
bigdata .gnome2_private Main.class .scala_history
.cache .gvfs metastore_db StatsWithMissing.scala
.config hadoop_temp .mozilla .ssh
create HelloLinux.txt MyKafka.csv temp.csv
.cshrc .idea-build .mysql_history TestConstructor.class
.dbus .IdeaIC2018.1 myvalue TestConstructor.scala
- step 02.使用rsa算法生成
ssh
密码
执行命令ssh-keygen -t rsa
,如下所示:
[root@littlelawson ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): #这就是保存key的路径
Created directory '/root/.ssh'.#因为不存在/root/.ssh文件,所以创建一个新的文件
Enter passphrase (empty for no passphrase): #不用输入
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
c5:04:34:16:71:86:78:e8:3e:66:16:3a:e7:33:42:fc root@littlelawson
The key's randomart image is:
+--[ RSA 2048]----+
| +B=+ |
| o.o* |
| . . o |
| o . |
| . o .S |
| = B |
| . O . |
| . E |
| . o |
+-----------------+
- step 03查看.ssh文件夹下的内容,并验证是否成功生成密钥对
[root@littlelawson .ssh]# ll
total 8
-rw-------. 1 root root 1675 Jun 17 23:00 id_rsa
-rw-r--r--. 1 root root 399 Jun 17 23:00 id_rsa.pub #需要发送到服务器的公钥
- step 04.将公钥发送到(需要登录到的那台)服务器【在这里,因为我需要登录本机,即
root@littlelawson
这台机器】【注:这里的littleawson
是我机器的主机名】
[root@littlelawson .ssh]# ssh-copy-id root@littlelawson
The authenticity of host 'littlelawson (192.168.211.3)' can't be established.
RSA key fingerprint is 93:5e:0a:d0:7c:6d:46:be:94:ad:9a:f0:67:12:d9:07.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'littlelawson,192.168.211.3' (RSA) to the list of known hosts.
root@littlelawson's password:
Now try logging into the machine, with "ssh 'root@littlelawson'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
- step 05.检验公钥是否传递成功【当前客户端生成的公钥会传递到(需连接到的那台)服务器的
.ssh/authorized_keys
文件下】
[root@littlelawson .ssh]# cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0mOqjW1LlPZwdKIhp7MW4rNqHzi58MrKeRx1Af5QQWcJBveM5jg6lAlrJSrpERqmobUtoOzAA1cGw+58ba5HCwh/T6IXe4kIPJQA78JAo/8FnOAJfRpOW80CNGbk/XP+E89wGImBN4dKR6a2tL56ZggTJfYvqhQ30Ij5XyQQwEnf9663xn96SePqCvLaSGtuFkrOgmHZSxZQ/XlNFghbkwzDSprKe92FDrTSTbrjaP3/9yKnsNR7lxPMbmHSCqoOPlEaKXjucuFNf+hDE3DJyqY1jOs2pym4Ad+zn4kGMQm5BeZ1fpCS9+M9iuAPjR2QdszYkg8Mt4RM63o9SXX4Tw== root@littlelawson
[root@littlelawson .ssh]# cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0mOqjW1LlPZwdKIhp7MW4rNqHzi58MrKeRx1Af5QQWcJBveM5jg6lAlrJSrpERqmobUtoOzAA1cGw+58ba5HCwh/T6IXe4kIPJQA78JAo/8FnOAJfRpOW80CNGbk/XP+E89wGImBN4dKR6a2tL56ZggTJfYvqhQ30Ij5XyQQwEnf9663xn96SePqCvLaSGtuFkrOgmHZSxZQ/XlNFghbkwzDSprKe92FDrTSTbrjaP3/9yKnsNR7lxPMbmHSCqoOPlEaKXjucuFNf+hDE3DJyqY1jOs2pym4Ad+zn4kGMQm5BeZ1fpCS9+M9iuAPjR2QdszYkg8Mt4RM63o9SXX4Tw== root@littlelawson
5.验证
如下开启hadoop环境,如果没有配置ssh免密登录,每次启动新节点都需要输入密码。
[root@littlelawson sbin]# ./start-all.sh
This script is Deprecated. Instead use start-dfs.sh and start-yarn.sh
Starting namenodes on [littlelawson]
littlelawson: starting namenode, logging to /usr/local/hadoop-2.6.4/logs/hadoop-root-namenode-littlelawson.out
littlelawson: starting datanode, logging to /usr/local/hadoop-2.6.4/logs/hadoop-root-datanode-littlelawson.out
Starting secondary namenodes [0.0.0.0]
The authenticity of host '0.0.0.0 (0.0.0.0)' can't be established.
RSA key fingerprint is 93:5e:0a:d0:7c:6d:46:be:94:ad:9a:f0:67:12:d9:07.
Are you sure you want to continue connecting (yes/no)? yes
0.0.0.0: Warning: Permanently added '0.0.0.0' (RSA) to the list of known hosts.
0.0.0.0: starting secondarynamenode, logging to /usr/local/hadoop-2.6.4/logs/hadoop-root-secondarynamenode-littlelawson.out
starting yarn daemons
starting resourcemanager, logging to /usr/local/hadoop-2.6.4/logs/yarn-root-resourcemanager-littlelawson.out
littlelawson: starting nodemanager, logging to /usr/local/hadoop-2.6.4/logs/yarn-root-nodemanager-littlelawson.out
查看是否完全启动:
[root@littlelawson sbin]# jps
3552 Jps
2900 DataNode
3239 ResourceManager
3335 NodeManager
2809 NameNode
3085 SecondaryNameNode
6.注
ssh-copy-id -p [port]
可以指定ssh服务的端口号- 配置免密登录时,不仅要设置到别的机器的登录,也要设置到本地的免密登录。切记!