Hi
I am setting up a small cluster and i need to access the slave machines through ssh shell without password. There are a lot of things available on the net but none concerns my issues.

1. I need that all the users connected to the server should be able to connect to the slave or nodes through ssh without password

2. I found a method on the web but i am unable to find it now that did not involve any transfer of keys from one pc to other. It used only the files hosts.allow, hosts.deny and hosts.equiv

I am using Redhat 9 linux.

Thankx in Advance

Muneeb Shaukat

you seem to want the public/private key scheme, then here:
http://inst.eecs.berkeley.edu/cgi-bi...?file=ssh.help

hosts.equiv is rsh it is not ssh.
I believe you can set up SSH to work in this way:
---On your head node---
ssh-keygen -t dsa -f ~/.ssh/mykey
cd ~/.ssh
mv mykey identity
cp mykey.pub authorized_keys

At this point you should be able to ssh to yourself. (verify to make sure it works)
Then copy the ssh directory to your nodes.
scp -r ~/.ssh node_whatever:/home/username/

You should then be able to ssh to all nodes without a password.

i believe you have to run ssh-agent and ssh-add to add your key and enter the passwod once

well the lam mpi can run on ssh or rsh as a matter of fact so can there is a way that the rsh becomes passwordless without involving keys..

For RSH (only if this is behind a secure firewall)
Put the node/host names in your /etc/hosts.equiv or ~/.rhosts file.
If you need root to have rsh access also then you will have to add rlogin, rexec, rsh into your /etc/securetty
You will have to have rsh, rlogin, rexec on before anything works. (chkconfig --list to see if they are enabled) they should be listed in the xinetd section.

Hi,

I have a similar question. I have created the ssh key-gen pair and logging in as root passwordless (from serverA to serverB) works. However, I have a cronjob run by root on serverA that scp files at midnight over to serverB. The sshd_config in both machines allow root login. If I disable root login, is this cronjob going to fail? Thanks for your help!

-twantrd

If the cronjob runs as root, and you disable root on ssh, then yes, this job will fail.

Ahh, that's what I needed to know. Sure I could try it out but I didn't have access to my boxes for testing. Thanks for the quick reply!

-twantrd

the last command should be cat mykey.pub >> authorized_keys
J.

hello i am also setting cluster now ..

it seems lam/mpi uses rsh to connect ...i do not have rsh installed..

so how to set the mpi to use ssh ..!!

because i enabled ssh as passwordless login..

1) Type the following script in a file named "sshlogin".

#!/usr/bin/expect --

set timeout 180
set machine [lindex $argv 0]
set username [lindex $agrc 1]
set password [lindex $argv 2]
spawn ssh $username@$machine
expect "$username@$machine's password: "
send "$password\n"
interact


2) Give executable permission to the file.

chmod 711 sshlogin

3) put this file in /bin folder

4) Now for a user "abc" wants to login to a machine node1 using password "xyz", the command is :
sshlogin node1 abc xyz

I think this should solve your problem

I have misspelled argv1 as agrc1
the corrected script is here.

#!/usr/bin/expect --

set timeout 180
set machine [lindex $argv 0]
set username [lindex $argv1]
set password [lindex $argv 2]
spawn ssh $username@$machine
expect "$username@$machine's password: "
send "$password\n"
interact

How about sshd_config ?

When I config SSH with RSA , it show me following message.
What is it ?

"... Disabling protocol version 2. Could not load host key"

My sshd_config is: ---------------------------

Port 22

HostKey /etc/ssh/ssh_host_key

KeyRegenerationInterval 3600

SyslogFacility AUTHPRIV

PermitRootLogin no

RsaAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

IgnoreRhosts yes

IgnoreUserKnownHosts yes


X11Forwarding yes

AllowUsers user1 user2


*****************************************

I have created a local RSA key:

ssh-keygen -t rsa -f /home/user/.ssh/user_id.pub

mv .ssh/user_id.pub .ssh/authorized_keys

*****************************************

Where is my mistake ? Please advice me. .........

Hi Blinker_Fluid,

I tried. When I used the command "ssh-keygen -t dsa -f ~/.ssh/mykey" it asked to enter a passphrase. I entered a password.
After doing all these steps that you have suggested, I tried to ssh. The it again asked to enter "passphrase". So, it is not realy a passwordless connection. LAM/MPI requies connection without any external input.

Is there any thing missing?

Thanks.
Manoj