Creating Unprivileged Users with SSH Key

The SMI Cluster Manager allows creating unprivileged users on cluster nodes with SSH key access. These users will remain even after the SMI Cluster Manager is upgraded. Also, the SMI Cluster Manager considers the users created with the comment smi.user to be managed by the Cluster Manager. If an existing user, who is not an smi.user, is added to the configuration, the SMI Cluster Manager throws an error during cluster synchronization to prevent damaging or blocking communication to the system.

To add a SSH key and password to an user on all the nodes, use the following configuration:

configure 
  node-defaults os users username 
    password password 
    authorized-keys key_name 
    algorithm ssh_algorithm 
    key-data  key_data 
    exit 
  authorized-keys key_name 
   algorithm ssh_algorithm 
   key-data key_data 
   exit 
 exit 

To add a SSH key and password to an user on a specific node, use the following configuration:

configure 
  node node_name os users username 
    password password 
    authorized-keys key_name 
    algorithm ssh_algorithm 
    key-data  key_data 
    exit 
   authorized-keys key_name 
    algorithm ssh_algorithm 
    key-data key_data 
    exit 
  exit 

NOTES:

  • node-defaults os users username - Specifies the default value applicable to all the nodes for the selected user. username is the name of the user to be created.

  • node node_name os users username - Specifies the default value applicable to the specific node for the selected user. node_name is the name of the specific node. username is the name of the user to be created.

  • password password - Specifies the password used for authentication.

  • authorized-keys key_name - Specifies the name of the SSH key.

  • algorithm ssh_algorithm - Specifies the SSH algorithm used for generating the SSH key. For example, SSH-RSA or SSH-Ed25519 algorithm.

  • key-data key_data - Specifies the generated SSH key.