Overview:

Cluster Topology
Toggle navigation of Cluster Topology
Acronyms and Abbreviations
Toggle navigation of Acronyms and Abbreviations
Assumptions and Warnings
License
Toggle navigation of License

VMM

Virtual Machine Manager
Toggle navigation of Virtual Machine Manager
Virtual Machine Manager OS Installation Guide
Toggle navigation of Virtual Machine Manager OS Installation Guide
Virtual Machine Manager Deployment Guide
Toggle navigation of Virtual Machine Manager Deployment Guide

NFS

Network File System
Toggle navigation of Network File System
NFS Server OS Installation Guide
Toggle navigation of NFS Server OS Installation Guide
NFS Server Deployment Guide
Toggle navigation of NFS Server Deployment Guide
NFS Client Deployment Guide
Toggle navigation of NFS Client Deployment Guide

IdM

Identity Management
Toggle navigation of Identity Management
IdM Server OS Installation Guide
Toggle navigation of IdM Server OS Installation Guide
IdM Server Deployment Guide
Toggle navigation of IdM Server Deployment Guide
IdM Client Deployment Guide
Toggle navigation of IdM Client Deployment Guide
Passwordless SSH Deployment Guide
Toggle navigation of Passwordless SSH Deployment Guide
IdM Server Usage Guide
Toggle navigation of IdM Server Usage Guide

GitLab

GitLab
Toggle navigation of GitLab
GitLab OS Installation Guide
Toggle navigation of GitLab OS Installation Guide
GitLab Deployment Guide
Toggle navigation of GitLab Deployment Guide
GitLab Configuration Guide
Toggle navigation of GitLab Configuration Guide

Slurm

Slurm Workload Manager
Toggle navigation of Slurm Workload Manager
Slurm Controller OS Installation Guide
Toggle navigation of Slurm Controller OS Installation Guide
Slurm Controller Deployment Guide
Toggle navigation of Slurm Controller Deployment Guide
Slurm Compute Node Deployment Guide
Toggle navigation of Slurm Compute Node Deployment Guide
Slurm Controller Usage Guide
Toggle navigation of Slurm Controller Usage Guide
Slurm Compute Node Usage Guide
Toggle navigation of Slurm Compute Node Usage Guide

Graylog

Graylog
Toggle navigation of Graylog
Graylog OS Installation Guide
Toggle navigation of Graylog OS Installation Guide
Graylog Deployment Guide
Toggle navigation of Graylog Deployment Guide
RSyslog Deployment Guide
Toggle navigation of RSyslog Deployment Guide

Ansible

Ansible
Toggle navigation of Ansible
Ansible Control Node OS Installation Guide
Toggle navigation of Ansible Control Node OS Installation Guide
Ansible Control Node Deployment Guide
Toggle navigation of Ansible Control Node Deployment Guide
Ansible Control Node Usage Guide
Toggle navigation of Ansible Control Node Usage Guide

InfluxDB

InfluxDB
Toggle navigation of InfluxDB
InfluxDB OS Installation Guide
Toggle navigation of InfluxDB OS Installation Guide
InfluxDB Deployment Guide
Toggle navigation of InfluxDB Deployment Guide
Telegraf Deployment Guide
Toggle navigation of Telegraf Deployment Guide
InfluxDB Usage Guide
Toggle navigation of InfluxDB Usage Guide

Grafana

Grafana
Toggle navigation of Grafana
Grafana OS Installation Guide
Toggle navigation of Grafana OS Installation Guide
Grafana Deployment Guide
Toggle navigation of Grafana Deployment Guide
Grafana Usage Guide
Toggle navigation of Grafana Usage Guide

Docker

Docker
Toggle navigation of Docker
Docker OS Installation Guide
Toggle navigation of Docker OS Installation Guide
Docker Deployment Guide
Toggle navigation of Docker Deployment Guide

Mirror

Repository Mirror
Toggle navigation of Repository Mirror
Repository Mirror Server OS Installation Guide
Toggle navigation of Repository Mirror Server OS Installation Guide
Repository Mirror Server Deployment Guide
Toggle navigation of Repository Mirror Server Deployment Guide
Repository Mirror Client Deployment Guide
Toggle navigation of Repository Mirror Client Deployment Guide

User/Compute Nodes

User/Compute Nodes
Toggle navigation of User/Compute Nodes
User/Compute Node OS Installation Guide
Toggle navigation of User/Compute Node OS Installation Guide
User/Compute Node Deployment Guide
Toggle navigation of User/Compute Node Deployment Guide
Tool Deployment Guide
Toggle navigation of Tool Deployment Guide
Environment Modules Deployment Guide
Toggle navigation of Environment Modules Deployment Guide
Modulefile Deployment Example Guide
Toggle navigation of Modulefile Deployment Example Guide
xrdp Deployment Guide
Toggle navigation of xrdp Deployment Guide

Passwordless SSH Deployment Guide#

The following instructions are for configuring a user account to use passwordless SSH when IdM is used. The instructions can be performed on any user accessible system (User or Compute) after the user account and home directory have been created.

This guide can be incorporated into new user accounts process and only needs to be executed once by the user.

Prerequisites#

This guide is written for a Red Hat Enterprise Linux 8 based operating system which is operating within a cluster of systems and the following are the prerequisites:

References#

Information on Passwordless SSH when using IdM/FreeIPA account management:
https://freeipa.readthedocs.io/en/latest/workshop/10-ssh-key-management.html

A portion of these instructions are based on the following documentation:
https://kifarunix.com/add-freeipa-user-accounts-via-cli-or-web-interface/

Deployment Scripts#

An example bash script of the instructions has been provided: deploy-passwordless-ssh.sh

Deployment Steps#

Important

Instructions are to be executed by the user from their NFS mounted home directory.

Important

“PubkeyAuthentication” must be enabled in /etc/ssh/sshd_config for passwordless SSH to operate. Deploying the IdM Client will enable this feature.

Important

Passwordless SSH can only be configured after the user logs in for the first time and changes their password.

Important

In order for the Slurm job scheduler to work correctly, passwordless ssh must use empty passphrases.

Generate public/private RSA key pair:

ssh-keygen -t rsa -b 4096 -N "" -f ~/.ssh/id_rsa

Copy Public key to Authorized Keys:

cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys

Disable Strict Host Key Checking:

cat >> ~/.ssh/config <<EOL
StrictHostKeyChecking no
EOL

Ensure proper permissions on files:

chmod 644 ~/.ssh/authorized_keys
chmod 644 ~/.ssh/config
chmod 600 ~/.ssh/id_rsa
chmod 644 ~/.ssh/id_rsa.pub
touch     ~/.ssh/known_hosts
chmod 644 ~/.ssh/known_hosts
chmod 700 ~/.ssh

Upload Public Key to IdM / FreeIPA

ipa user-mod ${USER} --sshpubkey="$(cat ~/.ssh/id_rsa.pub)"