No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FusionInsight HD 6.5.0 Administrator Guide 02

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Updating SSH Keys for User omm

Updating SSH Keys for User omm

Scenario

During cluster installation, the system automatically generates the SSH public key and private key for user omm to establish the trust relationship between nodes. After the cluster is installed, if the original keys are accidentally disclosed or new keys are used, the system administrator can perform the following operations to manually change the keys.

Prerequisites

  • The cluster has been stopped.
  • No other management operations are being performed.

Procedure

  1. Use PuTTY to log in as user omm to the node whose SSH keys need to be replaced.

    If the node is a Manager management node, run the following command on the active management node.

  2. Run the following command to disable user logout upon system timeout:

    TMOUT=0

  3. Run the following command to generate a key for the node:

    If the node is a Manager management node, run the following command:

    sh ${CONTROLLER_HOME}/sbin/update-ssh-key.sh

    If the node is a non-Manager management node, run the following command:

    sh ${NODE_AGENT_HOME}/bin/update-ssh-key.sh

    If Succeed to update ssh private key. is displayed when the preceding command is executed, the SSH key is generated successfully.

  4. Run the following command to copy the public key of the node to the active management node:

    scp ${HOME}/.ssh/id_rsa.pub oms_ip:${HOME}/.ssh/id_rsa.pub_bak

    oms_ip: indicates the IP address of the active management node.

    Enter the password of user omm to copy the files.

  5. Use PuTTY to log in to the active management node as user omm.
  6. Run the following command to disable user logout on system timeout:

    TMOUT=0

  7. Run the following command to switch thedirectory:

    cd ${HOME}/.ssh

  8. Run the following command to delete the discarded public keys from the authorized_keys file of the active management node:

    sed -i "/$(cat id_rsa.pub_bak | awk '{print $3}')$/d" authorized_keys

  9. Run the following command to add new public keys:

    cat id_rsa.pub_bak >> authorized_keys

  10. Run the following command to delete the temporary public key file:

    rm -rf id_rsa.pub_bak

  11. Copy the authorized_keys file of the active management node to the other nodes in the cluster:

    scp authorized_keys node_ip:/${HOME}/.ssh/authorized_keys

    node_ip: indicates the IP address of another node in the cluster. Multiple IP addresses are not supported.

  12. Run the following command to confirm private key replacement without entering the password:

    ssh node_ip

    node_ip: indicates the IP address of another node in the cluster. Multiple IP addresses are not supported.

Download
Updated: 2019-05-17

Document ID: EDOC1100074522

Views: 5910

Downloads: 12

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next