一般生产环境 Hadoop组件都是由hadoop用户来启动,首先需要配置hadoop用户ssh免密登录
1.创建Hadoop用户
[root@hadoop000 ~]# useradd hadoop [root@hadoop000 ~]# id hadoop uid=1102(hadoop) gid=1102(hadoop) groups=1102(hadoop) [root@hadoop000 ~]# passwd hadoop Changing password for user hadoop. New password: BAD PASSWORD: it is too simplistic/systematic BAD PASSWORD: is too simple Retype new password: passwd: all authentication tokens updated successfully. #给hadoop sudo权限 [root@hadoop000 ~]# vi /etc/sudoers hadoop ALL=(root) NOPASSWD:ALL
2.切换到hadoop用户 配置免密登录
[root@hadoop000 ~]# su - hadoop #确保有ssh服务 [hadoop@hadoop000 ~]$ sudo service sshd status openssh-daemon (pid 24823) is running... [hadoop@hadoop000 ~]$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/hadoop/.ssh/id_rsa): Created directory '/home/hadoop/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/hadoop/.ssh/id_rsa. Your public key has been saved in /home/hadoop/.ssh/id_rsa.pub. The key fingerprint is: bd:75:87:ca:44:2d:1f:de:b7:5e:a0:96:ac:b3:7e:01 hadoop@hadoop000 The key's randomart image is: +--[ RSA 2048]----+ | | | . | | o o | | .E. + + | | S ..o * +| | *.= oo| | . B. ..| | .o. . .| | .++ . | +-----------------+ [hadoop@hadoop000 ~]$ cd .ssh [hadoop@hadoop000 .ssh]$ ll total 8 -rw------- 1 hadoop hadoop 1675 May 17 14:59 id_rsa -rw-r--r-- 1 hadoop hadoop 395 May 17 14:59 id_rsa.pub [hadoop@hadoop000 .ssh]$ cat id_rsa.pub >> authorized_keys [hadoop@hadoop000 .ssh]$ ll total 12 -rw-rw-r-- 1 hadoop hadoop 395 May 17 14:59 authorized_keys -rw------- 1 hadoop hadoop 1675 May 17 14:59 id_rsa -rw-r--r-- 1 hadoop hadoop 395 May 17 14:59 id_rsa.pub #authorized_keys权限必须为600 [hadoop@hadoop000 .ssh]$ chmod 600 authorized_keys [hadoop@hadoop000 .ssh]$ ssh hadoop000 date The authenticity of host 'hadoop000 (192.168.6.217)' can't be established. RSA key fingerprint is 25:d9:d6:7e:fa:e0:a7:92:7c:06:76:5c:2b:19:bf:a3. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'hadoop000,192.168.6.217' (RSA) to the list of known hosts. Thu May 17 15:00:28 CST 2018 [hadoop@hadoop000 .ssh]$ ssh hadoop000 date Thu May 17 15:00:30 CST 2018
3.总结
hadoop用户配置ssh免密登录 authorized_keys权限必须改为600