生成SSH KEY
[root@kafaka3 ~]# cd /root/.ssh
[root@kafaka3 .ssh]# pwd
/root/.ssh
[root@kafaka .ssh]# ssh-keygen #生成秘钥
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): #输入秘钥名(默认id_rsa)
Enter passphrase (empty for no passphrase): #密码, 默认为空
Enter same passphrase again: #再次输入密码
Your identification has been saved in /root/.ssh/id_rsa. 秘钥
Your public key has been saved in /root/.ssh/id_rsa.pub. 公钥
The key fingerprint is:
a7:82:b2:ce:c2:e0:21:7d:4e:63:7c:03:d5:3c:98:25 root@kafaka
The key's randomart image is:
+--[ RSA 2048]----+
| E*. |
| +.+ |
| . . |
| . |
| . . . S . |
|o.. *.o o |
|= o=.o... |
|.+ o. . |
| o+ |
+-----------------+
[root@kafaka .ssh]# ls -l
total 8
-rw------- 1 root root 1675 Jul 13 20:12 id_rsa
-rw-r--r-- 1 root root 393 Jul 13 20:12 id_rsa.pub
复制到另外两台机器上
[root@kafaka .ssh]# ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]
The authenticity of host '192.168.56.152 (192.168.56.152)' can't be established.
ECDSA key fingerprint is e6:c4:48:fa:0d:76:3e:2c:3b:60:e7:61:90:ad:9a:ee.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.
[root@kafaka .ssh]# ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]
The authenticity of host '192.168.56.153 (192.168.56.153)' can't be established.
ECDSA key fingerprint is e6:c4:48:fa:0d:76:3e:2c:3b:60:e7:61:90:ad:9a:ee.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.
修改kafka2 & kafka3目录和文件的权限。如果不修改,可能无法正常免密登录成功
- kafka2文件权限修改
[root@kafaka2 .ssh]# chmod 700 ~/.ssh
[root@kafaka2 .ssh]# chmod 600 ~/.ssh/authorized_keys - kafka3文件权限修改
[root@kafaka3 .ssh]# chmod 700 ~/.ssh
[root@kafaka3 .ssh]# chmod 600 ~/.ssh/authorized_keys
免密登录测试
[root@kafaka .ssh]# ssh 192.168.56.152
Last login: Tue Jul 13 20:04:08 2021 from 192.168.56.1
[root@kafaka2 ~]# exit
logout
Connection to 192.168.56.152 closed.