Go to main content

Managing Network Virtualization and Network Resources in Oracle® Solaris 11.4

Exit Print View

Updated: November 2020
 
 

About SSH Authentication and the evsuser

For flexibility in configuring all EVS nodes, the evsuser is created automatically when you install the EVS package. This user is assigned the Elastic Virtual Switch Administration rights profile for configuring EVS. By becoming that user, you obtain the necessary authorization to perform the procedures contained in this chapter.

To use evsuser, you need to configure SSH authentication first to enable connectivity between the controller and the different nodes. You must perform authentication on all the nodes in the EVS setup. The following figure illustrates the authentication process:

Figure 19  SSH Authentication in the EVS Setup

image:The figure shows the setting up of SSH authentication between the EVS components.

How to Set Up SSH Authentication Between the EVS Controller and an EVS Node

Before You Begin

Install the mandatory packages. See Installing the Required Packages.

  1. On the EVS controller, become evsuser. 
    evs-controller$ su - evsuser
  2. Generate a RSA key pair in the EVS controller for evsuser. 
    evsuser@evs-controller$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/var/user/evsuser/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /var/user/evsuser/.ssh/id_rsa.
Your public key has been saved in /var/user/evsuser/.ssh/id_rsa.pub.
The key fingerprint is:
a0:64:de:3d:c8:26:59:cb:4a:46:b9:1e:17:04:7d:bf evsuser@evs-controller
  3. Copy the public key from the controller's /var/user/evsuser/.ssh/id_rsa.pub file to an EVS node's /var/user/evsuser/.ssh/authorized_keys file.
    Note -  You must perform this step for every EVS node that is in the EVS setup.

How to Set Up SSH Authentication Between an EVS Node and the EVS Controller

Note -  You must perform this procedure on every EVS node in the EVS setup.

Before You Begin

Install the mandatory packages. See Installing the Required Packages.

  1. On the EVS node, generate a RSA key pair. 
    evs-node$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
a0:64:de:3d:c8:26:59:cb:4a:46:b9:1d:17:04:7d:bf root@evs-node
  2. Copy the public key from the /root/.ssh/id_rsa.pub file in the EVS node to the /var/user/evsuser/.ssh/authorized_keys file in the EVS controller.

How to Set Up SSH Authentication Between the EVS Manager and the EVS Controller

You perform this procedure if the EVS Manager and EVS Controller reside on different hosts.

Before You Begin

Install the mandatory packages. See Installing the Required Packages.

  1. On the EVS manager, generate a RSA key pair. 
    evs-manager$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
a0:64:de:3d:c8:26:59:cb:4a:46:b9:1d:17:04:7e:bf root@evs-manager
  2. Copy the public key from the /root/.ssh/id_rsa.pub file in the EVS manager to the /var/user/evsuser/.ssh/authorized_keys file in the EVS controller.

Testing the SSH Authentication

To check whether SSH authentication completed successfully for all the nodes, issue the following commands from the specific nodes:

  • Between controller and EVS node

    From the controller, connect to the node and issue this command:

    evsuser@evs-controller$ ssh evsuser@evs-node
The authenticity of host 'evs-node (192.0.2.20)' can't be established.
RSA key fingerprint is 73:66:89:15:0d:49:46:e0:1d:73:32:77:4f:7c:24:a5.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'evs-node' (RSA) to the list of known hosts.
Last login: Wed Jun 11 14:40:28 2014 from evs-node
Oracle Corporation      SunOS 5.11      11.2    April 2014
evsuser@evs-node$

    The output shows that you can log in to the EVS node as evsuser without a password from the EVS controller.

  • Between EVS node and controller

    From the EVS node, connect to the controller and issue this command:

    evs-node$ ssh evsuser@evs-controller
The authenticity of host 'evs-controller (192.0.2.10)' can't be established.
RSA key fingerprint is 73:66:81:15:0d:49:46:e0:1d:73:32:77:4f:7c:24:a5.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'evs-controller' (RSA) to the list of known hosts.
Last login: Wed Jun 11 14:36:28 2014 from evs-controller
Oracle Corporation      SunOS 5.11      11.2    April 2014
evsuser@evs-controller$

    The output shows that you can log in to the EVS controller as evsuser without a password from the EVS node.

  • Between EVS manager and EVS controller

    From the EVS manager, connect to the controller and issue this command:

    evs-manager$ ssh evsuser@evs-controller
The authenticity of host 'evs-controller (192.0.2.10)' can't be established.
RSA key fingerprint is 73:66:81:15:0d:49:46:e0:1d:73:32:77:4f:7c:24:a5.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'evs-controller' (RSA) to the list of known hosts.
Last login: Wed Jun 11 14:38:28 2014 from evs-controller
Oracle Corporation      SunOS 5.11      11.2    April 2014
evsuser@evs-controller$

    The output shows that you can log in to the EVS controller as evsuser without a password from the EVS manager.

Copyright © 2011, 2020, Oracle and/or its affiliates.  
Previous
Next