Hadoop基础教程-第1章 环境安装配置(1.6 SSH免密登录)
第1章 环境安装配置1.6 SSH免密登录1、XShell的一个技巧当多台虚拟机需要执行相同命令时,可以单击XShell右下角的“三条横杠”按钮,选择“全部会话”,这时XShell下方的输入框将显示提示“发送文本到当前XShell窗口的全部会话”比如在XShell下方输入框输入data命令回车后,将该date命令同时发送到node1、node2和node3。这时可以看到其他两个会话标签多了个叹号提
·
第1章 环境安装配置
1.6 SSH免密登录
1、XShell的一个技巧
当多台虚拟机需要执行相同命令时,可以单击XShell右下角的“三条横杠”按钮,选择“全部会话”,这时XShell下方的输入框将显示提示“发送文本到当前XShell窗口的全部会话”
比如在XShell下方输入框输入data命令
回车后,将该date命令同时发送到node1、node2和node3。这时可以看到其他两个会话标签多了个叹号提示符。
查看node2执行情况
查询node3执行情况
2、生成RSA秘钥对
在XShell下方输入框中输入命令ssh-keygen -t rsa,然后回车执行。再回车3次,即可生成RSA秘钥对
查看密钥对文件
[root@node1 ~]# ls .ssh
id_rsa id_rsa.pub
- id_rsa:私钥
- id_rsa.pub:公钥
3、将每个节点的公钥拷贝到authorized_keys
可以通过命令ssh-copy-id,将本机公钥复制到其他节点的authorized_keys目录,这样本机即可免秘钥登录其他节点。
为了操作方便,我们通过XShell执行下方输入框执行命令即可:
ssh-copy-id node1
按照提示输入“yes”和密码,即可将node1的公钥复制到node1、node2和node3节点。(复制本机,可以实现免密登录本机)
然后再通过XShell分别执行:
ssh-copy-id node2
ssh-copy-id node3
通过XShell执行三条ssh-copy-id命令,实际上就是分别在node1、node2和node3节点执行。下面是命令执行信息:
(1)node1
ssh-copy-id node1
ssh-copy-id node2
ssh-copy-id node3
[root@node1 ~]# ssh-copy-id node1
The authenticity of host 'node1 (192.168.80.131)' can't be established.
ECDSA key fingerprint is e2:9a:7d:70:25:24:45:11:97:12:35:e0:45:4c:64:31.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node1's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'node1'"
and check to make sure that only the key(s) you wanted were added.
[root@node1 ~]# ssh-copy-id node2
The authenticity of host 'node2 (192.168.80.132)' can't be established.
ECDSA key fingerprint is e2:9a:7d:70:25:24:45:11:97:12:35:e0:45:4c:64:31.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node2's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'node2'"
and check to make sure that only the key(s) you wanted were added.
[root@node1 ~]# ssh-copy-id node3
The authenticity of host 'node3 (192.168.80.133)' can't be established.
ECDSA key fingerprint is e2:9a:7d:70:25:24:45:11:97:12:35:e0:45:4c:64:31.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node3's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'node3'"
and check to make sure that only the key(s) you wanted were added.
[root@node1 ~]#
(2)node2
ssh-copy-id node1
ssh-copy-id node2
ssh-copy-id node3
[root@node2 ~]# ssh-copy-id node1
The authenticity of host 'node1 (192.168.80.131)' can't be established.
ECDSA key fingerprint is e2:9a:7d:70:25:24:45:11:97:12:35:e0:45:4c:64:31.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node1's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'node1'"
and check to make sure that only the key(s) you wanted were added.
[root@node2 ~]# ssh-copy-id node2
The authenticity of host 'node2 (192.168.80.132)' can't be established.
ECDSA key fingerprint is e2:9a:7d:70:25:24:45:11:97:12:35:e0:45:4c:64:31.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node2's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'node2'"
and check to make sure that only the key(s) you wanted were added.
[root@node2 ~]# ssh-copy-id node3
The authenticity of host 'node3 (192.168.80.133)' can't be established.
ECDSA key fingerprint is e2:9a:7d:70:25:24:45:11:97:12:35:e0:45:4c:64:31.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node3's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'node3'"
and check to make sure that only the key(s) you wanted were added.
[root@node2 ~]#
(3)node3
ssh-copy-id node1
ssh-copy-id node2
ssh-copy-id node3
[root@node3 ~]# ssh-copy-id node1
The authenticity of host 'node1 (192.168.80.131)' can't be established.
ECDSA key fingerprint is e2:9a:7d:70:25:24:45:11:97:12:35:e0:45:4c:64:31.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node1's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'node1'"
and check to make sure that only the key(s) you wanted were added.
[root@node3 ~]# ssh-copy-id node2
The authenticity of host 'node2 (192.168.80.132)' can't be established.
ECDSA key fingerprint is e2:9a:7d:70:25:24:45:11:97:12:35:e0:45:4c:64:31.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node2's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'node2'"
and check to make sure that only the key(s) you wanted were added.
[root@node3 ~]# ssh-copy-id node3
The authenticity of host 'node3 (192.168.80.133)' can't be established.
ECDSA key fingerprint is e2:9a:7d:70:25:24:45:11:97:12:35:e0:45:4c:64:31.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node3's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'node3'"
and check to make sure that only the key(s) you wanted were added.
[root@node3 ~]#
4、测试免密登录
[root@node1 ~]# ssh node1
Last login: Fri Jul 21 23:13:10 2017 from node1
[root@node1 ~]# ls .ssh
authorized_keys id_rsa id_rsa.pub known_hosts
[root@node1 ~]# ssh node2
Last login: Fri Jul 21 23:13:18 2017 from node2
[root@node2 ~]# ssh node3
Last login: Fri Jul 21 23:16:03 2017 from node3
[root@node3 ~]# ssh node2
Last login: Fri Jul 21 23:31:43 2017 from node1
[root@node2 ~]# ssh node1
Last login: Fri Jul 21 23:16:06 2017 from node3
[root@node1 ~]#
[root@node1 ~]# ll .ssh
total 16
-rw------- 1 root root 1176 Jul 21 23:14 authorized_keys
-rw------- 1 root root 1679 Jul 21 23:14 id_rsa
-rw-r--r-- 1 root root 392 Jul 21 23:14 id_rsa.pub
-rw-r--r-- 1 root root 546 Jul 21 23:15 known_hosts
cat .ssh/authorized_keys
[root@node1 ~]# cat .ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6II3oKg4lI8LWTPBQXVmtRxO/9t+Fen1Ful2wpfAiJfv2ysUxI7hvVKedGdmgmzqhsbpyhC9wadS69WQPS4Kxi81ZbDbCzQtzMh7tlMe1TXsIkBzEMHlskNzwb0ZRdknnF6RXHnfwDBG2WBvs9r8WxmWtm/RzAp0j03RFHmW6IevXu4xuwi1jDJftMjJfkXD9YKiPGlwBBzZ69AWT++KlZe743Dt/1JKGcxNgCMAtjpmFTPPBaKpYEb1GFP1A1StKABFk6QMoI1T442lc5C6W7V98kSWYZdutXoLtrymzQmrERJSjV/31hs27FbzJ93kj42/Nyfj8QlFpNfPZOI6l root@node1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD1ZDljkN4isOzG90Iyv8yMomZFcfHYK2JghV3ZD5Fc/RA10502V4PMpTSYcePAylFAnuFmzYkCKY6HHhM0hONL7rqTvwpsmRQ4llc2eaxj8GB/87sYQQm+GAe6/QWDCh4G461pKo5CxhR5L7yAT2/Q8ddFuGfaBUp8GN+zfpBBgPUnJid1F8YavJJTZPAMqZMcfAnbyb++AZ6+RtOzfbyehmYo2Q/a5maBtK4s80N8XT7yMcAzk+B5DUOuxRXUtjcbbZqn94o4NUfWB3Qm+OWWr+yL9fW2tQdD4iLR1lCS33IikyN1/q++jfNW6yzWlWZUSrqTst6pn+JhxmFmMeId root@node3
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTtAK1vI6hXvucGd+98Naqb8r/LaAIOzbmRGP/yVma2R9LLZrPY+++NkQHx9CGEEoJUABQVAOAerWepkxy65Rfn0i6KkcgPAS/ItaxnVB7+fDraq0aOFrwh+WYC3BK/2ns+3b0dweYuHTYpAhpbWuyAUQA4gSSiFyVuzk8ycQ1b7oe4hPrmamb4+T1B8H4aDgg9shreH7i4OIXAQLPQlZmNdyiX+HnxtuREEvhqGH+JquIe/I/AfB9KiLaE3e/52dOmBl5rzr8GcncqUese3L7dVwxBUNWFA/wmwuWRAQhY/GwSAp/67ZnwpNs1sBSK6D+1d2XNgzmpfWK18Ilk6fb root@node2
cat .ssh/known_hosts
[root@node1 ~]# cat .ssh/known_hosts
node1,192.168.80.131 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBA+9ht7NXrQyz1cD2YY4w17BEMnM0yZjG2VeVFIztrmusVnFFqJNmvHsxVHWJNnhQeFQPJ0GvPL7I4WB34pmz5E=
node2,192.168.80.132 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBA+9ht7NXrQyz1cD2YY4w17BEMnM0yZjG2VeVFIztrmusVnFFqJNmvHsxVHWJNnhQeFQPJ0GvPL7I4WB34pmz5E=
node3,192.168.80.133 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBA+9ht7NXrQyz1cD2YY4w17BEMnM0yZjG2VeVFIztrmusVnFFqJNmvHsxVHWJNnhQeFQPJ0GvPL7I4WB34pmz5E=
[root@node1 ~]#
5、退出ssh登录
exit命令退出
[root@node1 ~]# exit
logout
Connection to node1 closed.
[root@node2 ~]#
快捷键ctl+d退出
[root@node2 ~]# logout
Connection to node2 closed.
[root@node3 ~]# logout
Connection to node3 closed.
[root@node2 ~]# logout
Connection to node2 closed.
[root@node1 ~]#
6、免密登录脚本
(1)脚本内容
# !/bin/bash
SERVERS="node1 node2 node3"
PASSWORD=123456
auto_gen_ssh_key() {
expect -c "set timeout -1;
spawn ssh-keygen;
expect {
*(/root/.ssh/id_rsa)* {send -- \r;exp_continue;}
*passphrase)* {send -- \r;exp_continue;}
*again* {send -- \r;exp_continue;}
*(y/n)* {send -- y\r;exp_continue;}
*password:* {send -- $PASSWORD\r;exp_continue;}
eof {exit 0;}
}";
}
auto_ssh_copy_id() {
expect -c "set timeout -1;
spawn ssh-copy-id $1;
expect {
*(yes/no)* {send -- yes\r;exp_continue;}
*password:* {send -- $2\r;exp_continue;}
eof {exit 0;}
}";
}
auto_copy_id_to_all() {
for SERVER in $SERVERS
do
auto_ssh_copy_id $SERVER $PASSWORD
done
}
yum install -y expect
auto_gen_ssh_key
auto_copy_id_to_all
(2)创建脚本文件,填入上面内容
[root@node3 ~]# vi ssh.sh
(3)设置脚本可执行
[root@node3 ~]# chmod +x ssh.sh
[root@node3 ~]# ll
总用量 8
-rw-------. 1 root root 1260 8月 28 2021 anaconda-ks.cfg
-rwxr-xr-x 1 root root 780 8月 28 10:37 ssh.sh
[root@node3 ~]#
(4)执行脚本
[root@node3 ~]# ./ssh.sh
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
正在解决依赖关系
--> 正在检查事务
---> 软件包 expect.x86_64.0.5.45-14.el7_1 将被 安装
--> 正在处理依赖关系 libtcl8.5.so()(64bit),它被软件包 expect-5.45-14.el7_1.x86_64 需要
--> 正在检查事务
---> 软件包 tcl.x86_64.1.8.5.13-8.el7 将被 安装
--> 解决依赖关系完成
依赖关系解决
===================================================================================================
Package 架构 版本 源 大小
===================================================================================================
正在安装:
expect x86_64 5.45-14.el7_1 base 262 k
为依赖而安装:
tcl x86_64 1:8.5.13-8.el7 base 1.9 M
事务概要
===================================================================================================
安装 1 软件包 (+1 依赖软件包)
总下载量:2.1 M
安装大小:4.9 M
Downloading packages:
(1/2): expect-5.45-14.el7_1.x86_64.rpm | 262 kB 00:00:00
(2/2): tcl-8.5.13-8.el7.x86_64.rpm | 1.9 MB 00:00:01
---------------------------------------------------------------------------------------------------
总计 1.4 MB/s | 2.1 MB 00:00:01
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在安装 : 1:tcl-8.5.13-8.el7.x86_64 1/2
正在安装 : expect-5.45-14.el7_1.x86_64 2/2
验证中 : 1:tcl-8.5.13-8.el7.x86_64 1/2
验证中 : expect-5.45-14.el7_1.x86_64 2/2
已安装:
expect.x86_64 0:5.45-14.el7_1
作为依赖被安装:
tcl.x86_64 1:8.5.13-8.el7
完毕!
spawn ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:KcSgIBxGPk4/9QvRvdOL7Gk8G72q/5+u7LkyKrbi/Bs root@node3
The key's randomart image is:
+---[RSA 2048]----+
|=+. . |
|+o . o. . |
| +. oo. . |
|o o ..o .o |
| . o ...So . |
| . ..o + . |
| E ..+ o |
| .. o. .*+ o . |
| .o+++o=*OO=+ |
+----[SHA256]-----+
spawn ssh-copy-id node1
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'node1 (192.168.9.101)' can't be established.
ECDSA key fingerprint is SHA256:rkytFGgctle6A5MUemlUxQBCVRoH+LC/QlLipa7gzG4.
ECDSA key fingerprint is MD5:0c:20:40:c0:1d:ea:00:bc:8e:45:8a:76:62:27:c8:3b.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node1's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'node1'"
and check to make sure that only the key(s) you wanted were added.
spawn ssh-copy-id node2
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'node2 (192.168.9.102)' can't be established.
ECDSA key fingerprint is SHA256:rkytFGgctle6A5MUemlUxQBCVRoH+LC/QlLipa7gzG4.
ECDSA key fingerprint is MD5:0c:20:40:c0:1d:ea:00:bc:8e:45:8a:76:62:27:c8:3b.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node2's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'node2'"
and check to make sure that only the key(s) you wanted were added.
spawn ssh-copy-id node3
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'node3 (192.168.9.103)' can't be established.
ECDSA key fingerprint is SHA256:rkytFGgctle6A5MUemlUxQBCVRoH+LC/QlLipa7gzG4.
ECDSA key fingerprint is MD5:0c:20:40:c0:1d:ea:00:bc:8e:45:8a:76:62:27:c8:3b.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node3's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'node3'"
and check to make sure that only the key(s) you wanted were added.
[root@node3 ~]#
(5)测试免密登录
[root@node3 ~] ssh node1
Last login: Sat Aug 28 10:35:43 2021 from 192.168.9.1
[root@node1 ~]# exit
登出
Connection to node1 closed.
[root@node3 ~]# ssh node2
Last login: Sat Aug 28 10:36:01 2021 from 192.168.9.1
[root@node2 ~]# exit
登出
Connection to node2 closed.
[root@node3 ~]# ssh node3
Last login: Sat Aug 28 10:36:07 2021 from 192.168.9.1
[root@node3 ~]# exit
登出
Connection to node3 closed.
[root@node3 ~]#
(6)然后将该脚本复制到node1和node2,执行一遍。
[root@node3 ~]# scp ssh.sh node1:/root
ssh.sh 100% 780 212.1KB/s 00:00
[root@node3 ~]# scp ssh.sh node2:/root
ssh.sh 100% 780 197.4KB/s 00:00
[root@node3 ~]#
[root@node2 ~]# ./ssh.sh
[root@node1 ~]# ./ssh.sh
华为开发者空间,是为全球开发者打造的专属开发空间,汇聚了华为优质开发资源及工具,致力于让每一位开发者拥有一台云主机,基于华为根生态开发、创新。
更多推荐
1
0- 0
已为社区贡献11条内容
所有评论(0)