Cluster Grid

Font Size



Menu Style


SSH keys and passwordless authentication between worker nodes

Hmm, this might be handy: how to get a paswordless authentication between worker nodes.

Why? Say you want to copy files from an MPI head-node on the other nodes, or you have a server (example debugging) that needs to connect to all MPI nodes without using a password. (and you do not have the right to configure your queue)


The commands are pretty basic: ssh-keygen. If you really wish, you can restrict its use only in this cluster by using from="172.16.*.*" at the beginning of the line like this:


[heri@fep-53-2 ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/export/home/heri/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /export/home/heri/.ssh/id_rsa.
Your public key has been saved in /export/home/heri/.ssh/
The key fingerprint is:
This email address is being protected from spambots. You need JavaScript enabled to view it.
[heri@fep-53-2 ~]$ echo -ne "from=\"172.16.*.*\" " >> ~/.ssh/authorized_keys2
[heri@fep-53-2 ~]$ cat ~/.ssh/ >> ~/.ssh/authorized_keys2
[heri@fep-53-2 ~]$ chmod 600 ~/.ssh/authorized_keys2


So ... let's try it out. Remember, it will be the first authentication, so you do not have a known_hosts entry.


ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ~/.ssh/id_rsa MY_HOST


Does the trick. You may get your list of nodes from the $PE_HOSTFILE variable.


 [heri@fep-53-2 ~]$ qsub -q ibm-quad.q -pe openmpi*1 2 -S /bin/bash
echo "File that contains all nodes and slots: [$PE_HOSTFILE]"

export MYNODES=`cat $PE_HOSTFILE | cut -f 1 -d ' '`
for x in $MYNODES;
   ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ~/.ssh/id_rsa $x "echo Hi my name is `hostname`!"
Your job 94760 ("STDIN") has been submitted
[heri@quad-wn07 ~]$ cat STDIN.*94760
Warning: Permanently added ',' (RSA) to the list of known hosts.
Warning: Permanently added ',' (RSA) to the list of known hosts.
File that contains all nodes and slots: [/opt/n1sge6/sge-6.2u3/NCitCluster/spool/quad-wn26/active_jobs/94760.1/pe_hostfile]
Hi my name is!
Hi my name is!