非root用户安装Hadoop环境,在免密的设置上有时候无效,比如出现如下:
[root@vm101-138-248-149 ~]# ssh 101.138.248.149 -p 2248
root@101.138.248.149's password:
Permission denied, please try again.
root@101.138.248.149's password:
Permission denied, please try again.
root@101.138.248.149's password:
问题定位:
sudo cat /var/log/secure
May 22 16:07:25 vm10-38-248-149 sshd[22099]: Address 10.38.248.149 maps to vm10-38-248-149.ksc.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
May 22 16:07:25 vm10-38-248-149 sshd[22099]: Authentication refused: bad ownership or modes for directory /root
May 22 16:07:27 vm10-38-248-149 sshd[22099]: Failed password for root from 10.38.248.149 port 52126 ssh2
May 22 16:07:27 vm10-38-248-149 sshd[22099]: Failed password for root from 10.38.248.149 port 52126 ssh2
May 22 16:07:27 vm10-38-248-149 sshd[22099]: Connection closed by 10.38.248.149 [preauth]
解决方式:
①权限问题
- .ssh目录的权限必须是700
- .ssh/authorized_keys文件权限必须是600
② 添加
cat id_rsa.pub >> authorized_keys
③具体结果:
[work@vm110-138-248-149 .ssh]$ cat id_rsa.pub >> authorized_keys
[work@vm110-138-248-149 .ssh]$ ssh 110.138.248.149 -p 2248
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0755 for '/home/work/.ssh/id_rsa' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /home/work/.ssh/id_rsa
work@110.138.248.149's password:
[work@vm110-138-248-149 .ssh]$ ll
总用量 16
-rw-r--r-- 1 work work 820 5月 22 16:23 authorized_keys
-rwxr-xr-x 1 work work 1675 5月 22 14:18 id_rsa
-rwxr-xr-x 1 work work 410 5月 22 14:18 id_rsa.pub
-rwxr-xr-x 1 work work 536 5月 22 14:21 known_hosts
[work@vm110-138-248-149 .ssh]$ chmod 600 id_rsa
[work@vm110-138-248-149 .ssh]$ ll
总用量 16
-rw-r--r-- 1 work work 820 5月 22 16:23 authorized_keys
-rw------- 1 work work 1675 5月 22 14:18 id_rsa
-rwxr-xr-x 1 work work 410 5月 22 14:18 id_rsa.pub
-rwxr-xr-x 1 work work 536 5月 22 14:21 known_hosts
[work@vm110-138-248-149 .ssh]$ ssh 110.138.248.149 -p 2248
Last login: Fri May 22 16:23:22 2020