centos下ssh免秘钥登录突然失效问题解决
2016-09-25 13:56
323 查看
但前Hadoop集群启动的时候需要输入下属节点的密码,即ssh免秘钥登录失效,折腾了一天找到原因如下:
另外:
su hadoop
chmod 700 /home/hadoop/
chmod 700 /home/hadoop/.ssh
chmod 644 authorized_keys
chmod 600 id_rsa
[test@ceshiserver234 .ssh]$ssh -v localhost OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to localhost [::1] port 22. debug1: Connection established. debug1: identity file /home/test/.ssh/identity type -1 debug1: identity file /home/test/.ssh/identity-cert type -1 debug1: identity file /home/test/.ssh/id_rsa type -1 debug1: identity file /home/test/.ssh/id_rsa-cert type -1 debug1: identity file /home/test/.ssh/id_dsa type 2 debug1: identity file /home/test/.ssh/id_dsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.3 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'localhost' is known and matches the RSA host key. debug1: Found key in /home/test/.ssh/known_hosts:1 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Next authentication method: gssapi-keyex debug1: No valid Key exchange context debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information Credentials cache file '/tmp/krb5cc_501' not found debug1: Unspecified GSS failure. Minor code may provide more information Credentials cache file '/tmp/krb5cc_501' not found debug1: Unspecified GSS failure. Minor code may provide more information debug1: Unspecified GSS failure. Minor code may provide more information Credentials cache file '/tmp/krb5cc_501' not found debug1: Next authentication method: publickey debug1: Trying private key: /home/test/.ssh/identity debug1: Trying private key: /home/test/.ssh/id_rsa debug1: Offering public key: /home/test/.ssh/id_dsa debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Next authentication method: password test@localhost's password: debug1: Authentication succeeded (password). debug1: channel 0: new [client-session] debug1: Requesting no-more-sessions@openssh.com debug1: Entering interactive session. debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 Last login: Sat Dec 13 14:31:31 2014 from localhost [test@ceshiserver234 ~]$exitdebug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0 debug1: channel 0: forcing write logout debug1: channel 0: free: client-session, nchannels 1 Connection to localhost closed. Transferred: sent 2808, received 2640 bytes, in 5.5 seconds Bytes per second: sent 512.3, received 481.6 debug1: Exit status 0 [test@ceshiserver234 .ssh]$ssh -v localhost OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to localhost [::1] port 22. debug1: Connection established. debug1: identity file /home/test/.ssh/identity type -1 debug1: identity file /home/test/.ssh/identity-cert type -1 debug1: identity file /home/test/.ssh/id_rsa type -1 debug1: identity file /home/test/.ssh/id_rsa-cert type -1 debug1: identity file /home/test/.ssh/id_dsa type 2 debug1: identity file /home/test/.ssh/id_dsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.3 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'localhost' is known and matches the RSA host key. debug1: Found key in /home/test/.ssh/known_hosts:1 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Next authentication method: gssapi-keyex debug1: No valid Key exchange context debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information Credentials cache file '/tmp/krb5cc_501' not found debug1: Unspecified GSS failure. Minor code may provide more information Credentials cache file '/tmp/krb5cc_501' not found debug1: Unspecified GSS failure. Minor code may provide more information debug1: Unspecified GSS failure. Minor code may provide more information Credentials cache file '/tmp/krb5cc_501' not found debug1: Next authentication method: publickey debug1: Trying private key: /home/test/.ssh/identity debug1: Trying private key: /home/test/.ssh/id_rsa debug1: Offering public key: /home/test/.ssh/id_dsa debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Next authentication method: password test@localhost's password: [test@ceshiserver234 .ssh]$/sbin/restorecon -r /root/.ssh /sbin/restorecon: lstat(/root/.ssh) failed: Permission denied [test@ceshiserver234 .ssh]$sudo /sbin/restorecon -r /root/.ssh /sbin/restorecon: lstat(/root/.ssh) failed: No such file or directory [test@ceshiserver234 .ssh]$ls -Z authorized_keys -rw-------. test test unconfined_u:object_r:home_root_t:s0 authorized_keys [test@ceshiserver234 .ssh]$/sbin/re reboot reload resize2fs restart restorecon [test@ceshiserver234 .ssh]$/sbin/re reboot reload resize2fs restart restorecon **[test@ceshiserver234 .ssh]$/sbin/restorecon -r /home/test/.ssh/** [test@ceshiserver234 .ssh]$ls -Z authorized_keys -rw-------. test test unconfined_u:object_r:ssh_home_t:s0 authorized_keys [test@ceshiserver234 .ssh]$ssh localhost Last login: Sat Dec 13 14:32:12 2014 from localhost [test@ceshiserver234 ~]$ssh ceshiserver234 The authenticity of host 'ceshiserver234 (192.168.2.234)' can't be established. RSA key fingerprint is de:ed:c7:17:09:c8:28:92:92:7d:c9:29:1d:7e:60:04. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'ceshiserver234,192.168.2.234' (RSA) to the list of known hosts. Last login: Sat Dec 13 14:36:06 2014 from localhost [test@ceshiserver234 ~]$exit logout Connection to ceshiserver234 closed. [test@ceshiserver234 ~]$ssh ceshiserver234 Last login: Sat Dec 13 14:36:18 2014 from ceshiserver234 [test@ceshiserver234 ~]$
另外:
su hadoop
chmod 700 /home/hadoop/
chmod 700 /home/hadoop/.ssh
chmod 644 authorized_keys
chmod 600 id_rsa
相关文章推荐
- CentOS6 DNS解析缓慢 SSH登录缓慢 问题解决
- Centos ssh登录慢问题的解决办法
- CentOS6 DNS解析缓慢 SSH登录缓慢 问题解决
- CentOS6.5配置ssh免密码登录并解决仍然需要输入密码的问题
- 解决ssh登录慢的问题
- 解决Ubuntu ssh 登录慢问题
- 解决Telnet/SSH登录Linux服务器中文乱码问题
- 解决SUSE Linux下SSH无法使用密码登录问题
- centos下解决ssh hostname command 环境变量问题
- 解决Ubuntu SSH登录时过慢的问题
- ssh登录缓慢问题的解决
- 解决ssh远程登录unix服务器时vi/vim的方向键在编辑模式不能用的问题
- (转)解决ssh登录慢的问题(一定要在远端主机上修改啊)
- 使用ssh工具远程登录centos中文乱码问题
- 解决backtrack5无法ssh登录问题
- 解决SSH登录过慢的问题
- OpenSuSE的ssh无法使用密码登录问题的解决办法
- 解决Linux系统下SSH远程登录很慢的问题
- 解决OpenFetion突然无法登录问题
- ssh无密码登录设置方法以及出现问题 ECDSA host key 和IP地址对应的key不同的解决