Bug 2224559 - [cee/sd][doc]Update "Prerequisites" in the section "3.8.1. Configuring a different SSH user"
Summary: [cee/sd][doc]Update "Prerequisites" in the section "3.8.1. Configuring a diff...
Keywords:
Status: NEW
Alias: None
Product: Red Hat Ceph Storage
Classification: Red Hat Storage
Component: Documentation
Version: 5.3
Hardware: All
OS: All
unspecified
medium
Target Milestone: ---
: 6.1z2
Assignee: Anjana Suparna Sriram
QA Contact: Manisha Saini
Anjana Suparna Sriram
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-07-21 13:10 UTC by Geo Jose
Modified: 2023-07-25 18:12 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker RHCEPH-7060 0 None None None 2023-07-21 13:11:37 UTC

Description Geo Jose 2023-07-21 13:10:33 UTC 
Describe the issue:
------------------
- Include the "Important" section which is mentioned as Prerequisites
- Include new point for copying SSH public key to all hosts.
 
Document URL:
------------
- https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/5/html-single/installation_guide/index#configuring-a-different-ssh-user

Chapter/Section Number and Title:
- 3.8.1. Configuring a different SSH user

Product Version:
- RHCS 5

Any other versions of this document that also needs this update:
- RHCS 5
Comment 1 Geo Jose 2023-07-21 13:12:57 UTC 
Additional information/Test Results:
-----------------------------------

1. If the user is not created with proper sudo permission, it will throw the error something like this:
~~~
[ceph: root@01-87-05-node1 /]# ceph cephadm set-user admin1
Error EINVAL: ssh connection admin@01-87-05-node1 failed
[ceph: root@01-87-05-node1 /]#
~~~


2. After changing the user, all hosts are going to offline:
~~~
[ceph: root@01-87-05-node1 /]# ceph cephadm get-user
admin
[ceph: root@01-87-05-node1 /]# ceph cephadm set-user admin2
ssh user set to admin2. sudo will be used
[ceph: root@01-87-05-node1 /]# ceph mgr fail    #or wait for some time
[ceph: root@01-87-05-node1 /]# ceph orch host ls
HOST            ADDR             LABELS  STATUS
01-87-05-node1  192.168.122.153  _admin
01-87-05-node2  192.168.122.50   _admin  Offline
01-87-05-node3  192.168.122.134          Offline
01-87-05-node4  192.168.122.36           Offline
4 hosts in cluster
~~~


3. In order to communicate with newly added user with the key, needs to be updated the "authorized_keys":
~~~
[ceph: root@01-87-05-node1 /]# ceph cephadm get-pub-key > ~/ceph.pub
[ceph: root@01-87-05-node1 /]# ssh-copy-id -f -i ~/ceph.pub admin@01-87-05-node2
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/ceph.pub"
admin@01-87-05-node2's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'admin@01-87-05-node2'"
and check to make sure that only the key(s) you wanted were added.

[ceph: root@01-87-05-node1 /]#
[ceph: root@01-87-05-node1 /]# ceph orch host ls
HOST            ADDR             LABELS  STATUS
01-87-05-node1  192.168.122.153  _admin
01-87-05-node2  192.168.122.50   _admin  Offline
01-87-05-node3  192.168.122.134          Offline
01-87-05-node4  192.168.122.36           Offline
4 hosts in cluster
[ceph: root@01-87-05-node1 /]#


[ceph: root@01-87-05-node1 /]# ssh-copy-id -f -i ~/ceph.pub admin2@01-87-05-node2
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/ceph.pub"
admin2@01-87-05-node2's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'admin2@01-87-05-node2'"
and check to make sure that only the key(s) you wanted were added.

[ceph: root@01-87-05-node1 /]# ceph orch host ls
HOST            ADDR             LABELS  STATUS
01-87-05-node1  192.168.122.153  _admin
01-87-05-node2  192.168.122.50   _admin
01-87-05-node3  192.168.122.134          Offline
01-87-05-node4  192.168.122.36           Offline
4 hosts in cluster
[ceph: root@01-87-05-node1 /]#


[ceph: root@01-87-05-node1 /]# ssh-copy-id -f -i ~/ceph.pub admin2@01-87-05-node3
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/ceph.pub"
The authenticity of host '01-87-05-node3 (192.168.122.134)' can't be established.
ECDSA key fingerprint is SHA256:J0hcJgCa79zNBzy/9iuk6IrLoH/iV18qH9KEO6qyPG4.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
admin2@01-87-05-node3's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'admin2@01-87-05-node3'"
and check to make sure that only the key(s) you wanted were added.

[ceph: root@01-87-05-node1 /]#
[ceph: root@01-87-05-node1 /]# ceph orch host ls
HOST            ADDR             LABELS  STATUS
01-87-05-node1  192.168.122.153  _admin
01-87-05-node2  192.168.122.50   _admin
01-87-05-node3  192.168.122.134
01-87-05-node4  192.168.122.36           Offline
4 hosts in cluster
[ceph: root@01-87-05-node1 /]#


[ceph: root@01-87-05-node1 /]# ssh-copy-id -f -i ~/ceph.pub admin2@01-87-05-node4
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/ceph.pub"
The authenticity of host '01-87-05-node4 (192.168.122.36)' can't be established.
ECDSA key fingerprint is SHA256:J0hcJgCa79zNBzy/9iuk6IrLoH/iV18qH9KEO6qyPG4.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
admin2@01-87-05-node4's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'admin2@01-87-05-node4'"
and check to make sure that only the key(s) you wanted were added.

[ceph: root@01-87-05-node1 /]#
[ceph: root@01-87-05-node1 /]# ceph orch host ls
HOST            ADDR             LABELS  STATUS
01-87-05-node1  192.168.122.153  _admin
01-87-05-node2  192.168.122.50   _admin
01-87-05-node3  192.168.122.134
01-87-05-node4  192.168.122.36
4 hosts in cluster
[ceph: root@01-87-05-node1 /]#
~~~
Note You need to log in before you can comment on or make changes to this bug.