# Setting up a DSA authentication (SSH2) between the nodes
# of the linux cluster (hf5, hf6, hf7, hf8)
 

###### PART I #############################################################
### Part I. Between the nodes (the home directory is NFS mounted).
# Example for generating DSA pair of keys for allowing access between
# the nodes without supplying a password (an SSH2 feature)
# Note: the dialog from the machine is shown with >#
# Note: the user input is with red color
# Note: Comments are shown with: #

# Example is node hf7, login cd to ~/.ssh and run
ssh-keygen -t dsa
#>Generating public/private dsa key pair.
#>Enter file in which to save the key (/home/georgio/.ssh/id_dsa):

#If you recieve a question:

#>/home/georgio/.ssh/id_dsa already exists.
#>Overwrite (y/n)? ### You will need to overwrite, otherwise it wont work
y
#>Enter passphrase (empty for no passphrase):
Hit Enter
#>Enter same passphrase again:
Hit Enter

#>Your identification has been saved in /home/georgio/.ssh/id_dsa.
#>Your public key has been saved in /home/georgio/.ssh/id_dsa.pub.
#>The key fingerprint is something like:
#>0c:a6:22:fa:dd:22:62:3b:dd:a1:22:7d:33:33:33:15 georgio@hf7

# still being in the ~/.ssh
cp id_dsa identity
# cp the public key to authorized_keys2
cp id_dsa.pub authorized_keys2

# test to login on the same machine without a password:
slogin hf7

# test to login on the other hf's
slogin hf6
slogin hf5

# if all are home directories are mounted correctly,
# there will be no need of password when logging in between each node

############ PART II #######################################################
### Part II, for remote machines, (no NFS mounted home directory)

# the example is for "hf7.vuse.vanderbilt.edu" and "abc.def.edu"
#Note abc.def.edu must have ssh2 installed to use DSA, hf7 has it installed
# already!

# both machines have to be prepared and DSA key has to be
#exchanged between hf7.vuse.vanderbilt.edu and abc.def.edu to allow DSA

#>>> Part II A. preparing hf7
# the example is for "hf7.vuse.vanderbilt.edu" and "abc.def.edu"
#Note abc.def.edu must have ssh2 installed

#On the remote machine abc.def.edu #######
cd ~/.ssh
# test for the file id_dsa.pub
ls -l

#if you do not see id_dsa.pub, then
ssh-keygen -t dsa
cp id_dsa identity

#then "ls -l" should show the existence of the file id_dsa.pub

#copy this file from abc.def.edu:/home/${USER} to hf7
scp id_dsa.pub hf7.vuse.vanderbilt.edu:/home/${USER}

#On hf7
cd /home/${USER}/.ssh
cat /home/${USER}/id_dsa.pub >> authorized_keys2

#After the steps above it should be possible to ssh from
# abc.def.edu to hf5, hf6, hf7, hf8 without supplying a
#password
 

#>>> Part II B. Prepare abc.def.edu
#on hf7:
cd ~/.ssh
ls -l

#if there is no file id_dsa.pub, then:
ssh-keygen -t dsa
cp id_dsa identity

# "ls -l " should show the file id_dsa.pub, this file must be scp to abc.def.edu
#NOTE don't copy it to abc.def.edu:/home/${USER}/.ssh/ because it will overrite
# the local id_rsa.pub. Copy this file to any directory ecept .ssh
scp id_dsa.pub abc.def.edu:/home/${USER}

#then on abc.def.edu
cd /home/${USER}/.ssh
cat ../id_dsa.pub >> authorized_keys2

#then test to login on hf5,6,7,8, it should be directly without a
#the need to type a password.

ssh hf6.vuse.vanderbilt.edu should work

##### END ###