服务器评测
在使用Hadoop的时候,一般配置SSH使得我们可以无密码登录到主机,下面分别以Ubuntu和CentOS两个平台来举例说明如何配置SSH使得我们可以无密码登录到主机,当然,你得先安装好SSH服务器,并开启(关于如何在Linux平台下安装好SSH请参加本博客的《Linux平台下安装SSH》 http://www.linuxidc.com/Linux/2014-01/94793.htm)Ubuntu配置步骤如下所示:
[linuxidc@localhost ~]$ ssh-keygen -t dsa -P ”
Generating public/private dsa key pair.
Enter file in which to save the key (/home/linuxidc/.ssh/id_dsa):
Created directory ‘/home/linuxidc/.ssh’.
Your identification has been saved in /home/linuxidc/.ssh/id_dsa.
Your public key has been saved in /home/linuxidc/.ssh/id_dsa.pub.
The key fingerprint is:
bd:2c:ed:ab:6d:a9:b2:45:88:32:08:5a:d2:d9:ad:cc linuxidc@ubuntu
The key’s randomart image is:
+–[ DSA 1024]—-+
| |
| . o . |
|o + . . |
|o+ o o . . |
|o o E . S . |
| o . o . |
| o +. |
| .. +o |
| .oo++. |
+—————–+
这样就会在linuxidc用户的/home/linuxidc/.ssh/目录下生成id_dsa和id_dsa.pub两个文件,输出如下:
[linuxidc@ubuntu ~]$ cd /home/linuxidc/.ssh/
[linuxidc@ubuntu:~/.ssh]$ ls -l
total 8
-rw——- 1 linuxidc linuxidc 668 2013-10-21 02:51 id_dsa
-rw-r–r– 1 linuxidc linuxidc 600 2013-10-21 02:51 id_dsa.pub
将id_dsa.pub里面的内容加到用于认证的公钥文件中,命令如下(注意:不要复制,一定要用cat去操作,不信你可以去试试。):
[linuxidc@ubuntu:~/.ssh]$ cat id_dsa.pub >> authorized_keys
输入下面命令,如果显示如下类似的信息,就说明配置好了!
[linuxidc@ubuntu:~/.ssh]$ ssh localhost
The authenticity of host ‘localhost (::1)’ can’t be established.
RSA key fingerprint is 22:9b:94:45:dc:f0:c8:02:03:b2:a1:30:d3:04:92:01.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘localhost’ (RSA) to the list of known hosts.
linux ubuntu 2.6.32-38-generic #83-Ubuntu SMP Wed Jan 4 11:12:07 UTC 2012
x86_64 GNU/linux
Ubuntu 10.04.4 LTS
Welcome to Ubuntu!
* Documentation: https://help.ubuntu.com/
242 packages can be updated.
213 updates are security updates.
New release ‘precise’ available.
Run ‘do-release-upgrade’ to upgrade to it.
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
[linuxidc@localhost ~]$
但是实际上,很多人都没有这么顺利的,一般的问题都是文件权限设置的不对,请把.ssh和authorized_keys的访问权限分别设置为755个600(也就是只有自己对上面两个文件有写权限),命令如下:
[linuxidc@localhost ~]$ chmod 755 /home/linuxidc/.ssh
[linuxidc@localhost ~]$ chmod 600 /home/linuxidc/.ssh/authorized_keys
假如这台服务器上面还有test用户,如何使得linuxidc用户能够无密码登录到test(IP地址为192.168.142.129)呢?执行下面命令
[linuxidc@localhost ~]$ cat /home/linuxidc/.ssh/id_dsa.pub |
ssh test@192.168.142.129 ‘cat – >> ~/.ssh/authorized_keys’
之后,在linuxidc用户下执行下面命令
[linuxidc@localhost ~]$ ssh test@192.168.142.129
linux ubuntu 2.6.32-38-generic #83-Ubuntu SMP Wed Jan 4 11:12:07
UTC 2012 x86_64 GNU/linux
Ubuntu 10.04.4 LTS
Welcome to Ubuntu!
* Documentation: https://help.ubuntu.com/
240 packages can be updated.
213 updates are security updates.
New release ‘precise’ available.
Run ‘do-release-upgrade’ to upgrade to it.
Last login: Mon Oct 21 02:48:01 2013 from localhost
[test@localhost ~]$
如果出现上述类似的信息,说明成功了!登陆到test用户了。注意上面的信息只有第一次登录的时候才会显示,以后登陆只会显示下面类似的信息:
[linuxidc@localhost ~]$ ssh test@192.168.142.129
Last login: Mon Oct 21 02:49:51 2013 from localhost
[test@localhost ~]$
上面是以Ubuntu平台为例子,下面来说说怎么在CentOS平台上面配置,(CentOS由于权限比Ubuntu的更加严格,所以配置起来比较麻烦),首先,我们需要设置一下/etc/ssh/sshd_config文件,请将/etc/ssh/sshd_config文件中下面三行的注释去掉:
[root@localhost ~]# vim /etc/ssh/sshd_config
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
其余的步骤和开始的一样如下所示:
[linuxidc@localhost ~]$ ssh-keygen -t dsa -P ”
Generating public/private dsa key pair.
Created directory ‘/home/linuxidc/.ssh’.
Your identification has been saved in /home/linuxidc/.ssh/dsa.
Your public key has been saved in /home/linuxidc/.ssh/dsa.pub.
The key fingerprint is:
15:57:37:f1:ee:05:26:3a:9e:e1:aa:b3:11:27:b3:1a linuxidc@localhost.localdomain
The key’s randomart image is:
+–[ DSA 1024]—-+
| . …oo|
| o .o|
| . . o .|
| . . o o |
| + S + o|
| * o + ..|
| E o + .|
| o.. . |
| . o+. |
+—————–+
[linuxidc@localhost ~]$ cat ~/.ssh/dsa.pub >> ~/.ssh/authorized_keys
[linuxidc@localhost ~]$ ssh localhost
The authenticity of host ‘localhost (127.0.0.1)’ can’t be established.
RSA key fingerprint is f3:f8:0b:26:a1:8e:14:55:34:ec:cb:99:f8:70:2c:d3.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘localhost’ (RSA) to the list of known hosts.
Last login: Fri Aug 9 08:39:32 2013 from 192.168.142.1
[linuxidc@localhost ~]$
好了,配置完成了。
相关阅读:
Ubuntu 下配置 SSH服务全过程及问题解决 http://www.linuxidc.com/Linux/2011-09/42775.htm
Ubuntu 12.04下安装Git,SSH及出现的Permission denied解决办法 http://www.linuxidc.com/Linux/2013-06/85336.htm
Ubuntu 12.10下OpenSSH的离线安装方法 http://www.linuxidc.com/Linux/2013-04/82814.htm
Ubuntu下SSH安装或设置 http://www.linuxidc.com/Linux/2013-07/87368.htm
更多CentOS相关信息见CentOS 专题页面 http://www.linuxidc.com/topicnews.aspx?tid=14
