Configuring SSH

FIREWHEEL needs the ability to SSH throughout a compute cluster without having to input passwords. Specifically, this is a requirement of the FIREWHEEL CLI because it needs to be able to run commands on compute machines. This is done via SSH keys at the user level. For this document, we assume that there is a user fw on all machines within the cluster.

Create an SSH Key

The first things that the fw user needs is an SSH key. This can be accomplished with the ssh-keygen command. Be sure to not set a password for this key to enable password-less SSH.

ssh-keygen
Generating public/private rsa key pair.
...

The location and name of the key is configurable based off the answers to the prompts.

Reference

• https://www.ssh.com/academy/ssh/keygen#creating-an-ssh-key-pair-for-user-authentication

Configuring Password-less SSH

As mentioned above, the fw user needs to be able to SSH throughout the cluster without a password. The ssh-copy-id command will add this public key across the cluster to enable password-less SSH.

ssh-copy-id -i <public key> compute1
...

The command above configures password-less SSH to the compute1 node. This command needs to be run for all machines within this FIREWHEEL instance.

Note

If using the Control Node as a Compute Nodes, be sure to also allow the authorized key on localhost and/or the systems hostname.

Reference

• https://www.ssh.com/academy/ssh/keygen#copying-the-public-key-to-the-server

SSH Environment Variables

When the CLI executes a remote command, it uses a non-interactive shell. These shells behave differently than interactive shells. While the details of these differences are beyond the scope of this document, they notably do not use the ~/.bashrc file. If you require additional environment variables, the recommended setup is to use ~/.ssh/environment (not enabled in sshd by default).