Hadoop叢集配置免密SSH登入方法

Hadoop叢集包含1個主節點和3個從節點，需要實現各節點之間的免密碼登入，下面介紹具體的實現方法。

一、Hadoop叢集環境

二、免密登入原理

每臺主機authorized_keys檔案裡面包含的主機（ssh金鑰），該主機都能無密碼登入，所以只要每臺主機的authorized_keys檔案裡面都放入其他主機（需要無密碼登入的主機）的ssh金鑰就行了。

三、實現方法

1. 配置每個節點的hosts檔案

#vim /etc/hosts
1 192.168.44.3 hadoop01
2 192.168.44.4 hadoop02
3 192.168.44.5 hadoop03
4 192.168.44.6 hadoop04

2.每個節點生成ssh金鑰

[root@hadoop01 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
.....................

[root@hadoop01 .ssh]# ls
id_rsa  id_rsa.pub

執行命令後會在~目錄下生成.ssh資料夾，裡面包含id_rsa和id_rsa.pub兩個檔案。

注：使用ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa命令可避免上述互動式操作。

3. 在主節點上將公鑰拷到一個特定檔案authorized_keys中。

[root@hadoop01 ~]# cd .ssh
[root@hadoop01 .ssh]# ls
id_rsa  id_rsa.pub
[root@hadoop01 .ssh]# cp id_rsa.pub authorized_keys
[root@hadoop01 .ssh]# ls
authorized_keys  id_rsa  id_rsa.pub

4. 將authorized_keys檔案拷到下一個節點，並將該節點的ssh金鑰id_rsa.pub加入該檔案中。

#在hadoop01上使用scp命令實現遠端檔案拷貝
[root@hadoop01 .ssh]# scp authorized_keys  root@hadoop02:/root/.ssh/
The authenticity of host 'hadoop02 (192.168.44.11)' can't be established.
ECDSA key fingerprint is SHA256:MyB1zs0E3J/fm8pC0AN8ycsgEIBNHtUqd9xS0WAyv3s.
ECDSA key fingerprint is MD5:88:48:3a:ba:3e:14:a7:d7:86:f6:51:74:00:10:f9:00.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop02,192.168.44.11' (ECDSA) to the list of known hosts.
root@hadoop02's password: 
authorized_keys                                                                100%  395   306.2KB/s   00:00    

#登入hadoop02主機

[root@hadoop02 ~]# cd .ssh/
[root@hadoop02 .ssh]# ls
authorized_keys id_rsa id_rsa.pub
[root@hadoop02 .ssh]# cat id_rsa.pub >> authorized_keys #使用cat追加方式

5. 重複第4步的操作，依次將hadoop03、hadoop04節點的ssh金鑰加入到authorized_keys檔案中，並將hadoop04節點生成的authorized_keys檔案拷貝到其他三個節點（hadoop01、hadoop02、hadoop03）即可。

#登入hadoop03主機，將ssh金鑰加入authorized_keys檔案中
[root@hadoop03 .ssh]# cat id_rsa.pub >> authorized_keys 
[root@hadoop03 .ssh]# scp authorized_keys root@hadoop04:/root/.ssh/

#登入hadoop04主機，將ssh金鑰加入authorized_keys檔案中
[root@hadoop04 .ssh]# cat id_rsa.pub >> authorized_keys 

#將最後生成的authorized_keys檔案分別拷貝到hadoop01、hadoop02和hadoop03
[root@hadoop04 .ssh]# scp authorized_keys root@hadoop01:/root/.ssh/
[root@hadoop04 .ssh]# scp authorized_keys root@hadoop02:/root/.ssh/
[root@hadoop04 .ssh]# scp authorized_keys root@hadoop03:/root/.ssh/

6. 驗證免密登入

使用ssh 使用者名稱@節點名或ssh ip地址命令驗證免密碼登入。

[root@hadoop01 .ssh]# ssh root@hadoop02
Last login: Tue Feb 12 03:59:46 2019 from 192.168.44.1

[root@hadoop02 .ssh]# ssh root@hadoop01
Last login: Tue Feb 12 21:27:24 2019 from hadoop04

[root@hadoop03 .ssh]# ssh root@hadoop04
Last login: Tue Feb 12 04:00:47 2019 from 192.168.44.1

[root@hadoop04 .ssh]# ssh root@hadoop01
Last login: Tue Feb 12 21:26:44 2019 from hadoop02