ssh互信及scp使用

说明（机器B信任机器A，A可以免密登录B）

ssh-keygen:创建公钥和密钥,会生成id_rsa和id_rsa.pub两个文件

ssh-copy-id:把本地的公钥复制到远程主机的authorized_keys文件(不会覆盖文件，是追加到文件末尾)，并且会设置远程主机用户目录的.ssh和.ssh/authorized_keys权限

权限为:

chmod 700 ~/.ssh

chmod 600 ~/.ssh/authorized_keys

ssh-keygen 做多台机器间 互相信任 

http://blog.itpub.net/30089851/viewspace-1992210/

文件夹: ~/.ssh

生成:

rm -rf ~/.ssh

[root@hadoop000 ~]# ssh-keygen

[root@hadoop001 ~]# ssh-keygen

选择第一台作为先完善的机器

[root@hadoop000 .ssh]# cat id_rsa.pub >> authorized_keys

其他机器将id_rsa.pub发送给第一台

[root@hadoop001 .ssh]# scp id_rsa.pub 192.168.137.251:/root/.ssh/id_rsa.pub.hadoop001

[root@hadoop002 .ssh]# scp id_rsa.pub 192.168.137.251:/root/.ssh/id_rsa.pub.hadoop001

[root@hadoop003 .ssh]# scp id_rsa.pub 192.168.137.251:/root/.ssh/id_rsa.pub.hadoop001

[root@hadoop004 .ssh]# scp id_rsa.pub 192.168.137.251:/root/.ssh/id_rsa.pub.hadoop001

将其他机器的id_rsa.pub追加到authorized_keys

[root@hadoop000 .ssh]# cat id_rsa.pub.hadoop001 >> authorized_keys

[root@hadoop000 .ssh]# cat id_rsa.pub.hadoop002 >> authorized_keys

[root@hadoop000 .ssh]# cat id_rsa.pub.hadoop003 >> authorized_keys

[root@hadoop000 .ssh]# cat id_rsa.pub.hadoop004 >> authorized_keys

然后将该authorized_keys分发

[root@hadoop000 .ssh]# scp authorized_keys 192.168.137.141:/root/.ssh/

[root@hadoop000 .ssh]# scp authorized_keys 192.168.137.142:/root/.ssh/

[root@hadoop000 .ssh]# scp authorized_keys 192.168.137.143:/root/.ssh/

[root@hadoop000 .ssh]# scp authorized_keys 192.168.137.144:/root/.ssh/

每台机器第一次要做: yes --> known_hosts

[root@hadoop000 .ssh]# ssh hadoop000 date

[root@hadoop000 .ssh]# ssh hadoop001 date

[root@hadoop000 .ssh]# ssh hadoop002 date

[root@hadoop000 .ssh]# ssh hadoop003 date

[root@hadoop000 .ssh]# ssh hadoop004 date