Support Questions

bon_d · ‎07-28-2017

Hi everybody,

I have started a 4 instances cluster in AWS EC2 running RHEL 7.3 64 bits.

I go through the step of converting my private ky with PuTTYgen. I connect to the first node using the ec2-user and the private key (call it key1.ppk) by using puTTY. So far so good. Now next steps are to set up password-less ssh between the different nodes so that later ambari can access to the different nodes to install the services.

I'm trying to reuse my private key key1.ppk to do that by appending it to the authorized_keys file of each instances using the pscp command provided with puTTY.

It seems that I need to add the keys to the root user of each instance but I can't find any mean to connect as root to my instances (only ec2-user is allowed)... How can I do that? I also try to append it to the ec2-user authorized_keys file but couln'dt also because of access denied it seems. What is the correct list of instructions with those tools?

Thanks in advance for any hint.

bon_d · ‎07-28-2017

I begin to doubt that it is possible to reuse the same private key to connect to the instances as ec2-user from my local machine and to setup passowrd-less connections between the different instances. All installation documents of Ambari (to setup HDF or Nifi) point to the use of root user. But I could'nt connect as root@<myinstancename> from one instance to another or with putty on my local machine Under Windows to one instance.

bon_d · ‎07-28-2017

I passed a step forward now: I achieve password-less connection between instances using my key1 key pair with the ec2-user. For future me (and others who still wonder how), here are the steps:

With key1.pem (my private key associated to the ec2-user of AWS), I generate the corresponding key1.pub key using putTTYgen (open puTTYgen, load the key1.pem or key1.ppk private key and then click "Save public key" button.

I open a CMD Windows and do:

pscp -i Key1.ppk Key1.pem ec2-user@<node name>.us-west-2.compute.amazonaws.com:.ssh/

pscp -i Key1.ppk Key1.pub ec2-user@<node name>.us-west-2.compute.amazonaws.com:.ssh/

(each time you will see something like : Key1.xxx | 0 kB | 0.5 kB/s | ETA: 00:00:00 | 100%)

I open a terminal window on my EC2 node using PUTTY as ec2-user (with my Key1.ppk private key) and then I go into .ssh directory.

[ec2-user@ip-xxx-xx-xx-xx ~]$ cd .ssh

Then I protect the 2 key files (otherwize they will be refused by ssh)

[ec2-user@ip-xxx-xx-xxx-xx .ssh]$ chmod 600 Key1*

Now I can connect from this node to any other node without any password using the command:

[ec2-user@ip-xxx-xx-xxx-xx .ssh]$ ssh -i Key1.pem ec2-user@<second node>.us-west-2.compute.amazonaws.com

That's it!

Remaining question: to install and setup Ambari do I need to use root or can I do it as ec2-user?

bon_d · ‎07-28-2017

Again replying my own last question, I find here that it is possible to configure Ambari for non-root access.

bon_d · ‎07-28-2017

Note: Most usefull doc on the subject for me: https://docs.hortonworks.com/HDPDocuments/HDF2/HDF-2.1.4/bk_ambari-installation/bk_ambari-installati...

sandeepksaini · ‎11-18-2017

This is probably the best link which I have found on how to setup the passwordless login using ssh-copy-id command on ec-2 instances.

https://superuser.com/questions/331167/why-cant-i-ssh-copy-id-to-an-ec2-instance

Probably, this might help.

Support Questions

NIFI installation with Ambari - How do I setup a password-less SSL between my AWS EC2 hosts running RHEL 7.3 from using my local machine running Windows 10?