Difference between revisions of "SSH"
(→Automatically saying "yes") |
m (→Better than automatically saying "yes") |
||
Line 34: | Line 34: | ||
== Better than automatically saying "yes" == | == Better than automatically saying "yes" == | ||
− | Remark: It turns out there is a more ellegant way to do this task: using a tool called ''ssh- | + | Remark: It turns out there is a more ellegant way to do this task: using a tool called ''ssh-keyscan''. |
== Making a cascade of SSH connections easy == | == Making a cascade of SSH connections easy == |
Revision as of 16:46, 27 January 2011
Contents
Passwordless SSH
To set up passwordless SSH, there are three main things to do:
- generate a pair of public/private keys on your local computer
- copy the public key from the source computer to the target computer's authorized_keys file
- check the permissions.
You can repeat that transitively for "A->B->C". You can use the initial pair of keys everywhere.
See here for details:
http://www.stearns.org/doc/ssh-techniques.current.html
Automatically saying "yes"
This expect script automates typing "yes" when asked by SSH if a host should be added to known_hosts
#!/usr/bin/expect -f set arg1 [lindex $argv 0] set timeout 2 spawn ssh $arg1 expect "yes/no" { send "yes\n" } send "exit\n" send "\r"
You can include it in a bash script to iterate over all nodes doing this:
for i in `uniq hostfile` ; do ./say-yes.exp $i done
Better than automatically saying "yes"
Remark: It turns out there is a more ellegant way to do this task: using a tool called ssh-keyscan.
Making a cascade of SSH connections easy
Here is a very convenient way to set up the access to any machine directly instead of doing a cascade of SSH calls. If you can not directly access e.g. the machine "heterogeneous", but you can log into "csserver" and then to "heterogeneous", you can put this into your .ssh/config file :
Host csserver User kdichev Hostname csserver.ucd.ie Host heterogeneous User kiril Hostname heterogeneous.ucd.ie ProxyCommand ssh -qax csserver nc %h %p
Since the installation of a new PBS system, you can not directly log into a hclXX node. You can do
ssh heterogeneous instead and use "qsub" HCL_cluster#Access_and_Security
X11 forwarding
ssh -X hostname
or add the following line to your .ssh/ssh_config file
ForwardX11 yes