This section describes the initial setup and testing of SSH that must be done before you use SSH with the N1 Service Provisioning System 5.1. If you are using the ssh-agent, you will need to start the ssh-agent before you begin the setup and testing task.
Complete this task only if you are using the ssh-agent. Complete this task before you start the Master Server
You must execute all the SSH setup commands in the following setup tasks, ssh, ssh-add, and cr_server start, in the same session as the session that you used to start the ssh-agent. If this session is terminated, you must kill the ssh-agent program that is running and start a new ssh-agent program.
Start the ssh-agent.
% eval `ssh-agent`
The ssh-agent starts and sets two environment variables. SSH_AUTH_SOCK and SSH_AGENT_PID are used by ssh and ssh-add to connect to the ssh-agent.
Upload the private key that you generated.
% ssh-add path-to-file/
path-to-file/ is the path to the secure media where you saved the private key file.
You are prompted to provide a password.
Provide the password that you created when you generated the keys.
You can shut down the ssh-agent by running the command eval `ssh-agent –k`.
This command uses the SSH_AGENT_PID variable to send a signal to the ssh-agent process to shut it down. The command also unsets the environment variables that were set when you started the ssh-agent.
If you are using the ssh-agent, be sure to start the ssh-agent by following the instructions in How to Start the ssh-agent on the Master Server.
The setup is session sensitive, so you must execute all the SSH commands, ssh, ssh-add, and cr_server start, in the same session as the session that you used to start the ssh-agent. If this session is terminated, you must kill the ssh-agent program that is running and start a new ssh-agent program. You will also need to upload the private key.
Test the SSH connection paths.
% ssh target-host-IP set % ssh -A -t target-host-IP ls -l
Use the -A option only if you are using the ssh-agent. target-host-IP is the IP address for the machine to which this machine will connect.
For example, you might have a network setup with the following Master Server (MS), Local Distributors (LD1, LD2, and LD3), and Remote Agents (RA1, RA2, RA3, and RA4).
MS | \ | \ | \ LD1 LD2 | \ \ | \ LD3 | \ |\ | | | \ | | | \ | | | \ RA1 RA2 RA3 RA4
For this example network, executing the following commands on the Master Server, substituting the IP addresses of the Local Distributors and Remote Agents on the network for LD1, LD2, RA1, RA2, RA3, and RA4 to test the SSH connection paths.
% ssh -A -t LD1 ssh -t RA1 set % ssh -A -t LD1 ssh -t RA2 set % ssh -A -t LD2 ssh -A -t LD3 ssh -t RA3 set % ssh -A -t LD2 ssh -A -t LD3 ssh -t RA4 set
These commands follow the paths that the Master Server uses when using SSH to connect to the machines that are downstream. Each command enables SSH to exchange the host keys required for communicating to the machines specified as arguments.
SSH prompts you to allow the host key exchange.
Answer yes to each of the prompts.
Verify the output of all of the commands to ensure that the environment variables are correctly set up.
The PATH variable should have /bin, /usr/bin, and any other directories that are part of your environments.
Test the SSH connection paths again.
Use the same command that you used in Step 1 to test the connection paths again to ensure that the server does not prompt you for any information.
If you change any of the keys, you might need to perform this task again. Depending upon your server setup, you also might need to complete this task again whenever you reboot any of the machines.