Skip to first unread message
Gandhimathi Velusamy
May 29, 2014, 1:50:40 AM5/29/14
to geni-...@googlegroups.com
Hi,
I want to ssh to another node from a node with out giving password. I need to run some script from remote without giving password by ssh into it. When I was working on Hadoop on GENI, I have created a different user and I could ssh with that user on a remote node without password by generating key pair and copying the public key into remote node. But now I don't want to create a separate user, I would like to use my geni username on the node and want to ssh from other node to execute the script. Could you please help me how to do that.
I tried as below:
1. ssh-keygen -t rsa -P "" (generated rsa key pair with empty password)
2.cat $HOME/.ssh/id_rsa.pub >> $HOME/.ssh/authorized_keys ( public key is added into authorized key to allow ssh into the local host)
3.ssh-copy-id -i $HOME/.ssh/id_rsa.pub gvelus01@linc1 ( To copy the public key to the remote node in this case linc1)
I was able to do till the second step and couldn't do the 3rd step.
When I tried to copy the public key to the remote node it is asking password for the user on the node, if I give the pass phrase of mine, it is giving me error as permission denied. try again.
My doubt id is it possible to ssh from other node to a node without giving password for the geni username on that node as explained above.
Thanks.
Gandhimathi Velusamy
Graduate Research Assistant
College of Technology
University of Houston
Sarah Edwards
May 29, 2014, 9:49:46 AM5/29/14
to geni-...@googlegroups.com, Sarah Edwards
Hi,
The simplest way to solve this problem is to use an ssh agent and enable agent forwarding using the -A option to ssh.
Here's the rough idea assuming your local machine is some sort of *nix:
# use an ssh agent to offer your private key to ssh connections
local> ssh-add /path/to/my/privatekey
# login into your first node in the usual way, but provide the -A option in addition to what you usually do (eg provide username, hostname and port information in the usual way)
local> ssh -A firstnode.example.com
# now login to a second node from the first node. The -A option given to the first node will allow you to log into the second node.
firstnode> ssh secondnode.example.com
secondnode>... your command here...
Let me know if that doesn't work.
Cheers,
Sarah
PS In order to manually append your public key to your authorized_keys file, you could should just be able to scp id_rsa.pub from your local machine to linc1, then ssh to linc1 from your local machine, and finally repeat step 2 on linc1.
--
GENI Users is a community supported mailing list, so please help by responding to questions you know the answer to.
If this is your first time posting a question to this list, please review http://groups.geni.net/geni/wiki/GENIExperimenter/CommunityMailingList
---
You received this message because you are subscribed to the Google Groups "GENI Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to geni-users+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
*******************************************************************************
Sarah Edwards
GENI Project Office
BBN Technologies
Cambridge, MA
phone: (617) 873-2329
email: sedw...@bbn.com
Gandhimathi Velusamy
May 29, 2014, 1:02:22 PM5/29/14
to geni-...@googlegroups.com
Hi Sara,
Yes. I am able to do as you told first by adding ssh-add the path of id_geni_ssh_rsa from a VM on my laptop and first login with h1 and then from h1 to linc1. It worked with the host names like pc4.geni.kettering.edu.
Thank you very much. But how could I do the same from putty. I feel comfortable using putty to connect with several nodes simultaneously from windows OS as I need to run several application on several nodes.
Thanks
Gandhimathi
Niky Riga
May 29, 2014, 1:57:52 PM5/29/14
to geni-...@googlegroups.com
Hi Gandhimathi,
The capability that Sarah described is called ssh agent forwarding. A quick google
search for putty and this capability turned up this page:
http://www.howtogeek.com/125364/how-to-ssh-hop-with-key-forwarding-from-windows/
Look at the session: Enable SSH Agent forwarding (PuTTY/mRemote)
I hope this is helpful,
Niky
The capability that Sarah described is called ssh agent forwarding. A quick google
search for putty and this capability turned up this page:
http://www.howtogeek.com/125364/how-to-ssh-hop-with-key-forwarding-from-windows/
Look at the session: Enable SSH Agent forwarding (PuTTY/mRemote)
I hope this is helpful,
Niky
Hi Sara,Yes. I am able to do as you told first by adding ssh-add the path of id_geni_ssh_rsa from a VM on my laptop and first login with h1 and then from h1 to linc1. It worked with the host names like pc4.geni.kettering.edu.Thank you very much. But how could I do the same from putty. I feel comfortable using putty to connect with several nodes simultaneously from windows OS as I need to run several application on several nodes.ThanksGandhimathi
On Thursday, May 29, 2014 12:50:40 AM UTC-5, Gandhimathi Velusamy wrote:
--
GENI Users is a community supported mailing list, so please help by responding to questions you know the answer to.
If this is your first time posting a question to this list, please review http://groups.geni.net/geni/wiki/GENIExperimenter/CommunityMailingList
---
You received this message because you are subscribed to the Google Groups "GENI Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to geni-users+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Hi,I want to ssh to another node from a node with out giving password. I need to run some script from remote without giving password by ssh into it. When I was working on Hadoop on GENI, I have created a different user and I could ssh with that user on a remote node without password by generating key pair and copying the public key into remote node. But now I don't want to create a separate user, I would like to use my geni username on the node and want to ssh from other node to execute the script. Could you please help me how to do that.I tried as below:1. ssh-keygen -t rsa -P "" (generated rsa key pair with empty password)
2.cat $HOME/.ssh/id_rsa.pub >> $HOME/.ssh/authorized_keys ( public key is added into authorized key to allow ssh into the local host)3.ssh-copy-id -i $HOME/.ssh/id_rsa.pub gvelus01@linc1 ( To copy the public key to the remote node in this case linc1)I was able to do till the second step and couldn't do the 3rd step.When I tried to copy the public key to the remote node it is asking password for the user on the node, if I give the pass phrase of mine, it is giving me error as permission denied. try again.My doubt id is it possible to ssh from other node to a node without giving password for the geni username on that node as explained above.
Thanks.
Gandhimathi Velusamy
Graduate Research AssistantCollege of TechnologyUniversity of Houston
Gandhimathi Velusamy
May 29, 2014, 3:28:15 PM5/29/14
to geni-...@googlegroups.com
Hi Niky,
Yes. With in putty I checked the option of allow agent forwarding and now I am able to ssh linc1 from h1.
Thank you so much!
Thanks
Gandhimathi
Reply all
Reply to author
Forward
0 new messages