hadoop之无密码登陆

ssh localhost 无密码认证登录 网上的方法如下:

$ ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa
$ cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys

 


经试验后还是需要密码

ssh -vvv localhost

查看debug信息发现如下信息:

debug1: Next authentication method: publickey
debug1: Offering public key: /home/xxxxx/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Trying private key: /home/xxxxx/.ssh/identity
debug3: no such identity: /home/xxxxx/.ssh/identity
debug1: Trying private key: /home/xxxxx/.ssh/id_dsa
debug3: no such identity: /home/xxxxx/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password

修改authorized_keys权限

chmod 644 ~/.ssh/authorized_keys

此后登录不再需要密码。

ssh对文件的权限要求很高啊。太挑剔了
用root查询系统登录日志

$tail /var/log/secure -n 20


SSH doesn’t like it if your home or ~/.ssh directories have group write permissions. Your home directory should be writable only by you, ~/.ssh should be 700, and authorized_keys should be 600 :

chmod g-w /home/hadoop     只准用户可写

 chmod 700 /home/hadoop/.ssh 

 chmod 600 /home/hadoop/.ssh/authorized_keys
chmod 600 /home/hadoop/.ssh/id_dsa

完整脚本

ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa
cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
chmod g-w ~  
##只准用户可写
 chmod 700 ~/.ssh 
 chmod 600  ~/.ssh/authorized_keys
chmod 600  ~/.ssh/id_dsa


 

你可能感兴趣的:(hadoop之无密码登陆)