Configuring Password-less SSH
To configure password-less SSH, perform the following steps:
For the Ambari server to automatically install Ambari agents on all your cluster hosts, you must set up password-less SSH connections between the Ambari server host and all other hosts in the cluster. The Ambari server host uses SSH public key authentication to remotely access and install the Ambari agents.
You can choose to manually install an Ambari agent on each cluster host and register them with the target Ambari server. In this case, you do not need to generate and distribute SSH keys.
- Generate public and private SSH keys on the Ambari server host.
ssh-keygen- Copy the SSH Public Key (id_rsa.pub) to the root account on your target hosts.
.ssh/id_rsa.ssh/id_rsa.pub- Add the SSH Public Key to the
authorized_keysfile on your target hosts.
cat id_rsa.pub >> authorized_keys- Based on your SSH version, you may need to set permissions on the .ssh directory (to 700) and the
authorized_keysfile in that directory (to 600) on the target hosts.
chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys- From the Ambari Server, make sure you can connect to each host in the cluster using SSH, without having to enter a password where
<remote.target.host>has the value of each hostname in your cluster.
ssh root@<remote.target.host>- If the following warning message displays during your first connection, enter Yes.
Are you sure you want to continue connecting (yes/no)? Enter **Yes**- Retain a copy of the SSH Private Key on the machine from which you will run the web-based Ambari Install Wizard.
It is possible to use a non-root SSH account, if that account can execute sudo without entering a password.
Was this page helpful?