Linux common Commands (iii) SSH

Linux common Commands (iii) SSH

(1) Install and configure SSH login without password

CentOS default installed SSH client, SSH server, open the terminal to perform the following command to verify

rpm -qa | grep ssh

If the returned result is as shown, the SSH client and SSH server are included, there is no need to install

If installation is required, it can be installed via Yum:

yum -y install openssh-clients openssh-server

Then execute the following command to test if SSH is available:

ssh localhost

At this point, you will be prompted with the following (SSH first login hint), enter Yes. Then follow the prompts to enter the password, so you log on to the machine.

[[email protected] home]# ssh localhostThe authenticity of host ‘localhost (::1)‘ can‘t be established.ECDSA key fingerprint is bd:66:a8:94:98:d5:0b:f3:bc:e9:5c:41:4c:ca:b3:d4.Are you sure you want to continue connecting (yes/no)? yes   Warning: Permanently added ‘localhost‘ (ECDSA) to the list of known hosts.[email protected]‘s password: Last login: Fri Apr 20 07:07:31 2018 from 192.168.2.1

But this login is required to enter the password every time, we need to configure SSH without password login more convenient.

Enter exit to exit just SSH, go back to our original terminal window, then use Ssh-keygen to generate the key and add the key to the authorization:

exit                           # 退出刚才的 ssh localhostcd ~/.ssh/                     # 若没有该目录，请先执行一次ssh localhostrm ./id_rsa*                   # 删除之前生成的公匙（如果有）ssh-keygen -t rsa              # 会有提示，都按回车就可以cat id_rsa.pub >> authorized_keys  # 加入授权chmod 600 ./authorized_keys    # 修改文件权限，否则无法登陆，亲测

Note: Be sure to chmod for a moment, or it won't work . In this case, ssh localhost command, no need to enter the password can be directly logged in.

scp ~/.ssh/id_rsa.pub [email protected]:/home/hadoop/

The SCP is a shorthand for secure copy, which is used to remotely copy files under Linux, similar to the CP command, but the CP can only be copied in this machine. The implementation of the SCP will require you to enter the password for the Hadoop user on slave1 (Hadoop).

sudo vim /etc/ssh/sshd_configRSAAuthentication yes       # 启用 RSA 认证PubkeyAuthentication yes    # 启用公钥私钥配对认证方式

SSH-VVV 192.168.2.101

/var/log/secure log See is a permissions issue: Dec 14:54:55 Shlt-tb-oraclebak sshd[12347]: Authentication Refused:bad ownership or modes fo R Directory/home/oracle (tailf/var/log/secure)

Sshd for security, the owner of the directory and file permissions have been required. If the permissions are not correct, ssh password-free login does not take effect.
User Directory permission is 755

Rsa_id.pub and Authorized_keys permissions are typically 644
The RSA_ID permission must be 600.

Record a little bit every day. Content may not be important, but habits are important!

Linux common Commands (iii) SSH