Home PC Games Linux Windows Database Network Programming Server Mobile  
           
  Home \ Linux \ Linux (CentOS) SSH login without password authentication     - The difference between equals and == in Java (Programming)

- Linux, modify the hostname (Linux)

- How to install Hadoop on CentOS7 (Server)

- Eclipse remove all comments and code spaces (Linux)

- Linux environment MySQL master-slave synchronization (Database)

- Linux Command Tutorial: cat command to view the contents of the file (Linux)

- CentOS yum configuration under local sources (Linux)

- Remote database using RMAN recovery test (RAC return to single-instance database) (Database)

- Learning OpenCV: (VS2010-openCV2.4.3-win7 configuration instructions) (Linux)

- How to Install Xombrero 1.6.4 (minimalist Web browser) on Ubuntu and Archlinux (Linux)

- Linux 4.0+ kernel support for hardware switching module (HW Switch Offload) (Linux)

- OpenGL Superb Learning Notes - New Patterns (Programming)

- Linux Defensive / mitigate DDOS attacks (Linux)

- Supervisor Installation and Configuration (Server)

- Linux file compression and file system packaged with instructions (Linux)

- Solve the compatibility problem between Linux and Java at the source in bold font (Linux)

- Nginx DHCP TFTP Kickstart set up automatic installation system (Server)

- Strategy Games Ubuntu installation of Wesnoth 1.12.1 (Linux)

- How to configure Apache Solr on Ubuntu 14/15 (Server)

- Getting case of Python Hello World (Programming)

 
         
  Linux (CentOS) SSH login without password authentication
     
  Add Date : 2018-11-21      
         
         
         
  Recently set up a Hadoop cluster, in order to facilitate the operation, with no need Master password authentication methods SSH login Slave.

1. Principle:
Master as a client, to achieve public without password authentication when connecting to the server Salve, you need to generate a key pair on the Master, including a public key and a private key and the public key will be copied to all the Salve. When the Master via SSH when the link to Salve, Salve generates a random number with Master's public key to encrypt the random number, and sends Master. After Master then receive encrypted private key to decrypt and decrypts it back to Salve, Salve confirm the correct number after decryption allows to connect the Master. This is no need to manually enter the password a public key certification process, during which important process is to copy the public key generated on the Master to Salve.

2. On the Master Hadoop user login, execute the following command to generate a key pair and a public key file is written to the authorization file and assign permissions

[Hadoop @ master bin] $ ssh-keygen -t rsa -P ''
Generating public / private rsa key pair.
Enter file in which to save the key (/home/hadoop/.ssh/id_rsa):
Your identification has been saved in /home/hadoop/.ssh/id_rsa.
Your public key has been saved in /home/hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
93: 21: fb: 20: 01: c9: 13: a3: 28: 01: 6c: 57: 3b: a0: e0: e2 hadoop @ master
The key's randomart image is:
+ - [RSA 2048] ---- +
|. * ++ .. |
| + == +.. |
| * O ... o.. |
| + ..o O |
|. E o S |
|. O. |
|. |
| |
| |
+ ----------------- +
[Hadoop @ master bin] $ cat ~ / .ssh / id_rsa.pub >> ~ / .ssh / authorized_keys
[Hadoop @ master bin] $ chmod 600 ~ / .ssh / authorized_keys
3 Switching root user, configure sshd, canceled annotated public field,
RSAAuthentication yes # Enable RSA authentication
PubkeyAuthentication yes # Enable public and private key pair authentication
AuthorizedKeysFile .ssh / authorized_keys # public key file path (the same as above generated files) and save the settings, and then restart sshd, to test the machine SSH

[Hadoop @ master bin] $ su root
password:
bash-4.1 # vim / etc / ssh / sshd_config
bash-4.1 # service sshd restart
Stopping sshd: [OK]
Starting sshd: [OK]
4. The test machine: here I used localhost, IP address, hostname to test, you can find not need to enter a password.

[Hadoop @ master bin] $ ssh localhost
The authenticity of host 'localhost (:: 1)' can not be established.
RSA key fingerprint is 3a: 99: 7f: 41: 68: bd: 3b: 80: 43: bb: 8a: 5c: 62: 73: 1f: 45.
Are you sure you want to continue connecting (yes / no)? Yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts.
[Hadoop @ master ~] $ ssh 172.16.1.17
The authenticity of host '172.16.1.17 (172.16.1.17)' can not be established.
RSA key fingerprint is 3a: 99: 7f: 41: 68: bd: 3b: 80: 43: bb: 8a: 5c: 62: 73: 1f: 45.
Are you sure you want to continue connecting (yes / no)? Yes
Warning: Permanently added '172.16.1.17' (RSA) to the list of known hosts.
Last login: Wed Jun 10 12:37:23 2015 from :: 1
[Hadoop @ master ~] $ ssh master
sysconfig / system-release
The authenticity of host 'master (172.16.1.17)' can not be established.
RSA key fingerprint is 3a: 99: 7f: 41: 68: bd: 3b: 80: 43: bb: 8a: 5c: 62: 73: 1f: 45.
Are you sure you want to continue connecting (yes / no)? Yes
Warning: Permanently added 'master' (RSA) to the list of known hosts.
Last login: Wed Jun 10 12:38:37 2015 from 172.16.1.17
Here Master password authentication with no way SSH login Slave

1. First, create a user hadoop on the Slave, and set a password

-bash-4.1 # useradd hadoop
-bash-4.1 # ls -l / home
The total amount of 8
drwx ------ 2 hadoop hadoop 4096. 6 Yue 10 12:58 hadoop
drwx ------ 2 xc xc 4096. 7 Yue 9 2013 xc
-bash-4.1 # passwd hadoop
Hadoop change the user's password.
New Password:
Re-enter the new password:
passwd: all authentication tokens have been successfully updated.
2. Switch to the Master, and the public on the Master scp to the Hadoop user Slave nodes

[Hadoop @ master ~] $ scp ~ / .ssh / id_rsa.pub hadoop @ slave2: ~ /
The authenticity of host 'slave2 (172.16.1.20)' can not be established.
RSA key fingerprint is 67: 22: ba: 43: ad: fe: a2: d4: ad: 43: 26: 4b: 71: d0: 54: af.
Are you sure you want to continue connecting (yes / no)? Yes
Warning: Permanently added 'slave2,172.16.1.20' (RSA) to the list of known hosts.
hadoop @ slave2's password:
id_rsa.pub 100% 395 0.4KB / s 00:00
[Hadoop @ master ~] $
1
3. After the copy to the Slave node, additional public authority, and modify permissions

[Hadoop @ master ~] $ ssh hadoop @ slave2
hadoop @ slave2's password:
[Hadoop @ slave2 ~] $ ls
id_rsa.pub
[Hadoop @ slave2 ~] $ mkdir ~ / .ssh
[Hadoop @ slave2 ~] $ chmod 700 ~ / .ssh /
[Hadoop @ slave2 ~] $ cat ~ / id_rsa.pub >> ~ / .ssh / authorized_keys
[Hadoop @ slave2 ~] $ chmod 600 ~ / .ssh / authorized_keys
[Hadoop @ slave2 ~] $
4. then switch to root to use, modify sshd configuration, and restart the sshd service.
1) Add the following two lines of code in the / etc / sys

sysconfig / system-release
sysctl.conf system-release-cpe
2) then modify / etc / ssh / sshd_config file, the following three lines of comments (#) cancel)

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh / authorized_keys
3) Restart sshd service

service sshd restart
5. Back to the Master under test and found that you can not enter a password, you can ssh to the Hadoop user Slave nodes.

[Hadoop @ master ~] $ ssh hadoop @ slave2
Last login: Wed Jun 10 13:09:53 2015 from 172.16.1.17
[Hadoop @ slave2 ~] $
     
         
         
         
  More:      
 
- How to fix fatal error: security / pam_modules.h: No such file or directory (Linux)
- Linux System Getting Started Tutorial: Installing Brother printer in Linux (Linux)
- Ubuntu 14.04 to install Blender 2.71 (Linux)
- LVM mirrored logical volume to achieve (Linux)
- Monitoring network traffic with Iptraf in Linux environment (Linux)
- STL in the list of erase () method (Programming)
- Apache Linux firewall reverse proxy configuration (Linux)
- C ++ based socket communication TCP and UDP (Programming)
- CentOS6 installed Tomcat (Server)
- Oracle RMAN repair logical bad blocks (Database)
- Gnu Linux - Ubuntu System Clean-term consolidation (Linux)
- Linux system started to learn: the Linux syslog (Linux)
- Approach the next Linux shared interrupts (Linux)
- How to use Monit to deploy a server to monitor the system (Server)
- openSUSE 13.1 / 13.2 installation SoundConverter 2.1.2 (Linux)
- iOS GCD multithreading simple to use (Programming)
- Java Cookie Comments (Programming)
- EXP-00091: Exporting questionable statistics Processing Method (Database)
- PHP Performance Analysis and Experiment: Performance Micro Analysis (Programming)
- Increase ssh security service under Linux (Linux)
     
           
     
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.