HP Serviceguard Continentalcluster manual 319

The utility will prompt for the passwords of all the users of the storage systems that are passed as arguments.

For Example:

# /opt/cmcluster/toolkit/SG3PARRC/utils/setsshkeys mc3parusr@3par001

If prompted, enter password for mc3parusr@3par001

Password:

Success: Passwordless SSH set from the host "clusternode1" to the storage system "3par001" for the user "mc3parusr"

Success: Passwordless SSH set from the host "clusternode2" to the storage system "3par001" for the user "mc3parusr"

Success: Passwordless SSH set from the host "clusternode3" to the storage system "3par001" for the user "mc3parusr"

Success: Passwordless SSH set from the host "clusternode4" to the storage system "3par001" for the user "mc3parusr"

NOTE:

•By default, the setsshkeys utility creates a key pair using rsa format. If you want to create the key pair using dsa format, use -k dsa option with the setsshkeys utility. Serviceguard cluster must be configured before running this utility. For Continentalclusters, run this utility separately in each Serviceguard cluster.

•setsshkeys utility will setup passwordless SSH for the root user only with the key pair id_rsa/id_dsa and id_rsa.pub/id_dsa.pub. If such a key pair does not exist, setsshkeys utility will generate the key pair by itself. If SSH is configured to use any other IdentityFile, then you need to setup the passwordless SSH manually.

To configure the SSH without a password from the cluster nodes to the 3PAR storage systems manually:

1.Create a key pair using the ssh-keygenutility on the host system. Both rsa and dsa key formats are supported by the storage system and the recommended key length is 1024.

To create a key pair using rsa format: $ ssh–keygen–b 1024 –t rsa

To create a key pair using dsa format: $ ssh–keygen–b 1024 –t dsa

The ssh–keygenutility generates two files: id_rsa and id_rsa.pub (or id_dsa and id_dsa.pub). Generate the key without a passphrase.

Ensure that only the root has access and read/write permission on the private key file, otherwise the SSH client refuses the key file.

2.Log on to a 3PAR storage system from the host using the new user. $ssh mc3parusr@system1

mc3parusr@system1 password: <password>

3.Issue the setsshkey command. system1 cli% setsshkey -add

Please enter the SSH public key below. When finished, press enter twice. The key is usually long. It's better to copy it from inside an editor and paste it here. (Please make sure there are no extra blanks.) The maximum number of characters used to represent the SSH key (including the "from" option, key type, and additional comments) is 4095.

ssh–rsa AF5afPdciUTJ0PYzB6msRxFrCuDSqDwPshqWS5tGCFSoSZdE=

Configuring an application in a Metrocluster with 3PAR Remote Copy environment 319