Support User Manuals

Q-Logic IB6054601-00 D Switch User Manual

Open as PDF

of 122

2 – InfiniPath Cluster Administration

Configuring ssh and sshd Using shosts.equiv

2-16 IB6054601-00 D

Q

This next example assumes the following:

■ Both the cluster nodes and the front end system are running the openssh

package as distributed in current Linux systems.

■ All cluster users have accounts with the same account name on the front end

and on each node, either by using NIS or some other means of distributing the

password file.

■ The front end is called ip-fe.

■ Root or superuser access is required on ip-fe and on each node in order to

configure

ssh.

■ ssh, including the host’s key, has already been configured on the system ip-fe.

See the

sshd and ssh-keygen man pages for more information.

The example proceeds as follows:

1. On the system

ip-fe, the front end node, change /etc/ssh/ssh_config to

allow host-based authentication. Specifically, this file must contain the following

four lines, set to ‘yes’. If they are already present but commented out with an

initial #, remove the #.

RhostsAuthentication yes

RhostsRSAAuthentication yes

HostbasedAuthentication yes

EnableSSHKeysign yes

2. On each of the InfiniPath node systems, create or edit the file

/etc/ssh/shosts.equiv, adding the name of the front end system. You’ll need

to add the line:

ip-fe

Change the file to mode 600 when finished editing.

3. On each of the InfiniPath node systems, create or edit the file

/etc/ssh/ssh_known_hosts. You’ll need to copy the contents of the file

/etc/ssh/ssh_host_dsa_key.pub from ip-fe to this file (as a single line),

and then edit that line to insert

ip-fe ssh-dss at the beginning of the line. This

is very similar to the standard

known_hosts file for ssh. An example line might

look like this (displayed as multiple lines, but a single line in the file):

ip-fe ssh-dss

AAzAB3NzaC1kc3MAAACBAPoyES6+Akk+z3RfCkEHCkmYuYzqL2+1nwo4LeTVWp

CD1QsvrYRmpsfwpzYLXiSJdZSA8hfePWmMfrkvAAk4ueN8L3ZT4QfCTwqvHVvS

ctpibf8n

aUmzloovBndOX9TIHyP/Ljfzzep4wL17+5hr1AHXldzrmgeEKp6ect1wxAAAAF

QDR56dAKFA4WgAiRmUJailtLFp8swAAAIBB1yrhF5P0jO+vpSnZrvrHa0Ok+Y9

apeJp3sessee30NlqKbJqWj5DOoRejr2VfTxZROf8LKuOY8tD6I59I0vlcQ812

E5iw1GCZfNefBmWbegWVKFwGlNbqBnZK7kDRLSOKQtuhYbGPcrVlSjuVpsfWEj

u64FTqKEetA8l8QEgAAAIBNtPDDwdmXRvDyc0gvAm6lPOIsRLmgmdgKXTGOZUZ

previous next