2.5.9 setup-ssh
Sets up an SSH key on specified hosts.
Synopsis
asadmin [asadmin-options] setup-ssh [--help]
[--sshport ssh-port] [--sshuser ssh-user]
[--sshkeyfile ssh-keyfile] [--sshpublickeyfile ssh-public-keyfile]
[--generatekey={false|true}] host-list
Storage location
Application Server installation directory/javaee/glassfish/bin
Function
The setup-ssh subcommand of asadmin sets up a secure shell (SSH) key on the hosts that are specified as the operand of the subcommand. This key enables Java EE Server to use public-key authentication for authentication of the user's SSH login on remote hosts. SSH ensures that Java EE Server clusters that span multiple hosts can be administered centrally. SSH provides confidentiality and security for data that is exchanged between the DAS and remote hosts.
Public-key authentication uses an SSH key pair that comprises the following keys:
-
A private key, which is stored in a secure location on the DAS host and which may be protected with a passphrase.
-
The public key, which is stored on all the remote hosts with which the DAS communicates.
The subcommand does not require any configuration information from the DAS and does not modify the configuration of the DAS. This subcommand is supported in local mode only.
Precondition
-
The ssh client is installed on the DAS host and is accessible through the DAS user's path.
-
The sshd daemon is installed and running on all hosts where an SSH key is to be set up.
-
The ssh-keygen utility is installed on the DAS host either at the default location or in a location that is defined in the DAS user's path.
-
The user specified in --sshuser has an SSH login on all hosts where an SSH key is to be set up.
Files
Few or all the file namely:
-
authorized_keys
-
id_rsa
-
id_rsa.pub
-
id_dsa
-
id_dsa.pub
-
identity
-
identity.pub
files at user-home/.ssh/ of both DAS host and the remote hosts are affected.
Arguments
- --help | -?
-
Displays the help text for the subcommand.
- --sshport ssh-port
-
Specifies the port to use for SSH connections to the host where SSH is being set up.
Type: Integer
The following values can be specified:
-
1 to 65535
Default value: 22
-
- --sshuser ssh-user
-
Specifies the SSH user on the remote host, which is to run the process for setting up SSH on that host.
To ensure that the DAS can read this user's SSH private key file, specify the user, which is running the DAS process.
Type: String
The following values can be specified:
-
Name of the user
Default value: User running the command.
-
- --sshkeyfile ssh-keyfile
-
Specifies the absolute path to the SSH private key file for the user that the --sshuser option specifies. This file is used for authentication to the sshd daemon on the host. The user that is running this subcommand must be able to reach the path to the key file and read the key file.
Type: String
The following values can be specified:
-
Path to the SSH private key file for user
Default value: Key file in the user's .ssh directory on the host where the subcommand is run. If multiple key files are found in user's .ssh directory, the subcommand uses the following order of preference:
-
id_rsa
-
id_dsa
-
identity
-
- --sshpublickeyfile ssh-public-keyfile]
-
Specifies the absolute path to the SSH public key file for the user that the --sshuser option specifies. The content of the public key file is appended to the user's .ssh/authorized_keys file on each host where SSH is being set up.
If the .ssh/authorized_keys file does not exist on a host, the subcommand creates the file. The user that is running this subcommand must be able to reach the path to the key file and read the key file.
Type: String
The following values can be specified:
-
Path to the SSH public key file for user
Default value: Key file in the user's .ssh directory on the host where the subcommand is run. If multiple key files are found in user's .ssh directory, the subcommand uses the following order of preference:
-
id_rsa.pub
-
id_dsa.pub
-
identity.pub
-
- --generatekey={false|true}
-
Specifies whether the subcommand generates the SSH key files without prompting the user.
Type: Boolean
The following values can be specified:
-
true
The subcommand generates the SSH key files without prompting the user.
-
false
The behavior of the subcommand depends on whether the SSH key files exist:
If the SSH key files exist, the subcommand does not generate the files.
If the SSH key files do not exist, the behavior of the subcommand depends on the value of the --interactive option of the asadmin utility.
If the --interactive option is true, the subcommand prompts the user to create the files.
If the --interactive option is false, the subcommand fails.
This is the default value.
Default value: false
-
- host-list
-
Generates a space-separated list of the names of the hosts where an SSH key is to be set up.
Type: String
The following values can be specified:
-
Name of the remote hosts
Default value: N/A
-
Examples
The following example sets up an SSH key for the user gfuser on the hosts sj03 and sj04. The key file is not generated but is copied from the user's .ssh directory on the host where the subcommand is running.
asadmin setup-ssh sj03 sj04
Exit Status
|
Exit Status |
Explanation |
|---|---|
|
0 |
command executed successfully. |
|
1 |
error in executing the command. |