- Seventh Arrow
- Jan 26, 2005
-
|
I'm trying to set up hadoop for a data science class but I realized that I was using root when starting up start-dfs.sh
This isn't really hadoop-specific, though - even if I do 'ssh localhost' with my local account, I get prompted for a password and nothing I enter works.
I've been following the instructions here
https://hadoop.apache.org/docs/stable/hadoop-project-dist/hadoop-common/SingleCluster.html
But most sites will have the same three steps:
code: $ ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
$ chmod 0600 ~/.ssh/authorized_keys
http://www.vaughn-s.net/hadoop/result_ssh.txt
Here is a copy of my sshd_config:
http://www.vaughn-s.net/hadoop/sshd_config
Any suggestions would be appreciated. Also, if there's a better forum to post this kind of thing, please let me know.
edit: also, it doesn't have to be password-less per se...I'm happy to use a password if I can just get it to work
Seventh Arrow fucked around with this message at 00:59 on Jul 11, 2017
|
#
?
Jul 11, 2017 00:38
|
|
- Adbot
-
ADBOT LOVES YOU
|
|
|
#
?
May 3, 2024 11:18
|
|
- telcoM
- Mar 21, 2009
-
-
Fallen Rib
|
code:...
debug1: identity file /home/vaughn/.ssh/id_rsa type 1
...
code:...
debug1: Authentications that can continue:
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available
debug1: Unspecified GSS failure. Minor code may provide more information
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available
...
code:debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/vaughn/.ssh/id_rsa
debug1: Authentications that can continue:
debug1: Trying private key: /home/vaughn/.ssh/id_dsa
debug1: Trying private key: /home/vaughn/.ssh/id_ecdsa
debug1: Trying private key: /home/vaughn/.ssh/id_ed25519
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue:
debug1: Next authentication method: password
debug1: Authentications that can continue:
Permission denied, please try again.
...
Then it falls back to password authentication.
At this point, you should look into the server's authentication log (/var/log/auth.log or /var/log/secure, depending on Linux distribution) to see a message from sshd, describing the reason why the key is rejected.
That rejection reason is not disclosed to the client, because at this point the client is still unknown and assumed potentially hostile/malicious until successfully authenticated.
code:...
RSAAuthentication yes
PubkeyAuthentication no
...
# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no
# Change to no to disable tunnelled clear text passwords
PasswordAuthentication no
In effect, you have told SSHD to reject all authentication mechanisms, so it displays a fake password prompt even though no password will be accepted. Change PubkeyAuthentication to yes in sshd_config (and restart sshd) and key-based authentication should start working. If you want to allow password authentication, set PasswordAuthentication to yes.
|
|
#
?
Jul 11, 2017 10:52
|
|
- Seventh Arrow
- Jan 26, 2005
-
|
Hey, thanks for this telcoM - it definitely helped get rid of the password authentication. I also had to copy the id file and change permissions on the hadoop folder but it's all good now. Thanks for your effort!
|
|
#
?
Jul 11, 2017 15:14
|
|
#
?
Jul 11, 2017 00:38
