Parallels H-Sphere Documentation System Administrator Guide

 

SSH Keys Generation for H-Sphere Servers

 
 

Related Docs:   Adding H-Sphere Servers and Services

Last modified: 30 Aug 2006

 

WARNING: This documentation covers Parallels H-Sphere versions up to 3.1. For the latest up-to-date Parallels H-Sphere documentation, please proceed to the official Parallels site.

H-Sphere Control Panel interacts with its Unix-based servers via SSH protocol. For user to have permanent access to H-Sphere remote servers and to log into them automatically without entering password each time, the SSH public keys for the cpanel user on the CP box should be copied and added to each Unix box in H-Sphere cluster.

Normally, H-Sphere does this automatically during installation. However, sometimes there is a need to regenerate or restore SSH keys. This document will guide you through the process of generating SSH keys on the CP box and adding them to each H-Sphere server.

  1. Enter the CP box as the cpanel user.
  2. Check if you have SSH public keys generated for the cpanel user.

    RSA: $ cat ~cpanel/.ssh/identity.pub
    DSA: $ cat ~cpanel/.ssh/id_dsa.pub

  3. If any of these files doesn't exist, generate missing SSH key for the cpanel user by the corresponding command (passphrases must be empty):

    RSA: $ ssh-keygen -t rsa1
    DSA: $ ssh-keygen -d

  4. Place the public SSH keys of the CP server's cpanel user into the corresponding files in the /root/.ssh folder on each H-Sphere box:
    1. Log into an H-Sphere box as root.
    2. Create the authentication key files for root if they don't exist:

      RSA: # touch /root/.ssh/authorized_keys
      DSA: # touch /root/.ssh/authorized_keys2

    3. Insert the RSA key from the ~cpanel/.ssh/identity.pub file on the CP server into /root/.ssh/authorized_keys on this box,
      and the DSA key from ~cpanel/.ssh/id_dsa.pub into /root/.ssh/authorized_keys2, respectively.

Related Docs:   Adding H-Sphere Servers and Services



© Copyright 2017. Parallels Holdings. All rights reserved.