Sharing SSH keys among cluster nodes

Secure Shell (SSH) keys are used to allow secure connections between hosts in an IBM® Cloud Private cluster.

Before you install an IBM Cloud Private cluster, you configure authentication between configuration nodes. You can generate an SSH key pair on your boot node and share that key with the other cluster nodes. To share the key with the cluster nodes, you must have the access to an account with root access for each node in your cluster.

To configure authentication without sharing SSH keys, configure password authentication for cluster nodes. See Configuring password authentication for cluster nodes.

1. Log in to the boot node with an account with root access.

2. Generate an SSH key.

    ssh-keygen -b 4096 -f ~/.ssh/id_rsa -N ""
   

3. Add the key to each cluster node. Cluster nodes are the master, worker, proxy, management, and Vulnerability Advisor (VA) nodes. Complete the following step for each cluster node.

   From the boot node, add the SSH public key to the cluster node.

      ssh-copy-id -i ~/.ssh/id_rsa.pub <user>@<node_ip_address>
   

   Where <user> is the user name for the node, and <node_ip_address> is the IP address of the cluster node.