Setup SSH Pub Key Authentication

Posted on | Edited on | In

More information about ssh and scp can refer this post.

This is about how to set up SSH public key authentication, after that you will not prompt to input password for ssh connection.

We need to setup ssh passwordless in softlayer cluster, otherwise our Datastage installer wouldn’t work. Now the master node in cluster uses /ibm/unicorn_rsa as the key to ssh, we can generate a new key and utilize it to communicate.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
## "yes" will overwrite existing rsa key
## -t specify the type of key to create
## -N provides the new passphrase
## -f specifies the filename of the key file
echo "yes" | ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa

## then append the id_rsa.pub content to authorized_keys in each node
declare -a nodes=($(cat /etc/hosts | grep -i ibmcloud | awk {'print $2'}))
key=$(cat ~/.ssh/id_rsa.pub)
for node in "${nodes[@]}"
do
  echo "[INFO] copy ssh public to ${node}"
  ssh -i /ibm/unicorn_rsa -o StrictHostKeyChecking=no ${node} "echo ${key} >> ~/.ssh/authorized_keys"
done

Notice that:

  1. the ~/.ssh/authorized_keys permission on target machine should be 644 or 600 and file owner should be the right user
  2. public key authentication on target machine must be allowed PubKeyAuthentication yes
0%