help with ssh authentication

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I manage a 16-node beowolf cluster. After I login to the head node I
can do ssh to the 16 slave nodes without having to enter the password.
But when I login as a user I have to enter the password every time I
ssh to one of the slave nodes. Is there a way such that I dont have to
enter the password when I ssh as a user?

Re: help with ssh authentication

Quoted text here. Click to load it


Your root user has probably created a passphrase-free SSH key, and allowed
access to all the other machines using that root account and that passphrase
free SSH key by copying the public part of the key into
/root/.ssh/authorized_keys (all of which is well documented in the SSH
documentation and guidelines).

There are dozens of reasons not to do it this way, such as the risk of
having that passphrase free private key stolen off the head node and used by
anyone who wants to. A more secure way to do this sort of thing is to use a
tool like "keychain" to store the unlocked keys, and to create keys with
passphrases for users. Then the users can use their public keys, at will, to
provide such access and only get the passphrase less usage when they've
unlocked their key and set it up once.

I strongly urge you to get the O'Reilly book on SSH, which goes into detail
about exactly this sort of situation.

Site Timeline