RHEL7.2 SSH无密码登录非root用户

1 修改三台虚拟机的/ect/hosts文件

[hadoop@hadoop01 ~]$ cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
[hadoop@hadoop01 ~]$ su - root
密码：
上一次登录：六 11月  4 15:52:36 CST 2017pts/0 上
ABRT has detected 1 problem(s). For more info run: abrt-cli list --since 1509781956
[root@hadoop01 ~]# vi /etc/hosts
[root@hadoop01 ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.169.101	hadoop01
192.168.169.102	hadoop02
192.168.169.103	hadoop03

2 修改三台虚拟机的/etc/ssh/sshd_config

[root@hadoop01 ~]# vi /etc/ssh/sshd_config
[root@hadoop01 ~]# cat /etc/ssh/sshd_config | grep uth | grep -v "#"
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile	.ssh/authorized_keys

将前面的#号去掉

3 修改三台虚拟机的/etc/selinux/config

[root@hadoop01 ~]# vi /etc/selinux/config
[root@hadoop01 ~]# cat /etc/selinux/config | grep SELINUX= | grep -v "#"
SELINUX=disabled

4 重启虚机三台虚拟机

[root@hadoop01 ~]# reboot

5 配置SSH无密码登录

三台虚拟机依次操作如下：

192.168.168.101

[hadoop@hadoop01 ~]$ ssh-keygen
Generating public/private dsa key pair.
Created directory '/hadoop/.ssh'.
Your identification has been saved in /hadoop/.ssh/id_dsa.
Your public key has been saved in /hadoop/.ssh/id_dsa.pub.
The key fingerprint is:
c1:4b:6d:30:2b:57:b9:f8:dc:33:b6:d9:05:f8:79:31 hadoop@hadoop01
The key's randomart image is:
+--[ DSA 1024]----+
|        o ..     |
|       . *.      |
|      . *.o. .   |
|       +.+. . .E |
|        So . . oo|
|          o = o o|
|           . * o |
|            o .  |
|                 |
+-----------------+
[hadoop@hadoop01 ~]$ chmod 700 .ssh
[hadoop@hadoop01 ~]$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
[hadoop@hadoop01 ~]$ chmod 600 ~/.ssh/authorized_keys
[hadoop@hadoop01 ~]$ ssh hadoop01
The authenticity of host 'hadoop01 (192.168.169.101)' can't be established.
ECDSA key fingerprint is 7a:41:d1:c6:30:98:21:51:40:b7:ac:13:a4:0d:05:5c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop01,192.168.169.101' (ECDSA) to the list of known hosts.
Last login: Sun Nov  5 10:24:11 2017 from 192.168.169.1
[hadoop@hadoop01 ~]$ exit
登出
Connection to hadoop01 closed.
[hadoop@hadoop01 ~]$ ssh hadoop01
Last login: Sun Nov  5 10:26:02 2017 from hadoop01

192.168.168.102

[hadoop@hadoop02 ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/hadoop/.ssh/id_rsa):
Created directory '/hadoop/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /hadoop/.ssh/id_rsa.
Your public key has been saved in /hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
ee:ba:9f:68:d8:ab:27:ea:f7:42:ff:0c:47:80:fe:63 hadoop@hadoop02
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|     .           |
|    . .          |
|   .   .         |
|    .   S        |
|    .. o         |
|   . +E o        |
|    =.=B .       |
| .oo.B***        |
+-----------------+
[hadoop@hadoop02 ~]$ chmod 700 .ssh
[hadoop@hadoop02 ~]$ scp -rp ~/.ssh/id_rsa.pub hadoop@hadoop01:/hadoop/.ssh/id_rsa.pub.102
The authenticity of host 'hadoop01 (192.168.169.101)' can't be established.
ECDSA key fingerprint is 7a:41:d1:c6:30:98:21:51:40:b7:ac:13:a4:0d:05:5c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop01,192.168.169.101' (ECDSA) to the list of known hosts.
hadoop@hadoop01's password:
id_rsa.pub

192.168.169.103

hadoop@hadoop03 ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/hadoop/.ssh/id_rsa):
Created directory '/hadoop/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /hadoop/.ssh/id_rsa.
Your public key has been saved in /hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
dc:c2:8d:14:b0:bf:64:a7:2f:41:44:34:1b:66:2b:b2 hadoop@hadoop03
The key's randomart image is:
+--[ RSA 2048]----+
|      .+O        |
|       +.*       |
|    . o.+        |
|     o *.+       |
|    E  .S +      |
|       o.=       |
|        o.       |
|        ..       |
|         ..      |
+-----------------+
[hadoop@hadoop03 ~]$ chmod 700 .ssh
[hadoop@hadoop03 ~]$ scp -rp ~/.ssh/id_rsa.pub hadoop@hadoop01:/hadoop/.ssh/id_rsa.pub.103
The authenticity of host 'hadoop01 (192.168.169.101)' can't be established.
ECDSA key fingerprint is 7a:41:d1:c6:30:98:21:51:40:b7:ac:13:a4:0d:05:5c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop01,192.168.169.101' (ECDSA) to the list of known hosts.
hadoop@hadoop01's password:
id_rsa.pub

192.168.169.101

[hadoop@hadoop01 ~]$ cat ~/.ssh/id_rsa.pub.102 >> ~/.ssh/authorized_keys
[hadoop@hadoop01 ~]$ cat ~/.ssh/id_rsa.pub.103 >> ~/.ssh/authorized_keys
[hadoop@hadoop01 ~]$ scp -rp ~/.ssh/authorized_keys hadoop@hadoop02:/hadoop/.ssh/
The authenticity of host 'hadoop02 (192.168.169.102)' can't be established.
ECDSA key fingerprint is f7:ef:fb:e5:7e:0f:59:40:63:23:99:9a:ca:e2:03:e8.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop02,192.168.169.102' (ECDSA) to the list of known hosts.
hadoop@hadoop02's password:
authorized_keys                                                                                                                         100%  397     0.4KB/s   00:00
[hadoop@hadoop01 ~]$ scp -rp ~/.ssh/authorized_keys hadoop@hadoop03:/hadoop/.ssh/
The authenticity of host 'hadoop03 (192.168.169.103)' can't be established.
ECDSA key fingerprint is 25:a7:16:1f:49:91:0f:ba:f8:ba:68:bb:1e:e0:1c:44.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop03,192.168.169.103' (ECDSA) to the list of known hosts.
hadoop@hadoop03's password:
authorized_keys                                                                                                                         100%  397     0.4KB/s   00:00

6 验证

192.168.169.101

[hadoop@hadoop01 ~]$ ssh hadoop02
Last login: Sun Nov  5 13:42:56 2017 from 192.168.169.1
[hadoop@hadoop02 ~]$ exit
登出
Connection to hadoop02 closed.
[hadoop@hadoop01 ~]$ ssh hadoop03
Last login: Sun Nov  5 13:42:58 2017 from 192.168.169.1
[hadoop@hadoop03 ~]$

192.168.169.102

[hadoop@hadoop02 ~]$ ssh hadoop01
Last login: Sun Nov  5 13:44:08 2017 from 192.168.169.1
[hadoop@hadoop01 ~]$ exit
登出
Connection to hadoop01 closed.
[hadoop@hadoop02 ~]$ ssh hadoop03
The authenticity of host 'hadoop03 (192.168.169.103)' can't be established.
ECDSA key fingerprint is 25:a7:16:1f:49:91:0f:ba:f8:ba:68:bb:1e:e0:1c:44.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop03,192.168.169.103' (ECDSA) to the list of known hosts.
Last login: Sun Nov  5 13:51:57 2017 from hadoop01
[hadoop@hadoop03 ~]$

192.168.169.103

[hadoop@hadoop03 ~]$ ssh hadoop01
Last login: Sun Nov  5 13:52:30 2017 from hadoop02
[hadoop@hadoop01 ~]$ exit
登出
Connection to hadoop01 closed.
[hadoop@hadoop03 ~]$ ssh hadoop02
The authenticity of host 'hadoop02 (192.168.169.102)' can't be established.
ECDSA key fingerprint is f7:ef:fb:e5:7e:0f:59:40:63:23:99:9a:ca:e2:03:e8.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop02,192.168.169.102' (ECDSA) to the list of known hosts.
Last login: Sun Nov  5 13:51:50 2017 from hadoop01
[hadoop@hadoop02 ~]$