1.ssh无密登录原理
看网上都不太清除,就自己画了一张。
2.ssh配置
1. 配置ssh
(1)基本语法
ssh另一台电脑的ip地址
(2)ssh连接时出现Host key verification failed的解决方法
[ch@hadoop102 opt] $ ssh 192.168.1.103
The authenticity of host '192.168.1.103 (192.168.1.103)' can't be established.
RSA key fingerprint is cf:1e:de:d7:d0:4c:2d:98:60:b4:fd:ae:b1:2d:ad:06.
Are you sure you want to continue connecting (yes/no)?
Host key verification failed.
(3)解决方案如下:直接输入yes
2. 无密钥配置
(1)生成公钥和私钥:
[ch@hadoop102 .ssh]$ ssh-keygen -t rsa
然后敲(三个回车),就会生成两个文件id_rsa(私钥)、id_rsa.pub(公钥)
(2)将公钥拷贝到要免密登录的目标机器上
[ch@hadoop102 .ssh]$ ssh-copy-id hadoop102
[ch@hadoop102 .ssh]$ ssh-copy-id hadoop103
[ch@hadoop102 .ssh]$ ssh-copy-id hadoop104
注意:
还需要在hadoop102上采用root账号,配置一下无密登录到hadoop102、hadoop103、hadoop104;
还需要在hadoop103上采用ch账号配置一下无密登录到hadoop102、hadoop103、hadoop104服务器上。
3. .ssh文件夹下(~/.ssh)的文件功能解释
authorized_keys | 存放授权过得无密登录服务器公钥 |
---|---|
known_hosts | 记录ssh访问过计算机的公钥(public key) |
id_rsa | 生成的私钥 |
id_rsa.pub | 生成的公钥 |