incubator-ambari-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yusaku Sako <yus...@hortonworks.com>
Subject Re: Passwordless login from master as well
Date Fri, 22 Mar 2013 00:40:38 GMT
Thanks for the tip.
Yep that would work as well.
As Ravindranath mentioned, ssh-copy-id can help, too.
We can definitely enhance the doc.  Do you want to file a JIRA for that?
Also, the doc should be modified to say authorized_keys should be 600 and
write down the chmod commands explictly.
I think chmod 700 ~/.ssh and chmod 600 ~/.ssh/authorized_keys should work
(no need to lockdown the home directory) AFAIK (I may be wrong).

Yusaku


On Thu, Mar 21, 2013 at 3:10 PM, Tapper, Gunnar <gunnar.tapper@hp.com>wrote:

>  Hi,****
>
> ** **
>
> I have the same experience; that is, that section 5.2 in the installation
> guide doesn’t address password-free ssh correctly.****
>
> ** **
>
> I find it easiest to set up the ~/.ssh/authorized_keys file on the server
> node first by copying ~/.ssh/id_dsa.pub values from the slave nodes into
> that file. Then, I simply use scp to copy ~/.ssh/authorized_keys to the
> agent nodes. Finally, I find that you have to do the following on each node:
> ****
>
> ** **
>
> chmod 755 ~/.ssh****
>
> chmod 600 ~/.ssh/authorized_keys****
>
> cd ~/.ssh****
>
> chmod 700 .. (that's two periods)****
>
> ** **
>
> ** **
>
> Sincerely,****
>
> ** **
>
> Gunnar****
>
> ** **
>
> *Innovation is a team sport* — Michael Idechik, vice president of
> advanced technologies, General Electric****
>
> ** **
>
> ** **
>
> ** **
>
> *From:* Ravindranath Akila [mailto:ravindranathakila@gmail.com]
> *Sent:* Thursday, March 21, 2013 2:52 PM
> *To:* ambari-user@incubator.apache.org
> *Subject:* Passwordless login from master as well****
>
> ** **
>
> Could you please update the documentation to include that Passwordless
> login is required from masters to slaves as well? Also include use of
> ssh-copy-id?
> Just thought of suggesting based on my experience with Ambari. Finally got
> the cluster running B-) ****
>
> -Ravindranath Akila ****
>

Mime
View raw message