ubuntu - 用于身份验证的公钥

ubuntu - 用于身份验证的公钥

我有一个主集群和从集群。我正在设置cloudera 管理器。

在主服务器上,我使用以下命令创建了一个无密码密钥。

ssh-keygen -f id_rsa -t rsa -N '' 
eval `ssh-agent`
ssh-add ~/.ssh/id_rsa

然后我把钥匙放在了所有从属设备上。

   cat /tmp/id_rsa.pub >> /root/.ssh/authorized_keys

从主服务器,我可以不用密码进行 ssh。效果很好。

现在我需要一个公钥来进行身份验证。密钥是什么?是 id_rsa.pub 吗?我必须在浏览器中输入公钥的位置来进行身份验证。当我使用 id_rsa.pub 时,出现了这个错误。但使用该密钥允许我无需密码即可 ssh 到任何其他从属服务器。

No provider available for Unknown key file

You may connect via password or public-key authentication for the user selected above.


2013-01-27 03:34:49,832  INFO [1736878096@scm-web-86:node.NodeConfiguratorService@198] Retrying configurator with id 3
2013-01-27 03:34:49,834  INFO [1736878096@scm-web-86:node.NodeConfiguratorService@179] Submitted configurator for 103.4.112.102 with id 4
2013-01-27 03:34:49,836  INFO [NodeConfiguratorThread-4-4:node.NodeConfiguratorProgress@482] 103.4.112.102: Transitioning from INIT (PT0.002S) to CONNECT
2013-01-27 03:34:49,837  INFO [NodeConfiguratorThread-4-4:transport.TransportImpl@152] Client identity string: SSH-2.0-SSHJ_0_8
2013-01-27 03:34:49,844  INFO [NodeConfiguratorThread-4-4:transport.TransportImpl@161] Server identity string: SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1
2013-01-27 03:34:49,844  INFO [NodeConfiguratorThread-4-4:transport.KeyExchanger@195] Sending SSH_MSG_KEXINIT
2013-01-27 03:34:49,845  INFO [reader:transport.KeyExchanger@357] Received SSH_MSG_KEXINIT
2013-01-27 03:34:49,916  INFO [reader:kex.DHG14@110] Sending SSH_MSG_KEXDH_INIT
2013-01-27 03:34:49,924  INFO [reader:transport.KeyExchanger@370] Received kex followup data
2013-01-27 03:34:49,924  INFO [reader:kex.DHG14@120] Received SSH_MSG_KEXDH_REPLY
2013-01-27 03:34:49,975  INFO [reader:transport.KeyExchanger@203] Sending SSH_MSG_NEWKEYS
2013-01-27 03:34:49,975  INFO [reader:transport.KeyExchanger@385] Received SSH_MSG_NEWKEYS
2013-01-27 03:34:49,976  INFO [NodeConfiguratorThread-4-4:node.CmfSSHClient@686] Key exchange took 0.132 seconds
2013-01-27 03:34:49,976  INFO [NodeConfiguratorThread-4-4:node.NodeConfiguratorProgress@482] 103.4.112.102: Transitioning from CONNECT (PT0.140S) to AUTHENTICATE
2013-01-27 03:34:49,977  WARN [NodeConfiguratorThread-4-4:node.NodeConfigurator@277] Could not authenticate to 103.4.xxx.xxx
net.schmizz.sshj.common.SSHException: No provider available for Unknown key file
        at net.schmizz.sshj.SSHClient.loadKeys(SSHClient.java:526)
        at com.cloudera.server.cmf.node.NodeConfigurator.connect(NodeConfigurator.java:272)
        at com.cloudera.server.cmf.node.NodeConfigurator.configure(NodeConfigurator.java:709)
        at com.cloudera.server.cmf.node.NodeConfigurator.run(NodeConfigurator.java:755)
        at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441)
        at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
        at java.util.concurrent.FutureTask.run(FutureTask.java:138)
        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
        at java.lang.Thread.run(Thread.java:662)
2013-01-27 03:34:49,977  INFO [NodeConfiguratorThread-4-4:node.NodeConfiguratorProgress@503] 103.4.112.102: Setting AUTHENTICATE as failed and done state

答案1

ssh 公钥本身不允许您登录任何服务器,只有私钥和公钥组合(在本例中为 id_rsa)才允许您使用 ssh 验证(登录)到远程服务器。事实上,从远程客户端,您需要指定私钥才能登录到服务器,而不是公钥。

来自 Cloudera Manager 安装说明 -

“为了在安装和升级过程中进行身份验证,您需要输入密码或上传 root 或 sudo 用户帐户的公钥和私钥对。”

因此,如果您要实现此目的,您还需要上传私钥。您很可能会在 ~/.ssh/id_rsa 中找到它

相关内容