hadoop-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From fred wang <fredwang...@gmail.com>
Subject Re: fail to setup passphraseless ssh and need some help
Date Thu, 02 Jul 2009 06:09:36 GMT
sorry, should incopy ssh_config(instead of sshd_config)


vi /etc/ssh/ssh_config

#  1. command line options

#  2. user-specific file

#  3. system-wide file

# Any configuration value is only changed the first time it is set.

# Thus, host-specific definitions should be at the beginning of the

# configuration file, and defaults at the end.



# Site-wide defaults for some commonly used options.  For a comprehensive

# list of available options, their meanings and defaults, please see the

# ssh_config(5) man page.



Host *

#   ForwardAgent no

#   ForwardX11 no

#   ForwardX11Trusted yes

#   RhostsRSAAuthentication no

#   RSAAuthentication yes

#   PasswordAuthentication yes

#   HostbasedAuthentication no

#   GSSAPIAuthentication no

#   GSSAPIDelegateCredentials no

#   GSSAPIKeyExchange no

#   GSSAPITrustDNS no

#   BatchMode no

#   CheckHostIP yes

#   AddressFamily any

#   ConnectTimeout 0

#   StrictHostKeyChecking ask

#   IdentityFile ~/.ssh/identity

#   IdentityFile ~/.ssh/id_rsa

#   IdentityFile ~/.ssh/id_dsa

#   Port 22

#   Protocol 2,1

#   Cipher 3des

#   Ciphers
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc

#   MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160

#   EscapeChar ~

#   Tunnel no

#   TunnelDevice any:any

#   PermitLocalCommand no

    SendEnv LANG LC_*

    HashKnownHosts yes

    GSSAPIAuthentication yes

    GSSAPIDelegateCredentials no


On Thu, Jul 2, 2009 at 1:51 PM, fred wang <fredwang222@gmail.com> wrote:

> Here is the output of ssh -v localhost  and the configuration of
> ssh_config,
>
> xxx@xxx-desktop:~$ ssh -v localhost
>
> OpenSSH_4.7p1 Debian-8ubuntu1.2, OpenSSL 0.9.8g 19 Oct 2007
>
> debug1: Reading configuration data /etc/ssh/ssh_config
>
> debug1: Applying options for *
>
> debug1: Connecting to localhost [127.0.0.1] port 22.
>
> debug1: Connection established.
>
> debug1: identity file /home/xxx/.ssh/identity type -1
>
> debug1: identity file /home/xxx/.ssh/id_rsa type -1
>
> debug1: identity file /home/xxx/.ssh/id_dsa type 2
>
> debug1: Remote protocol version 2.0, remote software version OpenSSH_4.7p1
> Debian-8ubuntu1.2
>
> debug1: match: OpenSSH_4.7p1 Debian-8ubuntu1.2 pat OpenSSH*
>
> debug1: Enabling compatibility mode for protocol 2.0
>
> debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1.2
>
> debug1: SSH2_MSG_KEXINIT sent
>
> debug1: SSH2_MSG_KEXINIT received
>
> debug1: kex: server->client aes128-cbc hmac-md5 none
>
> debug1: kex: client->server aes128-cbc hmac-md5 none
>
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
>
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
>
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
>
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
>
> debug1: Host 'localhost' is known and matches the RSA host key.
>
> debug1: Found key in /home/xxx/.ssh/known_hosts:1
>
> debug1: ssh_rsa_verify: signature correct
>
> debug1: SSH2_MSG_NEWKEYS sent
>
> debug1: expecting SSH2_MSG_NEWKEYS
>
> debug1: SSH2_MSG_NEWKEYS received
>
> debug1: SSH2_MSG_SERVICE_REQUEST sent
>
> debug1: SSH2_MSG_SERVICE_ACCEPT received
>
> debug1: Authentications that can continue: publickey,password
>
> debug1: Next authentication method: publickey
>
> debug1: Trying private key: /home/xxx/.ssh/identity
>
> debug1: Trying private key: /home/xxx/.ssh/id_rsa
>
> debug1: Offering public key: /home/xxx/.ssh/id_dsa
>
> debug1: Authentications that can continue: publickey,password
>
> debug1: Next authentication method: password
>
> xxx@localhost's password:
>
>
>
>
>
>
>
> xxx@xxx:~$ vi /etc/ssh/sshd_config
>
> #KerberosOrLocalPasswd yes
>
> #KerberosTicketCleanup yes
>
>
>
> # GSSAPI options
>
> #GSSAPIAuthentication no
>
> #GSSAPICleanupCredentials yes
>
>
>
> X11Forwarding yes
>
> X11DisplayOffset 10
>
> PrintMotd no
>
> PrintLastLog yes
>
> TCPKeepAlive yes
>
> #UseLogin no
>
>
>
> #MaxStartups 10:30:60
>
> #Banner /etc/issue.net
>
>
>
> # Allow client to pass locale environment variables
>
> AcceptEnv LANG LC_*
>
>
>
> Subsystem sftp /usr/lib/openssh/sftp-server
>
>
>
> UsePAM yes
>
>
>
> On Thu, Jul 2, 2009 at 1:18 PM, Konstantin Boudnik <cos@yahoo-inc.com>wrote:
>
>> Yet another possibility is that your SSH daemon isn't configured to accept
>> publickey as a valid authorization mean.
>>
>> Try to do ssh -v localhost and check if there's something similar to the
>> following:
>>
>> debug1: Authentications that can continue:
>> publickey,password,keyboard-interactive
>> debug1: Next authentication method: publickey
>> debug1: Trying private key: /home/xxx/.ssh/identity
>> debug1: Trying private key: /home/xxx/.ssh/id_rsa
>> debug1: Offering public key: /home/xxx/.ssh/id_dsa
>> debug1: Server accepts key: pkalg ssh-dss blen 435
>> debug1: read PEM private key done: type DSA
>> debug1: Authentication succeeded (publickey).
>>
>> Cos
>>
>>
>> On 7/1/09 10:11 PM, fred wang wrote:
>>
>>> I have setup ./.ssh/authorized keys has permssion 600, but it didn't
>>> work.
>>> Thanks anyway
>>>
>>> ls -l .ssh/authorized_keys
>>> -rw------- 1 xxx xxx 1222 2009-07-02 13:08 .ssh/authorized_keys
>>>
>>> On Thu, Jul 2, 2009 at 12:15 AM, Konstantin Boudnik<cos@yahoo-inc.com
>>> >wrote:
>>>
>>> Make sure that your ~/.ssh/authorized_keys has permissions 600
>>>>
>>>> Cos
>>>>
>>>>
>>>> On 7/1/09 7:35 AM, fred wang wrote:
>>>>
>>>> Hi all,
>>>>>
>>>>>   I failed to setup passphraseless ssh(I mean, I still need to input
>>>>> password to do ssh localhost) when I tried to configure Hadoop to run
>>>>> on
>>>>> psuedo-distributed operation,  could anyone help me solve this issue?
>>>>> Thanks!
>>>>>
>>>>> (1)I use the Putty0.6 to remote access to Ubuntu by SSH.
>>>>>
>>>>> (2) execution steps and ouput
>>>>>
>>>>> $ ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa
>>>>> Generating public/private dsa key pair.
>>>>> Your identification has been saved in /home/xxx/.ssh/id_dsa.
>>>>> Your public key has been saved in /home/xxx/.ssh/id_dsa.pub.
>>>>> The key fingerprint is:
>>>>> a9:39:4c:9b:22:f9:a4:77:70:24:fa:bf:12:f5:81:81 xxx
>>>>>
>>>>>
>>>>> **note: it doesn't have message  'Enter passphrase (empty for no
>>>>> passphrase):
>>>>>     Enter same passphrase again: ' which appear in some introductory
>>>>> paper.
>>>>> "
>>>>>
>>>>> $ cat ~/.ssh/id_dsa.pub>>   ~/.ssh/authorized_keys
>>>>> no output
>>>>>
>>>>> $ ssh localhost
>>>>> The authenticity of host 'localhost (127.0.0.1)' can't be established.
>>>>> RSA key fingerprint is 4f:a1:ff:ed:0c:46:3e:a9:8c:97:bc:b7:46:3e:35:d2.
>>>>> Are you sure you want to continue connecting (yes/no)? yes
>>>>> Warning: Permanently added 'localhost' (RSA) to the list of known
>>>>> hosts.
>>>>> xxx@localhost's password:
>>>>>
>>>>>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message