hbase-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <victor.h...@nokia.com>
Subject Re: ssh passwordless login "without" public key authentication
Date Sat, 01 Jan 2011 00:26:04 GMT
Or do it at command level:

ssh -o StrictHostKeyChecking=no <newnode>

This will add <newnode> to your known_hosts file.

- Victor

On Dec 31, 2010, at 5:33 PM, ext Eric Sammer wrote:

> What you're referring to is host key auth and there's no way to stop ssh
> from using it. It's intrinsic to the way it works. What you can do is
> disable strict host key checking such that ssh won't ask and will blindly
> trust any host it connects to. This is a BAD IDEA, but can be done by
> setting StrictHostKeyChecking to 'no' in the client's ssh config at the
> machine level (in /etc/ssh/ssh_config) or the user level (in ~/.ssh/config).
> 
> A much better option is to automate the usage of ssh-keyscan (see the man
> page) to "learn" new hosts in a controlled environment prior to deployment.
> 
> All of this is documented in ssh's various man pages. See ssh_config(5),
> ssh(1), and ssh-keyscan(1) for details.
> 
> On Fri, Dec 31, 2010 at 5:26 PM, Hiller, Dean (Contractor) <
> dean.hiller@broadridge.com> wrote:
> 
>> Every time we add a blade, getting passwordless login setup seems to be
>> a pain as the master has to be modified to "know" about the node so we
>> don't get prompted with do you know this key DF:ER:5R:etc. etc. and
>> typically this is done quickly by doing ssh <user>@<newnode> and just
>> answering yes  (assuming the .ssh directory is just coming from a
>> standard image).
>> 
>> 
>> 
>> Word has it there is a way to do automatic login so as we add blades,
>> our goal is really just to discover that(some systems are starting to
>> have that like cisco UCS) and then automatically add that to the slaves
>> file.
>> 
>> 
>> 
>> Does anyone know how to do passwordless ssh without publich key
>> authentication OR at the very least tell the master to "trust" all nodes
>> out there so it never prompts for the do you want to trust the key
>> question?
>> 
>> 
>> 
>> The authenticity of host 'dhiller ()' can't be established.
>> 
>> RSA key fingerprint is 94:95:c6:70:9c:ce:48:ca:db:6f:ff:ab:95:47:01:11.
>> 
>> Are you sure you want to continue connecting (yes/no)?
>> 
>> 
>> 
>> Thanks,
>> 
>> Dean
>> 
>> 
>> This message and any attachments are intended only for the use of the
>> addressee and
>> may contain information that is privileged and confidential. If the reader
>> of the
>> message is not the intended recipient or an authorized representative of
>> the
>> intended recipient, you are hereby notified that any dissemination of this
>> communication is strictly prohibited. If you have received this
>> communication in
>> error, please notify us immediately by e-mail and delete the message and
>> any
>> attachments from your system.
>> 
>> 
> 
> 
> -- 
> Eric Sammer
> twitter: esammer
> data: www.cloudera.com


Mime
View raw message