叢集環境ssh免密碼登入設定

1.準備工作

1）用用戶端工具（secureCRT或者xshell）連接配接到linux伺服器，建議同時打開多台伺服器，并同時向多台伺服器發送相同指令。

2.生産密鑰檔案

2）編輯每台伺服器上的hosts檔案：vi /etc/hosts

3）檔案中添加如下内容（以下内容為範例）：

#127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4

#::1 localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.1.160 hadoop01

192.168.1.161 hadoop02

192.168.1.162 hadoop03

192.168.1.163 hadoop04

192.168.1.164 hadoop05
           

4）進入rsa公鑰私鑰的存放目錄：cd /root/.ssh/

#如果是新裝的伺服器，需要自己先手動建立該目錄：mkdir -p /root/.ssh/

5）删除目錄下的id_rsa，id_rsa.pub檔案:rm -rf id_rsa，rm -rf id_rsa.pub

#删除前确認是否有被其他伺服器使用 

6）在每台伺服器上都生成新的公鑰私鑰檔案：ssh-keygen -t rsa

輸入指令後需要連續輸入三次回車

7）拷貝id_rsa.pub檔案内容到authorized_keys檔案中：cat id_rsa.pub >> authorized_keys

#新伺服器需要自己手動建立authorized_keys：touch authorized_keys

3.配置叢集免密

每台伺服器公鑰私鑰生産完成後，就需要将各自的密鑰拷貝到其他伺服器上，以hadoop01主機為例子：

1）登入hadoop1伺服器，進入公鑰私鑰存放的路徑：cd /root/.ssh/

2）拷貝其他公鑰檔案（id_rsa.pub）内容至其他伺服器上：

ssh-copy-id -i hadoop02   #拷貝公鑰到hadoop02的authorized_keys中
ssh-copy-id -i hadoop03   #拷貝公鑰到hadoop03的authorized_keys中
ssh-copy-id -i hadoop04   #拷貝公鑰到hadoop04的authorized_keys中
ssh-copy-id -i hadoop05   #拷貝公鑰到hadoop05的authorized_keys中

#如果沒有配置hosts，也可以直接将hostname替換成IP。
#比如ssh-copy-id -i hadoop02 指令替換成 ssh-copy-id -i 192.168.1.161
           

3）同理在其他幾台伺服器上也進行相同的操作，将本機的公鑰拷貝至其他伺服器上的authorized_keys檔案中，最終authorized_keys檔案内容如下：

[[email protected] .ssh]# more authorized_keys

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAp7jp4a1/deK4B/eZW8kdiCQvzpKe4Id0uP0DdONFW85r

20rpH4ZpNSB7JNYFiqjMUPQ/2EWLXh7xoa9UntKsMVVcZr3BTiXRZ0Gx7IDacwz8Cq0qYrwUCMTKt7QF

xK5RwXyuZqDFjc2yC3/ZoqeyeLERFTll3ZLGeFsXhJjlkPTvtnvx0zX6lacPZL4VguoM5YHw3KaJg8bd

qehJzbQoPS8sm00ES4iygbR+Ixz1cnGTrtNU1S3lh4/y0PC6spMs9Z2Mf097FTLQJXJDiGqU9Tq3MHvl

srZFx92H4yeiJuYWJaZImuiq/feRIo30Dig6obEfuAn13vevdXozcXNlYQ== [email protected]

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwpEgmBzfGw1mrKy3Ho8k/h4jrZlRdIzuLs6PKqDPV/Cw

2kjSYXV7tyGklUYWPWr1Dt6kw5+Ojr7zv+cFnFWKzTTAJz3V4md0RyQ11Kb+IJA7b88SRHcVLlNF2GDX

N2pVqh9lf6Zu6zfpnAjCg/mU8qzTrZfFZdzPtBppimMq+l0bolvgnxEEkpFTNkpHB8+cD732WL+KiW52

7nt0LGBbVbZz9mUa+0bsPGK7ySfk1SPUkGyNXXqVjEydyjvRY8bob7Q3mFX3MpDT696R8n7U7hQ7u4b8

gbe3rIuQcWwGseEQrGjIDhLb9am3dbgDuFeg73RJqFZMOp2y6zQF3jQIew== [email protected]

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAmc2M6Bzw1cPaDwjbtgynJPWRKv9pDnHjBSn5BDbIX0po

8GHHGr1pvYMGu4XWlIa76O44+bmF32K/9ECzBcNVL6a+aN5HWdUPpE6zagFUcaewXu2p4+FCZWpoTZbj

zHKGeay35Id+mpltZUWZlR5lOX+G/veNzuZNpKXnVYoZdAaJ3XlH6IVhKlGOuZkXxvD7e+YD4oxZw+4o

iaav/QtAhZHXWcAt2eVj9xw+j/3Ip5ImmIWHv5/AOFrgiY6c6U+2g5xOGONINbh9CxQ1L4HbQVAx8hYC

stWUm0LfFAcMwXDwb8RAFj+cH+D/xG6CrORLb4UfroJHa6N64rx/5dmz7w== [email protected]

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxAsHr8Jp4vXI7bPGmSsO/+bT43GsxQ4GKdGf8qLPsFY+

/KluWl0TrRLwBVHGc94gpN2JOqtvKYYDSHw4Fj6KPSk/6Nt8CutZAwASoVxzexTFMOSwNFpTMsLc7Oza

Q3XG6v6PgtBEJqdUdl4zIFAZnkZjKmZp8SWG1jGo/vl3jsbrnmFQFeH04MdVcm9r1wvl80bdF9YvYEtg

ymHO4/tANKWSNKGw2EcthNWyQiN4hIYOoBQaUA3FlAXyqcD2+Q+2frf0gNF5KfKKLXmmlAuS9Oi6JqFJ

f1BLmMquI4n02owzU0zlkj3Px5IcCfQbDQ/JedHcjxEKP2S+9m3yxG4h2Q== [email protected]

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAyS1PbXTgFqHcGV/k0QUZni5xB5+q71qx4r5xto+WLkVQ

MiS3gR/VYZoyDLrQRVf5t0JiliCgHeU0MG/ASd1LPbsVYCX5V9cmcm1hMByDKJ6FwIxz5cY4y1dBpwAZ

2E24CQWfZuevaeIFnL80RGGLhRgCxbLb3aPvRZuV34utD+5kgAFJwYCQYN4KnFG1S5e4X6U5J3FsCDby

GD7dhtWWktMV2SAnWjrmULguaVRqO0sDIEiVSc9+KKqAmlOab+5SbZAI5+3hzJog5c3i4f5fHXWnxYqy

LNo3yYSWraV5KcYIlNPqX6iJKvjLWbNDwD3+70u4nWjBSXXufhff71LdHw== [email protected]
           

4）授權authorized_keys檔案：chmod 600 /root/.ssh/authorized_keys

#效果如下，此時已經完成叢集内免密的設定。

[[email protected] .ssh]# ls -al

total 28

drwx------. 2 root root 4096 Oct 24 12:27 .

dr-xr-x---. 22 root root 4096 Oct 24 19:20 ..

-rw-------. 1 root root 1975 Oct 24 12:27 authorized_keys

-rw-------. 1 root root 1675 Oct 24 12:23 id_rsa

-rw-r--r--. 1 root root 395 Oct 24 12:23 id_rsa.pub

-rw-r--r--. 1 root root 2020 Oct 24 12:10 known_hosts
           

4.另一種思路

如果機器數量太多，可以考慮先将其他伺服器的公鑰拷貝至hadoop1，在将authorized_keys檔案傳給其他伺服器，操作如下：

1）登入其他主機，将其他主機的公鑰檔案内容都拷貝到hadoop01主機上的authorized_keys檔案中，指令如下：

ssh-copy-id -i hadoop01  #登入hadoop02,将公鑰拷貝到hadoop01的authorized_keys中

ssh-copy-id -i hadoop01  #登入hadoop03,将公鑰拷貝到hadoop01的authorized_keys中

ssh-copy-id -i hadoop01  #登入hadoop04,将公鑰拷貝到hadoop01的authorized_keys中

ssh-copy-id -i hadoop01  #登入hadoop05,将公鑰拷貝到hadoop01的authorized_keys中
           

2）檢查内容：

[[email protected] .ssh]# more authorized_keys

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAp7jp4a1/deK4B/eZW8kdiCQvzpKe4Id0uP0DdONFW85r

20rpH4ZpNSB7JNYFiqjMUPQ/2EWLXh7xoa9UntKsMVVcZr3BTiXRZ0Gx7IDacwz8Cq0qYrwUCMTKt7QF

xK5RwXyuZqDFjc2yC3/ZoqeyeLERFTll3ZLGeFsXhJjlkPTvtnvx0zX6lacPZL4VguoM5YHw3KaJg8bd

qehJzbQoPS8sm00ES4iygbR+Ixz1cnGTrtNU1S3lh4/y0PC6spMs9Z2Mf097FTLQJXJDiGqU9Tq3MHvl

srZFx92H4yeiJuYWJaZImuiq/feRIo30Dig6obEfuAn13vevdXozcXNlYQ== [email protected]

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwpEgmBzfGw1mrKy3Ho8k/h4jrZlRdIzuLs6PKqDPV/Cw

2kjSYXV7tyGklUYWPWr1Dt6kw5+Ojr7zv+cFnFWKzTTAJz3V4md0RyQ11Kb+IJA7b88SRHcVLlNF2GDX

N2pVqh9lf6Zu6zfpnAjCg/mU8qzTrZfFZdzPtBppimMq+l0bolvgnxEEkpFTNkpHB8+cD732WL+KiW52

7nt0LGBbVbZz9mUa+0bsPGK7ySfk1SPUkGyNXXqVjEydyjvRY8bob7Q3mFX3MpDT696R8n7U7hQ7u4b8

gbe3rIuQcWwGseEQrGjIDhLb9am3dbgDuFeg73RJqFZMOp2y6zQF3jQIew== [email protected]

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAmc2M6Bzw1cPaDwjbtgynJPWRKv9pDnHjBSn5BDbIX0po

8GHHGr1pvYMGu4XWlIa76O44+bmF32K/9ECzBcNVL6a+aN5HWdUPpE6zagFUcaewXu2p4+FCZWpoTZbj

zHKGeay35Id+mpltZUWZlR5lOX+G/veNzuZNpKXnVYoZdAaJ3XlH6IVhKlGOuZkXxvD7e+YD4oxZw+4o

iaav/QtAhZHXWcAt2eVj9xw+j/3Ip5ImmIWHv5/AOFrgiY6c6U+2g5xOGONINbh9CxQ1L4HbQVAx8hYC

stWUm0LfFAcMwXDwb8RAFj+cH+D/xG6CrORLb4UfroJHa6N64rx/5dmz7w== [email protected]

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxAsHr8Jp4vXI7bPGmSsO/+bT43GsxQ4GKdGf8qLPsFY+

/KluWl0TrRLwBVHGc94gpN2JOqtvKYYDSHw4Fj6KPSk/6Nt8CutZAwASoVxzexTFMOSwNFpTMsLc7Oza

Q3XG6v6PgtBEJqdUdl4zIFAZnkZjKmZp8SWG1jGo/vl3jsbrnmFQFeH04MdVcm9r1wvl80bdF9YvYEtg

ymHO4/tANKWSNKGw2EcthNWyQiN4hIYOoBQaUA3FlAXyqcD2+Q+2frf0gNF5KfKKLXmmlAuS9Oi6JqFJ

f1BLmMquI4n02owzU0zlkj3Px5IcCfQbDQ/JedHcjxEKP2S+9m3yxG4h2Q== [email protected]

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAyS1PbXTgFqHcGV/k0QUZni5xB5+q71qx4r5xto+WLkVQ

MiS3gR/VYZoyDLrQRVf5t0JiliCgHeU0MG/ASd1LPbsVYCX5V9cmcm1hMByDKJ6FwIxz5cY4y1dBpwAZ

2E24CQWfZuevaeIFnL80RGGLhRgCxbLb3aPvRZuV34utD+5kgAFJwYCQYN4KnFG1S5e4X6U5J3FsCDby

GD7dhtWWktMV2SAnWjrmULguaVRqO0sDIEiVSc9+KKqAmlOab+5SbZAI5+3hzJog5c3i4f5fHXWnxYqy

LNo3yYSWraV5KcYIlNPqX6iJKvjLWbNDwD3+70u4nWjBSXXufhff71LdHw== [email protected]
           

3）确認無誤後，登入hadoop01,将授權檔案拷貝到其他伺服器：

scp /root/.ssh/authorized_keys hadoop02:/root/.ssh/ #拷貝到hadoop02上

scp /root/.ssh/authorized_keys hadoop03:/root/.ssh/ #拷貝到hadoop03上

scp /root/.ssh/authorized_keys hadoop04:/root/.ssh/ #拷貝到hadoop04上

scp /root/.ssh/authorized_keys hadoop05:/root/.ssh/ #拷貝到hadoop05上
           

#至此，免密碼登入已經設定完成，注意第一次ssh登入時需要輸入密碼，再次通路時即可免密碼登入。