hadoop-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tim robertson <timrobertson...@gmail.com>
Subject Re: fail to setup passphraseless ssh and need some help
Date Fri, 03 Jul 2009 14:45:27 GMT
This seemed to me to be a good resource (e.g. it worked for me):
http://fak3r.com/2006/08/10/howto-passwordless-ssh-logins/

Tim


On Fri, Jul 3, 2009 at 4:31 PM, fred wang<fredwang222@gmail.com> wrote:
> I remove the ~/.ssh and regenerate the key and it seems I still need to
> provide password when I ssh localhost. Thank you very much even it couldn't
> be fixed finally.
>
> But I found there is some warning information:
>
> ssh localhost
>
> The authenticity of host 'localhost (127.0.0.1)' can't be established.
>
> RSA key fingerprint is 4f:a1:ff:ed:0c:46:3e:a9:8c:97:bc:b7:46:3e:35:d2.
>
> Are you sure you want to continue connecting (yes/no)? yes
>
> Warning: Permanently added 'localhost' (RSA) to the list of known hosts.
>
>
> On 7/1/09 11:09 PM, fred wang wrote:
>
>>  sorry, should incopy ssh_config(instead of sshd_config)
>>>
>>>
>>> vi /etc/ssh/ssh_config
>>>
>>> #  1. command line options
>>>
>>> #  2. user-specific file
>>>
>>> #  3. system-wide file
>>>
>>> # Any configuration value is only changed the first time it is set.
>>>
>>> # Thus, host-specific definitions should be at the beginning of the
>>>
>>> # configuration file, and defaults at the end.
>>>
>>>
>>>
>>> # Site-wide defaults for some commonly used options.  For a comprehensive
>>>
>>> # list of available options, their meanings and defaults, please see the
>>>
>>> # ssh_config(5) man page.
>>>
>>>
>>>
>>> Host *
>>>
>>> #   ForwardAgent no
>>>
>>> #   ForwardX11 no
>>>
>>> #   ForwardX11Trusted yes
>>>
>>> #   RhostsRSAAuthentication no
>>>
>>> #   RSAAuthentication yes
>>>
>>> #   PasswordAuthentication yes
>>>
>>> #   HostbasedAuthentication no
>>>
>>> #   GSSAPIAuthentication no
>>>
>>> #   GSSAPIDelegateCredentials no
>>>
>>> #   GSSAPIKeyExchange no
>>>
>>> #   GSSAPITrustDNS no
>>>
>>> #   BatchMode no
>>>
>>> #   CheckHostIP yes
>>>
>>> #   AddressFamily any
>>>
>>> #   ConnectTimeout 0
>>>
>>> #   StrictHostKeyChecking ask
>>>
>>> #   IdentityFile ~/.ssh/identity
>>>
>>> #   IdentityFile ~/.ssh/id_rsa
>>>
>>> #   IdentityFile ~/.ssh/id_dsa
>>>
>>> #   Port 22
>>>
>>> #   Protocol 2,1
>>>
>>> #   Cipher 3des
>>>
>>> #   Ciphers
>>> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
>>>
>>> #   MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
>>>
>>> #   EscapeChar ~
>>>
>>> #   Tunnel no
>>>
>>> #   TunnelDevice any:any
>>>
>>> #   PermitLocalCommand no
>>>
>>>     SendEnv LANG LC_*
>>>
>>>     HashKnownHosts yes
>>>
>>>     GSSAPIAuthentication yes
>>>
>>>     GSSAPIDelegateCredentials no
>>>
>>>
>>> On Thu, Jul 2, 2009 at 1:51 PM, fred wang<fredwang222@gmail.com>  wrote:
>>>
>>> Here is the output of ssh -v localhost  and the configuration of
>>>> ssh_config,
>>>>
>>>> xxx@xxx-desktop:~$ ssh -v localhost
>>>>
>>>> OpenSSH_4.7p1 Debian-8ubuntu1.2, OpenSSL 0.9.8g 19 Oct 2007
>>>>
>>>> debug1: Reading configuration data /etc/ssh/ssh_config
>>>>
>>>> debug1: Applying options for *
>>>>
>>>> debug1: Connecting to localhost [127.0.0.1] port 22.
>>>>
>>>> debug1: Connection established.
>>>>
>>>> debug1: identity file /home/xxx/.ssh/identity type -1
>>>>
>>>> debug1: identity file /home/xxx/.ssh/id_rsa type -1
>>>>
>>>> debug1: identity file /home/xxx/.ssh/id_dsa type 2
>>>>
>>>> debug1: Remote protocol version 2.0, remote software version
>>>> OpenSSH_4.7p1
>>>> Debian-8ubuntu1.2
>>>>
>>>> debug1: match: OpenSSH_4.7p1 Debian-8ubuntu1.2 pat OpenSSH*
>>>>
>>>> debug1: Enabling compatibility mode for protocol 2.0
>>>>
>>>> debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1.2
>>>>
>>>> debug1: SSH2_MSG_KEXINIT sent
>>>>
>>>> debug1: SSH2_MSG_KEXINIT received
>>>>
>>>> debug1: kex: server->client aes128-cbc hmac-md5 none
>>>>
>>>> debug1: kex: client->server aes128-cbc hmac-md5 none
>>>>
>>>> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
>>>>
>>>> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
>>>>
>>>> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
>>>>
>>>> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
>>>>
>>>> debug1: Host 'localhost' is known and matches the RSA host key.
>>>>
>>>> debug1: Found key in /home/xxx/.ssh/known_hosts:1
>>>>
>>>> debug1: ssh_rsa_verify: signature correct
>>>>
>>>> debug1: SSH2_MSG_NEWKEYS sent
>>>>
>>>> debug1: expecting SSH2_MSG_NEWKEYS
>>>>
>>>> debug1: SSH2_MSG_NEWKEYS received
>>>>
>>>> debug1: SSH2_MSG_SERVICE_REQUEST sent
>>>>
>>>> debug1: SSH2_MSG_SERVICE_ACCEPT received
>>>>
>>>> debug1: Authentications that can continue: publickey,password
>>>>
>>>> debug1: Next authentication method: publickey
>>>>
>>>> debug1: Trying private key: /home/xxx/.ssh/identity
>>>>
>>>> debug1: Trying private key: /home/xxx/.ssh/id_rsa
>>>>
>>>> debug1: Offering public key: /home/xxx/.ssh/id_dsa
>>>>
>>>> debug1: Authentications that can continue: publickey,password
>>>>
>>>> debug1: Next authentication method: password
>>>>
>>>> xxx@localhost's password:
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> xxx@xxx:~$ vi /etc/ssh/sshd_config
>>>>
>>>> #KerberosOrLocalPasswd yes
>>>>
>>>> #KerberosTicketCleanup yes
>>>>
>>>>
>>>>
>>>> # GSSAPI options
>>>>
>>>> #GSSAPIAuthentication no
>>>>
>>>> #GSSAPICleanupCredentials yes
>>>>
>>>>
>>>>
>>>> X11Forwarding yes
>>>>
>>>> X11DisplayOffset 10
>>>>
>>>> PrintMotd no
>>>>
>>>> PrintLastLog yes
>>>>
>>>> TCPKeepAlive yes
>>>>
>>>> #UseLogin no
>>>>
>>>>
>>>>
>>>> #MaxStartups 10:30:60
>>>>
>>>> #Banner /etc/issue.net
>>>>
>>>>
>>>>
>>>> # Allow client to pass locale environment variables
>>>>
>>>> AcceptEnv LANG LC_*
>>>>
>>>>
>>>>
>>>> Subsystem sftp /usr/lib/openssh/sftp-server
>>>>
>>>>
>>>>
>>>> UsePAM yes
>>>>
>>>>
>>>>
>>>> On Thu, Jul 2, 2009 at 1:18 PM, Konstantin Boudnik<cos@yahoo-inc.com
>>>> >wrote:
>>>>
>>>> Yet another possibility is that your SSH daemon isn't configured to
>>>>> accept
>>>>> publickey as a valid authorization mean.
>>>>>
>>>>> Try to do ssh -v localhost and check if there's something similar to
the
>>>>> following:
>>>>>
>>>>> debug1: Authentications that can continue:
>>>>> publickey,password,keyboard-interactive
>>>>> debug1: Next authentication method: publickey
>>>>> debug1: Trying private key: /home/xxx/.ssh/identity
>>>>> debug1: Trying private key: /home/xxx/.ssh/id_rsa
>>>>> debug1: Offering public key: /home/xxx/.ssh/id_dsa
>>>>> debug1: Server accepts key: pkalg ssh-dss blen 435
>>>>> debug1: read PEM private key done: type DSA
>>>>> debug1: Authentication succeeded (publickey).
>>>>>
>>>>> Cos
>>>>>
>>>>>
>>>>> On 7/1/09 10:11 PM, fred wang wrote:
>>>>>
>>>>> I have setup ./.ssh/authorized keys has permssion 600, but it didn't
>>>>>> work.
>>>>>> Thanks anyway
>>>>>>
>>>>>> ls -l .ssh/authorized_keys
>>>>>> -rw------- 1 xxx xxx 1222 2009-07-02 13:08 .ssh/authorized_keys
>>>>>>
>>>>>> On Thu, Jul 2, 2009 at 12:15 AM, Konstantin Boudnik<cos@yahoo-inc.com
>>>>>>
>>>>>>> wrote:
>>>>>>>
>>>>>> Make sure that your ~/.ssh/authorized_keys has permissions 600
>>>>>>
>>>>>>> Cos
>>>>>>>
>>>>>>>
>>>>>>> On 7/1/09 7:35 AM, fred wang wrote:
>>>>>>>
>>>>>>> Hi all,
>>>>>>>
>>>>>>>>   I failed to setup passphraseless ssh(I mean, I still need
to input
>>>>>>>> password to do ssh localhost) when I tried to configure Hadoop
to run
>>>>>>>> on
>>>>>>>> psuedo-distributed operation,  could anyone help me solve
this issue?
>>>>>>>> Thanks!
>>>>>>>>
>>>>>>>> (1)I use the Putty0.6 to remote access to Ubuntu by SSH.
>>>>>>>>
>>>>>>>> (2) execution steps and ouput
>>>>>>>>
>>>>>>>> $ ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa
>>>>>>>> Generating public/private dsa key pair.
>>>>>>>> Your identification has been saved in /home/xxx/.ssh/id_dsa.
>>>>>>>> Your public key has been saved in /home/xxx/.ssh/id_dsa.pub.
>>>>>>>> The key fingerprint is:
>>>>>>>> a9:39:4c:9b:22:f9:a4:77:70:24:fa:bf:12:f5:81:81 xxx
>>>>>>>>
>>>>>>>>
>>>>>>>> **note: it doesn't have message  'Enter passphrase (empty
for no
>>>>>>>> passphrase):
>>>>>>>>     Enter same passphrase again: ' which appear in some
introductory
>>>>>>>> paper.
>>>>>>>> "
>>>>>>>>
>>>>>>>> $ cat ~/.ssh/id_dsa.pub>>    ~/.ssh/authorized_keys
>>>>>>>> no output
>>>>>>>>
>>>>>>>> $ ssh localhost
>>>>>>>> The authenticity of host 'localhost (127.0.0.1)' can't be
>>>>>>>> established.
>>>>>>>> RSA key fingerprint is
>>>>>>>> 4f:a1:ff:ed:0c:46:3e:a9:8c:97:bc:b7:46:3e:35:d2.
>>>>>>>> Are you sure you want to continue connecting (yes/no)? yes
>>>>>>>> Warning: Permanently added 'localhost' (RSA) to the list
of known
>>>>>>>> hosts.
>>>>>>>> xxx@localhost's password:
>>>>>>>>
>>>>>>>>
>>>>>>>>
>

Mime
View raw message