[hadoop@bruce02 hadoop]$ start-dfs.sh
Starting namenodes on [bruce02.mydomain]
bruce02.mydomain: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
Starting datanodes
localhost: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
Starting secondary namenodes [bruce02.mydomain]
bruce02.mydomain: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
2018-04-21 14:01:37,865 WARN util.NativeCodeLoader: Unable to load native-hadoop library for your platform... using builtin-java classes where applicable
默认情况下是开启ssh公钥认证的,需要进行公钥认证。
伪分布式公钥认证操作如下:
ssh-keygen -t rsa
cp ~/.
ssh
/id_rsa.pub ~/.ssh/authorized_keys
分布式公钥认证操作如下:
规划:bruce01、bruce02可以无密钥登录三台主机
bruce01-->bruce01
-->bruce02
-->bruce03
bruce02-->bruce01
-->bruce02
-->bruce03
1、在bruce01上生成一公私钥对
# su - bruce
$ ssh-keygen -t rsa (一直回车,rsa为指定的加密算法)
(执行后,在/home/bruce/.ssh/下生成一对文件:id_rsa、id_rsa.pub)
2、把公钥发给bruce01、bruce02、bruce03,会在.ssh/内生成authorized_keys文件
$ ssh-copy-id bruce01.mydomain (需要输入‘yes’和目标节点的密码)
$ ssh-copy-id bruce02.mydomain
$ ssh-copy-id bruce03.mydomain
(公钥发给了对方,就可以不用输入密码,直接使用私钥登录到对方的主机)
$ ssh bruce@bruce02.mydomain (登录测试)