You can do this by using host based authentication in ssh; see below
on the config changes I make. This needs to be done on the MN, and all
the compute nodes as well.
add all hosts including MN into /etc/hosts.equiv, i.e.,
node001
node001.cluster.local
10.0.0.1
etc...
add all ssh hostkeys in /etc/ssh/ssh_known_hosts for all the machines
in the cluster.
DIff files below for sshd_config and ssh_config
--- sshd_config 2008-05-24 19:07:35.000000000 +0100
+++ sshd_config.new 2010-01-06 11:37:24.000000000 +0000
@@ -47,10 +47,10 @@
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
-#HostbasedAuthentication no
+HostbasedAuthentication yes
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
-#IgnoreUserKnownHosts no
+IgnoreUserKnownHosts yes
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
--- ssh_config 2008-05-24 19:07:35.000000000 +0100
+++ ssh_config.new 2010-01-06 11:39:34.000000000 +0000
@@ -17,18 +17,18 @@
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
-# Host *
+Host *
# ForwardAgent no
# ForwardX11 no
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
-# HostbasedAuthentication no
+ HostbasedAuthentication yes
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
-# StrictHostKeyChecking ask
+ StrictHostKeyChecking no
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
@@ -40,7 +40,8 @@
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
-Host *
+ EnableSSHKeysign yes
+# Host *
GSSAPIAuthentication yes
# If this option is set to yes then remote X11 clients will have full access
# to the original X11 display. As virtually no X11 client supports
the untrusted
--
Arif Ali
catch me on freenode IRC, username: arif-ali
On 21 June 2012 07:35, m13601078155 <[email protected]> wrote:
> How can I setup ssh no password for no root user ?
> Please give me a example in detail.
> Thank you .
>
> 2012-06-21
> ________________________________
>
> MSN:[email protected]
>
>
>
> ________________________________
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> xCAT-user mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/xcat-user
>
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
xCAT-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/xcat-user
