openssh ssh public and private keys setup and permission

In general one unix node can access another node, this can be configured using a common unix account on all the nodes with same username, password could be different on each machine, for security we prefer to keep access at user level on each node. Generally we provide sudo access for this user to higher level access on machines.
Step 1: Create account with same username on all unix machines
Step 2: Verify SSH  installation
- verify if SSH is installed on your machines. If SSH is not installed, you can install from openssh.com

[hadoop-user@master]$ which ssh 

/usr/bin/ssh

[hadoop-user@master]$ which sshd

/usr/bin/sshd

[hadoop-user@master]$ which ssh-keygen

/usr/bin/ssh-keygen

 

Step 3: Generate SSH  key pair
Once SSH is installed on master and all slave nodes, then generate RSA Key pair using ssh-keygen. If you enter passpharase then you need to provide or enter this phrase everytime master connects to slave node, so if you don't want this prompt then leave phrase empty

[user@master]$ ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/home/user/.ssh/id_rsa): 

Enter passphrase (empty for no passphrase): 

Enter same passphrase again: 

 

Your identification has been saved in /home/user/.ssh/id_rsa.

Your public key has been saved in /home/user/.ssh/id_rsa.pub.

 

After creating your key pair, your public key will be of the form

[user@master]$ more /home/user/.ssh/id_rsa.pub

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA1WS3RG8LrZH4zL2/1oYgkV1OmVclQ2OO5vRi0Nd

K51Sy3wWpBVHx82F3x3ddoZQjBK3uvLMaDhXvncJG31JPfU7CTAfmtgINYv0kdUbDJq4TKG/fuO5q

J9CqHV71thN2M310gcJ0Y9YCN6grmsiWb2iMcXpy2pqg8UM3ZKApyIPx99O1vREWm+4moFTg

YwIl5be23ZCyxNjgZFWk5MRlT1p1TxB68jqNbPQtU7fIafS7Sasy7h4eyIy7cbLh8x0/V4/mcQsY

5dvReitNvFVte6onl8YdmnMpAh6nwCvog3UeWWJjVZTEBFkTZuV1i9HeYHxpm1wAzcnf7az78jT

IRQ== user@master
Step 4: Distribute public key to all slave node to validate logins
copy public key to all slave node as well as master node
[user@master]$ scp ~/.ssh/id_rsa.pub user@target:~/master_key

Manually log in to the target node and set the master key as an authorized key (or append to the list of authorized keys if you have others defined).

 

[user@target]$ mkdir ~/.ssh

[user@target]$ chmod 700 ~/.ssh

[user@target]$ mv ~/master_key ~/.ssh/authorized_keys

[user@target]$ chmod 600 ~/.ssh/authorized_keys

 

After generating the key, you can verify it’s correctly defined by attempting to log in to 

the target node from the master:

[user@master]$ ssh target

Last login: Sun Jan 4 15:32:49 2009 from master

 

 

you should be able to login without any issue

Who's new

  • admin

Who's online

There are currently 0 users online.