基于centOS7环境,最近在搞ssh免密码登录,但是发现执行完下面代码,还是没效果,代码如下:
$ ssh-keygen -t rsa
$ cd .ssh
$ cp id_rsa.pub authorized_keys
$ chmod 600 authorized_keys
运行效果:
输入ssh-keygen -t rsa后一直按回车键,好像有3次
[hadoop@localhost ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/hadoop/.ssh/id_rsa):
Created directory '/home/hadoop/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/hadoop/.ssh/id_rsa.
Your public key has been saved in /home/hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
9c:71:ea:40:13:5b:92:26:ed:df:bb:19:c3:ef:25:16 hadoop@localhost.localdomain
The key's randomart image is:
+--[ RSA 2048]----+
| .o.. |
| . += |
| ++ . . |
| ..o = |
| ..S. E |
| o... . |
| . +.o . |
| .* o |
| ooo |
+-----------------+
[hadoop@localhost ~]$ cd .ssh
[hadoop@localhost .ssh]$ ls
id_rsa id_rsa.pub
[hadoop@localhost .ssh]$ cp id_rsa.pub authorized_keys
[hadoop@localhost .ssh]$ chmod 600 authorized_keys
登录效果,登录两次发现失败,还是需要密码
[hadoop@localhost ~]$ ssh localhost
The authenticity of host 'localhost (::1)' can't be established.
ECDSA key fingerprint is 4f:e2:e4:ca:9d:db:46:e7:72:a1:83:3e:09:27:6a:ef.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
hadoop@localhost's password:
Last failed login: Tue Jun 19 14:40:00 CST 2018 from :0 on :0
There was 1 failed login attempt since the last successful login.
Last login: Tue Jun 19 14:24:32 2018 from master
[hadoop@localhost ~]$ exit
登出
Connection to localhost closed.
[hadoop@localhost ~]$ ssh localhost
hadoop@localhost's password:
Last login: Tue Jun 19 18:39:11 2018 from localhost
[hadoop@localhost ~]$ exit
登出
Connection to localhost closed.
解决思路
情况一:
我之前用root用户做过ssh免密码登录,所以导致有可能存在冲突,解决需要切换到root用户,删除root下的.ssh文件夹,由于.ssh是隐藏目录,得用ls -a才能看到
[hadoop@localhost ~]$ su
密码:
[root@localhost hadoop]# cd ~
[root@localhost ~]# ls
anaconda-ks.cfg jdk-7u80-linux-x64.tar.gz 模板 文档 桌面
apache-maven-3.5.3-bin.tar.gz v2.6.1.zip 视频 下载
initial-setup-ks.cfg 公共 图片 音乐
[root@localhost ~]# cd ~/.ssh
[root@localhost .ssh]# ls
authorized_keys known_hosts
[root@localhost .ssh]# cd ~
[root@localhost ~]# ls -a
. .cache .local 公共
.. .config .m2 模板
anaconda-ks.cfg .cshrc .mozilla 视频
apache-maven-3.5.3-bin.tar.gz .dbus .ssh 图片
.bash_history .esd_auth .tcshrc 文档
.bash_logout .ICEauthority v2.6.1.zip 下载
.bash_profile initial-setup-ks.cfg .viminfo 音乐
.bashrc jdk-7u80-linux-x64.tar.gz .xauth3XmQP7 桌面
[root@localhost ~]# rm -r .ssh
rm:是否进入目录".ssh"? yes
rm:是否删除普通文件 ".ssh/known_hosts"?yes
rm:是否删除普通文件 ".ssh/authorized_keys"?yes
rm:是否删除目录 ".ssh"?yes
[root@localhost ~]# ls -a
. .cache .local 模板
.. .config .m2 视频
anaconda-ks.cfg .cshrc .mozilla 图片
apache-maven-3.5.3-bin.tar.gz .dbus .tcshrc 文档
.bash_history .esd_auth v2.6.1.zip 下载
.bash_logout .ICEauthority .viminfo 音乐
.bash_profile initial-setup-ks.cfg .xauth3XmQP7 桌面
.bashrc jdk-7u80-linux-x64.tar.gz 公共
[root@localhost ~]# su -hadoop
删除了.ssh隐藏文件夹后退出root用户再执行ssh生成密钥操作一次即可,也就是文章最开头的那四行代码
情况二:
执行下面代码
$ ssh-keygen -t rsa
$ cd .ssh
$ cp id_rsa.pub authorized_keys
忘记给权限了,也就是忘记执行下面这一行代码了
$ chmod 600 authorized_keys
如果还是不行,重新做一次,去到当前用户的home目录下,删除.ssh文件夹,再来一次,ls -a 可以显示隐藏文件夹
[hadoop@localhost ~]$ ls -a
. .bash_profile .esd_auth .ssh 视频 音乐
.. .bashrc .ICEauthority .viminfo 图片 桌面
.bash_history .cache .local 公共 文档
.bash_logout .config .mozilla 模板 下载
[hadoop@localhost ~]$ rm -r .ssh
[hadoop@localhost ~]$ ls -a
. .bash_logout .cache .ICEauthority .viminfo 视频 下载
.. .bash_profile .config .local 公共 图片 音乐
.bash_history .bashrc .esd_auth .mozilla 模板 文档 桌面
[hadoop@localhost ~]$
如果想要无密码登录其他机器,请看我这篇博客:https://blog.csdn.net/u014204541/article/details/80762794