CentOS config SSH login without password

Prerequisite configuration: Use root login to modify the configuration file:/etc/ssh/sshd_config, remove the comments of three lines, as follows:

Then restart the SSH service: service sshd restart. Finally, you exit root, and all of the following operations are performed under Hadoop users .

The host information is as follows:

For example, the current logged-on user is Hadoop, the host name is Slave.hadoop, and the network of the Master.hadoop host is unobstructed.

If the RSA check is not currently configured, the connection to the host with SSH requires a password, as follows:

For example, the SSH master.hadoop will stay on the next line waiting for the user to enter the login password of the Master.hadoop host Hadoop users.

To prevent this from happening, do the following to allow the host to automatically authenticate and log on when SSH is connected.

First, execute the command ssh-keygen-t DSA to generate the key pair, as follows:

For example, the key file is created by default in the hidden directory under the home directory/home/hadoop. SSH, respectively, ID_DSA and id_dsa.pub, which are public keys, such as:

Depending on the value of the Authorizedkeysfile entry in the profile/etc/ssh/sshd_config:. Ssh/authorized_keys, the public key needs to be imported into the file to implement the checksum, as follows:

It's only a step away from success. The new CentOS Default file permissions are:-rw-rw-r--, which means that both yourself and the group user can rewrite the file, which is considered not safe enough. For example, since the Authorized_keys file does not already exist on my host, the file is now newly created because of the redirected output, so the default permissions for the file are-rw-rw-r--still not secure. You need to remove the W permission from the group. You can use the command:chmod 644 Authorized_keys. Online information, are directly chmod Authorized_keys, that is, the group and other users to read the contents of the content of the permissions are not, of course, this is the safest, but the system only requires that all other users except themselves can not change the file.

For example, Slave.hadoop has been able to log on to the machine using SSH without password. So how do you get it to log in to the Master.hadoop host without a password? Of course it is distributing the contents of the public key file Id_dsa.pub to the Master.hadoop host. Such as:

For example, execute the command cat ~/.ssh/id_dsa.pub | ssh [email protected] ' cat->> ~/.ssh/authorized_keys ', and enter the login password for the Hadoop user of the Master.hadoop host to send the public key to Master.hadoop and append it to its Authorized_keys file.

For example, the Slave.hadoop host can already use SSH without password login host Master.hadoop.

Transferred from: http://my.oschina.net/u/1169607/blog/175899

CentOS config SSH login without password