The recommended method
is to use the SAS High-Performance Computing Management Console to
generate SSH keys (as described in the preceding topic).
If you must generate
SSH keys manually (for example, for existing user IDs), use the following
steps:
-
Generate a private/public
key pair on a Linux system. Enter the following command to generate
the keys and avoid using a passphrase:
ssh-keygen -t rsa -P ""
-
After the keys are generated,
if passwordless SSH is required, then add the public key to the list
of authorized keys by entering this command on the command line:
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
-
Check permissions on
the .ssh
directory and the files in
your .ssh
directory. The directory
must be readable and writable by you only. The id_rsa file must be
readable by you only. To verify access, enter the following command,
and check the results:
ls -asl ~/.ssh
4 drwx------ 2 datamgr datamgr 4096 Jan 23 10:27 . a
4 drwx------ 4 datamgr datamgr 4096 Jan 12 19:09 ..
4 -rw-r--r-- 1 datamgr datamgr 397 Jan 23 10:27 authorized_keys
4 -rw------- 1 datamgr datamgr 1675 Jan 23 10:00 id_rsa b
4 -rw-r--r-- 1 datamgr datamgr 397 Jan 13 10:00 id_rsa.pub
4 -rw-r--r-- 1 datamgr datamgr 1705 Jan 23 10:27 known_hosts
a |
The
directory permissions for the .ssh directory
indicate that access is denied for all users other than the directory
owner.
|
b |
The
id_rsa file is the private key. Read access and Write access are available
to the file owner only.
|
Note: If the machines in the cluster
are not configured to access the home directories for the users, create
local home directories for the users. Copy the .ssh
directory
for each user to his or her local home directory. Make sure that the
permissions are preserved.