Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi
I am setting up a small cluster and i need to access the slave machines through ssh shell without password. There are a lot of things available on the net but none concerns my issues.
1. I need that all the users connected to the server should be able to connect to the slave or nodes through ssh without password
2. I found a method on the web but i am unable to find it now that did not involve any transfer of keys from one pc to other. It used only the files hosts.allow, hosts.deny and hosts.equiv
hosts.equiv is rsh it is not ssh.
I believe you can set up SSH to work in this way:
---On your head node---
ssh-keygen -t dsa -f ~/.ssh/mykey
cd ~/.ssh
mv mykey identity
cp mykey.pub authorized_keys
At this point you should be able to ssh to yourself. (verify to make sure it works)
Then copy the ssh directory to your nodes.
scp -r ~/.ssh node_whatever:/home/username/
You should then be able to ssh to all nodes without a password.
Originally posted by muneebs123 well the lam mpi can run on ssh or rsh as a matter of fact so can there is a way that the rsh becomes passwordless without involving keys..
For RSH (only if this is behind a secure firewall)
Put the node/host names in your /etc/hosts.equiv or ~/.rhosts file.
If you need root to have rsh access also then you will have to add rlogin, rexec, rsh into your /etc/securetty
You will have to have rsh, rlogin, rexec on before anything works. (chkconfig --list to see if they are enabled) they should be listed in the xinetd section.
I have a similar question. I have created the ssh key-gen pair and logging in as root passwordless (from serverA to serverB) works. However, I have a cronjob run by root on serverA that scp files at midnight over to serverB. The sshd_config in both machines allow root login. If I disable root login, is this cronjob going to fail? Thanks for your help!
I have a similar question. I have created the ssh key-gen pair and logging in as root passwordless (from serverA to serverB) works. However, I have a cronjob run by root on serverA that scp files at midnight over to serverB. The sshd_config in both machines allow root login. If I disable root login, is this cronjob going to fail? Thanks for your help!
-twantrd
If the cronjob runs as root, and you disable root on ssh, then yes, this job will fail.
Originally posted by Blinker_Fluid hosts.equiv is rsh it is not ssh.
I believe you can set up SSH to work in this way:
---On your head node---
ssh-keygen -t dsa -f ~/.ssh/mykey
cd ~/.ssh
mv mykey identity
cp mykey.pub authorized_keys
...
the last command should be cat mykey.pub >> authorized_keys
J.
Originally posted by Blinker_Fluid hosts.equiv is rsh it is not ssh.
I believe you can set up SSH to work in this way:
---On your head node---
ssh-keygen -t dsa -f ~/.ssh/mykey
cd ~/.ssh
mv mykey identity
cp mykey.pub authorized_keys
At this point you should be able to ssh to yourself. (verify to make sure it works)
Then copy the ssh directory to your nodes.
scp -r ~/.ssh node_whatever:/home/username/
You should then be able to ssh to all nodes without a password.
How about sshd_config ?
When I config SSH with RSA , it show me following message.
What is it ?
"... Disabling protocol version 2. Could not load host key"
I tried. When I used the command "ssh-keygen -t dsa -f ~/.ssh/mykey" it asked to enter a passphrase. I entered a password.
After doing all these steps that you have suggested, I tried to ssh. The it again asked to enter "passphrase". So, it is not realy a passwordless connection. LAM/MPI requies connection without any external input.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.