centos7配置互相免密登录
具体步骤
准备3台机器,192.168.11.131-133,设置他们在用户hadoop上的免密登录。
1.新建hadoop用户,设置密码为8ik,(OL>,并设置用户权限。------3台机器同时操作
[root@localhost ~]# useradd hadoop
[root@localhost ~]# passwd hadoop
// 修改用户权限
[root@localhost ~]# vim /etc/sudoers
...最后吗加入下面一行,再 :wq! 强制保存
hadoop ALL=(ALL) NOPASSWD: ALL
2.修改主机名称------3台依次修改
// 131名称为hadoop1,其它2台分别为hadoop2、hadoop3
[root@localhost hadoop]# cat /etc/hostname
hadoop1
// 修改hosts
[root@localhost hadoop]# vim /etc/hosts
192.168.11.131 hadoop1
192.168.11.132 hadoop2
192.168.11.133 hadoop3
// 验证第一台是否对的(后面两台依次hadoop2、hadoop3)
[root@localhost hadoop]# cat /etc/hostname
hadoop1
3.切换用户hadoop---------3台同时操作
[root@localhost ~]# su hadoop
[hadoop@localhost root]$ cd /home/hadoop
4.生成秘钥,并发送到别的机器---------3台同时操作
[hadoop@localhost ~]$ cd .ssh
bash: cd: .ssh: 没有那个文件或目录
// 没有.ssh目录,用下面命令出发创建
[hadoop@localhost ~]$ ssh localhost
The authenticity of host 'localhost (::1)' can't be established.
ECDSA key fingerprint is SHA256:teaT7e7DpRCNeXsp7jPsqbUIcoMTVicl/zepbVucdtQ.
ECDSA key fingerprint is MD5:fd:cd:57:cf:52:70:a1:47:6b:9f:10:da:02:48:ea:d4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
// 这里输入hadoop用户的登录密码
hadoop@localhost's password:
Last failed login: Sun Mar 21 07:07:55 CST 2021 from localhost on ssh:notty
There were 2 failed login attempts since the last successful login.
Last login: Sun Mar 21 07:05:09 2021
// 下面就已经有.ssh目录了
[hadoop@localhost ~]$ cd .ssh
[hadoop@localhost .ssh]$ ssh-keygen -t rsa
// 下面会要求输入3次空格
Generating public/private rsa key pair.
Enter file in which to save the key (/home/hadoop/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/hadoop/.ssh/id_rsa.
Your public key has been saved in /home/hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:OH6f0633Wd5yQxDwO0CIofXRFtNvTsXySxYTAdlsR9s hadoop@localhost.ydfind
The key's randomart image is:
+---[RSA 2048]----+
| oo.o=+.==+|
| o...ooo+.**|
| . ... .++E|
| . ...*.|
| o S oB .|
| . . .+ |
| . . . .. .|
| . .... +o=|
| o..o ==|
+----[SHA256]-----+
[hadoop@localhost .ssh]$ ssh-copy-id hadoop1
[hadoop@localhost .ssh]$ ssh-copy-id hadoop2
[hadoop@localhost .ssh]$ ssh-copy-id hadoop3
5.验证
[hadoop@localhost .ssh]$ ssh hadoop1
Last failed login: Sun Mar 21 07:12:49 CST 2021 from hadoop1 on ssh:notty
There were 3 failed login attempts since the last successful login.
Last login: Sun Mar 21 07:08:00 2021 from localhost
[hadoop@localhost ~]$ exit
登出
Connection to hadoop1 closed.
[hadoop@localhost .ssh]$ ssh hadoop2
Last login: Sun Mar 21 07:08:00 2021 from localhost
[hadoop@localhost ~]$ exit
登出
Connection to hadoop2 closed.
[hadoop@localhost .ssh]$ ssh hadoop3
Last login: Sun Mar 21 07:08:00 2021 from localhost
[hadoop@localhost ~]$ exit
登出
Connection to hadoop3 closed.
可以看到3台机器都可以免密登录了
KATA练手-多台同时操作
1)添加用户flink
cut -d : -f 1 /etc/passwd | grep flink --------验证是否有flink用户
useradd flink
passwd flink
vim /etc/sudoers
flink ALL=(ALL) NOPASSWD: ALL
2)修改主机名、host映射
vim /etc/hostname-------依次改为node1、node2、node3
vim /etc/hosts
192.168.11.131 node1
192.168.11.132 node2
192.168.11.133 node3
// win10的hosts也可以加入,方便测试
3)设置免密
su flink
cd /home/flink/.ssh --------若没有.ssh,可以用flink用户运行ssh localhost
ssh-keygen -t rsa
ssh-copy-id node1
ssh-copy-id node2
ssh-copy-id node3