SSH互相信任关系配置

时间:2022-06-22 14:23:38

一、机器规划
192.168.95.10 hadoop000
192.168.95.20 hadoop001
192.168.95.30 hadoop002
准备三台虚拟机IP和主机名配置如上.且将以上对应关系添加到/etc/hosts文件中

[root@hadoop000 .ssh]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.95.10 hadoop000
192.168.95.20 hadoop001
192.168.95.30 hadoop002

二、生成每台机器的公钥及私钥
(三台)执行命令 ssh-keygen -t rsa

[root@hadoop000 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
8b:ba:51:9d:40:3a:6e:2c:81:d7:06:cb:fd:d7:06:0b root@hadoop001
The key's randomart image is:
+--[ RSA 2048]----+
|  .   .          |
| o = o           |
|. = * E .        |
| . = o + =       |
|  . + o S o      |
|   o . o o       |
|    . . .        |
|     o           |
|    o.           |
+-----------------+

生成的公钥和私钥在/root/.ssh目录下

[root@hadoop000 .ssh]# ls
id_rsa  id_rsa.pub

三、将三台机器公钥写入到第一台机器的authorized_keys文件中并分发给hadoop001、hadoop002

hadoop000的公钥写入到authorized_keys
[hadoop@hadoop000 .ssh]$ cat id_rsa.pub >> authorized_keys

将hadoop001的id_rsa.pub公钥传到hadoop000:~/.ssh/目录并命名成id_rsa.pub2

[root@hadoop001 .ssh]# scp id_rsa.pub hadoop000:/root/.ssh/id_rsa.pub2

haoop000上将id_rsa.pub2写入到authorized_keys

[root@hadoop000 .ssh]$ cat id_rsa.pub2 >> authorized_keys

同理将hadoop002共的id_rsa.pub公钥传到hadoop000:~/.ssh/目录并命名成id_rsa.pub3。最后写入到authorized_keys

[root@hadoop002 .ssh]$ scp id_rsa.pub hadoop000:~/.ssh/id_rsa.pub3
[root@hadoop000 .ssh]$ cat id_rsa.pub3 >> authorized_keys

至此authorized_keys文件中保存了三台机器的公钥,在hadoop000上将authorized_keys分发给hadoop001、hadoop002

[root@hadoop000 .ssh]# scp authorized_keys hadoop001:/root/.ssh
[root@hadoop000 .ssh]# scp authorized_keys hadoop002:/root/.ssh

四、验证(每台机器上执行下面3条命令,只输入yes,不输入密码,则这3台互相通信了)

[root@hadoop000 .ssh]# ssh hadoop001 date
2017年 09月 10日 星期日 06:59:33 AST
[root@hadoop000 .ssh]# ssh hadoop002 date
2017年 09月 10日 星期日 06:59:49 EDT
[root@hadoop000 .ssh]#
标签:

相关文章