搭Hadoop集群时,配置SSH免密登录

Hadoop集群采用SSH免密码登录的形式进行通信,需要事先配置免密码认证。CentOS 7操作系统中默认已经安装了SSH,本书中仅介绍SSH免密码登录配置。在配置SSH时使用Xshell分别登陆6个服务器节点,并进行SSH配置。

(1)生成公钥

SSH目录在/etc,目录下ssh-keygen -t rsa (提示:生成的认证秘钥并非只有rsa还有一个是dsa),连续敲3个回车就行了,不用输入密码。

[hadoop@sys01 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/hadoop/.ssh/id_rsa): #输入Enter键
Created directory '/home/hadoop/.ssh'.
Enter passphrase (empty for no passphrase):               #输入Enter键
Enter same passphrase again:                           #输入Enter键
Your identification has been saved in /home/hadoop/.ssh/id_rsa.
Your public key has been saved in /home/hadoop/.ssh/id_rsa.pub.
The key fingerprint is:                                
SHA256:SR64gQSdsEt7a6mcCDmPOz3+9/SgOzCjGBrKb5XbKow     hadoop@sys01
The key's randomart image is:

+---[RSA 2048]----+



|  o+..           |




|   oo. .         |




|  o . o o        |




| . o   = o       |




|  o . o S        |




|o. .+=           |




|B=o.=+o o        |




|*E+B .o+ o       |




|++O+oo++. .      |




+----[SHA256]-----+






生成后的密码在根目录下。因为是隐藏的,所以要用ls命令查看。




[hadoop@sys01 ~]$ ls -la
total 186472
drwx------.  8 hadoop hadoop      4096 Jul 22 21:42 .
drwxr-xr-x. 10 root   root        4096 Jul 22 21:39 ..
-rw-------.  1 hadoop hadoop       755 Jul 22 07:00 .bash_history
-rw-r--r--.  1 hadoop hadoop        18 Apr 10 20:53 .bash_logout
-rw-r--r--.  1 hadoop hadoop       255 Jul 22 05:58 .bash_profile
-rw-r--r--.  1 hadoop hadoop       305 Jul 22 06:04 .bashrc
drwxrwxr-x.  3 hadoop hadoop      4096 Jul 22 05:50 .cache
drwxrwxr-x.  3 hadoop hadoop      4096 Jul 22 05:50 .config
drwxr-xr-x.  4 hadoop hadoop      4096 Jul  3 01:48 .mozilla
drwxrwxr-x.  2 hadoop hadoop      4096 Jul 22 06:00 .oracle_jre_usage
drwx------.  2 hadoop hadoop      4096 Jul 22 21:42 .ssh
-rw-------.  1 hadoop hadoop       930 Jul 22 06:04 .viminfo




其他节点操作方法参考sys01的公钥生成方法。


(2)配置各个节点自身的免密码登录


配置自己到自己的免密。




[hadoop@sys01 ~]$ssh-copy-id IP  #IP为除自身节点的其他5个节点对应IP




其他节点配置方式参考第一个节点.


(3)配置各个节点互相免密


第一个节点执行命令:




[hadoop@sys01 ~]$ssh-copy-id IP  #IP为除自身节点的其他5个节点对应IP




然后输入对应节点的登录密码,即可配置成功。配置成功的界面如下:




[hadoop@sys01 ~]$ ssh-copy-id 172.16.2.182  #sys01到sys02的免密
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed:     "/home/hadoop/.ssh/id_rsa.pub"
The authenticity of host '172.16.2.182 (172.16.2.182)' can't be established.
ECDSA key fingerprint is     SHA256:nsjX66sL3nGqrBToxxCkfLsoSMmwvtwhzkAJbOX7/vQ.
ECDSA key fingerprint is     MD5:bb:75:eb:69:be:ba:dd:e4:4a:85:4a:17:7e:65:11:de.
Are you sure you want to continue connecting (yes/no)? yes #输入yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out     any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted     now it is to install the new keys
hadoop@172.16.2.182's password:     #输入sys02的hadoop用户登录密码
Number of key(s) added: 1
Now try logging into the machine, with:   "ssh '172.16.2.182'"
and check to make sure that only the key(s) you wanted were added.




sys01到其余节点免密




[hadoop@sys01 ~]$ ssh-copy-id xxx.xxx.xxx.xxx #有几个节点,需要操作几次




(4)如果免密登陆未成功,则更改部分文件权限如下




[hadoop@sys01 ~]$ chmod 700 .ssh
[hadoop@sys01 ~]$ chmod 600 .ssh/*




(5)测试是否成功




[hadoop@sys01 ~]$ ssh sys02
Last login: Mon Jul 23 02:12:41 2018 from sys01
[hadoop@sys02 ~]$




 






		

		
posted @ 
2021-05-24 09:38 
LifeRunningError 
Views(807) 
Comments(0Edit 
收藏 
举报