SSH无密码验证配置

SSH无密码验证配置

rpm –qa | grep openssh
rpm –qa | grep rsync

yum install ssh 安装SSH协议
yum install rsync (rsync是一个远程数据同步工具,可通过LAN/WAN快速同步多台主机间的文件)
service sshd restart 启动服务


yum install openssh-clients

(1)Master服务里面

mkdir ~/.ssh

chmod 700 ~/.ssh

 

ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa<附加>

cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys<附加>

chmod 600 ~/.ssh/authorized_keys
scp -r ~/.ssh/id_dsa.pub root@192.168.10.131:~/

(2)getenforce

(3) setenforce 0
setenforce是Linux的selinux防火墙配置命令 执行setenforce 0 表示关闭selinux防火墙。

(4) cat authorized_keys
查看密钥(公钥)文件
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvkjaXFbQ7BCLhvSvs3FQbEqy/kpDMATaeAgOReZY/rghgEZp5GphyjbEtUp2zdgDqCSjAaB1Ww0jUzn2v4IRpo+e92hCk+a
+oq6PoZsncS9nw1fOUQl6b5dsH5PpIJ37PnVOjUHXUzdrz1wcKiB/00PSZcihmUEoZ1Drh6Zgg31QT6sOWTKcL5hUpsmmYZTnz5TxYdOuw4D9PN/fEFsq7KvLefEPNsuoazjGQmZaklAnIEqSN9mB0LDzRjYz
DyD0OVb0Yc3IXCdteZxHCR6EbM1eHUIBBjQU//mNHBYe3LLSw4DpoHPTzedI2HfMIgYaPfUccJcmy85qdK8VZ9gUsw== root@hadoop1


(5) vi /etc/sysconfig/selinux
编辑selinux文件
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted

 

(6)192.168.10.131 root/.ssh/authorized_keys
与 192.168.10.130 root/.ssh/authorized_keys
2个文件完全一致

 

[root@localhost ~]# systemctl start sshd.service
[root@localhost ~]# systemctl stop sshd.service
[root@localhost ~]# systemctl restart sshd.service

 在 Salve1端执行

cat ~/id_dsa.pub >> ~/.ssh/authorized_keys

chmod 600 ~/.ssh/authorized_keys

systemctl restart sshd.service

 

(7)重启防火墙
/etc/init.d/iptables status
service iptables stop

 

posted @ 2015-01-16 15:55  jhtchina  阅读(709)  评论(0编辑  收藏  举报