|
Packit |
857059 |
#!/bin/bash
|
|
Packit |
857059 |
# BEGIN_ICS_COPYRIGHT8 ****************************************
|
|
Packit |
857059 |
#
|
|
Packit |
857059 |
# Copyright (c) 2015, Intel Corporation
|
|
Packit |
857059 |
#
|
|
Packit |
857059 |
# Redistribution and use in source and binary forms, with or without
|
|
Packit |
857059 |
# modification, are permitted provided that the following conditions are met:
|
|
Packit |
857059 |
#
|
|
Packit |
857059 |
# * Redistributions of source code must retain the above copyright notice,
|
|
Packit |
857059 |
# this list of conditions and the following disclaimer.
|
|
Packit |
857059 |
# * Redistributions in binary form must reproduce the above copyright
|
|
Packit |
857059 |
# notice, this list of conditions and the following disclaimer in the
|
|
Packit |
857059 |
# documentation and/or other materials provided with the distribution.
|
|
Packit |
857059 |
# * Neither the name of Intel Corporation nor the names of its contributors
|
|
Packit |
857059 |
# may be used to endorse or promote products derived from this software
|
|
Packit |
857059 |
# without specific prior written permission.
|
|
Packit |
857059 |
#
|
|
Packit |
857059 |
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
|
|
Packit |
857059 |
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
Packit |
857059 |
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
Packit |
857059 |
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
|
|
Packit |
857059 |
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
Packit |
857059 |
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
|
Packit |
857059 |
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
|
|
Packit |
857059 |
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
|
Packit |
857059 |
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
Packit |
857059 |
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
Packit |
857059 |
#
|
|
Packit |
857059 |
# END_ICS_COPYRIGHT8 ****************************************
|
|
Packit |
857059 |
|
|
Packit |
857059 |
# [ICS VERSION STRING: unknown]
|
|
Packit |
857059 |
# setup password-less ssh on a single host so it can ssh to itself
|
|
Packit |
857059 |
# This is part of IntelOPA-Basic for use by opasetupssh in FastFabric
|
|
Packit |
857059 |
|
|
Packit |
857059 |
trap "exit 1" SIGHUP SIGTERM SIGINT
|
|
Packit |
857059 |
|
|
Packit |
857059 |
Usage()
|
|
Packit |
857059 |
{
|
|
Packit |
857059 |
echo "Usage: setup_self_ssh [-U] [-i ipoib_hostname]" >&2
|
|
Packit |
857059 |
echo " or" >&2
|
|
Packit |
857059 |
echo " setup_self_ssh --help" >&2
|
|
Packit |
857059 |
echo " --help - produce full help text" >&2
|
|
Packit |
857059 |
echo " -U - only perform connect (to enter in local hosts knownhosts)" >&2
|
|
Packit |
857059 |
echo " -i ipoib_hostname - ipoib hostname for this host" >&2
|
|
Packit |
857059 |
echo " default is to skip setup for ipoib to self" >&2
|
|
Packit |
857059 |
echo "example:">&2
|
|
Packit |
857059 |
echo " setup_self_ssh -i myhost-ib" >&2
|
|
Packit |
857059 |
echo " setup_self_ssh -U" >&2
|
|
Packit |
857059 |
exit 2
|
|
Packit |
857059 |
}
|
|
Packit |
857059 |
|
|
Packit |
857059 |
if [ x"$1" = "x--help" ]
|
|
Packit |
857059 |
then
|
|
Packit |
857059 |
Usage
|
|
Packit |
857059 |
fi
|
|
Packit |
857059 |
|
|
Packit |
857059 |
user=`id -u -n`
|
|
Packit |
857059 |
Uopt=n
|
|
Packit |
857059 |
ihost_ib=
|
|
Packit |
857059 |
while getopts Ui: param
|
|
Packit |
857059 |
do
|
|
Packit |
857059 |
case $param in
|
|
Packit |
857059 |
U)
|
|
Packit |
857059 |
Uopt=y;;
|
|
Packit |
857059 |
i)
|
|
Packit |
857059 |
ihost_ib="$OPTARG";;
|
|
Packit |
857059 |
?)
|
|
Packit |
857059 |
Usage;;
|
|
Packit |
857059 |
esac
|
|
Packit |
857059 |
done
|
|
Packit |
857059 |
shift $((OPTIND -1))
|
|
Packit |
857059 |
if [ $# -gt 0 ]
|
|
Packit |
857059 |
then
|
|
Packit |
857059 |
Usage
|
|
Packit |
857059 |
fi
|
|
Packit |
857059 |
|
|
Packit |
857059 |
# connect to host via ssh
|
|
Packit |
857059 |
connect_to_host()
|
|
Packit |
857059 |
{
|
|
Packit |
857059 |
# $1 = user
|
|
Packit |
857059 |
# $2 = host
|
|
Packit |
857059 |
|
|
Packit |
857059 |
# We use an alternate file to build up the new keys
|
|
Packit |
857059 |
# this way parallel calls can let ssh itself handle file locking
|
|
Packit |
857059 |
# then update_known_hosts can replace data in real known_hosts file
|
|
Packit |
857059 |
ssh -o 'UserKnownHostsFile=~/.ssh/.known_hosts-ffnew' -o 'StrictHostKeyChecking=no' $1@$2 echo "$2: Connected"
|
|
Packit |
857059 |
}
|
|
Packit |
857059 |
|
|
Packit |
857059 |
# update known_hosts file with information from connect_to_host calls
|
|
Packit |
857059 |
update_known_hosts()
|
|
Packit |
857059 |
{
|
|
Packit |
857059 |
if [ -e ~/.ssh/.known_hosts-ffnew ]
|
|
Packit |
857059 |
then
|
|
Packit |
857059 |
if [ -e ~/.ssh/known_hosts ]
|
|
Packit |
857059 |
then
|
|
Packit |
857059 |
(
|
|
Packit |
857059 |
IFS=" , "
|
|
Packit |
857059 |
while read name trash
|
|
Packit |
857059 |
do
|
|
Packit |
857059 |
# remove old entry from known hosts in case key changed
|
|
Packit |
857059 |
if grep "^$name[, ]" < ~/.ssh/known_hosts > /dev/null 2>&1
|
|
Packit |
857059 |
then
|
|
Packit |
857059 |
grep -v "^$name[, ]" < ~/.ssh/known_hosts > ~/.ssh/.known_hosts-fftmp
|
|
Packit |
857059 |
mv ~/.ssh/.known_hosts-fftmp ~/.ssh/known_hosts
|
|
Packit |
857059 |
fi
|
|
Packit |
857059 |
done < ~/.ssh/.known_hosts-ffnew
|
|
Packit |
857059 |
)
|
|
Packit |
857059 |
fi
|
|
Packit |
857059 |
cat ~/.ssh/.known_hosts-ffnew >> ~/.ssh/known_hosts
|
|
Packit |
857059 |
chmod go-w ~/.ssh/known_hosts
|
|
Packit |
857059 |
|
|
Packit |
857059 |
rm -rf ~/.ssh/.known_hosts-ffnew ~/.ssh/.known_hosts-fftmp
|
|
Packit |
857059 |
fi
|
|
Packit |
857059 |
}
|
|
Packit |
857059 |
|
|
Packit |
857059 |
# Generate public and private SSH key pairs
|
|
Packit |
857059 |
cd ~
|
|
Packit |
857059 |
mkdir -m 0700 -p ~/.ssh ~/.ssh2
|
|
Packit |
857059 |
if [ ! -f .ssh/id_rsa.pub -o ! -f .ssh/id_rsa ]
|
|
Packit |
857059 |
then
|
|
Packit |
857059 |
ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa
|
|
Packit |
857059 |
fi
|
|
Packit |
857059 |
if [ ! -f .ssh/id_dsa.pub -o ! -f .ssh/id_dsa ]
|
|
Packit |
857059 |
then
|
|
Packit |
857059 |
ssh-keygen -t dsa -N '' -f ~/.ssh/id_dsa
|
|
Packit |
857059 |
fi
|
|
Packit |
857059 |
# recreate public key in Reflection format for ssh2
|
|
Packit |
857059 |
if [ ! -e .ssh2/ssh2_id_dsa.pub ]
|
|
Packit |
857059 |
then
|
|
Packit |
857059 |
# older distros may not support this, ignore error
|
|
Packit |
857059 |
ssh-keygen -O ~/.ssh/id_dsa.pub -o ~/.ssh2/ssh2_id_dsa.pub 2>/dev/null
|
|
Packit |
857059 |
fi
|
|
Packit |
857059 |
|
|
Packit |
857059 |
# configure ssh on the host(s)
|
|
Packit |
857059 |
rm -rf ~/.ssh/.known_hosts-ffnew ~/.ssh/.known_hosts-fftmp
|
|
Packit |
857059 |
|
|
Packit |
857059 |
#stty_settings=`stty -g`
|
|
Packit |
857059 |
ihost=`hostname | cut -f1 -d.`
|
|
Packit |
857059 |
|
|
Packit |
857059 |
# setup ssh to ourselves
|
|
Packit |
857059 |
if [ $Uopt = n ]
|
|
Packit |
857059 |
then
|
|
Packit |
857059 |
echo "$ihost: Configuring localhost ssh..."
|
|
Packit |
857059 |
rm -f ~/.ssh/.tmp_keys$$
|
|
Packit |
857059 |
|
|
Packit |
857059 |
>> ~/.ssh/authorized_keys
|
|
Packit |
857059 |
cat ~/.ssh/authorized_keys ~/.ssh/id_rsa.pub ~/.ssh/id_dsa.pub|sort -u > ~/.ssh/.tmp_keys$$
|
|
Packit |
857059 |
mv ~/.ssh/.tmp_keys$$ ~/.ssh/authorized_keys
|
|
Packit |
857059 |
|
|
Packit |
857059 |
>> ~/.ssh/authorized_keys2
|
|
Packit |
857059 |
cat ~/.ssh/authorized_keys2 ~/.ssh/id_rsa.pub ~/.ssh/id_dsa.pub|sort -u > ~/.ssh/.tmp_keys$$
|
|
Packit |
857059 |
mv ~/.ssh/.tmp_keys$$ ~/.ssh/authorized_keys2
|
|
Packit |
857059 |
|
|
Packit |
857059 |
# set up ssh2 DSA authorization
|
|
Packit |
857059 |
# older distros may not support this
|
|
Packit |
857059 |
[ -f ~/.ssh2/ssh2_id_dsa.pub ] && ! grep '^Key ssh2_id_dsa.pub$' ~/.ssh2/authorization >/dev/null 2>&1 && echo "Key ssh2_id_dsa.pub" >> ~/.ssh2/authorization
|
|
Packit |
857059 |
|
|
Packit |
857059 |
chmod go-w ~/.ssh/authorized_keys ~/.ssh/authorized_keys2
|
|
Packit |
857059 |
test -f ~/.ssh2/authorization && chmod go-w ~/.ssh2/authorization
|
|
Packit |
857059 |
fi
|
|
Packit |
857059 |
|
|
Packit |
857059 |
echo "$ihost: Verifying localhost ssh..."
|
|
Packit |
857059 |
# make sure we can ssh ourselves so ipoibping test works
|
|
Packit |
857059 |
connect_to_host $user localhost
|
|
Packit |
857059 |
connect_to_host $user $ihost
|
|
Packit |
857059 |
# make sure we can ssh to ourselves over ipoib, so MPI can be run on master
|
|
Packit |
857059 |
if [ x"$ihost_ib" != "x" ]
|
|
Packit |
857059 |
then
|
|
Packit |
857059 |
connect_to_host $user $ihost_ib
|
|
Packit |
857059 |
fi
|
|
Packit |
857059 |
echo "$ihost: Configured localhost ssh"
|
|
Packit |
857059 |
|
|
Packit |
857059 |
#stty $stty_settings
|
|
Packit |
857059 |
update_known_hosts
|