How to set up passwordless ssh

From DeepSense Docs
Revision as of 12:53, 25 September 2020 by Lyang (talk | contribs) (Set correct permission of authorized_keys)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Users may be tired of typing password again and again while logging on the head nodes and compute nodes. The following instruction helps users set up passwordless ssh between their local machine and DeepSense's head nodes, and DeepSense's head nodes and compute nodes.
Basically, users need to generate a pair of private key and public key for a different system to allow passwordless ssh. The follow guide shows how to set up the passwordless ssh login from your local machine to the login 1 node of DeepSense.

Generate private and public keys

In the terminal of your local machine, generate the private and public keys using the following command:

  ssh-keygen -t rsa

You will see something similar to below:

    [username@your local machine ~]$ ssh-keygen -t rsa
    Generating public/private rsa key pair.
    Enter file in which to save the key (/home/username/.ssh/id_rsa): [Press enter key]
    Created directory '/home/username/.ssh'.
    Enter passphrase (empty for no passphrase): [Press enter key]
    Enter same passphrase again: [Press enter key]
    Your identification has been saved in /home/username/.ssh/id_rsa.
    Your public key has been saved in /home/username/.ssh/id_rsa.pub.
    The key fingerprint is:
    5f:ad:40:00:8a:d1:9b:99:b3:b0:f8:08:99:c3:ed:d3 username@your local machine
    The key's randomart image is:
    +--[ RSA 2048]----+
    |        ..oooE.++|
    |         o. o.o  |
    |          ..   . |
    |         o  . . o|
    |        S .  . + |
    |       . .    . o|
    |      . o o    ..|
    |       + +       |
    |        +.       |
   +-----------------+

There is a directory called “.ssh” on both your local machine and DeepSense’s login nodes 1 and 2 in your home directory. You can go to the “.ssh” directory on your local machine to see if there are two files named “id_rsa” which is your private key and “id_rsa.pub” which is your public key. The private key is the key you keep only on your local machine. While you use the public key to let remote system know you would like to ssh to it using the pub key without a password. The next step tells you how to do this.

Put the public key on login 1 of DeepSense

Get the contents of the public key on your local machine. You can use command “cat” to do this. For example:

         cat .ssh/id_rsa.pub
         ssh-rsa  AAAA/ OOfh/BL+ESZ1GQ8Ms8kBPUmV/w== username from abc.com

The actual key is not this short as shown above. It is just an example. You copy the whole contents of the public key. Now login the DS login node 1. You still have to use password at this moment. After you are on the system, open “.ssh/authorized_keys” and paste the public key you just copied to the last line of this file.

Set correct permission of authorized_keys

You already have the public key of you local machine on login node 1. But you will have to set the permission of the file “.ssh/authorized_keys”. Run the following command to set the permission:

chmod 640 .ssh/authorized_keys

Now, you should be able to ssh into login node 1 without a password.

You can do the same thing for login node 2. If you want to set passwordless ssh between the login node and other nodes in the cluster, you can generate the private and public keys on one login node. Then, put the generated pub key in the “.ssh/authorized_keys” file. Because your home directories are all shared across the cluster, you only need to do this on one node and all nodes can see your public key so you can ssh to them without a password.