Grid Engine Home > Installing > Installing the Software With the GUI Installer >

How to Configure Password-less Access for the root User

This section describes how to set up a password-less ssh or rsh access for the root user to install a whole Sun Grid Engine cluster at once by using the GUI Installer. The Sun Grid Engine installation must be started on the qmaster host, so you need to first decide which host is going to be the qmaster host. The following instructions use qmaster as the qmaster host name. You must replace qmaster with your qmaster host name.

Recommendation You can skip this procedure if you plan to install Sun Grid Engine only on a local host.

Warning Enabling root login without a password can be a security risk! The commands and configuration files used in the following procedure are applicable only to the Solaris 10 operating system. You can substitute these with commands and configuration files that are appropriate for your operating system.

Note Installing Grid Engine cluster with CSP option may additionally require password-less access to the localhost (qmaster host to the qmaster host).

Configuring Password-less ssh Access for the root User

1. Enable root login.
   For security reasons, using ssh as root is disabled on many platforms by default. Perform the following for each host on which you will log in using password-less ssh as the root user:
   1. As root, open the /etc/ssh/sshd_config file.
   2. Modify PermitRootLogin no to PermitRootLogin without-password.
      
2. Restart ssh service on all remote hosts.
   As root type the following command.

   svcadm disable -st ssh ; svcadm enable ssh

   
   

3. Generate a certificate on the qmaster host.
   As root, type the following command to generate the RSA key on the qmaster host. You should leave the passphrase empty.

   # ssh-keygen -t rsa
   Generating public/private rsa key pair.
   Enter file in which to save the key (/root/.ssh/id_rsa):
   Created directory '/root/.ssh'.
   Enter passphrase (empty for no passphrase):
   Enter same passphrase again:
   Your identification has been saved in /root/.ssh/id_rsa.
   Your public key has been saved in /root/.ssh/id_rsa.pub.
   The key fingerprint is:
   ec:fa:48:55:c4:3d:59:40:a6:27:10:a2:90:11:de:dc root@qmaster
   

   
   

4. Copy the certificate to all remote hosts.
   Copy the generated public key contained in a id_rsa.pub file to every remote host that should accept root login without a password from this host.
   The following example enables root access to host grid05 from host qmaster.

   qmaster# cat /root/.ssh/id_rsa.pub
   ssh-rsa ACCCB3NzaC1yc2EBBBBBIwAAAIEA1xfRiZMV7xt8EMDollLQH5RTAVz3lIXkr/FTfcbwjuMa0t/PdO9gBnJY03e1mIIpjDPiqT2IWfdrzHZB4xvl0MBNhMTWf8Gd3WDO4T7/zw7VhlqT6wUl0ncrhzE5BTIMB0i0X/amgidEzFbL+hE3RvPuowapNZUv+JC1IjDVmmE= root@qmaster
   qmaster# ssh grid05
   he authenticity of host 'grid05 (192.168.1.5)' can't be established.
   RSA key fingerprint is ec:fa:48:55:c4:3d:59:40:a6:27:10:a2:90:11:de:dc.
   Are you sure you want to continue connecting (yes/no)? yes
   Password:
   grid05# mkdir -p ~/.ssh
   grid05# echo "ssh-rsa ACCCB3NzaC1yc2EBBBBBIwAAAIEA1xfRiZMV7xt8EMDollLQH5RTAVz3lIXkr/FTfcbwjuMa0t/PdO9gBnJY03e1mIIpjDPiqT2IWfdrzHZB4xvl0MBNhMTWf8Gd3WDO4T7/zw7VhlqT6wUl0ncrhzE5BTIMB0i0X/amgidEzFbL+hE3RvPuowapNZUv+JC1IjDVmmE= root@qmaster" >> ~/.ssh/authorized_keys
   

   
   

5. Verify if you are able to connect to the hosts as root without a password.
   As root, type the following command.

   ssh <remote_password-less_host>

   If you are able to connect to the hosts without being prompted, password-less access to the hosts has been set up. Now, you can invoke the GUI installer using the start_gui_installer command from your sge-root directory.

Configuring Password-less rsh Access for the root User

1. Enable root login.
   Normally, the root user can only log in to the console /dev/console. You can remove this restriction by performing the following.
   1. Open the /etc/default/login file.
   2. Comment out the CONSOLE=/dev/console line by inserting a # character at the beginning of the line.
      You need to perform this for each remote host you would like to log in to.
      
2. Set up access without a password.
   1. Create a .rhosts file.
   2. Add a single line that contains the qmaster's host name preceded by a + sign.
      For example, if foo is the qmaster's host name, add the line +foo to the .rhosts file.
   3. Copy this file to the root user's home directory on each of the remote hosts where you wish to install Sun Grid Engine.
      This will allow root to log in from the qmaster host without a password to any machine that will be part of the cluster.
      
3. Restart rlogin service on all remote hosts.
   As root, type the following command.

   svcadm disable -st rlogin ; svcadm enable rlogin

   
   

4. Verify if you are able to connect to the hosts as root without a password.
   As root, type the following command.

   rlogin <remote_password-less_host>

   If you are able to connect to the hosts without being prompted, password-less access to the hosts has been set up. Now, you can invoke the GUI installer using the start_gui_installer command from your sge-root directory. Choose the custom installation mode and replace ssh with rsh and scp with rcp in the Main configuration panel.