Home > Cloud Computing > Cloud Applications

Considerations for configuring ssh password-less logon in CentOS

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
This article describes the precautions for configuring ssh password-less logon in CentOS.

Prerequisites: use root to log on and modify the configuration file:/Etc/ssh/sshd_configRemove the comments of the three rows, as shown below:

Then restart the ssh service: service sshd restart. Finally exit root,All of the following operations are performed under the hadoop User:.

The host information is as follows:

For example, the current login user is hadoop and the host name is slave. hadoop. The network with the master. hadoop host is smooth.

If RSA verification is not configured, you need to enter a password to connect to the host through ssh, as shown below:

For example, after executing ssh master. hadoop, the system will wait for the user to enter the logon password of the hadoop user on the master. hadoop host in the next line.

To avoid this situation, perform the following operations to enable the host to log on after automatic authentication during ssh connection.

First, execute the commandSsh-keygen-t dsaGenerate a key pair as follows:

 

For example, the key file is generated in the hidden directory. ssh in the main directory/home/hadoop according to the default method.Id_dsaAndId_dsa.pubThe latter is the public key, for example:

Based on the value of AuthorizedKeysFile in the configuration file/etc/ssh/sshd_config:. Ssh/authorized_keys, The public key must be imported to the file for verification, as shown below:

This is only one step away from success. By default, the new file permission of CentOS is-rw-r --, that is, you and group users can rewrite the file, which is considered unsafe. For example, because no authorized_keys file exists on my host, the default permission for this file is-rw-r because the file is created in the redirection output. Remove the w permission from the group. You can run the following command:Chmod 644 authorized_keys. All online materials are directChmod 600 authorized_keysThat is, the group and other users do not have the permission to read the file content. of course, this is the safest way, but the system only requires that all users except itself cannot change the file.

For example, slave. hadoop can use ssh without a password to log on to the local machine. So how can I log on to the Master. hadoop host without a password? Of course, the public key file id_dsa.pub is distributed to the master. hadoop host. For example:

For example, run the commandCat ~ /. Ssh/id_dsa.pub | ssh hadoop@master.hadoop 'cat-> ~ /. Ssh/authorized_keys'And enter the logon password of the hadoop user on the master. hadoop host to send the public key to master. hadoop and append it to the authorized_keys file.

For example, you can log on to the host master. hadoop using ssh without a password on the slave. hadoop host.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
centos ssh centos change password for user enter password for ssh key centos 7 ssh centos enable ssh centos install ssh centos restart ssh
Related Article
Ingenious, Webapi httpbasicauthorize the practice of building...
Enable cross-Cloud applications-DNS-based load balancing
Enable dazzling 3D desktop effects (group chart) in Fedora8)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More