Trivial-do you want to set SSH password-free or ssh-free?

Source: Internet
Author: User

Trivial-do you want to set SSH password-free or ssh-free?

 

Hadoop2.2.0 has been set up many times, and many different startup methods, configuration parameters, and locations have been tried, which involves whether to configure SSH password-free logon or not.

First, find out why SSH password-free login is required.

SSH password-free logon procedure:

......

There are three startup methods in hadoop2.2.0:

Three startup methods can be used in the experiment stage, but the first method is more suitable for the production environment.

 

The first type does not require SSH password-free login, but the second and third types do. Why?

The first is to start every process on each machine one by one. That is to say, in a completely distributed environment, how many machines are there? I will use this command on each machine to start the corresponding commands, for example, to start namenode on namenode, you must useSbin/hadoop-daemon.sh start namenodeThis command is used to start datanode on datanode.Sbin/hadoop-daemon.sh start datanodeThis command, the corresponding yarn process starts the same, but it uses the yaen-daemon.sh.

The second and third methods are convenient to start the entire cluster only when used on namenode. The principle is to start the corresponding process on namenode according to the configuration file and thenLog on to slave through SSH to start the corresponding process.

 

Now that I understand this, my previous saying or understanding is wrong.

Because you only need to remotely log on to the Server Load balancer instance to start the corresponding process, all Server Load balancer instances only need to have the public key of the namenode and do not need the public key of other Server Load balancer instances.

However, I guess that the namenode and slave information are read in the configuration file, so if slave can log on to namenode through SSH without a password, can I format the file system on namenode and start the cluster on a server Load balancer instance? Haha.

 

Do I need to use the SSH protocol elsewhere?

The answer is no. It is used only when it is started. (My current understanding)

Others, such as heartbeat, are used.RPC protocol, Web UI usedHTTP protocolIn hadoop, RPC and HTTP are much more important than SSH.

 


Ssh password-free settings

Set the. ssh directory to 700 and have the execution permission.
Set authorized_keys to 600. Otherwise, an error occurs.
For example
Ssh root @ localhost

How to configure ssh password-less login in ubuntu?

There is no space between ssh and-keygen.
Ssh-keygen is used to generate key pairs.
Command:
Ssh-keygen-t dsa-f ~ /. Ssh/id_dsa
After you press enter, you will be prompted to enter the passphrase password, just skip it.

After completion ~ Two new files are generated under the/. ssh/directory, instead of folders.
Id-dsa # Private Key
Id_dsa.pub # public suffix, public Key

Also, your-p command may be confusing.
Man ssh-keygen

-P phrase Provide old passphrase. # The parameter followed by-P is the old password set previously.
-P Change passphrase of private key file. #-p, lowercase p, without parameters, indicates that you want to Change the password

In fact, the ssh section of laruence's private kitchen is very detailed. You can refer to it for details.

I will share with you the process I tried:

# Set key verification

1. Generate a local public key and private key pair
2. Modify the Private Key Permission to 600, which can only be accessed by myself.
3. Upload the public key to the server
4. append the public key content to the/. ssh/authorized_keys file in the home directory of the remote host.
Change authorized_keys to 600
Delete the uploaded public key.

5. Import the new key pair in the local key ring.

The command is as follows:
1.
Ssh-keygen-t rsa
# Enter passphraze in the middle. Do not enter passphraze. enter directly to the end.
Result: a key pair is generated.
Your identification has been saved in/home/Lynn/. ssh/id_rsa.
Your public key has been saved in/home/Lynn/. ssh/id_rsa.pub.

2.
Chmod 600/home/Lynn/. ssh/id_rsa

3.
Cd ~ /. Ssh
Sftp Capricorn@192.168.1.100
Sftp> put id_rsa.pub
Exit

4.
Ssh Capricorn@192.168.1.100
Cat id_rsa.pub>./. ssh/authorized_keys
Chmod 600./. ssh/authorized_keys
Rm id_rsa.pub
Exit

5. # The new private key generated by keygen imported by the client
# Ssh-add-adds private key identities to the authentication agent

Ssh-add

Finished .... Remaining full text>

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.