User guide

3–InfiniBand

Cluster Setup and Administration

Host Environment Setup for MPI

IB0054606-02 A 3-43

At this point, any end user should be able to login to the ip-fe front end system

and use

ssh to login to any IB node without being prompted for a password or

pass phrase.

Configuring for ssh Using ssh-agent

The ssh-agent, a daemon that caches decrypted private keys, can be used to

store the keys. Use

ssh-add to add your private keys to ssh-agent’s cache.

When

ssh establishes a new connection, it communicates with ssh-agent to

acquire these keys, rather than prompting you for a passphrase.

The process is described in the following steps:

1. Create a key pair. Use the default file name, and be sure to enter a

passphrase.

$ ssh-keygen -t rsa

2. Enter a passphrase for your key pair when prompted. Note that the key

agent does not survive X11 logout or system reboot:

$ ssh-add

3. The following command tells ssh that your key pair should let you in:

$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys

Edit the ~/.ssh/config file so that it reads like this:

Host*

ForwardAgent yes

ForwardX11 yes

CheckHostIP no

StrictHostKeyChecking no

This file forwards the key agent requests back to your desktop. When you

log into a front end node, you can use

ssh to compute nodes without

passwords.

4. Follow your administrator’s cluster policy for setting up

ssh-agent on the

machine where you will be running

ssh commands. Alternatively, you can

start the

ssh-agent by adding the following line to your ~/.bash_profile

(or equivalent in another shell):

eval ‘ssh-agent‘

Use back quotes rather than single quotes. Programs started in your login

shell can then locate the

ssh-agent and query it for keys.