centos普通用户ssh-keygen后仍需重复输入密码问题

用root用户创建ssh 的时候没有问题,在用普通用户登录后,创建了ssh免密登录后,需要反复输入密码。查找原因后,发现权限不够。

[hadoop@master .ssh]$ ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
Generating public/private rsa key pair.
Your identification has been saved in /home/hadoop/.ssh/id_rsa.
Your public key has been saved in /home/hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
8c:8a:46:f7:ea:77:17:d0:90:2e:07:06:b1:72:49:a8 hadoop@master
The key's randomart image is:
+--[ RSA 2048]----+
|   .+o   .       |
|  .. oo o        |
| .. +. o o       |
|E  o  .o+ .      |
|  . . .oS.       |
| . o o    .      |
|  o . .    .     |
| .   .. . .      |
|   .o. . .       |
+-----------------+
[hadoop@master .ssh]$ ls -al
total 16
drwx------.  2 hadoop hadoop 4096 Jul  2 18:16 .
drwx------. 30 hadoop hadoop 4096 Jul  2 17:27 ..
-rw-------.  1 hadoop hadoop 1675 Jul  2 18:16 id_rsa
-rw-r--r--.  1 hadoop hadoop  395 Jul  2 18:16 id_rsa.pub
[hadoop@master .ssh]$ cat id_rsa.pub >>authorized_keys
[hadoop@master .ssh]$ ls
authorized_keys  id_rsa  id_rsa.pub
[hadoop@master .ssh]$ ssh localhost
The authenticity of host 'localhost (::1)' can't be established.
RSA key fingerprint is 2c:8f:be:94:ec:c5:fe:a8:f3:71:0a:33:76:b3:d2:74.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts.
hadoop@localhost's password: 
Last login: Mon Jul  2 18:07:18 2018 from localhost
[hadoop@master ~]$ ssh localhost
hadoop@localhost's password: 
Last login: Mon Jul  2 18:11:06 2018 from localhost
还是存在反复登录的情况。
解决方法:给.ssh文件夹赋予700的权限,生成密钥对后,给authorized_keys赋予644权限。再次测试就成功了
[hadoop@master ~]$ cd .ssh
[hadoop@master .ssh]$ ls
authorized_keys  id_rsa  id_rsa.pub  known_hosts
[hadoop@master .ssh]$ rm -rf authorized_keys 
[hadoop@master .ssh]$ rm -rf id_rsa
[hadoop@master .ssh]$ rm -rf id_rsa.pub 
[hadoop@master .ssh]$ rm -rf known_hosts 
[hadoop@master .ssh]$ cd ..
[hadoop@master ~]$ sudo chmod 700 .ssh
[sudo] password for hadoop: 
[hadoop@master ~]$ cd .ssh
[hadoop@master .ssh]$ ls
[hadoop@master .ssh]$ ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
Generating public/private rsa key pair.
Your identification has been saved in /home/hadoop/.ssh/id_rsa.
Your public key has been saved in /home/hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
8c:8a:46:f7:ea:77:17:d0:90:2e:07:06:b1:72:49:a8 hadoop@master
The key's randomart image is:
+--[ RSA 2048]----+
|   .+o   .       |
|  .. oo o        |
| .. +. o o       |
|E  o  .o+ .      |
|  . . .oS.       |
| . o o    .      |
|  o . .    .     |
| .   .. . .      |
|   .o. . .       |
+-----------------+
[hadoop@master .ssh]$ ls -al
total 16
drwx------.  2 hadoop hadoop 4096 Jul  2 18:16 .
drwx------. 30 hadoop hadoop 4096 Jul  2 17:27 ..
-rw-------.  1 hadoop hadoop 1675 Jul  2 18:16 id_rsa
-rw-r--r--.  1 hadoop hadoop  395 Jul  2 18:16 id_rsa.pub
[hadoop@master .ssh]$ cat id_rsa.pub >>authorized_keys
[hadoop@master .ssh]$ ls
authorized_keys  id_rsa  id_rsa.pub
[hadoop@master .ssh]$ sudo chmod 644 authorized_keys 
[hadoop@master .ssh]$ ssh localhost
The authenticity of host 'localhost (::1)' can't be established.
RSA key fingerprint is 2c:8f:be:94:ec:c5:fe:a8:f3:71:0a:33:76:b3:d2:74.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts.
Last login: Mon Jul  2 18:13:05 2018 from master
[hadoop@master ~]$ ssh localhost
Last login: Mon Jul  2 18:17:53 2018 from localhost
[hadoop@master ~]$ ssh localhost
Last login: Mon Jul  2 18:18:01 2018 from localhost
[hadoop@master ~]$ 

你可能感兴趣的:(centos普通用户ssh-keygen后仍需重复输入密码问题)