LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   ssh without password for /home shared over NFS (http://www.linuxquestions.org/questions/linux-server-73/ssh-without-password-for-home-shared-over-nfs-725864/)

sumanc 05-14-2009 02:29 AM
ssh without password for /home shared over NFS
 
Hi,

I am planning to build a small cluster for parallel computing. The first step would be to make sure all the machines can communicate with each other without requiring password. Now I am experiencing problem with the regular method of RSA shared key authentication method, since the /home is shared for all machines from a NFS filesystem. Thus, I do not understand how to distinguish the id_rsa file generated by ssh-keygen for all different machines.

Can anybody suggest what would be the most efficient way of achieving my goal? That method should work together with OpenMPI job submission.

Thanks.

JulianTosh 05-14-2009 03:29 AM
typically, one of the things that needs to happen for passwordless ssh connections is to copy id_rsa.pub into .ssh/authorized_keys on the remote server. Since this is a shared home dir, perhaps you should simply 'cp id_rsa.pub authorized_keys'?

sumanc 05-14-2009 06:16 AM
Quote:
Originally Posted by Admiral Beotch (Post 3540257)
typically, one of the things that needs to happen for passwordless ssh connections is to copy id_rsa.pub into .ssh/authorized_keys on the remote server. Since this is a shared home dir, perhaps you should simply 'cp id_rsa.pub authorized_keys'?

Yes, but there should be a unique pair of private/public key combination: id_rsa and id_rsa.pub. Note that I shall need to have about 30 machines communicating with each other. Since every key fingerprint contains unique hostname in the .pub file, I shall have to add the public key of each node to the authorized_keys file. That's doable, but the problem is that there can be only one id_rsa private key in that folder (if I am not wrong).

I hope that I could clarify my problem/confusion better this time.

JulianTosh 05-14-2009 06:32 AM
While there is a comment field in the .pub file that is typically user@host, I dont believe there is any hostname tied to the key pair (in a meaningful way). You should be able to copy a user's ssh keys from machine to machine with no consequence.

Since every server is sharing the same ~/.ssh directory, I think it would be sufficient to copy the .pub file to authorized_keys. If it would make things appear cleaner, you could edit the comment field in the .pub file to simply be user (instead of user@host).

sumanc 05-15-2009 03:13 AM
It worked. Thank you very much! :)

Actually I was skeptic because initially it was not working, but that was due to some kind of ownership problem. A "chown -R suman:suman" on my home directory solved the problem!

JulianTosh 05-15-2009 08:39 AM
Cool! Yes - when it comes to key logins, ssh has some strict policies on the file permissions and ownership on the .ssh folder and files. I glad everything worked out!


All times are GMT -5. The time now is 06:36 PM.