Molecular Modeling and Drug Design
  • About us
  • Research
  • Publications
  • Members
  • Webservers
  • Calendar
  • Blog
  • Benchmarks
  • ALLODD
  • Image Gallery
  • Publicity
  • Talks

How to setup passwordless ssh access between nodes in a cluster

5/8/2013

3 Comments

 
To run the Schrodinger Suite on the cluster as well as many other programs, you require passwordless ssh.

To use passwordless ssh, the hosts to which you want to connect must be configured to satisfy the following requirements:

• Ansshd server must be running.
• RSA public key authentication must be enabled and empty passphrases must be allowed
in the sshd configuration.
Note: Public key authentication is enabled in OpenSSH by default.

The following steps allow you to use ssh between computers that share your login directory
without specifying a password.

1. Generate a public/private RSA key pair on a host of your choice, whose home directory is
shared with the remote hosts that you want to run jobs on:
cd ~/.ssh
ssh-keygen -t rsa
Note: When asked for a passphrase do not enter one; just press ENTER. If you specify a
passphrase it defeats the purpose of configuring passwordless ssh.
2. Add your public key to the list of keys allowed to log in to your account:
cat id_rsa.pub >> authorized_keys
cat id_rsa.pub >> authorized_keys2
The two separate files are necessary to support both OpenSSH 1.5 and OpenSSH 2.0 protocols.
Some versions use just one or the other of these files.
3. Suppress the confirmation dialog you ordinarily get when you connect to a machine for
the first time:
echo "StrictHostKeyChecking no" >> config
This is necessary if you want to use ssh non-interactively and you cannot get RSA signatures
for every host to which you want to allow connections in your known_hosts file
ahead of time.
4. Remove your known_hosts file:
rm known_hosts*
This is necessary so that the new RSA key-pair mechanism is used for every host. Otherwise,
hosts to which you previously connected using passwords might not use the new
system automatically.
5. Make sure your home directory cannot be written by anyone but you:
chmod go-w ~
This is required before ssh will allow passwordless access to your account.
For each home directory that is not shared with that of the chosen host:
1. Copy the public and private keys to that home directory:
scp ~/.ssh/id_rsa* other-host/~/.ssh/
2. Connect to the host on which that home directory is mounted and change to the .ssh
directory:
cd ~/.ssh
3. Repeat Step 2 through Step 5 above.
4. Ensure that id_rsa (the private key) is readable and writeable only by the user:
chmod go-rwx ~/.ssh/id_rsa

Taken from the Job Control Guide of the Schrodinger Suite

Zoe

3 Comments
walid link
2/6/2016 07:31:27 am

I am worried about the step

"For each home directory that is not shared with that of the chosen host:
1. Copy the public and private keys to that home directory:
scp ~/.ssh/id_rsa* other-host/~/.ssh/"

does not that mean you have less control over your private key, i wonder if using Ansible and ssh-jump host is a better way, or what do you think?

Reply
Trevor
7/19/2019 06:17:33 am

very helpful, thank you sir

Reply
Simon link
10/22/2023 05:18:18 pm

Thanks ffor sharing this

Reply



Leave a Reply.

    Alexis, Michalis, Danai, Panos, Sotiris, Nastazia, Vassilis, Zoe

    lab group members!

    Enter your email address:

    Delivered by FeedBurner

    Click to set custom HTML

    Archives

    February 2025
    October 2024
    April 2024
    October 2022
    December 2021
    August 2021
    July 2021
    December 2020
    November 2020
    September 2020
    August 2020
    April 2019
    September 2018
    March 2018
    January 2018
    August 2017
    February 2017
    November 2016
    July 2016
    June 2016
    January 2016
    October 2015
    May 2015
    April 2015
    January 2015
    October 2014
    September 2014
    August 2014
    June 2014
    May 2014
    April 2014
    March 2014
    February 2014
    January 2014
    December 2013
    November 2013
    October 2013
    September 2013
    August 2013
    July 2013
    June 2013
    May 2013
    April 2013
    March 2013
    February 2013
    January 2013
    December 2012
    November 2012
    October 2012
    September 2012
    August 2012
    July 2012
    May 2012
    April 2012
    March 2012
    January 2012
    October 2011

    Categories

    All
    64 Bit
    64-bit
    Academia
    Acrobat Reader
    Acroread
    Binding Sites
    Bioinformatics
    Blogging
    Career
    Chembl
    Chemdraw
    Chemistry
    Cloud Computing
    Cluster
    Compounds
    Computational Biology
    Conferences
    Courses
    Crystal Structures
    Databases
    Desktop
    Desmond
    Docking
    Drug Design
    Drug Discovery
    Education
    Email
    Excel
    Fellowships
    Ffmpeg
    Figures
    File Conversions
    Firefox
    Force Field Parameterization
    Fp7
    Free Storage Space
    Glide
    Gpu
    Grant Writing
    Gromacs
    Hpc
    Industry
    Intermolecular Interactions
    Ip Address
    Iphone
    Iso Image
    Jobs
    Library
    Linux
    Lipids
    Literature
    Maestro
    Management
    MAPS
    Materials
    Matlab
    Md Simulations
    Membrane
    Mobile Apps
    Modeling
    Namd
    Network
    Nobel Prize
    Normal Mode Analysis
    Nvidia
    Nwchem
    Off-target Effects
    Pdb
    Pdf
    Peptides
    Photoshop
    Pictures
    Plots
    Postdocs
    Presentations
    Printing
    Problem After Updates
    Programming
    Protein Preparation
    Protein-protein Interactions
    Protocols
    Publishing
    Python
    References
    Review
    Rosetta
    Scheduling
    Schrodinger
    Scripting
    Sitemap
    Solubility
    Ssh
    Teaching
    Trajectory Analysis
    Ubuntu
    Van Der Waals
    Video
    Virtualbox
    Virtual Machine
    Virtual Screening
    Visualization
    Vmd
    Voice Over Ip
    Webinars
    Website
    Writing
    Xmgrace

    RSS Feed

Powered by Create your own unique website with customizable templates.