Implementation principle:
use a method called "public and private key" authentication for ssh login. The simple explanation of "public and private key" authentication method is to
first create a pair of public and private keys on the client (public key file: ~/.ssh /id_rsa.pub; private key file: ~/.ssh/id_rsa)
and then put the public key on the server (~/.ssh/authorized_keys), keep the private key by yourself
When ssh login, the ssh program will send the private key to Match with the public key on the server. If the match is successful, you can log in
Configuration process:
(First configure the /etc/hosts file, take my two virtual machines as an example, add 192.168.56.101 node0, 192.168.56.102 node1)
(Assuming that the /etc/hosts file has been configured, now node0 represents the master, node1 represents the slave, and the other slaves are the same. For the time being, we will use these two as an example. The user name is hadoop. You must first find out the situation. Now the master is quite For the client in the above principle, the slave is equivalent to the server, that is, now the master (node0) wants to log in to the slave (node1))
1. Installation: sudo apt-get install ssh
After this installation, you can use the ssh command directly.
Execute $ netstat -nat to see if port 22 is open.
Test: ssh localhost.
Enter the current user's password and press Enter. The installation is successful, and a password is required for ssh login.
(After this default installation method is completed, the default configuration file is in the /etc/ssh/ directory. The sshd configuration file is: /etc/ssh/sshd_config):
Note: ssh needs to be installed on all machines.
2. Execute ssh-keygen -t rsa on node0
(Note: the private key file generated by each execution of ssh-keygen -t rsa will be different)
a) If the file "~/.ssh/id_rsa" exists, it will prompt whether to overwrite For this file, you can select "n" to not overwrite the file and use the existing id_rsa file; if you select "y", the "~/.ssh/id_rsa" file will be regenerated, and then you will be prompted to enter passphrase, press Enter Make sure to use an empty passphrase, and press Enter again to confirm (passphrase can also be output here, which is equivalent to the password for logging in when ssh). The "~/.ssh/id_rsa" file and "~/.ssh/id_rsa.pub" file are then regenerated.
b) If "~/.ssh/id_rsa" file and "~/.ssh/id_rsa.pub" file do not exist, new "~/.ssh/id_rsa" file and "~/.ssh/id_rsa" are automatically created. pub" file, the passphrase setting is the same as above.
(Note: The first installation, of course, is the second case!)
3. All you have to do now is to put the public key on node1
a) If the "~/.ssh/authorized_keys" file already exists on node1, you need to use ssh hadoop@node1 to log in to the server, edit the "~/.ssh/authorized_keys" file on the server, and change the "~/.ssh/authorized_keys" file on the client machine The contents of the .ssh/id_rsa.pub" file are appended to the "~/.ssh/authorized_keys" file.
(Note: You can use the following command on the client machine to achieve: cat ~/.ssh/id_rsa.pub | ssh hadoop@node1 "cat - >> ~/.ssh/authorized_keys")
(At this time, you will be asked to enter hadoop in The login password on the server, after entering it, the contents of the "~/.ssh/id_rsa.pub" file on the client machine will be appended to the "~/.ssh/authorized_keys" file on the server)
b) If there is no "~/.ssh/authorized_keys" file on the server, first execute cp id_rsa.pub authorized_keys on the client (that is, copy the public key as the authorized_keys file, and prepare to copy this file directly to the server), then Create a directory ~/.ssh/ on the server, and finally copy authorized_keys from the client to the server, and execute the following command on node0
scp authorized_keys node1:/home/hadoop/.ssh/
You will be prompted to connect, enter yes, then you will be prompted to enter hadoop@node1's password, enter the password.
(Note: The first installation is also the second case!)
4, ok, done! Log in below and execute it on node0
ssh node1
Will log in directly to node1! No need to enter a password! Exit if you quit
呃,相信你懂了原理以后,之间出的小状况你也一定可以解决的,祝你成功啦~
(另外,下面是有密码登录的情况,我自己做下笔记,你可以无视,呵呵~)
如果设置了passphrase,则此时需要输入该passphrase登录服务器。此时前面我们把输入密码变成了输入passphrase,这没有带来任何方便。但是我们可以通过ssh-agent来帮助我们自动输入passphrase(只是看起来像是自动输入而已),我们只要在第一次登录时输入一次passphrase, 以后的工作就可以交给ssh-agent。在客户端机器上执行命令ssh-add,这里会提示输入一次passphrase。输入第一步中设置的passphrase之后会修改"~/.ssh/id_rsa"文件。再在客户端执行"ssh hadoop@node1"即可无密码登录到服务器端。