Configuring with ssh


Up: Configuring mpich Next: mpich and threads Previous: Setting up rsh

The normal process startup mechanism for the ch_p4 device on networks is rsh. Use of rsh requires that certain permission be set up on the participating machines. On some networks it is undesirable to set permissions that way. The simplest alternative to the use of rsh is ssh (the secure shell). It can be used for secure distributed computing. It requires some setup, described here, but then usage is quite simple.

Here is a set of steps that need to be done before ssh will work properly with mpich.

    1. Make sure ssh is installed on your network ( which ssh). If it isn't, you can get ssh from http://www.ssh.fi/sshprotocols2/index.html.
    2. Create your authentication key.
        ssh-keygen 
    
    
    This will generate a private/public key pair. The private key will be saved in
        ~/.ssh/identity 
    
    
    and the public key will be saved in
        ~/.ssh/identity.pub 
    
    

    3. Authorize Access. Place your public key in your /.ssh/authorized_keys file. All keys listed in that file are allowed access.
        cp  /.ssh/identity.pub  /.ssh/authorized_keys 
    
    
    If the machine you are connecting to does not share a common file system, then /.ssh/identity.pub should be copied over to the /.ssh/authorized_keys file of the machine you will be connecting to. ssh will insist that authorized_keys have its permissions set so that it is not group writable, so do
        chmod go-rwx  /.ssh/authorized_keys 
    
    
    This step avoids the need to enter your password each time you want to run a secure shell command.
    4. In order to avoid typing in your pass phrase each time ssh is invoked, a ssh-agent needs to be created and your pass phrase added.
        ssh-agent $SHELL 
    
        ssh-add 
    
    

    5. Configure with -rsh=ssh, so that the ch_p4 device will use ssh instead of rsh:
        configure -rsh=ssh 
    
    
In case of trouble:
* Make sure that the hosts listed in your util/machines/machine.xxxx are also listed in the /etc/ssh_known_hosts file on your network or your /.ssh/known_hosts file in your home directory.
* It is important that /tmp has permissions set to 377, with root as owner and group 0.
* openssh has a -v flag which is very useful for tracking down handshaking problems.



Up: Configuring mpich Next: mpich and threads Previous: Setting up rsh