Creating Unprivileged Users with SSH Key
The SMI Cluster Manager allows creating unprivileged users on cluster nodes with SSH key access. These users will remain even after the SMI Cluster Manager is upgraded. Also, the SMI Cluster Manager considers the users created with the comment smi.user to be managed by the Cluster Manager. If an existing user, who is not an smi.user, is added to the configuration, the SMI Cluster Manager throws an error during cluster synchronization to prevent damaging or blocking communication to the system.
To add a SSH key and password to an user on all the nodes, use the following configuration:
configure
node-defaults os users username
password password
authorized-keys key_name
algorithm ssh_algorithm
key-data key_data
exit
authorized-keys key_name
algorithm ssh_algorithm
key-data key_data
exit
exit
To add a SSH key and password to an user on a specific node, use the following configuration:
configure
node node_name os users username
password password
authorized-keys key_name
algorithm ssh_algorithm
key-data key_data
exit
authorized-keys key_name
algorithm ssh_algorithm
key-data key_data
exit
exit
NOTES:
-
node-defaults os users username - Specifies the default value applicable to all the nodes for the selected user. username is the name of the user to be created.
-
node node_name os users username - Specifies the default value applicable to the specific node for the selected user. node_name is the name of the specific node. username is the name of the user to be created.
-
password password - Specifies the password used for authentication.
-
authorized-keys key_name - Specifies the name of the SSH key.
-
algorithm ssh_algorithm - Specifies the SSH algorithm used for generating the SSH key. For example, SSH-RSA or SSH-Ed25519 algorithm.
-
key-data key_data - Specifies the generated SSH key.