|
Packit Service |
3470d1 |
.\" .\" *********************************************************************
|
|
Packit Service |
3470d1 |
.\" .\" * *
|
|
Packit Service |
3470d1 |
.\" .\" * Copyright 2015-2019, Intel Corporation *
|
|
Packit Service |
3470d1 |
.\" .\" * *
|
|
Packit Service |
3470d1 |
.\" .\" * All Rights Reserved. *
|
|
Packit Service |
3470d1 |
.\" .\" * *
|
|
Packit Service |
3470d1 |
.\" .\" *********************************************************************
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TH opasetupssh 8 "Intel Corporation" "Copyright(C) 2015\-2019" "IFSFFCLIRG (Man Page)"
|
|
Packit Service |
3470d1 |
.SH NAME
|
|
Packit Service |
3470d1 |
opasetupssh
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.PP
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
\fB(Linux or Switch)\fR
|
|
Packit Service |
3470d1 |
Creates SSH keys and configures them on all hosts or chassis so the system can use SSH and SCP into all other hosts or chassis without a password prompt. Typically, during cluster setup this tool enables the root user on the Management Node to log into the other hosts (as root) or chassis (as admin) using password-less SSH.
|
|
Packit Service |
3470d1 |
.SH Syntax
|
|
Packit Service |
3470d1 |
opasetupssh [-C|p|U] [-f \fIhostfile\fR] [-F \fIchassisfile\fR] [-h \[aq]\fIhosts\fR\[aq]]
|
|
Packit Service |
3470d1 |
.br
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
[-H \[aq]\fIchassis\fR\[aq]] [-i \fIipoib\(ulsuffix\fR] [-u \fIuser\fR] [-S] [-R|P]
|
|
Packit Service |
3470d1 |
.SH Options
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
--help
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
Produces full help text.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
-C
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
Performs operation against chassis. Default is hosts.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
-p
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
Performs operation against all chassis or hosts in parallel.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
-U
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
Performs connect only (to enter in local hosts, known hosts). When run in this mode, the -S option is ignored.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
-f \fIhostfile\fR
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
Specifies the file with hosts in cluster.
|
|
Packit Service |
3470d1 |
.br
|
|
Packit Service |
3470d1 |
Default is /etc/opa/hosts file.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
-F \fIchassisfile\fR
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
Specifies the file with chassis in cluster.
|
|
Packit Service |
3470d1 |
.br
|
|
Packit Service |
3470d1 |
Default is /etc/opa/chassis file.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
-h \fIhosts\fR
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
Specifies the list of hosts to set up.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
-H \fIchassis\fR
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
Specifies the list of chassis to set up.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
-i \fIipoib\(ulsuffix\fR
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
Specifies the suffix to apply to host names to create IPoIB host names. Default is -opa.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
-u \fIuser\fR
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
Specifies the user on remote system to allow this user to SSH to. Default is current user code for host(s) and admin for chassis.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
-S
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
Securely prompts for password for user on remote system.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
-R
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
Skips setup of SSH to local host.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
-P
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
Skips ping of host (for SSH to devices on Internet with ping
|
|
Packit Service |
3470d1 |
.br
|
|
Packit Service |
3470d1 |
firewalled).
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.SH Examples
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.SH Operations on Hosts
|
|
Packit Service |
3470d1 |
opasetupssh -S -i \[aq]\[aq]
|
|
Packit Service |
3470d1 |
.br
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
opasetupssh -U
|
|
Packit Service |
3470d1 |
.br
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
opasetupssh -h \[aq]arwen elrond\[aq] -U
|
|
Packit Service |
3470d1 |
.br
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
HOSTS=\[aq]arwen elrond\[aq] opasetupssh -U
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.SH Operations on Chassis
|
|
Packit Service |
3470d1 |
opasetupssh -C
|
|
Packit Service |
3470d1 |
.br
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
opasetupssh -C -H \[aq]chassis1 chassis2\[aq]
|
|
Packit Service |
3470d1 |
.br
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
CHASSIS=\[aq]chassis1 chassis2\[aq] opasetupssh -C
|
|
Packit Service |
3470d1 |
.SH Environment Variables
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.PP
|
|
Packit Service |
3470d1 |
The following environment variables are also used by this command:
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
\fBHOSTS\(ulFILE\fR
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
File containing list of hosts, used in absence of -f and -h.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
\fBCHASSIS\(ulFILE\fR
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
File containing list of chassis, used in absence of -F and -H.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
\fBHOSTS\fR
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
List of hosts, used if -h option not supplied.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
\fBCHASSIS\fR
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
List of chassis, used if -C is used and -H and -F options not supplied.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
\fBFF\(ulMAX\(ulPARALLEL\fR
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
When -p option is used, maximum concurrent operations.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
\fBFF\(ulIPOIB\(ulSUFFIX\fR
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
Suffix to append to hostname to create IPoIB hostname. Used in absence of -i.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
\fBFF\(ulCHASSIS\(ulLOGIN\(ulMETHOD\fR
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
How to log into chassis. Can be Telnet or SSH.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.TP 10
|
|
Packit Service |
3470d1 |
\fBFF\(ulCHASSIS\(ulADMIN\(ulPASSWORD\fR
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
Password for admin on all chassis. Used in absence of -S option.
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.SH Description
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.PP
|
|
Packit Service |
3470d1 |
The Intel(R) Omni-Path Fabric Suite FastFabric Toolset provides additional flexibility in the translation between IPoIB and management network hostnames.
|
|
Packit Service |
3470d1 |
.PP
|
|
Packit Service |
3470d1 |
opasetupssh provides an easy way to create SSH keys and distribute them to the hosts or chassis in the cluster. Many of the FastFabric tools (as well as many versions of MPI) require that SSH is set up for password-less operation. Therefore, opasetupssh is an important setup step.
|
|
Packit Service |
3470d1 |
.PP
|
|
Packit Service |
3470d1 |
This tool also sets up SSH to the local host and the local host\[aq]s IPoIB name. This capability is required by selected FastFabric Toolset commands and may be used by some applications (such as MPI).
|
|
Packit Service |
3470d1 |
.PP
|
|
Packit Service |
3470d1 |
opasetupssh has two modes of operation. The mode is selected by the presence or absence of the -U option. Typically, opasetupssh is first run without the -U option, then it may later be run with the -U option.
|
|
Packit Service |
3470d1 |
.SH Host Initial Key Exchange
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.PP
|
|
Packit Service |
3470d1 |
When run without the -U option, opasetupssh performs the initial key exchange and enables password-less SSH and SCP. The preferred way to use opasetupssh for initial key exchange is with the -S option. This requires that all hosts are configured with the same password for the specified "user" (typically root). In this mode, the password is prompted for once and then SSH and SCP are used in conjunction with that password to complete the setup for the hosts. This mode also avoids the need to set up rsh/rcp/rlogin (which can be a security risk).
|
|
Packit Service |
3470d1 |
.PP
|
|
Packit Service |
3470d1 |
opasetupssh configures password-less SSH/SCP for both the management network and IPoIB. Typically, the management network is used for FastFabric Toolset operations while IPoIB is used for MPI and other applications.
|
|
Packit Service |
3470d1 |
.PP
|
|
Packit Service |
3470d1 |
During initial cluster installation, where the Intel(R) Omni-Path Fabric software is not yet installed on all the hosts, IPoIB is not yet running. In this situation, use the -i option with an empty string as follows:
|
|
Packit Service |
3470d1 |
.PP
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.br
|
|
Packit Service |
3470d1 |
opasetupssh -i \[aq]\[aq]
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.br
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.PP
|
|
Packit Service |
3470d1 |
This causes the last part of the setup of SSH for IPoIB to be skipped.
|
|
Packit Service |
3470d1 |
.SH Refreshing Local Systems Known Hosts
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.PP
|
|
Packit Service |
3470d1 |
If aspects of the host have changed, such as IP addresses, MAC addresses, software installation, or server OS reinstallation, you can refresh the local host\[aq]s SSH known\(ulhosts file by running opasetupssh with the -U option. This option does not transfer the keys, but instead connects to each host (management network and IPoIB) to refresh the SSH keys. Existing entries for the specified hosts are replaced within the local known\(ulhosts file. When run in this mode, the -S option is ignored. This mode assumes SSH has previously been set up for the hosts, as such no files are transferred to the specified hosts and no passwords should be required.
|
|
Packit Service |
3470d1 |
.PP
|
|
Packit Service |
3470d1 |
Typically after completing the installation and booting of Intel(R) Omni-Path Fabric software, opasetupssh must be rerun with the -U option to update the known\(ulhosts file.
|
|
Packit Service |
3470d1 |
.SH Chassis Initial Key Exchange
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.PP
|
|
Packit Service |
3470d1 |
When run without the -U option, opasetupssh performs the initial key exchange and enables password-less SSH and SCP. For chassis, the key exchange uses SCP and the chassis CLI. During this command you log into the chassis using the configured mechanism for chassis login.
|
|
Packit Service |
3470d1 |
.PP
|
|
Packit Service |
3470d1 |
The preferred way to use opasetupssh for initial key exchange is with the -S option. This requires that all chassis are configured with the same password for admin. In this mode, you are prompted for the password once and then the \fBFF\(ulCHASSIS\(ulLOGIN\(ulMETHOD\fR and SCP are used in conjunction with that password to complete the setup for the chassis. This method also avoids the need to setup the chassis password in /etc/opa/opafastfabric.conf (which can be a security risk).
|
|
Packit Service |
3470d1 |
.PP
|
|
Packit Service |
3470d1 |
For chassis, the -i option is ignored.
|
|
Packit Service |
3470d1 |
.SH Chassis Refreshing Local Systems Known Hosts
|
|
Packit Service |
3470d1 |
|
|
Packit Service |
3470d1 |
.PP
|
|
Packit Service |
3470d1 |
If aspects of the chassis have changed, such as IP addresses or MAC addresses, you can refresh the local host\[aq]s SSH known\(ulhosts file by running opasetupssh with the -U option. This option does not transfer the keys, but instead connects to each chassis to refresh the SSH keys. Existing entries for the specified chassis are replaced within the local known\(ulhosts file. When run in this mode, the -S option is ignored. This mode assumes SSH has previously been set up for the chassis, because no files are transferred to the specified hosts and no passwords are required.
|