目的
还记得上一篇文章的分发脚本么
这个SSH免密就是给他用的
配置好SSH免密之后,再使用分发脚本就可以不用输入密码了
演示
在hadoop102上输入以下命令
ssh hadoop103
这就是从hadoop102控制了hadoop103
同时会在hadoop102的用户目录里生成.ssh文件夹
生成公钥和私钥
输入以下命令,然后连点三下回车即可
此时会生成两个文件 id_rsa(私钥)、id_rsa.pub(公钥)
ssh-keygen -t rsa
把公钥拷贝到要免密登录的目标机器上
ssh-copy-id hadoop102
ssh-copy-id hadoop103
ssh-copy-id hadoop104
hadoop103 hadoop104重复hadoop102的操作
[hadoop@hadoop103 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/hadoop/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/hadoop/.ssh/id_rsa.
Your public key has been saved in /home/hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:xYAfAw2qrajBVRonTkHKlho6gD86y2l4dFh3yQxTJ/4 hadoop@hadoop103
The key's randomart image is:
+---[RSA 2048]----+
| .o o*+ . |
|o o ..+.+= |
|+= +.o *.+o |
|=oooB . *o |
|+ +*.. .S E |
|.++o. |
|*o.. |
|+=o |
|++ |
+----[SHA256]-----+
[hadoop@hadoop103 ~]$ ssh-copy-id hadoop102
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/hadoop/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
hadoop@hadoop102's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'hadoop102'"
and check to make sure that only the key(s) you wanted were added.
[hadoop@hadoop103 ~]$ ssh-copy-id hadoop103
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/hadoop/.ssh/id_rsa.pub"
The authenticity of host 'hadoop103 (192.168.159.103)' can't be established.
ECDSA key fingerprint is SHA256:F4kFxgKiweDgwxM6+HOqZzhmoLf1F1t7Nq6T4yczbmE.
ECDSA key fingerprint is MD5:e0:d0:d1:34:6c:0a:92:18:88:11:0b:e6:3e:b5:bf:43.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
hadoop@hadoop103's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'hadoop103'"
and check to make sure that only the key(s) you wanted were added.
[hadoop@hadoop103 ~]$ ssh-copy-id hadoop104
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/hadoop/.ssh/id_rsa.pub"
The authenticity of host 'hadoop104 (192.168.159.104)' can't be established.
ECDSA key fingerprint is SHA256:F4kFxgKiweDgwxM6+HOqZzhmoLf1F1t7Nq6T4yczbmE.
ECDSA key fingerprint is MD5:e0:d0:d1:34:6c:0a:92:18:88:11:0b:e6:3e:b5:bf:43.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
hadoop@hadoop104's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'hadoop104'"
and check to make sure that only the key(s) you wanted were added.
[hadoop@hadoop104 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/hadoop/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/hadoop/.ssh/id_rsa.
Your public key has been saved in /home/hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:CU7riwCrOWNFQUcHSQqiCXSxfRmfTSTOppQpagG53H8 hadoop@hadoop104
The key's randomart image is:
+---[RSA 2048]----+
|++o++=oo ..o |
|+o+.=.. O = |
|+ o+.oo* * . |
| o ooo+oo. |
|. .o. o.S |
| o.. o E |
|. o o |
|+o . . . |
|+o . . |
+----[SHA256]-----+
[hadoop@hadoop104 ~]$
[hadoop@hadoop104 ~]$ ssh-copy-id hadoop102
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/hadoop/.ssh/id_rsa.pub"
The authenticity of host 'hadoop102 (192.168.159.102)' can't be established.
ECDSA key fingerprint is SHA256:F4kFxgKiweDgwxM6+HOqZzhmoLf1F1t7Nq6T4yczbmE.
ECDSA key fingerprint is MD5:e0:d0:d1:34:6c:0a:92:18:88:11:0b:e6:3e:b5:bf:43.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
hadoop@hadoop102's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'hadoop102'"
and check to make sure that only the key(s) you wanted were added.
[hadoop@hadoop104 ~]$ ssh-copy-id hadoop103
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/hadoop/.ssh/id_rsa.pub"
The authenticity of host 'hadoop103 (192.168.159.103)' can't be established.
ECDSA key fingerprint is SHA256:F4kFxgKiweDgwxM6+HOqZzhmoLf1F1t7Nq6T4yczbmE.
ECDSA key fingerprint is MD5:e0:d0:d1:34:6c:0a:92:18:88:11:0b:e6:3e:b5:bf:43.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
hadoop@hadoop103's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'hadoop103'"
and check to make sure that only the key(s) you wanted were added.
[hadoop@hadoop104 ~]$ ssh-copy-id hadoop104
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/hadoop/.ssh/id_rsa.pub"
The authenticity of host 'hadoop104 (192.168.159.104)' can't be established.
ECDSA key fingerprint is SHA256:F4kFxgKiweDgwxM6+HOqZzhmoLf1F1t7Nq6T4yczbmE.
ECDSA key fingerprint is MD5:e0:d0:d1:34:6c:0a:92:18:88:11:0b:e6:3e:b5:bf:43.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
hadoop@hadoop104's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'hadoop104'"
and check to make sure that only the key(s) you wanted were added.
分发脚本验证
回到用户目录,创建一个test.txt文件
vim test.txt
随便输入点东西之后保存退出
没有内容的话新文件不会保存,哪怕输入个1也可以,只要有内容就行
验证
xsync test.txt
验证成功,免密妙传
注意
这个SSH免密只对hadoop用户起作用
如果想要root用户也可以实现免密登录,则进入root用户之后
再重复上述行为即可
[hadoop@hadoop102 ~]$ su root
密码:
[root@hadoop102 hadoop]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:qniNJAXxwRWy3mm4ePn15JxalRJKKWb0+X+Sw68dqRI root@hadoop102
The key's randomart image is:
+---[RSA 2048]----+
| .oo.+. |
| ...= . o |
| .o + = . |
| ..= + o . . |
| .o + S o o |
| ...+ . E= . . |
| .o+o. . o.* + |
| ooo.. *.. B . |
| ... . ..=.o.o |
+----[SHA256]-----+
[root@hadoop102 hadoop]# ssh-copy-id hadoop102
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@hadoop102's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'hadoop102'"
and check to make sure that only the key(s) you wanted were added.
[root@hadoop102 hadoop]# ssh-copy-id hadoop103
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@hadoop103's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'hadoop103'"
and check to make sure that only the key(s) you wanted were added.
[root@hadoop102 hadoop]# ssh-copy-id hadoop104
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@hadoop104's password:
Permission denied, please try again.
root@hadoop104's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'hadoop104'"
and check to make sure that only the key(s) you wanted were added.
[root@hadoop102 hadoop]#