Ubuntu设置SSH免密登录(不同于CentOS)
Ubuntu设置SSH免密登录(不同于CentOS)
1.遇到的坑
之前一直在CentOS系统进行Hadoop开发,SSH免密登录配置过N次,今天在Ubuntu平台下设置免密登录遇到了坑:
kylin@uk0:~$ ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa
Generating public/private dsa key pair.
Created directory '/home/kylin/.ssh'.
Your identification has been saved in /home/kylin/.ssh/id_dsa.
Your public key has been saved in /home/kylin/.ssh/id_dsa.pub.
The key fingerprint is:
SHA256:Kp2T562S8CP1Ui7LJMDlFAMBqujJ8HyrhvsAfWHu8X8 kylin@uk0
The key's randomart image is:
+---[DSA 1024]----+
|..ooo |
|. o |
|. = |
|oo * . |
|= + = S |
|=o.+.+.+. |
|.=o =+O=. |
|.....*B=o.E |
|.+o...o*+o. |
+----[SHA256]-----+
kylin@uk0:~$ cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
kylin@uk0:~$ chmod 0600 ~/.ssh/authorized_keys免密登录本机时,竟然需要输入密码!?
kylin@uk0:~$ ssh uk0
The authenticity of host 'uk0 (192.168.1.160)' can't be established.
ECDSA key fingerprint is SHA256:dOKnH/ES8JcWzGkdRwRzYGzDkBE8y7cJpRx/DNHhGVc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'uk0,192.168.1.160' (ECDSA) to the list of known hosts.
kylin@uk0's password:
Welcome to Ubuntu 16.10 (GNU/Linux 4.8.0-22-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
279 个可升级软件包。
107 个安全更新。
Last login: Fri Mar 3 15:20:29 2017 from 192.168.1.81
kylin@uk0:~$2.解决办法
2.1 先删除之前的.ssh
kylin@uk0:~$ rm -rf .ssh2.2 生成免密
与CentOS不同,需要使用ssh-keygen -t rsa命令生成,一直按Enter,按到最后。
kylin@uk0:~$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/kylin/.ssh/id_rsa):
Created directory '/home/kylin/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/kylin/.ssh/id_rsa.
Your public key has been saved in /home/kylin/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:Onr5G6x8pcsmksQNuMECb2oOu7lKoOzGPh0+x6y0Pj4 kylin@uk0
The key's randomart image is:
+---[RSA 2048]----+
| |
|. |
|.o . |
|. * . |
|.+ + o S |
|*...o .o . |
|*+oo+.o.oo |
|+*.E+*+++. |
|O=+=Boo==o |
+----[SHA256]-----+
kylin@uk0:~$ cat .ssh/id_rsa.pub >> .ssh/authorized_keys2.3 免密登录本机
kylin@uk0:~$ ssh uk0
The authenticity of host 'uk0 (192.168.1.160)' can't be established.
ECDSA key fingerprint is SHA256:dOKnH/ES8JcWzGkdRwRzYGzDkBE8y7cJpRx/DNHhGVc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'uk0,192.168.1.160' (ECDSA) to the list of known hosts.
Welcome to Ubuntu 16.10 (GNU/Linux 4.8.0-22-generic x86_64)
Last login: Fri Mar 3 16:11:16 2017 from 192.168.1.160
kylin@uk0:~$ 3 集群免密登录
3.1 第2个节点生成免密
kylin@uk1:~$ rm -rf .ssh
kylin@uk1:~$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/kylin/.ssh/id_rsa):
Created directory '/home/kylin/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/kylin/.ssh/id_rsa.
Your public key has been saved in /home/kylin/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:pGAXPlmDGitJNPmUGXcS2ZZrQw581nTH7Y7zzUTU1Fs kylin@uk1
The key's randomart image is:
+---[RSA 2048]----+
| .o..===++. ...o+|
| o.=o=*B... .. E|
| . +o+=B.. oo|
| o.+o += .o|
| . ..S. + |
| o o|
| =.|
| +|
| |
+----[SHA256]-----+
kylin@uk1:~$ cat .ssh/id_rsa.pub >> .ssh/authorized_keys
kylin@uk1:~$ ssh uk1
The authenticity of host 'uk1 (192.168.1.161)' can't be established.
ECDSA key fingerprint is SHA256:dOKnH/ES8JcWzGkdRwRzYGzDkBE8y7cJpRx/DNHhGVc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'uk1,192.168.1.161' (ECDSA) to the list of known hosts.
Welcome to Ubuntu 16.10 (GNU/Linux 4.8.0-22-generic x86_64)
Last login: Fri Mar 3 16:23:19 2017 from 192.168.1.161
kylin@uk1:~$3.2 第3个节点生成免密
kylin@uk2:~$ rm -rf .ssh
kylin@uk2:~$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/kylin/.ssh/id_rsa):
Created directory '/home/kylin/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/kylin/.ssh/id_rsa.
Your public key has been saved in /home/kylin/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:/chD0D2CNj5iryn7Jue5lLxXzq3RAjwtG7Jrasz0KYk kylin@uk2
The key's randomart image is:
+---[RSA 2048]----+
| |
| o . |
| = o o |
| + = . . |
| + S + |
| .o * X.+ |
| = o=.o+*.o |
| E O.**. o+. |
| .o%Xo .. |
+----[SHA256]-----+
kylin@uk2:~$ cat .ssh/id_rsa.pub >> .ssh/authorized_keys
kylin@uk2:~$ ssh uk2
The authenticity of host 'uk2 (192.168.1.162)' can't be established.
ECDSA key fingerprint is SHA256:dOKnH/ES8JcWzGkdRwRzYGzDkBE8y7cJpRx/DNHhGVc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'uk2,192.168.1.162' (ECDSA) to the list of known hosts.
Welcome to Ubuntu 16.10 (GNU/Linux 4.8.0-22-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
Last login: Fri Mar 3 16:03:44 2017 from 192.168.1.160
kylin@uk2:~$ 3.3 分发公钥
kylin@uk1:~$ cat ~/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCisjV42WGpF64EffoSVB1fxXGqwE/9uYuDgwHzfXK47c54vLLtGfpKqzzXfDoTLWtR1P/W5stGGqLxarP27Nz7ujd4rQKt3t8JXSnlQIIhkojo4JGcF3JDAm9V5nGaqpMse65tbdK24+tkmVolwfZJTOZi9O1bctzBaZOapzu498/2Tlzy1jSToQmDlT0zsAhbs1ipF1aBRLzjnU0i9gXhF2dW2pQvvJk1TBMx8A1xIPAviQ43NhUoNsUhZYeRIQ9XPe293/48tId3a3M4OvQ26tHLEiG8sDRl3w5Nc2NXybs4RVydAmiCS4kh/SgALgtpq/HF3SpWlbYXl4S5j1cb kylin@uk1kylin@uk2:~$ cat ~/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFdBdhmycLgyu4D/i3cneY4ERwnj/a2Q8JFHLizAg66qul7mykOIziI9IKRfE8nS4/vsOLTtUiTMsNqvpuWWGoibRXmxnrf19IwfyQ/YIuwllQ3Bm439Gyn+s2frK8i5Sw5wyCw+FiL4BS8WpPr4qWHXHajBI2VP4SNZuLdPlvCoZXYawWVOvlk8skt5WuXKpEjNEku+4w1Dyq3pT76iDBGxGk/JYzZRvyvUvQdBcYNgWjZNcva8HWYXpckmuoHh8VmeRDRhj1KGADsypw0L1jM7HG2hnGulqb3Xil2KJdMiPzp9uGJskSfZbLI6v7QLkQqOIpSAtIFZd+IxHwxIaF kylin@uk2合并公钥
kylin@uk0:~$ vi ~/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnAW4j0oGFL36qoruUOkUaf5xIy7h4BrrGxvVnRpZAIGnCGwBt3OKLUrsWVQONQl6dr8f/TFbcAdAulPkn2/NmtjQLz6cMC3KiXlwk8x5Wz5c+cZ/TmkMEFRpxh48/0rfFHdZvLHcXx/WZzU0tIEjspZHxTq+oaZ3jgro7VweKGva0WVFuEJczUccMQOj+cRnLrt1Jy5ipaQHWtk2MYhfgfk168Bub6mEyLqbrUHB4zx+u+ukOg0skjBO2Kybn8OJABkdiA9V+d4UTFeK0XoywzcUsSGT0Tro6lUJ5i8haiWcPJutR7kXosL2aoU2480LUtQLqo7yJ1mT+FUE2uuMR kylin@uk0
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCisjV42WGpF64EffoSVB1fxXGqwE/9uYuDgwHzfXK47c54vLLtGfpKqzzXfDoTLWtR1P/W5stGGqLxarP27Nz7ujd4rQKt3t8JXSnlQIIhkojo4JGcF3JDAm9V5nGaqpMse65tbdK24+tkmVolwfZJTOZi9O1bctzBaZOapzu498/2Tlzy1jSToQmDlT0zsAhbs1ipF1aBRLzjnU0i9gXhF2dW2pQvvJk1TBMx8A1xIPAviQ43NhUoNsUhZYeRIQ9XPe293/48tId3a3M4OvQ26tHLEiG8sDRl3w5Nc2NXybs4RVydAmiCS4kh/SgALgtpq/HF3SpWlbYXl4S5j1cb kylin@uk1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFdBdhmycLgyu4D/i3cneY4ERwnj/a2Q8JFHLizAg66qul7mykOIziI9IKRfE8nS4/vsOLTtUiTMsNqvpuWWGoibRXmxnrf19IwfyQ/YIuwllQ3Bm439Gyn+s2frK8i5Sw5wyCw+FiL4BS8WpPr4qWHXHajBI2VP4SNZuLdPlvCoZXYawWVOvlk8skt5WuXKpEjNEku+4w1Dyq3pT76iDBGxGk/JYzZRvyvUvQdBcYNgWjZNcva8HWYXpckmuoHh8VmeRDRhj1KGADsypw0L1jM7HG2hnGulqb3Xil2KJdMiPzp9uGJskSfZbLI6v7QLkQqOIpSAtIFZd+IxHwxIaF kylin@uk2分发公钥
kylin@uk0:~$ scp .ssh/authorized_keys kylin@192.168.1.161:/home/kylin/.ssh
The authenticity of host '192.168.1.161 (192.168.1.161)' can't be established.
ECDSA key fingerprint is SHA256:dOKnH/ES8JcWzGkdRwRzYGzDkBE8y7cJpRx/DNHhGVc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.161' (ECDSA) to the list of known hosts.
kylin@192.168.1.161's password:
authorized_keys 100% 1173 692.4KB/s 00:00
kylin@uk0:~$ scp .ssh/authorized_keys kylin@192.168.1.162:/home/kylin/.ssh
The authenticity of host '192.168.1.162 (192.168.1.162)' can't be established.
ECDSA key fingerprint is SHA256:dOKnH/ES8JcWzGkdRwRzYGzDkBE8y7cJpRx/DNHhGVc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.162' (ECDSA) to the list of known hosts.
kylin@192.168.1.162's password:
authorized_keys 100% 1173 1.1MB/s 00:00
kylin@uk0:~$3.4 集群免密登录
kylin@uk0:~$ ssh uk1
The authenticity of host 'uk1 (192.168.1.161)' can't be established.
ECDSA key fingerprint is SHA256:dOKnH/ES8JcWzGkdRwRzYGzDkBE8y7cJpRx/DNHhGVc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'uk1' (ECDSA) to the list of known hosts.
Welcome to Ubuntu 16.10 (GNU/Linux 4.8.0-22-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
279 个可升级软件包。
107 个安全更新。
Last login: Fri Mar 3 16:24:21 2017 from 192.168.1.161
kylin@uk1:~$
kylin@uk1:~$ ssh uk2
The authenticity of host 'uk2 (192.168.1.162)' can't be established.
ECDSA key fingerprint is SHA256:dOKnH/ES8JcWzGkdRwRzYGzDkBE8y7cJpRx/DNHhGVc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'uk2,192.168.1.162' (ECDSA) to the list of known hosts.
Welcome to Ubuntu 16.10 (GNU/Linux 4.8.0-22-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
279 个可升级软件包。
107 个安全更新。
Last login: Fri Mar 3 16:25:05 2017 from 192.168.1.162本文参与 腾讯云自媒体分享计划,分享自作者个人站点/博客。
原始发表:2017-03-03,如有侵权请联系 cloudcommunity@tencent.com 删除
评论
登录后参与评论
推荐阅读
目录