Setting up password-less ssh across all nodes in a cluster

Pre-requisites

1. User account for which passwordless ssh will be setup, should be present on all nodes
2. Password of the account should be same across all nodes
3. pdsh and ssh-copy-id commands should be available
4. Prepare 2 files
   1. file_of_hosts.txt – containing all hostnames of cluster in one single file
   2. remote-keyless.sh – script file that will setup passwordless ssh from one node to rest nodes

 

Usage

The setup section will use the remote-keyless.sh file and pdsh command to setup password less ssh between x node to y node, where x and y node can be any node of the cluster :-p

Setup

Rev. 2 (2016-09-30)

hostsfile=.robin/stage-hosts-all
pass_word=<mysecretpassword>

# if you want to start fresh 
# pdsh rm -rf ~/.ssh

ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N ''
.robin/softwares/bin/remote-keyless.sh $hostsfile $pass_word
rm profile_robin.tar.gz
tar czvf profile_robin.tar.gz .robin/
for host in `cat $hostsfile`; do if [ "$host" == "`hostname -f`" ] ; then continue; fi; echo "#### $host: ####"; scp profile_robin.tar.gz `echo $host:`; done
pdsh -x `hostname -f` tar xf profile_robin.tar.gz
pdsh -x `hostname -f` rm profile_robin.tar.gz
pdsh -x `hostname -f` "ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N ''"
pdsh -x `hostname -f` "hostsfile=$hostsfile; ~/.robin/softwares/bin/remote-keyless.sh $hostsfile $pass_word"
pdsh -x `hostname -f` "echo '. ~/.robin/bash_robin' >> ~/.bash_profile"

 

Rev. 1 (2016-09-29)

$ ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N ""
$ .robin/softwares/bin/remote-keyless.sh .robin/stage-hosts-all

$ tar czvf profile_robin.tar.gz .robin/
$ for host in `cat ~/.robin/stage-hosts-all`; do if [ "$host" == "`hostname -f`" ] ; then continue; fi; echo "#### $host: ####"; scp profile_robin.tar.gz `echo $host:`; done

$ pdsh -x `hostname -f`
pdsh> tar xf profile_robin.tar.gz
pdsh> rm profile_robin.tar.gz
pdsh> ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N ""
pdsh> .robin/softwares/bin/remote-keyless.sh .robin/stage-hosts-all <password>

 

Extra scripts

• Reset / Key removal

  $ pdsh
  pdsh> rm -rf ~/.ssh
  

• Checking with error after deleting .ssh

  $ pdsh ls 2>&1 | awk '/255/{print $2}' | sort | uniq