SSH Error When Configuring Mutual Trust During Deployment

Note:
This topic has been translated from a Chinese forum by GPT and might contain errors.

Original topic: 配置了互信 deploy 时ssh报错

| username: wangbincmss

[TiDB Usage Environment] Production Environment
[TiDB Version] v4.0.16
[Reproduction Path] Operations performed that led to the issue
tiup cluster deploy tidb v4.0.16 top.yaml --user tidb -p

Error: executor.ssh.execute_failed: Failed to execute command over SSH for ‘tidb@11.11.143.14:22’ {ssh_stderr: , ssh_stdout: , ssh_command: export LANG=C; PATH=$PATH:/bin:/sbin:/usr/bin:/usr/sbin /usr/bin/sudo -H bash -c “test -d /tidb || (mkdir -p /tidb && chown tidb:$(id -g -n tidb) /tidb)”}, cause: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
[Encountered Issue: Issue Phenomenon and Impact]
[Resource Configuration]
[Attachments: Screenshots/Logs/Monitoring]

| username: 啦啦啦啦啦 | Original post link

Does the TiDB user have sudo privileges?

| username: tidb菜鸟一只 | Original post link

If mutual trust is configured, you don’t need to enter a password. If not configured, you need to enter a password.

• If using the key method, you can specify the key path with -i or --identity_file.
• If using the password method, you can enter the password interaction window with -p.
• If password-free login to the target machine is already configured, no authentication is required.
  If mutual trust is configured, just remove the -p.

| username: 我是咖啡哥 | Original post link

The person above is right. Once mutual trust is established, there’s no need to use the -p flag anymore.

| username: ffeenn | Original post link

Log in to the server with tiup and configure mutual trust for the tidb user on each node in turn.
TiDB Environment and System Configuration Check | PingCAP Documentation Center

| username: Billmay表妹 | Original post link

There are two pieces of content that might help you: