• 免密登陆


    无密钥配置

    (1)免密登录原理,如图所示

    (2)生成公钥和私钥:

    [root@hadoop003 .ssh]# ssh-keygen -t rsa
    Generating public/private rsa key pair.
    Enter file in which to save the key (/root/.ssh/id_rsa):
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in /root/.ssh/id_rsa.
    Your public key has been saved in /root/.ssh/id_rsa.pub.
    The key fingerprint is:
    SHA256:Ok8kToCeyjo30iYnrfUMMBbThPt4hgcMROobewzvgE4 root@hadoop003
    The key's randomart image is:
    +---[RSA 2048]----+
    |oo..             |
    |o.o.             |
    |+oo..            |
    |.=o. .           |
    |o=B   o S        |
    |+*B= o +         |
    |oE*+  + .        |
    |O.@+   +         |
    |o@ oo   .        |
    +----[SHA256]-----+
    [root@hadoop003 .ssh]#

    然后敲(三个回车),就会生成两个文件id_rsa(私钥)、id_rsa.pub(公钥)

    (3)将公钥拷贝到要免密登录的目标机器上

    [root@hadoop003 .ssh]# ssh-copy-id hadoop002
    /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
    The authenticity of host 'hadoop002 (47.111.251.254)' can't be established.
    ECDSA key fingerprint is SHA256:YNsodxgiTBhRi6BaO1LqQrkOeudAVMaRisZJQdaJdAA.
    ECDSA key fingerprint is MD5:b5:82:88:93:92:6a:01:ed:4d:6f:80:bc:68:1a:e8:c9.
    Are you sure you want to continue connecting (yes/no)? yes
    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
    root@hadoop002's password:
    
    Number of key(s) added: 1
    
    Now try logging into the machine, with:   "ssh 'hadoop002'"
    and check to make sure that only the key(s) you wanted were added.
    
    [root@hadoop003 .ssh]# ssh-copy-id hadoop003
    /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
    The authenticity of host 'hadoop003 (172.16.123.556)' can't be established.
    ECDSA key fingerprint is SHA256:YKGJjhv5Q/fneno2xR5HWQjFBkeZL09SF4RwtWI8tC4.
    ECDSA key fingerprint is MD5:30:ad:2b:59:1c:a8:37:d3:bf:69:6b:7d:8f:ee:3b:b8.
    Are you sure you want to continue connecting (yes/no)? yes
    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
    root@hadoop003's password:
    
    Number of key(s) added: 1
    
    Now try logging into the machine, with:   "ssh 'hadoop003'"
    and check to make sure that only the key(s) you wanted were added.
    
    [root@hadoop003 .ssh]# ssh-copy-id hadoop004
    /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
    ^Z
    [1]+  Stopped                 ssh-copy-id hadoop004
    [root@hadoop003 .ssh]# vim /etc/hosts
    [root@hadoop003 .ssh]# ssh-copy-id hadoop004
    /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
    The authenticity of host 'hadoop004 (47.110.91.340)' can't be established.
    ECDSA key fingerprint is SHA256:y5y+JQhhdqAGOHgS9U7vvuqz0TrBjA6823skny8SYJE.
    ECDSA key fingerprint is MD5:62:5b:a0:d7:08:ad:0d:97:44:35:5b:61:f4:1d:5f:f3.
    Are you sure you want to continue connecting (yes/no)? yes
    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
    root@hadoop004's password:
    
    Number of key(s) added: 1
    
    Now try logging into the machine, with:   "ssh 'hadoop004'"
    and check to make sure that only the key(s) you wanted were added.
    [root@hadoop003 .ssh]# ssh hadoop002
    Last login: Wed Jan 15 00:11:57 2020 from 172.16.25.74
    
    Welcome to Alibaba Cloud Elastic Compute Service !
    
    [root@hadoop002 ~]#

    .ssh文件夹下(~/.ssh)的文件功能解释

    表2-4

    known_hosts

    记录ssh访问过计算机的公钥(public key)

    id_rsa

    生成的私钥

    id_rsa.pub

    生成的公钥

    authorized_keys

    存放授权过得无密登录服务器公钥

    [root@hadoop003 .ssh]# ll
    total 16
    -rw------- 1 root root  792 Jan 15 00:16 authorized_keys
    -rw------- 1 root root 1679 Jan 15 00:13 id_rsa
    -rw-r--r-- 1 root root  396 Jan 15 00:13 id_rsa.pub
    -rw-r--r-- 1 root root  557 Jan 15 00:16 known_hosts
    [root@hadoop003 .ssh]#
  • 相关阅读:
    洛谷P5661 公交换乘(二分)
    洛谷P4047 [JSOI2010]部落划分(最小生成树)
    洛谷P2872 [USACO07DEC]Building Roads S(最小生成树)
    卸载重装VirtualBox回滚报错
    POJ1151 Atlantis(扫描线+线段树+离散化)
    QT入门-信号槽拓展
    Vue模板语法与常用指令总结
    Vue 生命周期
    querySelector和getElementById方法的区别
    ES6 Class(类)的继承与常用方法
  • 原文地址:https://www.cnblogs.com/dalianpai/p/12194726.html
Copyright © 2020-2023  润新知