本次ssh无密登录由三台主机搭建而成。
系统:ubuntu16.04
一、 配置IP和主机名
1.IP要在连接信息中查看。
下面以我自己的配置为例进行展示:
主机1:192.168.100
主机2:192.168.1.104
主机2:192.168.1.101
知道上述主机IP后,进行hosts文件改写。
sudo gedit /etc/hosts
将下列语句粘贴到hosts文件
127.0.0.1 localhost 127.0.1.1 ubuntu 192.168.1.100 heron04
192.168.1.104 heron05 192.168.1.101 heron06
2. 为集群中每个主机配置各自的主机名,修改/etc/hostname文件如下,以heron01主机为例:
sudo gedit /etc/hostname
将heron01填写到hostname
注:配置完毕重启后生效!请确保正确的配置集群中每个主机的
配置文件,否则在集群的启动过程中会出现错误。
二、设置SSH免密登录
安装SSH Server(每个主机中进行)
1. Ubuntu默认安装SSH Client,此外还需要安装SSH Server:
wang@heron01:~$ sudo apt-get update wang@heron01:~$ sudo apt install openssh-server
2. 开启Openssh服务
wang@heron01:~$sudo service ssh start
3. 查看SSH服务运行状态
wang@heron01:~/jdk$ service ssh status ssh.service - OpenBSD Secure Shell server Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enab Active: active (running) since Tue 2018-02-27 05:49:32 PST; 2min 12s ago Main PID: 3470 (sshd) CGroup: /system.slice/ssh.service └─3470 /usr/sbin/sshd -D Feb 27 05:49:32 heron03 systemd[1]: Starting OpenBSD Secure Shell server... Feb 27 05:49:32 heron03 sshd[3470]: Server listening on 0.0.0.0 port 22. Feb 27 05:49:32 heron03 sshd[3470]: Server listening on :: port 22. Feb 27 05:49:32 heron03 systemd[1]: Started OpenBSD Secure Shell server.
配置本机SSH无密码登录
wang@heron01:~/jdk$ cd ~/.ssh/ wang@heron01:~/.ssh$ ll total 12 drwx------ 2 yitian yitian 4096 Feb 27 05:53 ./ drwxr-xr-x 19 yitian yitian 4096 Feb 27 05:53 ../ -rw-r--r-- 1 yitian yitian 222 Feb 27 05:53 known_hosts wang@heron01:~/.ssh$ ssh-keygen -t rsa
wang@heron01:~/.ssh$ ll total 20 drwx------ 2 yitian yitian 4096 Feb 27 05:56 ./ drwxr-xr-x 19 yitian yitian 4096 Feb 27 05:53 ../ -rw------- 1 yitian yitian 1679 Feb 27 05:56 id_rsa -rw-r--r-- 1 yitian yitian 396 Feb 27 05:56 id_rsa.pub -rw-r--r-- 1 yitian yitian 222 Feb 27 05:53 known_hosts wang@heron01:~/.ssh$ cat ./id_rsa.pub >> ./authorized_keys
配置完成后,验证本机SSH无密码登录:
wang@heron01:~/.ssh$ ssh localhost Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.10.0-28-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage 363 packages can be updated. 217 updates are security updates. Last login: Tue Feb 27 05:58:13 2018 from 192.168.201.133 wang@heron01:~$ exit logout Connection to localhost closed.
注意:在验证ssh登录之后,一定要记得退出(exit)否则,登录
情况会影响之后的操作。
配置两台主机之间SSH无密码登录
在两台主机完成ssh server安装和本地ssh无密码登录之后,以Master Host(heron01:192.168.1.100)和Slave Host(heron02:192.168.1.104)为例,完成配置完成两台主机之间的ssh无密码登录。
1. Master(heron01)无密码登陆Slave(heron02)
在完成本机的SSH无密码登录之后,进行下面的操作:在密钥对生成以后,我们需要将heron01上的公钥复制到heron02主机,来创建heron02对heron01的信任关系,以实现heron01无密码登陆heron02。运行以下命令复制客户端的公钥到服务端。
wang@heron01:~/.ssh$ sudo ssh-copy-id han@heron02 /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys han@heron02's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'han@heron02'" and check to make sure that only the key(s) you wanted were added. wang@heron01:~/.ssh$ ssh heron02 Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.13.0-32-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage 159 packages can be updated. 0 updates are security updates. Last login: Mon Feb 12 00:17:13 2018 from 192.168.1.104 wang@heron01:~$ exit logout Connection to heron02 closed.
2. Slave(heron02)无密码登陆Master(heron01)步骤同上
han@heron02:~/.ssh$ ssh-copy-id wang@heron01 /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys wang@heron01's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'wang@heron01'" and check to make sure that only the key(s) you wanted were added. han@heron02:~/.ssh$ ssh heron01 Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.13.0-32-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage 159 packages can be updated. 0 updates are security updates. Last login: Mon Feb 12 00:17:13 2018 from 192.168.1.104 han@heron02:~$ exit logout Connection to heron01 closed.
至此,heron01和heron02主机之间的SSH无密码登陆配置完成。
注:需要注意的是配置集群时需要集群中所有主机间可以互相
SSH无密登陆!!!
参考链接:http://www.zhangyitian.cn/blog/ubuntu16-04-%E9%85%8D%E7%BD%AE%E9%9B%86%E7%BE%A4ssh%E6%97%A0%E5%AF%86%E7%A0%81%E7%99%BB%E5%BD%95/