CentOs7搭建hadoop spark集群之ssh免密登录

字数统计: 742   |   阅读时长≈ 3 分钟

环境

两台主机

1
2
10.4.20.181 spark01
10.4.20.48  spark02

1.修改主机名

参照我之前的博客centos7永久更改主机名

2.修改映射关系

在两台主机的 /etc/hosts 文件下添加如下内容

1
2
3
4
5
6
$ vim /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
# 以下是添加的
10.4.20.181 spark01
10.4.20.48  spark02

3.启动 ssh 无密登录

在两台主机的 /etc/ssh/sshd_config 文件去掉以下选项的注释

1
PubkeyAuthentication yes   #开启公钥验证

4.生成公钥、私钥

在两台主机下输入如下命令,生成 key,一律回车

1
ssh-keygen -t rsa

显示如下,一路回车就行

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
Generating public/private rsa key pair.
Enter file in which to save the key (/home/spark/.ssh/id_rsa): 
Created directory '/home/spark/.ssh'.
Your identification has been saved in /home/spark/.ssh/id_rsa.
Your public key has been saved in /home/spark/.ssh/id_rsa.pub.
The key fingerprint is:
aa:be:0e:46:9a:e8:d5:dc:79:ea:5a:b8:9b:08:e2:dd spark@spark01
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|                 |
|                 |
|                 |
|  .     S        |
|.+  o o..        |
|=.o. +.+ .       |
|+.+.o.+ o        |
| o ==E+o         |
+-----------------+

输入如下命令进入.ssh文件夹

1
cd ~/.ssh

在两台主机的.ssh文件文件夹下输入如下命令
先将两台主机自己的公钥id_rsa.pub放入到自己的认证文件中authorized_keys;

1
cat id_rsa.pub >> authorized_keys

非ROOT用户需赋权限

1
2
chmod 700 /home/spark/.ssh/
chmod 600 /home/spark/.ssh/authorized_keys

重启ssh服务

1
sudo service sshd restart

验证能否免密登录localhost

1
ssh localhost

显示登录成功,若不成功则检查一下前面哪个步骤是否没做

5.设置主机之间无密登录

进入主机spark01的.ssh文件夹下,将.ssh文件夹下的公钥传到另一个主机的.ssh文件夹下

1
scp id_rsa.pub spark@spark02:/home/spark/.ssh/id_rsa.pub.spark01

此时会提示输入相应密码,输入即可

在主机spark02的.ssh文件夹下会看到如下几个文件

1
authorized_keys  id_rsa  id_rsa.pub  id_rsa.pub.spark01  known_hosts

执行如下命令,将主机spark01的公钥id_rsa.pub.spark01放入到自己的认证文件中authorized_keys;

1
cat id_rsa.pub.spark01 >> authorized_keys

然后将主机spark02的公钥传到主机spark01下,做上述同样的操作

6.验证 ssh 无密登录

在两台主机下尝试能否免密登录
在spark01主机下

1
ssh spark02

在spark02主机下

1
ssh spark01

第一次登录会有如下提示你将主机名添加到known hosts中,输入yes即可,之后登录就不会有这个提示了

1
2
3
4
5
The authenticity of host 'spark01 (10.4.20.181)' can't be established.
ECDSA key fingerprint is SHA256:vgmRtyZISsYd62nBfb1A0ntJlAbDBmcy4qMstdKCDc8.
ECDSA key fingerprint is MD5:ef:44:cb:2f:b4:65:48:03:1c:82:05:ae:1c:7e:79:bc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'spark01,10.4.20.181' (ECDSA) to the list of known hosts.

输入yes后显示登录成功,并不需要输入密码,输入exit即可退出

打赏

请我喝杯咖啡吧~

支付宝
微信