Create a private key file

Before you can install a cluster, Management Console must be able to access the hosts on which you plan to install Vertica.

Before you can install a cluster, Management Console must be able to access the hosts on which you plan to install Vertica. MC uses password-less SSH to connect to the hosts and install Vertica software using a private key file.

If you already have a private key file that allows access to all hosts in the potential cluster, you can use it in the cluster creation wizard.

Create a private key file

  1. Log into the server as root or as a user with sudo privileges.

  2. Change to your home directory.

    $ cd ~
    
  3. Create an .ssh directory if one does not already exist.

    $ mkdir .ssh
    
  4. Generate a passwordless private key/public key pair.

    $ ssh-keygen -q -t rsa -f ~/.ssh/vid_rsa -N ''
    

    This command creates two files: vid_rsa and vid_rsa.pub. The vid_rsa file is the private key file that you upload to the MC so that it can access nodes on the cluster and install Vertica. The vid_rsa.pub file is copied to all other hosts so that they can be accessed by clients using the vid_rsa file.

  5. Make your .ssh directory readable and writable only by yourself.

    $ chmod 700 /root/.ssh
    
  6. Change to the .ssh directory.

    $ cd ~/.ssh
    
  7. Edit sshd.config as follows to disable password authentication for root:

    PermitRootLogin without-password
    
  8. Concatenate the public key into to the file vauthorized_keys2.

    $ cat vid_rsa.pub >> vauthorized_keys2
    
  9. If the host from which you are creating the public key will also be in the cluster, copy the public key into the local-hosts authorized key file:

    cat vid_rsa.pub >> authorized_keys
    
  10. Make the files in your .ssh directory readable and writable only by yourself.

    $ chmod 600 ~/.ssh/*
    
  11. Create the .ssh directory on the other nodes.

    $ ssh <host> "mkdir /root/.ssh"
    
  12. Copy the vauthorized key file to the other nodes.

    $ scp -r /root/.ssh/vauthorized_keys2 <host>:/root/.ssh/.
    
  13. On each node, concatenate the vauthorized_keys2 public key to the authorized_keys file and make the file readable and writable only by the owner.

    $ ssh <host> "cd /root/.ssh/;cat vauthorized_keys2 >> authorized_keys; chmod 600 /root/.ssh/authorized_keys"
    
  14. On each node, remove the vauthorized_keys2 file.

    $ ssh -i /root/.ssh/vid_rsa <host> "rm /root/.ssh/vauthorized_keys2"
    
  15. Copy the vid_rsa file to the workstation from which you will access the MC cluster installation wizard. This file is required to install a cluster from the MC.

A complete example of the commands for creating the public key and allowing access to three hosts from the key is below. The commands are being initiated from the docg01 host, and all hosts will be included in the cluster (docg01 - docg03):

ssh docg01
cd ~/.ssh
ssh-keygen -q -t rsa -f ~/.ssh/vid_rsa -N ''
cat vid_rsa.pub > vauthorized_keys2
cat vid_rsa.pub >> authorized_keys
chmod 600 ~/.ssh/*
scp -r /root/.ssh/vauthorized_keys2 docg02:/root/.ssh/.
scp -r /root/.ssh/vauthorized_keys2 docg03:/root/.ssh/.
ssh docg02 "cd /root/.ssh/;cat vauthorized_keys2 >> authorized_keys; chmod 600 /root/.ssh/authorized_keys"
ssh docg03 "cd /root/.ssh/;cat vauthorized_keys2 >> authorized_keys; chmod 600 /root/.ssh/authorized_keys"
ssh -i /root/.ssh/vid_rsa docg02 "rm /root/.ssh/vauthorized_keys2"
ssh -i /root/.ssh/vid_rsa docg03 "rm /root/.ssh/vauthorized_keys2"
rm ~/.ssh/vauthorized_keys2