keep ssh forwarding on, while I logout

[adk...@nyu.edu]

Hi All, 

Here is the scenario I am trying to work  out. 

I want to run a bash script with nohup / screen utility from one node (say node1 ) which keeps running for the amount of time my experiment runs. 

The scripts in turn ssh's into 3 different nodes (say node2, node3, node4) and execute some set of commands on each node. 

When I ssh from my local machine to node1 (Note : with ForwardAgent enabled) and I run my script on node1 which executes command on node2, node3, node4 all is well. 

As soon as my internet connection goes out or I explicitly logout from node1, the script that is running on node1 finds it difficult to ssh into the other 3 nodes and I get permission denied public key error. My execution stops there and nothing goes forward. As I understand this happens because the private key that was authenticating the connection is present on my local machine. There is no way for the ssh service to get this key and and login to the other nodes. 

What should do in this situation ? 

I tried appending my public key to authorized_keys on all nodes. However this didn't quite work. 

Is there someway that I can solve this issue ? Please help.

Thanks in Advance. 

[Nicholas Bastin]

On Sun, Mar 13, 2016 at 12:19 AM, <adk...@nyu.edu> wrote:

As soon as my internet connection goes out or I explicitly logout from node1, the script that is running on node1 finds it difficult to ssh into the other 3 nodes and I get permission denied public key error. My execution stops there and nothing goes forward. As I understand this happens because the private key that was authenticating the connection is present on my local machine. There is no way for the ssh service to get this key and and login to the other nodes. 

What should do in this situation ? 

This isn't particularly a GENI-specific problem, but I'll give you a few pointers at least.  It seems like your key agent on your local host is providing the keys that your remote (GENI) hosts need to talk to each other.

 

I tried appending my public key to authorized_keys on all nodes. However this didn't quite work. 

It's already there, so that's not going to help you.  You need to move your *private* key to your experiment nodes so that they can talk to other experiment nodes without your local host being connected.  Preferably you would actually make a *new* private key and append the public key for that new key on each node, although this has other complications if your experiment lasts a long time (sometimes that file will get overwritten).

 

Is there someway that I can solve this issue ? Please help.

Ultimately if you want a host within your GENI topology to be able to make automated SSH connections to other hosts in your GENI topology, you will need a trusted private key *inside* your GENI topology that your nodes can use to communicate with each other.

--

Nick

[adk...@nyu.edu]

Hi Nick, 

Thank you so much. 

I created a new key pair on node1 and then added the public key to the authorized keys on 3 nodes.