If you need to set up a passwordless SSH between multiple hosts, you can try the following script to do it automatically for you rather than manually copying the keys from one hosts to another.
The script needs an input file ip.txt that has server information for all hosts. The format of this file is:
ip.txt
Node_# IP_Address GW_Address FQDN For example: 01 192.168.142.101 192.168.142.2 pnode01.purescale.ibm.local 02 192.168.142.102 192.168.142.2 pnode02.purescale.ibm.local 03 192.168.142.103 192.168.142.2 pnode03.purescale.ibm.local 04 192.168.142.104 192.168.142.2 pnode04.purescale.ibm.local
Create this ip.txt in your home directory. For root, it can be /root and for the user, it must be in the user’s home directory.
The script genSSH is as follows or download from here.
#Author : Vikram Khatri vikram.khatri@us.ibm.com # # Purpose: Generate SSH keys # set +x runrcmd() { expect -c " set timeout 20 spawn $1 expect \"*assword:*\" { send \"$USERPW\r\" } expect \"(.*)\r\" " >> $LOGFILE } if [ $# -lt 4 ] ; then echo "Usage: $0 USER_NAME USER_PASSWORD USER_GROUP USER_HOME" echo "Usage: $0 root rootpassword root /root" echo "Usage: $0 db2psc userpassword db2iadm /home/db2psc" echo "Usage: $0 db2uat1 userpassword db2iuat1 /u01/home/db2uat1" exit 1 fi USERNM=$1 USERPW=$2 USERGP=$3 USERHM=$4 SCHOME=/tmp IPFILE=$HOME/ip.txt KNOWN_HOSTS=$SCHOME/known_hosts LOGFILE=$SCHOME/genSSH${USERNM}.log SSH="/usr/bin/ssh -q -o StrictHostKeyChecking=no" SCP="/usr/bin/scp -q -o StrictHostKeyChecking=no" > $LOGFILE > $KNOWN_HOSTS ############### Build server list from ip.txt ##### i=0 while read a b c d do SHORTNM=${d%%.*} servers[$i]=$SHORTNM i=`expr $i + 1` echo Generate hosts keys for $SHORTNM ssh-keyscan $SHORTNM >> $KNOWN_HOSTS ssh-keyscan $d >> $KNOWN_HOSTS ssh-keyscan $b >> $KNOWN_HOSTS ssh-keyscan $b,$SHORTNM,$d >> $KNOWN_HOSTS done < $IPFILE echo "server list " ${servers[@]} ######################################################## for ((i = 0; i < ${#servers[@]}; ++i)) do server=${servers[$i]}; echo Deleting ${USERHM}/.ssh on $server runrcmd "${SSH} $server \"rm -fr ${USERHM}/.ssh\"" echo Generating private/public keys for ${USERHM}/.ssh on $server runrcmd "${SSH} $server \"ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa\"" echo Sending known_hosts to the ${USERHM}/.ssh on $server runrcmd "${SCP} $SCHOME/known_hosts ${USERNM}@$server:${USERHM}/.ssh/known_hosts" echo Setting chmod 600 to ${USERHM}/.ssh/known_hosts on $server runrcmd "${SSH} $server \"chmod 600 ${USERHM}/.ssh/known_hosts\"" echo Getting id_rsa.pub from ${USERHM}/.ssh on $server runrcmd "${SCP} ${USERNM}@$server:${USERHM}/.ssh/id_rsa.pub $SCHOME/${USERNM}.id_rsa.pub.$server" done > $SCHOME/authorized_keys.${USERNM} for server in ${servers[@]}; do echo Combining id_rsa.pub from $server into authorized_keys cat $SCHOME/${USERNM}.id_rsa.pub.$server >> $SCHOME/authorized_keys.${USERNM} cat $SCHOME/${USERNM}.id_rsa.pub.$server >> $SCHOME/authorized_keys.${USERNM} echo Remove $SCHOME/${USERNM}.id_rsa.pub.$server rm -f $SCHOME/${USERNM}.id_rsa.pub.$server done echo Copying authorized_keys for server in ${servers[@]}; do echo Copying authorized_keys of ${USERNM} to the $server runrcmd "${SCP} $SCHOME/authorized_keys.${USERNM} ${USERNM}@$server:${USERHM}/.ssh/authorized_keys" echo Setting chmod 600 to ${USERHM}/.ssh/authorized_keys on $server runrcmd "${SSH} $server \"chmod 600 ${USERHM}/.ssh/authorized_keys\"" echo Remove $SCHOME/authorized_keys.${USERNM} runrcmd "${SSH} $server \"rm -f $SCHOME/authorized_keys.${USERNM}\"" done
Example: To set up passwordless SSH for root, run
# ./genSSH root password root /root
The password in above is the root password and it must be same on all hosts that you are defining in /tmp/ip.txt
To setup passwordless for a user db2psc, login as db2psc and run
$ ./genSSH db2psc password db2iadm /home/db2psc
The password in above is the user password and it must be same on all hosts that you are defining in /tmp/ip.txt