Designing Disaster Recovery Clusters using Metroclusters and Continentalclusters, Reprinted October 2011 (5900-1881)

ManualsBrandsHP ManualsSoftwareHP Serviceguard Metrocluster with EMC SRDF

311

312

313

314

315

316

317

318

319

320

The utility will prompt for the passwords of all the users of the storage systems that are passed as

arguments.

For Example:

# /opt/cmcluster/toolkit/SG3PARRC/utils/setsshkeys mc3parusr@3par001

If prompted, enter password for mc3parusr@3par001

Password:

Success: Passwordless SSH set from the host "clusternode1" to the storage system "3par001" for

the user "mc3parusr"

Success: Passwordless SSH set from the host "clusternode2" to the storage system "3par001" for

the user "mc3parusr"

Success: Passwordless SSH set from the host "clusternode3" to the storage system "3par001" for

the user "mc3parusr"

Success: Passwordless SSH set from the host "clusternode4" to the storage system "3par001" for

the user "mc3parusr"

NOTE:

• By default, the setsshkeys utility creates a key pair using rsa format. If you want to create

the key pair using dsa format, use -k dsa option with the setsshkeys utility. Serviceguard

cluster must be configured before running this utility. For Continentalclusters, run this utility

separately in each Serviceguard cluster.

• setsshkeys utility will setup passwordless SSH for the root user only with the key pair

id_rsa/id_dsa and id_rsa.pub/id_dsa.pub. If such a key pair does not exist, setsshkeys

utility will generate the key pair by itself. If SSH is configured to use any other IdentityFile,

then you need to setup the passwordless SSH manually.

To configure the SSH without a password from the cluster nodes to the 3PAR storage systems

manually:

1. Create a key pair using the ssh-keygen utility on the host system. Both rsa and dsa key

formats are supported by the storage system and the recommended key length is 1024.

To create a key pair using rsa format:

$ ssh–keygen –b 1024 –t rsa

To create a key pair using dsa format:

$ ssh–keygen –b 1024 –t dsa

The ssh–keygen utility generates two files: id_rsa and id_rsa.pub (or id_dsa and id_dsa.pub).

Generate the key without a passphrase.

Ensure that only the root has access and read/write permission on the private key file, otherwise

the SSH client refuses the key file.

2. Log on to a 3PAR storage system from the host using the new user.

$ssh mc3parusr@system1

mc3parusr@system1 password: <password>

3. Issue the setsshkey command.

system1 cli% setsshkey -add

Please enter the SSH public key below. When finished, press enter twice. The key is usually

long. It's better to copy it from inside an editor and paste it here. (Please make sure there are

no extra blanks.) The maximum number of characters used to represent the SSH key (including

the "from" option, key type, and additional comments) is 4095.

ssh–rsa AF5afPdciUTJ0PYzB6msRxFrCuDSqDwPshqWS5tGCFSoSZdE=

Configuring an application in a Metrocluster with 3PAR Remote Copy environment 319