记录节点之间配置互信的问题点

Gogo点

已于 2022-03-23 15:34:50 修改

阅读量689

点赞数

分类专栏：笔记文章标签：运维

于 2020-04-06 15:45:30 首次发布

本文链接：https://blog.csdn.net/weixin_44617188/article/details/105345091

版权

笔记专栏收录该内容

4 篇文章 0 订阅

订阅专栏

记录节点之间配置互信的问题点
1.节点1上操作
ssh-keygen -m PEM -t rsa
直接点确认确认就可以自动生成公密钥文件
2.节点1上操作
ssh-copy-id hadoop@bigdata01
ssh-copy-id hadoop@bigdata02
…
3.节点1上操作
cd ~/.ssh
cat id_rsa.pub >>authorized_keys

在所有节点都进行如上操作，即可以简单配置完成互信。

采坑：
SSH对公钥、私钥的权限和所有权的要求是非常严格的，总结如下：
1、下面两个目录的所有权必须是user，所属组也应该是user，前者权限不能是777，后者权限必须为700
\home\user
\home\user.ssh
2、下面公钥文件的所有权必须是user，所属组也应该是user，权限必须为644
\home\user.ssh\authorized_keys
3、下面私钥文件的所有权必须是user，所属组也应该是user，权限必须是600
\home\user.ssh\id_rsa

有些用户將home目录权限设为777，提交并行任务出现下列错误：

Permission denied, please try again.^M
Permission denied, please try again.^M
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).^M
————————————————————————–
A daemon (pid 19715) died unexpectedly with status 255 while attempting
to launch so we are aborting.

There may be more information reported by the environment (see above).

This may be because the daemon was unable to find all the needed shared
libraries on the remote node. You may set your LD_LIBRARY_PATH to have the
location of the shared libraries on the remote nodes and this will
automatically be forwarded to the remote nodes.
————————————————————————–
————————————————————————–
mpirun noticed that the job aborted, but has no info as to the process
that caused that situation.

修改home目录权限，以及.ssh文件目录，解决！