你好,游客 登录 注册 搜索
背景:
阅读新闻

RHEL7.2 SSH非root用户无密码登录

[日期:2017-11-05] 来源:Linux社区  作者:ccskun [字体: ]

RHEL7.2 SSH非root用户无密码登录

1 修改三台虚拟机的/ect/hosts文件

[Hadoop@hadoop01 ~]$ cat /etc/hosts
127.0.0.1  localhost localhost.localdomain localhost4 localhost4.localdomain4
::1        localhost localhost.localdomain localhost6 localhost6.localdomain6
[hadoop@hadoop01 ~]$ su - root
密码:
上一次登录:六 11月  4 15:52:36 CST 2017pts/0 上
ABRT has detected 1 problem(s). For more info run: abrt-cli list --since 1509781956
[root@hadoop01 ~]# vi /etc/hosts
[root@hadoop01 ~]# cat /etc/hosts
127.0.0.1  localhost localhost.localdomain localhost4 localhost4.localdomain4
::1        localhost localhost.localdomain localhost6 localhost6.localdomain6
 
192.168.169.101 hadoop01
192.168.169.102 hadoop02
192.168.169.103 hadoop03

2 修改三台虚拟机的/etc/ssh/sshd_config

[root@hadoop01 ~]# vi /etc/ssh/sshd_config
[root@hadoop01 ~]# cat /etc/ssh/sshd_config | grep uth | grep -v "#"
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile  .ssh/authorized_keys

 将前面的#号去掉

3 修改三台虚拟机的/etc/selinux/config

[root@hadoop01 ~]# vi /etc/selinux/config 
[root@hadoop01 ~]# cat /etc/selinux/config | grep SELINUX= | grep -v "#"
SELINUX=disabled

 4 重启虚机三台虚拟机

[root@hadoop01 ~]# reboot

 5 配置SSH无密码登录

三台虚拟机依次操作如下:

192.168.168.101

[hadoop@hadoop01 ~]$ ssh-keygen
Generating public/private dsa key pair.
Created directory '/hadoop/.ssh'.
Your identification has been saved in /hadoop/.ssh/id_dsa.
Your public key has been saved in /hadoop/.ssh/id_dsa.pub.
The key fingerprint is:
c1:4b:6d:30:2b:57:b9:f8:dc:33:b6:d9:05:f8:79:31 hadoop@hadoop01
The key's randomart image is:
+--[ DSA 1024]----+
|        o ..    |
|      . *.      |
|      . *.o. .  |
|      +.+. . .E |
|        So . . oo|
|          o = o o|
|          . * o |
|            o .  |
|                |
+-----------------+
[hadoop@hadoop01 ~]$ chmod 700 .ssh
[hadoop@hadoop01 ~]$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
[hadoop@hadoop01 ~]$ chmod 600 ~/.ssh/authorized_keys
[hadoop@hadoop01 ~]$ ssh hadoop01
The authenticity of host 'hadoop01 (192.168.169.101)' can't be established.
ECDSA key fingerprint is 7a:41:d1:c6:30:98:21:51:40:b7:ac:13:a4:0d:05:5c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop01,192.168.169.101' (ECDSA) to the list of known hosts.
Last login: Sun Nov  5 10:24:11 2017 from 192.168.169.1
[hadoop@hadoop01 ~]$ exit
登出
Connection to hadoop01 closed.
[hadoop@hadoop01 ~]$ ssh hadoop01
Last login: Sun Nov  5 10:26:02 2017 from hadoop01

192.168.168.102

[hadoop@hadoop02 ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/hadoop/.ssh/id_rsa):
Created directory '/hadoop/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /hadoop/.ssh/id_rsa.
Your public key has been saved in /hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
ee:ba:9f:68:d8:ab:27:ea:f7:42:ff:0c:47:80:fe:63 hadoop@hadoop02
The key's randomart image is:
+--[ RSA 2048]----+
|                |
|    .          |
|    . .          |
|  .  .        |
|    .  S        |
|    .. o        |
|  . +E o        |
|    =.=B .      |
| .oo.B***        |
+-----------------+
[hadoop@hadoop02 ~]$ chmod 700 .ssh
[hadoop@hadoop02 ~]$ scp -rp ~/.ssh/id_rsa.pub hadoop@hadoop01:/hadoop/.ssh/id_rsa.pub.102
The authenticity of host 'hadoop01 (192.168.169.101)' can't be established.
ECDSA key fingerprint is 7a:41:d1:c6:30:98:21:51:40:b7:ac:13:a4:0d:05:5c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop01,192.168.169.101' (ECDSA) to the list of known hosts.
hadoop@hadoop01's password:
id_rsa.pub

192.168.169.103

[hadoop@hadoop03 ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/hadoop/.ssh/id_rsa):
Created directory '/hadoop/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /hadoop/.ssh/id_rsa.
Your public key has been saved in /hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
dc:c2:8d:14:b0:bf:64:a7:2f:41:44:34:1b:66:2b:b2 hadoop@hadoop03
The key's randomart image is:
+--[ RSA 2048]----+
|      .+O        |
|      +.*      |
|    . o.+        |
|    o *.+      |
|    E  .S +      |
|      o.=      |
|        o.      |
|        ..      |
|        ..      |
+-----------------+
[hadoop@hadoop03 ~]$ chmod 700 .ssh
[hadoop@hadoop03 ~]$ scp -rp ~/.ssh/id_rsa.pub hadoop@hadoop01:/hadoop/.ssh/id_rsa.pub.103
The authenticity of host 'hadoop01 (192.168.169.101)' can't be established.
ECDSA key fingerprint is 7a:41:d1:c6:30:98:21:51:40:b7:ac:13:a4:0d:05:5c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop01,192.168.169.101' (ECDSA) to the list of known hosts.
hadoop@hadoop01's password:
id_rsa.pub 

192.168.169.101

[hadoop@hadoop01 ~]$ cat ~/.ssh/id_rsa.pub.102 >> ~/.ssh/authorized_keys
[hadoop@hadoop01 ~]$ cat ~/.ssh/id_rsa.pub.103 >> ~/.ssh/authorized_keys
[hadoop@hadoop01 ~]$ scp -rp ~/.ssh/authorized_keys hadoop@hadoop02:/hadoop/.ssh/
The authenticity of host 'hadoop02 (192.168.169.102)' can't be established.
ECDSA key fingerprint is f7:ef:fb:e5:7e:0f:59:40:63:23:99:9a:ca:e2:03:e8.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop02,192.168.169.102' (ECDSA) to the list of known hosts.
hadoop@hadoop02's password:
authorized_keys                                                                                                                        100%  397    0.4KB/s  00:00   
[hadoop@hadoop01 ~]$ scp -rp ~/.ssh/authorized_keys hadoop@hadoop03:/hadoop/.ssh/
The authenticity of host 'hadoop03 (192.168.169.103)' can't be established.
ECDSA key fingerprint is 25:a7:16:1f:49:91:0f:ba:f8:ba:68:bb:1e:e0:1c:44.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop03,192.168.169.103' (ECDSA) to the list of known hosts.
hadoop@hadoop03's password:
authorized_keys                                                                                                                        100%  397    0.4KB/s  00:00   

 6 验证

192.168.169.101

[hadoop@hadoop01 ~]$ ssh hadoop02
Last login: Sun Nov  5 13:42:56 2017 from 192.168.169.1
[hadoop@hadoop02 ~]$ exit
登出
Connection to hadoop02 closed.
[hadoop@hadoop01 ~]$ ssh hadoop03
Last login: Sun Nov  5 13:42:58 2017 from 192.168.169.1
[hadoop@hadoop03 ~]$

192.168.169.102

[hadoop@hadoop02 ~]$ ssh hadoop01
Last login: Sun Nov  5 13:44:08 2017 from 192.168.169.1
[hadoop@hadoop01 ~]$ exit
登出
Connection to hadoop01 closed.
[hadoop@hadoop02 ~]$ ssh hadoop03
The authenticity of host 'hadoop03 (192.168.169.103)' can't be established.
ECDSA key fingerprint is 25:a7:16:1f:49:91:0f:ba:f8:ba:68:bb:1e:e0:1c:44.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop03,192.168.169.103' (ECDSA) to the list of known hosts.
Last login: Sun Nov  5 13:51:57 2017 from hadoop01
[hadoop@hadoop03 ~]$ 

192.168.169.103

[hadoop@hadoop03 ~]$ ssh hadoop01
Last login: Sun Nov  5 13:52:30 2017 from hadoop02
[hadoop@hadoop01 ~]$ exit
登出
Connection to hadoop01 closed.
[hadoop@hadoop03 ~]$ ssh hadoop02
The authenticity of host 'hadoop02 (192.168.169.102)' can't be established.
ECDSA key fingerprint is f7:ef:fb:e5:7e:0f:59:40:63:23:99:9a:ca:e2:03:e8.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop02,192.168.169.102' (ECDSA) to the list of known hosts.
Last login: Sun Nov  5 13:51:50 2017 from hadoop01
[hadoop@hadoop02 ~]$ 

下面关于SSH相关的文章您也可能喜欢,不妨参考下:

集群环境SSH免密码登录设置  http://www.chineselinuxuniversity.net/Linux/2017-03/141296.htm

Linux基础教程:配置SSH免密码登陆 http://www.chineselinuxuniversity.net/Linux/2017-07/145847.htm

远程SSH连接服务与基本排错  http://www.chineselinuxuniversity.net/Linux/2017-05/143738.htm

使用SSH公钥密钥自动登陆Linux服务器 http://www.chineselinuxuniversity.net/Linux/2017-02/140642.htm

配置SSH免密码登录  http://www.chineselinuxuniversity.net/Linux/2017-08/146213.htm

开启SSH服务让Android手机远程访问 Ubuntu 14.04  http://www.chineselinuxuniversity.net/Linux/2014-09/106809.htm

SSH非交互式密码授权远程执行脚本  http://www.chineselinuxuniversity.net/Linux/2017-04/143180.htm

SSH通过密钥登陆 http://www.chineselinuxuniversity.net/Linux/2017-06/144997.htm

Linux上实现SSH免密码登陆远程服务器  http://www.chineselinuxuniversity.net/Linux/2017-05/144165.htm

本文永久更新链接地址http://www.chineselinuxuniversity.net/Linux/2017-11/148280.htm

linux
相关资讯       SSH无密码登录 
本文评论   查看全部评论 (0)
表情: 表情 姓名: 字数

       

评论声明
  • 尊重网上道德,遵守中华人民共和国的各项有关法律法规
  • 承担一切因您的行为而直接或间接导致的民事或刑事法律责任
  • 本站管理人员有权保留或删除其管辖留言中的任意内容
  • 本站有权在网站内转载或引用您的评论
  • 参与本评论即表明您已经阅读并接受上述条款