How to Configure SSH for the CLI Client With Empty Passwords

Complete this task if you want to use SSH connectivity for the CLI Client with empty passwords.

Steps

1. Create a new operating system user account on the Master Server and the machine on which the CLI Client is installed.

   This account should be different from the account that you specified during the installation of the Master Server, Local Distributor, or Remote Agent.

2. Log in to the CLI Client machine as the new user that you created in the previous Step.

3. Generate public and private keys for the new user by following the instructions in How to Generate Key Pairs.

   Do not reuse the keys that you generated for communication between the Master Server, Local Distributors, and Remote Agents.

4. On the CLI Client, copy the public key file to the new user's authorized_keys2 file on the Master Server machine.

   % cp User-home-CLI/.ssh/id_rsa.pub User-home-MS/.ssh/id_rsa.pub

   User-home-CLI is the home directory on the CLI Client machine. User-home-MS is the home directory on the Master Server machine.

5. On the Master Server, concatenate the public key to the /.ssh/authorized_keys2 file for that user.

   % cat /User-home/.ssh/id_rsa.pub >> /User-home/.ssh/authorized_keys2

   User-home is the home directory of the currently logged in user on the Master Server machine.

6. Log in to the CLI Client machine as the new user that you created.

7. Test the SSH connection.

   % ssh IP-Address-MS set

   IP-Address-MS is the IP address of the Master Server machine.

   You might be prompted to exchange keys.

8. If you are prompted to exchange keys, answer yes.

9. Verify that the PATH variable is set correctly.

   The PATH variable must contain /bin, /usr/bin, and any other directories that are part of your environment.

10. Configure the Master Server to accept only connections from localhost. For instructions, see Configuring the JVM Security Policy.