hadoop配置 - ssh-copy-id with port

使用下例中ssky-keygen和ssh-copy-id，仅需通过3个步骤的简单设置而无需输入密码就能登录远程Linux主机。 

ssh-keygen 创建公钥和密钥。 

ssh-copy-id 把本地主机的公钥复制到远程主机的authorized_keys文件上。
ssh-copy-id 也会给远程主机的用户主目录（home）和~/.ssh, 和~/.ssh/authorized_keys设置合适的权限 。

步骤1: 用 ssh-key-gen 在本地主机上创建公钥和密钥

ligh@local-host$ ssh-keygen -t  rsaEnter file in which to save the key (/home/jsmith/.ssh/id_rsa):[Enter key] Enter passphrase (empty for no passphrase): [Press enter key]Enter same passphrase again: [Pess enter key]Your identification has been saved in /home/jsmith/.ssh/id_rsa.Your public key has been saved in /home/jsmith/.ssh/id_rsa.pub. The key fingerprint is: 33:b3:fe:af:95:95:18:11:31:d5:de:96:2f:f2:35:f9 ligh@local-host

步骤1.5:把公钥复制到本机上

ligh@local-host$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys

[注:把密钥追加到本机的 .ssh/authorized_key 上.]

步骤2: 用 ssh-copy-id 把公钥复制到远程主机上

ligh@local-host$ ssh-copy-id -i ~/.ssh/id_rsa.pub  root@192.168.0.3ligh@remote-host‘s password:Now try logging into the machine, with ―ssh ?remote-host‘‖, and check in: .ssh/authorized_keys to make sure we haven‘t added extra keys that you weren‘t expecting.

[注: ssh-copy-id 把密钥追加到远程主机的 .ssh/authorized_key 上.]

步骤3: 直接登录远程主机

ligh@local-host$ ssh remote-host Last login: Sun Nov 16 17:22:33 2008 from 192.168.1.2 ligh@remote-host$ 

[注: SSH 不会询问密码.]

补充：

cat ssh-copy-id

#!/bin/sh# Shell script to install your identity.pub on a remote machine# Takes the remote machine name as an argument.# Obviously, the remote machine must accept password authentication,# or one of the other keys in your ssh-agent, for this to work. ID_FILE="${HOME}/.ssh/identity.pub" while getopts ':i:p:P:h' OPTIONdo    case $OPTION in        i)        if [-n"$OPTARG"]; then            if expr "$OPTARG" : ".*.pub" > /dev/null ; then                ID_FILE="$OPTARG"            else                ID_FILE="$OPTARG.pub"            fi        fi        ;;        P|p)            PORT=$OPTARG;        ;;        h)            echo "Usage: $0 [-i [identity_file]] [user@]machine">&2            exit 1        ;;    esac;done; shift $(($OPTIND- 1)) if [ $# -lt 1 ] && [ x$SSH_AUTH_SOCK != x ] ; then   GET_ID="$GET_ID ssh-add -L"fi if [ -z "`eval $GET_ID`" ] &&[-r"${ID_FILE}"]; then  GET_ID="cat ${ID_FILE}"fi if [ -z "`eval $GET_ID`" ]; then  echo "$0: ERROR: No identities found" >&2  exit 1fi if [ -z $PORT]; then    PORTOPTION=""else    PORTOPTION="-p $PORT "fi; { eval "$GET_ID" ; } | ssh $PORTOPTION$1"umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys"||exit 1 cat <<EOFNow try logging into the machine, with "ssh $PORTOPTION'$1'", and check in:   .ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting. EOF

# ssh-copy-id -i ~/.ssh/id_rsa.pub "-p 22222 user@server"