Hadoop基础教程-第1章 环境安装配置（1.6 SSH免密登录）

第1章 环境安装配置

1.6 SSH免密登录

1、XShell的一个技巧

当多台虚拟机需要执行相同命令时，可以单击XShell右下角的“三条横杠”按钮，选择“全部会话”，这时XShell下方的输入框将显示提示“发送文本到当前XShell窗口的全部会话”

比如在XShell下方输入框输入data命令

回车后，将该date命令同时发送到node1、node2和node3。这时可以看到其他两个会话标签多了个叹号提示符。

 
查看node2执行情况 
 
查询node3执行情况 

2、生成RSA秘钥对

在XShell下方输入框中输入命令ssh-keygen -t rsa，然后回车执行。再回车3次，即可生成RSA秘钥对

查看密钥对文件

[root@node1 ~]# ls .ssh
id_rsa  id_rsa.pub

• id_rsa：私钥
• id_rsa.pub：公钥-

3、将每个节点的公钥拷贝到authorized_keys

可以通过命令ssh-copy-id，将本机公钥复制到其他节点的authorized_keys目录，这样本机即可免秘钥登录其他节点。 
为了操作方便，我们通过XShell执行下方输入框执行命令即可：

ssh-copy-id node1

按照提示输入“yes”和密码，即可将node1的公钥复制到node1、node2和node3节点。（复制本机，可以实现免密登录本机）

然后再通过XShell分别执行：

ssh-copy-id node2
ssh-copy-id node3

通过XShell执行三条ssh-copy-id命令，实际上就是分别在node1、node2和node3节点执行。下面是命令执行信息： 
（1）node1 
ssh-copy-id node1 
ssh-copy-id node2 
ssh-copy-id node3

[root@node1 ~]# ssh-copy-id node1
The authenticity of host 'node1 (192.168.80.131)' can't be established.
ECDSA key fingerprint is e2:9a:7d:70:25:24:45:11:97:12:35:e0:45:4c:64:31.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node1's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'node1'"
and check to make sure that only the key(s) you wanted were added.

[root@node1 ~]# ssh-copy-id node2
The authenticity of host 'node2 (192.168.80.132)' can't be established.
ECDSA key fingerprint is e2:9a:7d:70:25:24:45:11:97:12:35:e0:45:4c:64:31.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node2's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'node2'"
and check to make sure that only the key(s) you wanted were added.

[root@node1 ~]# ssh-copy-id node3
The authenticity of host 'node3 (192.168.80.133)' can't be established.
ECDSA key fingerprint is e2:9a:7d:70:25:24:45:11:97:12:35:e0:45:4c:64:31.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node3's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'node3'"
and check to make sure that only the key(s) you wanted were added.

[root@node1 ~]#

（2）node2 
ssh-copy-id node1 
ssh-copy-id node2 
ssh-copy-id node3

[root@node2 ~]# ssh-copy-id node1
The authenticity of host 'node1 (192.168.80.131)' can't be established.
ECDSA key fingerprint is e2:9a:7d:70:25:24:45:11:97:12:35:e0:45:4c:64:31.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node1's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'node1'"
and check to make sure that only the key(s) you wanted were added.

[root@node2 ~]# ssh-copy-id node2
The authenticity of host 'node2 (192.168.80.132)' can't be established.
ECDSA key fingerprint is e2:9a:7d:70:25:24:45:11:97:12:35:e0:45:4c:64:31.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node2's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'node2'"
and check to make sure that only the key(s) you wanted were added.

[root@node2 ~]# ssh-copy-id node3
The authenticity of host 'node3 (192.168.80.133)' can't be established.
ECDSA key fingerprint is e2:9a:7d:70:25:24:45:11:97:12:35:e0:45:4c:64:31.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node3's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'node3'"
and check to make sure that only the key(s) you wanted were added.

[root@node2 ~]# 

（3）node3 
ssh-copy-id node1 
ssh-copy-id node2 
ssh-copy-id node3

[root@node3 ~]# ssh-copy-id node1
The authenticity of host 'node1 (192.168.80.131)' can't be established.
ECDSA key fingerprint is e2:9a:7d:70:25:24:45:11:97:12:35:e0:45:4c:64:31.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node1's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'node1'"
and check to make sure that only the key(s) you wanted were added.

[root@node3 ~]# ssh-copy-id node2
The authenticity of host 'node2 (192.168.80.132)' can't be established.
ECDSA key fingerprint is e2:9a:7d:70:25:24:45:11:97:12:35:e0:45:4c:64:31.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node2's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'node2'"
and check to make sure that only the key(s) you wanted were added.

[root@node3 ~]# ssh-copy-id node3
The authenticity of host 'node3 (192.168.80.133)' can't be established.
ECDSA key fingerprint is e2:9a:7d:70:25:24:45:11:97:12:35:e0:45:4c:64:31.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node3's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'node3'"
and check to make sure that only the key(s) you wanted were added.

[root@node3 ~]#

4、测试免密登录

[root@node1 ~]# ssh node1
Last login: Fri Jul 21 23:13:10 2017 from node1
[root@node1 ~]# ls .ssh
authorized_keys  id_rsa  id_rsa.pub  known_hosts
[root@node1 ~]# ssh node2
Last login: Fri Jul 21 23:13:18 2017 from node2
[root@node2 ~]# ssh node3
Last login: Fri Jul 21 23:16:03 2017 from node3
[root@node3 ~]# ssh node2
Last login: Fri Jul 21 23:31:43 2017 from node1
[root@node2 ~]# ssh node1
Last login: Fri Jul 21 23:16:06 2017 from node3
[root@node1 ~]# 

[root@node1 ~]# ll .ssh
total 16
-rw------- 1 root root 1176 Jul 21 23:14 authorized_keys
-rw------- 1 root root 1679 Jul 21 23:14 id_rsa
-rw-r--r-- 1 root root  392 Jul 21 23:14 id_rsa.pub
-rw-r--r-- 1 root root  546 Jul 21 23:15 known_hosts

cat .ssh/authorized_keys

[root@node1 ~]# cat .ssh/authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6II3oKg4lI8LWTPBQXVmtRxO/9t+Fen1Ful2wpfAiJfv2ysUxI7hvVKedGdmgmzqhsbpyhC9wadS69WQPS4Kxi81ZbDbCzQtzMh7tlMe1TXsIkBzEMHlskNzwb0ZRdknnF6RXHnfwDBG2WBvs9r8WxmWtm/RzAp0j03RFHmW6IevXu4xuwi1jDJftMjJfkXD9YKiPGlwBBzZ69AWT++KlZe743Dt/1JKGcxNgCMAtjpmFTPPBaKpYEb1GFP1A1StKABFk6QMoI1T442lc5C6W7V98kSWYZdutXoLtrymzQmrERJSjV/31hs27FbzJ93kj42/Nyfj8QlFpNfPZOI6l root@node1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD1ZDljkN4isOzG90Iyv8yMomZFcfHYK2JghV3ZD5Fc/RA10502V4PMpTSYcePAylFAnuFmzYkCKY6HHhM0hONL7rqTvwpsmRQ4llc2eaxj8GB/87sYQQm+GAe6/QWDCh4G461pKo5CxhR5L7yAT2/Q8ddFuGfaBUp8GN+zfpBBgPUnJid1F8YavJJTZPAMqZMcfAnbyb++AZ6+RtOzfbyehmYo2Q/a5maBtK4s80N8XT7yMcAzk+B5DUOuxRXUtjcbbZqn94o4NUfWB3Qm+OWWr+yL9fW2tQdD4iLR1lCS33IikyN1/q++jfNW6yzWlWZUSrqTst6pn+JhxmFmMeId root@node3
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTtAK1vI6hXvucGd+98Naqb8r/LaAIOzbmRGP/yVma2R9LLZrPY+++NkQHx9CGEEoJUABQVAOAerWepkxy65Rfn0i6KkcgPAS/ItaxnVB7+fDraq0aOFrwh+WYC3BK/2ns+3b0dweYuHTYpAhpbWuyAUQA4gSSiFyVuzk8ycQ1b7oe4hPrmamb4+T1B8H4aDgg9shreH7i4OIXAQLPQlZmNdyiX+HnxtuREEvhqGH+JquIe/I/AfB9KiLaE3e/52dOmBl5rzr8GcncqUese3L7dVwxBUNWFA/wmwuWRAQhY/GwSAp/67ZnwpNs1sBSK6D+1d2XNgzmpfWK18Ilk6fb root@node2

cat .ssh/known_hosts

[root@node1 ~]# cat .ssh/known_hosts 
node1,192.168.80.131 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBA+9ht7NXrQyz1cD2YY4w17BEMnM0yZjG2VeVFIztrmusVnFFqJNmvHsxVHWJNnhQeFQPJ0GvPL7I4WB34pmz5E=
node2,192.168.80.132 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBA+9ht7NXrQyz1cD2YY4w17BEMnM0yZjG2VeVFIztrmusVnFFqJNmvHsxVHWJNnhQeFQPJ0GvPL7I4WB34pmz5E=
node3,192.168.80.133 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBA+9ht7NXrQyz1cD2YY4w17BEMnM0yZjG2VeVFIztrmusVnFFqJNmvHsxVHWJNnhQeFQPJ0GvPL7I4WB34pmz5E=
[root@node1 ~]#

5、退出ssh登录

exit命令退出

[root@node1 ~]# exit
logout
Connection to node1 closed.
[root@node2 ~]# 

快捷键ctl+d退出

[root@node2 ~]# logout
Connection to node2 closed.
[root@node3 ~]# logout
Connection to node3 closed.
[root@node2 ~]# logout
Connection to node2 closed.
[root@node1 ~]# 

灰常灰常感谢原博主的辛苦工作，为防止删博，所以转载，只供学习使用，不做其他任何商业用途。

参考：https://blog.csdn.net/chengyuqiang/article/details/71512677