[Hadoop]SSH免密碼登錄以及失敗解決方案

http://blog.csdn.net/sunnyyoona/article/details/51689041

創(chuàng)建ssh-key

這里我們采用rsa方式,使用如下命令:

xiaosi@xiaosi:~$ ssh-keygen-t rsa-f~/.ssh/id_rsa

Generatingpublic/private rsa key pair.

Createddirectory'/home/xiaosi/.ssh'.

Enter passphrase (empty for no passphrase):

Entersame passphrase again:

Youridentification has been savedin/home/xiaosi/.ssh/id_rsa.

Yourpublic key has been savedin/home/xiaosi/.ssh/id_rsa.pub.

Thekey fingerprint is:

SHA256:n/sFaAT94A/xxxxxxxxxxxxxxxxxxxxxxxxiaosi@xiaosi

Thekey's randomart image is:

+---[xxxxx]----+

| ? ? ? ?o= .. .. |

| ? ? ? ?o.= .. ?.|

| ? ? ? ? *.* o ?.|

| ? ? ? ?+.4.=E+..|

| ? ? ? .SBo=. h+ |

| ? ? ? ?ogo..oo. |

| ? ? ? ? ?or +j..|

| ? ? ? ? ?...+o=.|

| ? ? ? ? ?... o=+|

+----[xxxxx]-----+

備注:

這里會提示輸入pass phrase,一定不要輸入任何字符,回車即可。

2. 生成authorized_keys文件

xiaosi@xiaosi:~$ cat~/.ssh/id_rsa.pub>>~/.ssh/authorized_keys

備注:

記得要把a(bǔ)uthorized_keys文件放到.ssh目錄下,與rsa等文件放在一起,否則免登錄失敗,debug如下(ssh -vvv localhost進(jìn)行調(diào)試,查找錯誤原因):

xiaosi@xiaosi:~$ ssh-vvv localhost

OpenSSH_7.2p2Ubuntu-4ubuntu1,OpenSSL1.0.2g-fips1Mar2016

debug1:Readingconfiguration data/etc/ssh/ssh_config

debug1:/etc/ssh/ssh_config line19:Applyingoptionsfor*

debug2:resolving"localhost"port22

debug2:ssh_connect_direct:needpriv0

debug1:Connectingto localhost[127.0.0.1]port22.

debug1:Connectionestablished.

debug1:identity file/home/xiaosi/.ssh/id_rsa type1

debug1:key_load_public:Nosuch file or directory

debug1:identity file/home/xiaosi/.ssh/id_rsa-cert type-1

debug1:key_load_public:Nosuch file or directory

debug1:identity file/home/xiaosi/.ssh/id_dsa type-1

debug1:key_load_public:Nosuch file or directory

debug1:identity file/home/xiaosi/.ssh/id_dsa-cert type-1

debug1:key_load_public:Nosuch file or directory

debug1:identity file/home/xiaosi/.ssh/id_ecdsa type-1

debug1:key_load_public:Nosuch file or directory

debug1:identity file/home/xiaosi/.ssh/id_ecdsa-cert type-1

debug1:key_load_public:Nosuch file or directory

debug1:identity file/home/xiaosi/.ssh/id_ed25519 type-1

debug1:key_load_public:Nosuch file or directory

debug1:identity file/home/xiaosi/.ssh/id_ed25519-cert type-1

debug1:Enablingcompatibility modeforprotocol2.0

debug1:Localversion string SSH-2.0-OpenSSH_7.2p2Ubuntu-4ubuntu1

debug1:Remoteprotocol version2.0,remote software versionOpenSSH_7.2p2Ubuntu-4ubuntu1

debug1:match:OpenSSH_7.2p2Ubuntu-4ubuntu1patOpenSSH*compat0x04000000

debug2:fd3setting O_NONBLOCK

debug1:Authenticatingto localhost:22as'xiaosi'

debug3:hostkeys_foreach:reading file"/home/xiaosi/.ssh/known_hosts"

debug3:record_hostkey:found key type ECDSAinfile/home/xiaosi/.ssh/known_hosts:1

debug3:load_hostkeys:loaded1keys from localhost

debug3:order_hostkeyalgs:prefer hostkeyalgs:ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521

debug3:send packet:type20

debug1:SSH2_MSG_KEXINIT sent

debug3:receive packet:type20

debug1:SSH2_MSG_KEXINIT received

debug2:localclient KEXINIT proposal

debug2:KEX algorithms:curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,ext-info-c

debug2:host key algorithms:ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa

debug2:ciphers ctos:chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc

debug2:ciphers stoc:chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc

debug2:MACsctos:umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1

debug2:MACsstoc:umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1

debug2:compression ctos:none,zlib@openssh.com,zlib

debug2:compression stoc:none,zlib@openssh.com,zlib

debug2:languages ctos:

debug2:languages stoc:

debug2:first_kex_follows0

debug2:reserved0

debug2:peer server KEXINIT proposal

debug2:KEX algorithms:curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1

debug2:host key algorithms:ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519

debug2:ciphers ctos:chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com

debug2:ciphers stoc:chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com

debug2:MACsctos:umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1

debug2:MACsstoc:umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1

debug2:compression ctos:none,zlib@openssh.com

debug2:compression stoc:none,zlib@openssh.com

debug2:languages ctos:

debug2:languages stoc:

debug2:first_kex_follows0

debug2:reserved0

debug1:kex:algorithm:curve25519-sha256@libssh.org

debug1:kex:host key algorithm:ecdsa-sha2-nistp256

debug1:kex:server->client cipher:chacha20-poly1305@openssh.com MAC:compression:none

debug1:kex:client->server cipher:chacha20-poly1305@openssh.com MAC:compression:none

debug3:send packet:type30

debug1:expecting SSH2_MSG_KEX_ECDH_REPLY

debug3:receive packet:type31

debug1:Serverhost key:ecdsa-sha2-nistp256 SHA256:378enl3ckhdpObP8fnsHr1EXz4d1q2Jde+jUplkub/Y

debug3:hostkeys_foreach:reading file"/home/xiaosi/.ssh/known_hosts"

debug3:record_hostkey:found key type ECDSAinfile/home/xiaosi/.ssh/known_hosts:1

debug3:load_hostkeys:loaded1keys from localhost

debug1:Host'localhost'is known and matches the ECDSA host key.

debug1:Foundkeyin/home/xiaosi/.ssh/known_hosts:1

debug3:send packet:type21

debug2:set_newkeys:mode1

debug1:rekey after134217728blocks

debug1:SSH2_MSG_NEWKEYS sent

debug1:expecting SSH2_MSG_NEWKEYS

debug3:receive packet:type21

debug2:set_newkeys:mode0

debug1:rekey after134217728blocks

debug1:SSH2_MSG_NEWKEYS received

debug2:key:/home/xiaosi/.ssh/id_rsa(0x5602df5e80c0)

debug2:key:/home/xiaosi/.ssh/id_dsa((nil))

debug2:key:/home/xiaosi/.ssh/id_ecdsa((nil))

debug2:key:/home/xiaosi/.ssh/id_ed25519((nil))

debug3:send packet:type5

debug3:receive packet:type7

debug1:SSH2_MSG_EXT_INFO received

debug1:kex_input_ext_info:server-sig-algs=

debug3:receive packet:type6

debug2:service_accept:ssh-userauth

debug1:SSH2_MSG_SERVICE_ACCEPT received

debug3:send packet:type50

debug3:receive packet:type51

debug1:Authenticationsthat cancontinue:publickey,password

debug3:start over,passed a different list publickey,password

debug3:preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password

debug3:authmethod_lookup publickey

debug3:remaining preferred:keyboard-interactive,password

debug3:authmethod_is_enabled publickey

debug1:Nextauthentication method:publickey

debug1:OfferingRSA public key:/home/xiaosi/.ssh/id_rsa

debug3:send_pubkey_test

debug3:send packet:type50

debug2:we sent a publickey packet,waitforreply

debug3:receive packet:type51

debug1:Authenticationsthat cancontinue:publickey,password

debug1:Tryingprivate key:/home/xiaosi/.ssh/id_dsa

debug3:no such identity: /home/xiaosi/.ssh/id_dsa: No such file or directory

debug1:Tryingprivate key:/home/xiaosi/.ssh/id_ecdsa

debug3:no such identity: /home/xiaosi/.ssh/id_ecdsa: No such file or directory

debug1:Tryingprivate key:/home/xiaosi/.ssh/id_ed25519

debug3:no such identity: /home/xiaosi/.ssh/id_ed25519: No such file or directory

debug2:we did not send a packet,disable method

debug3:authmethod_lookup password

debug3:remaining preferred:,password

debug3:authmethod_is_enabled password

debug1:Nextauthentication method:password

xiaosi@localhost's password:

3. 驗(yàn)證

xiaosi@xiaosi:~$ ssh localhost

Theauthenticity of host'localhost (127.0.0.1)'can't be established.

ECDSA key fingerprint is SHA256:378enl3ckhdpObP8fnsHr1EXz4d1q2Jde+jUplkub/Y.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.

sign_and_send_pubkey: signing failed: agent refused operation

xiaosi@localhost's password:

4.?authorized_keys權(quán)限

我們可以看到還是讓我輸入密碼,很大可能是authorized_keys文件權(quán)限的問題,我們給該文件賦予一定權(quán)限:

xiaosi@xiaosi:~$ chmod600~/.ssh/authorized_keys

再次驗(yàn)證:

xiaosi@xiaosi:~$ ssh localhost

WelcometoUbuntu16.04LTS(GNU/Linux4.4.0-24-generic x86_64)

*Documentation:https://help.ubuntu.com/

0個可升級軟件包。

0個安全更新。

Lastlogin:ThuJun1608:05:502016from127.0.0.1

到此表示OK了。

備注:

或者第一次需要輸入密碼,以后再次登陸就不需要輸入密碼了。

有更明白的小伙伴可以指導(dǎo)一下。。。。。。

最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請聯(lián)系作者
平臺聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡書系信息發(fā)布平臺,僅提供信息存儲服務(wù)。

推薦閱讀更多精彩內(nèi)容