Bug 2224559

Summary:	[cee/sd][doc]Update "Prerequisites" in the section "3.8.1. Configuring a different SSH user"
Product:	[Red Hat Storage] Red Hat Ceph Storage	Reporter:	Geo Jose <gjose>
Component:	Documentation	Assignee:	Ranjini M N <rmandyam>
Documentation sub component:	Install Guide	QA Contact:	Aditya Ramteke <aramteke>
Status:	RELEASE_PENDING ---	Docs Contact:	Akash Raj <akraj>
Severity:	medium
Priority:	unspecified	CC:	akraj, rmandyam, saraut
Version:	5.3
Target Milestone:	---
Target Release:	6.1z2
Hardware:	All
OS:	All
Whiteboard:
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:		Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Geo Jose 2023-07-21 13:10:33 UTC

Describe the issue:
------------------
- Include the "Important" section which is mentioned as Prerequisites
- Include new point for copying SSH public key to all hosts.
 
Document URL:
------------
- https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/5/html-single/installation_guide/index#configuring-a-different-ssh-user

Chapter/Section Number and Title:
- 3.8.1. Configuring a different SSH user

Product Version:
- RHCS 5

Any other versions of this document that also needs this update:
- RHCS 5

Comment 1 Geo Jose 2023-07-21 13:12:57 UTC

Additional information/Test Results:
-----------------------------------

1. If the user is not created with proper sudo permission, it will throw the error something like this:
~~~
[ceph: root@01-87-05-node1 /]# ceph cephadm set-user admin1
Error EINVAL: ssh connection admin@01-87-05-node1 failed
[ceph: root@01-87-05-node1 /]#
~~~


2. After changing the user, all hosts are going to offline:
~~~
[ceph: root@01-87-05-node1 /]# ceph cephadm get-user
admin
[ceph: root@01-87-05-node1 /]# ceph cephadm set-user admin2
ssh user set to admin2. sudo will be used
[ceph: root@01-87-05-node1 /]# ceph mgr fail    #or wait for some time
[ceph: root@01-87-05-node1 /]# ceph orch host ls
HOST            ADDR             LABELS  STATUS
01-87-05-node1  192.168.122.153  _admin
01-87-05-node2  192.168.122.50   _admin  Offline
01-87-05-node3  192.168.122.134          Offline
01-87-05-node4  192.168.122.36           Offline
4 hosts in cluster
~~~


3. In order to communicate with newly added user with the key, needs to be updated the "authorized_keys":
~~~
[ceph: root@01-87-05-node1 /]# ceph cephadm get-pub-key > ~/ceph.pub
[ceph: root@01-87-05-node1 /]# ssh-copy-id -f -i ~/ceph.pub admin@01-87-05-node2
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/ceph.pub"
admin@01-87-05-node2's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'admin@01-87-05-node2'"
and check to make sure that only the key(s) you wanted were added.

[ceph: root@01-87-05-node1 /]#
[ceph: root@01-87-05-node1 /]# ceph orch host ls
HOST            ADDR             LABELS  STATUS
01-87-05-node1  192.168.122.153  _admin
01-87-05-node2  192.168.122.50   _admin  Offline
01-87-05-node3  192.168.122.134          Offline
01-87-05-node4  192.168.122.36           Offline
4 hosts in cluster
[ceph: root@01-87-05-node1 /]#


[ceph: root@01-87-05-node1 /]# ssh-copy-id -f -i ~/ceph.pub admin2@01-87-05-node2
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/ceph.pub"
admin2@01-87-05-node2's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'admin2@01-87-05-node2'"
and check to make sure that only the key(s) you wanted were added.

[ceph: root@01-87-05-node1 /]# ceph orch host ls
HOST            ADDR             LABELS  STATUS
01-87-05-node1  192.168.122.153  _admin
01-87-05-node2  192.168.122.50   _admin
01-87-05-node3  192.168.122.134          Offline
01-87-05-node4  192.168.122.36           Offline
4 hosts in cluster
[ceph: root@01-87-05-node1 /]#


[ceph: root@01-87-05-node1 /]# ssh-copy-id -f -i ~/ceph.pub admin2@01-87-05-node3
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/ceph.pub"
The authenticity of host '01-87-05-node3 (192.168.122.134)' can't be established.
ECDSA key fingerprint is SHA256:J0hcJgCa79zNBzy/9iuk6IrLoH/iV18qH9KEO6qyPG4.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
admin2@01-87-05-node3's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'admin2@01-87-05-node3'"
and check to make sure that only the key(s) you wanted were added.

[ceph: root@01-87-05-node1 /]#
[ceph: root@01-87-05-node1 /]# ceph orch host ls
HOST            ADDR             LABELS  STATUS
01-87-05-node1  192.168.122.153  _admin
01-87-05-node2  192.168.122.50   _admin
01-87-05-node3  192.168.122.134
01-87-05-node4  192.168.122.36           Offline
4 hosts in cluster
[ceph: root@01-87-05-node1 /]#


[ceph: root@01-87-05-node1 /]# ssh-copy-id -f -i ~/ceph.pub admin2@01-87-05-node4
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/ceph.pub"
The authenticity of host '01-87-05-node4 (192.168.122.36)' can't be established.
ECDSA key fingerprint is SHA256:J0hcJgCa79zNBzy/9iuk6IrLoH/iV18qH9KEO6qyPG4.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
admin2@01-87-05-node4's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'admin2@01-87-05-node4'"
and check to make sure that only the key(s) you wanted were added.

[ceph: root@01-87-05-node1 /]#
[ceph: root@01-87-05-node1 /]# ceph orch host ls
HOST            ADDR             LABELS  STATUS
01-87-05-node1  192.168.122.153  _admin
01-87-05-node2  192.168.122.50   _admin
01-87-05-node3  192.168.122.134
01-87-05-node4  192.168.122.36
4 hosts in cluster
[ceph: root@01-87-05-node1 /]#
~~~