RHEL7.2 SSH非root用户无密码登录

RHEL7.2 SSH非root用户无密码登录

1 修改三台虚拟机的/ect/hosts文件

[Hadoop@hadoop01 ~]$ cat /etc/hosts
127.0.0.1  localhost localhost.localdomain localhost4 localhost4.localdomain4
::1        localhost localhost.localdomain localhost6 localhost6.localdomain6
[hadoop@hadoop01 ~]$ su - root
密码：
上一次登录：六 11月  4 15:52:36 CST 2017pts/0 上
ABRT has detected 1 problem(s). For more info run: abrt-cli list --since 1509781956
[root@hadoop01 ~]# vi /etc/hosts
[root@hadoop01 ~]# cat /etc/hosts
127.0.0.1  localhost localhost.localdomain localhost4 localhost4.localdomain4
::1        localhost localhost.localdomain localhost6 localhost6.localdomain6
 
192.168.169.101 hadoop01
192.168.169.102 hadoop02
192.168.169.103 hadoop03

2 修改三台虚拟机的/etc/ssh/sshd_config

[root@hadoop01 ~]# vi /etc/ssh/sshd_config
[root@hadoop01 ~]# cat /etc/ssh/sshd_config | grep uth | grep -v "#"
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile  .ssh/authorized_keys

 将前面的#号去掉

3 修改三台虚拟机的/etc/selinux/config

[root@hadoop01 ~]# vi /etc/selinux/config 
[root@hadoop01 ~]# cat /etc/selinux/config | grep SELINUX= | grep -v "#"
SELINUX=disabled

4 重启虚机三台虚拟机

[root@hadoop01 ~]# reboot

5 配置SSH无密码登录

三台虚拟机依次操作如下：

192.168.168.101

[hadoop@hadoop01 ~]$ ssh-keygen
Generating public/private dsa key pair.
Created directory '/hadoop/.ssh'.
Your identification has been saved in /hadoop/.ssh/id_dsa.
Your public key has been saved in /hadoop/.ssh/id_dsa.pub.
The key fingerprint is:
c1:4b:6d:30:2b:57:b9:f8:dc:33:b6:d9:05:f8:79:31 hadoop@hadoop01
The key's randomart image is:
+--[ DSA 1024]----+
|        o ..    |
|      . *.      |
|      . *.o. .  |
|      +.+. . .E |
|        So . . oo|
|          o = o o|
|          . * o |
|            o .  |
|                |
+-----------------+
[hadoop@hadoop01 ~]$ chmod 700 .ssh
[hadoop@hadoop01 ~]$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
[hadoop@hadoop01 ~]$ chmod 600 ~/.ssh/authorized_keys
[hadoop@hadoop01 ~]$ ssh hadoop01
The authenticity of host 'hadoop01 (192.168.169.101)' can't be established.
ECDSA key fingerprint is 7a:41:d1:c6:30:98:21:51:40:b7:ac:13:a4:0d:05:5c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop01,192.168.169.101' (ECDSA) to the list of known hosts.
Last login: Sun Nov  5 10:24:11 2017 from 192.168.169.1
[hadoop@hadoop01 ~]$ exit
登出
Connection to hadoop01 closed.
[hadoop@hadoop01 ~]$ ssh hadoop01
Last login: Sun Nov  5 10:26:02 2017 from hadoop01

192.168.168.102

[hadoop@hadoop02 ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/hadoop/.ssh/id_rsa):
Created directory '/hadoop/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /hadoop/.ssh/id_rsa.
Your public key has been saved in /hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
ee:ba:9f:68:d8:ab:27:ea:f7:42:ff:0c:47:80:fe:63 hadoop@hadoop02
The key's randomart image is:
+--[ RSA 2048]----+
|                |
|    .          |
|    . .          |
|  .  .        |
|    .  S        |
|    .. o        |
|  . +E o        |
|    =.=B .      |
| .oo.B***        |
+-----------------+
[hadoop@hadoop02 ~]$ chmod 700 .ssh
[hadoop@hadoop02 ~]$ scp -rp ~/.ssh/id_rsa.pub hadoop@hadoop01:/hadoop/.ssh/id_rsa.pub.102
The authenticity of host 'hadoop01 (192.168.169.101)' can't be established.
ECDSA key fingerprint is 7a:41:d1:c6:30:98:21:51:40:b7:ac:13:a4:0d:05:5c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop01,192.168.169.101' (ECDSA) to the list of known hosts.
hadoop@hadoop01's password:
id_rsa.pub

192.168.169.103