我有一台主计算机和四台从计算机。我在主计算机上生成了 rsa 公钥/私钥。然后我将 publickey( id_rsa.pub
) 复制到从机上,如下所示authorized_keys
。
当我在主 PC 终端上像这样调用 SSH 时,它不会询问密码:
ssh –o UserKnownHostsFile=/dev/null –o StrictHostKeyChecking=no hduser@slave1
我编写了这个脚本来自动登录从属机器而无需询问密码。
SERVER_LIST=`cat /home/hduser/slaves` # slave1, slave2 ...
for host in $SERVER_LIST; do
host=hduser@$host
ssh –t –o UserKnownHostsFile=/dev/null –o StrictHostKeyChecking=no $host;
done
当我使用此脚本时,SSH 会询问从属密码。当我使用带有以下选项的 SSH 时,我收到此消息-vv
:
debug1: ssh_ecdsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /root/.ssh/id_rsa ((nil))
debug2: key: /root/.ssh/id_dsa ((nil))
debug2: key: /root/.ssh/id_ecdsa ((nil))
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
hduser@slave1's password:
我更改了主 PC 和从属 PC 的权限。
sudo chmod 755 /home/hduser
sudo chmod 700 -R ~/.ssh
sudo chown hduser ~/.ssh
当我在终端上调用 SSH 时,它不会询问密码,但在脚本中调用它时,它仍然询问密码。我遗漏了什么?我该如何修复它?
答案1
SSH 日志显示登录会话正在 /root/.ssh/ 中查找凭据,这意味着您的脚本正在以 root 身份运行。
将您的 id_* 文件复制到 /root/.ssh,以 root 身份生成适当的凭据,或以保存凭据的用户身份运行脚本。