目标:ssh localhost 无需键入密码
步骤 :
前提:确认主机安装ssh shhd 分别是 ssh客户端和server端
使用hadoop账户:
ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa
cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
建立好这些文件后,无需修改sshd_config或ssh_config文件
ssh客户端默认会在passwd验证之前,在本地~/.ssh目录下寻找dsa、rsa等加密方式的密钥文件,看能否免除密码键入的验证步骤
做好上述配置后,ssh localhost 还是需要键入密码
ssh -vv localhost 显示debug信息如下:
debug2: we did not send a packet, disable method
debug1: Next authentication method: publickey
debug1: Trying private key: /home/hadoop/.ssh/identity
debug1: Trying private key: /home/hadoop/.ssh/id_rsa
debug1: Offering public key: /home/hadoop/.ssh/id_dsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
hadoop@localhost's password:
由上面debug信息可知,ssh在尝试发送rsa或dsa的public key,但是并没有发送出去we did not send a packet, disable method
猜测是权限问题
将.ssh权限改为700(原来是777)
authorized_keys 权限改为600 (原来是666)
如此之后
ssh localhost
无需输入密码
配置成功
阅读(5296) | 评论(0) | 转发(1) |
